Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   PC langsam bei hoher CPU Auslastung ohne erkennbaren Grund (https://www.trojaner-board.de/127201-pc-langsam-hoher-cpu-auslastung-ohne-erkennbaren-grund.html)

flkor 18.11.2012 17:05
PC langsam bei hoher CPU Auslastung ohne erkennbaren Grund
 
Ich habe seit ca. zwei Wochen das Problem, dass mein Notebook extrem langsam bootet und danach noch einige Zeit benötigt, um "sich wieder zu beruhigen", so dass später ein Arbeiten überhaupt möglich ist.

Als erste drastische Massnahme habe ich das Notebook neu aufgesetzt, d.h. die C: Partitur mit der Hilfe Wiederherstellungspartitur formatiert und neu installiert. Ich habe noch eine D: Partitur, die ich nicht angetastet habe. Da ich ein älteres Gerät habe, musste ich SP3 und diverse Updates installieren. Danach lief das System wieder stabil. Jedoch hatte ich das Problem schon sehr schnell wieder. Als Virenscanner habe ich Avira 2013 installiert und nach dem erneuten Auftreten einen Full Scan ohne Virenbefund erhalten. Das Internet habe ich zwar besucht, aber keinerlei "schädliche" Seiten aufgesucht.

Nachdem ich das Problem erneut hatte, habe ich das Notebook wieder neu aufgesetzt - mit dem gleichen Ergebnis. Und dann nochmals und wieder war der Rechner nach kurzer Zeit (1 Stunde) extrem langsam. Dies ist der aktuelle Stand. Ich habe beobachtet, dass bein Booten im abgesicherten Modus das Problem nicht auftritt - daher gehe ich davon aus, dass ein technisches Problem nicht vorliegt.

Ich habe mir diverse Einträge bei euch angesehen und hoffe, dass ich alles gut vorbereitet habe, damit ihr mir bei der Analyse helfen könnt.

1. Defogger

Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:02 on 18/11/2012 (Frank)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
2. Malwarebytes

Code:
Malwarebytes Anti-Malware (Test) 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.11.17.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Frank :: NOTEBOOK [Administrator]

Schutz: Aktiviert

17.11.2012 17:01:07
mbam-log-2012-11-17 (17-01-07).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 195107
Laufzeit: 49 Minute(n), 9 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
3. Oldtimer

Code:
OTL logfile created on: 18.11.2012 11:54:06 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
510,42 Mb Total Physical Memory | 158,67 Mb Available Physical Memory | 31,09% Memory free
1,22 Gb Paging File | 0,59 Gb Available in Paging File | 48,03% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 32,60 Gb Total Space | 20,40 Gb Free Space | 62,56% Space Free | Partition Type: NTFS
Drive D: | 34,94 Gb Total Space | 22,74 Gb Free Space | 65,07% Space Free | Partition Type: NTFS
 
Computer Name: NOTEBOOK | User Name: Frank | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Sony\VAIO Update 5\VAIOUpdt.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Update Common\VUAgent.exe (Sony Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
PRC - C:\Programme\Adobe\Acrobat 7.0\Distillr\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe ()
PRC - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe ()
PRC - C:\Programme\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\Apoint\ApntEx.exe (Alps Electric Co., Ltd.)
PRC - C:\WINDOWS\system32\ico.exe (Primax Electronics Ltd.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programme\Avira\AntiVir Desktop\sqlite3.dll ()
MOD - C:\WINDOWS\system32\msjetoledb40.dll ()
MOD - C:\Programme\Sony\VAIO Event Service\VESBasePS.dll ()
MOD - C:\Programme\Adobe\Acrobat 7.0\Distillr\AdistRes.DEU ()
MOD - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe ()
MOD - C:\Programme\Adobe\Photoshop Elements 3.0\platform.dll ()
MOD - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe ()
 
 
========== Services (SafeList) ==========
 
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update Common\VUAgent.exe (Sony Corporation)
SRV - (VAIO Entertainment Task Scheduler) -- C:\Programme\Sony\VAIO Entertainment\VzTaskScheduler.exe (Sony Corporation)
SRV - (VAIO Entertainment Aggregation and Control Service) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VzFw) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-AppServer) -- C:\Programme\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-UPnP) -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-HTTP) -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-Mobile-Gateway) -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation)
SRV - (MSCSPTISRV) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (SSScsiSV) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation)
SRV - (VAIO Event Service) -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (Image Converter video recording monitor for VAIO Entertainment) -- C:\Programme\Sony\Image Converter 2\IcVzMon.exe (Sony Corporation)
SRV - (VCI) -- C:\Programme\Sony\VAIO Cooperated Initialisation\VCI_svc.exe (Sony Corporation)
SRV - (AdobeActiveFileMonitor) -- C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe ()
SRV - (PhotoshopElementsDeviceConnect) -- C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe ()
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WDICA) --  File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (lbrtfdc) --  File not found
DRV - (i2omgmt) --  File not found
DRV - (Changer) --  File not found
DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (tifmsony) -- C:\WINDOWS\system32\drivers\tifmsony.sys (Texas Instruments)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (w29n51) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation)
DRV - (LEX_AS_NIC_SERVICE_YNOS) -- C:\WINDOWS\system32\drivers\ExpasAG.sys (Atheros Communications, Inc.)
DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (DMICall) -- C:\WINDOWS\system32\drivers\DMICall.sys (Sony Corporation)
DRV - (SNC) -- C:\WINDOWS\system32\drivers\SonyNC.sys (Sony Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/de/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.11.11 14:25:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins
 
[2012.11.11 14:27:24 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Mozilla\Extensions
[2012.11.11 14:25:28 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.10.24 18:50:04 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.10.24 23:03:12 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.24 23:03:11 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.10.24 23:03:12 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.24 23:03:12 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.24 23:03:12 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.24 23:03:11 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2004.08.04 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Programme\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SonyPowerCfg] C:\Programme\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [VAIO Update 5] C:\Programme\Sony\VAIO Update 5\VAIOUpdt.exe (Sony Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Google Search - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Ähnliche Seiten - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Im Cache gespeicherte Seite - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Verweisseiten - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_03\bin\NPJPI150_03.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Programme\Yahoo!\Messenger\YPager.exe (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Programme\Yahoo!\Messenger\YPager.exe (Yahoo! Inc.)
O15 - HKCU\..Trusted Domains: sony-europe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sonystyle-europe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: vaio-link.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab (Java Plug-in 1.5.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF0C9646-5918-4994-9118-2A7FDF8E97A3}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\WINDOWS\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\VAIO Light Flo Wallpaper TrueColor 1280x800.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\VAIO Light Flo Wallpaper TrueColor 1280x800.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.07.13 11:03:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.18 11:21:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012.11.17 17:00:17 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012.11.17 16:52:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Malwarebytes
[2012.11.17 16:51:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.11.17 16:51:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.11.17 16:51:06 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.11.17 16:51:06 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012.11.11 20:59:50 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012.11.11 17:24:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\Sun
[2012.11.11 17:20:54 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.11.11 17:15:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun
[2012.11.11 17:14:57 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012.11.11 17:14:57 | 000,746,984 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2012.11.11 17:14:57 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012.11.11 17:14:56 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012.11.11 17:14:47 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.11.11 17:14:47 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.11.11 17:14:47 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012.11.11 17:10:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Sun
[2012.11.11 17:04:23 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Frank\IETldCache
[2012.11.11 17:00:53 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2012.11.11 16:59:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2012.11.11 16:59:17 | 002,000,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2012.11.11 16:59:17 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2012.11.11 16:59:17 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2012.11.11 16:59:16 | 011,111,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2012.11.11 16:59:16 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2012.11.11 16:58:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2012.11.11 16:57:21 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012.11.11 16:32:22 | 000,697,272 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.11.11 16:32:21 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.11.11 16:26:42 | 000,273,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2012.11.11 16:25:31 | 000,954,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40.dll
[2012.11.11 16:25:31 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2012.11.11 16:24:59 | 000,456,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2012.11.11 16:24:43 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2012.11.11 16:24:22 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2012.11.11 16:23:09 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2012.11.11 16:22:38 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2012.11.11 16:21:36 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2012.11.11 16:21:36 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2012.11.11 14:40:38 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2012.11.11 14:39:53 | 000,000,000 | ---D | C] -- C:\Programme\MSXML 4.0
[2012.11.11 14:38:51 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2012.11.11 14:31:46 | 000,138,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\afd.sys
[2012.11.11 14:31:44 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2012.11.11 14:31:22 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2012.11.11 14:30:35 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2012.11.11 14:29:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Downloads
[2012.11.11 14:28:46 | 002,151,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2012.11.11 14:28:45 | 002,030,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2012.11.11 14:28:44 | 002,195,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2012.11.11 14:28:39 | 002,071,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2012.11.11 14:28:12 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2012.11.11 14:28:04 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\packager.exe
[2012.11.11 14:27:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\Mozilla
[2012.11.11 14:27:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Mozilla
[2012.11.11 14:26:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mozilla
[2012.11.11 14:26:06 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Maintenance Service
[2012.11.11 14:25:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Avira
[2012.11.11 14:25:20 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2012.11.11 14:23:56 | 018,090,960 | ---- | C] (Mozilla) -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Firefox_Setup_16.0.2.exe
[2012.11.11 14:23:48 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2012.11.11 14:21:41 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2012.11.11 14:21:29 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll
[2012.11.11 14:17:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2012.11.11 14:13:01 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Frank\UserData
[2012.11.11 14:12:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Macromedia
[2012.11.11 14:10:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira
[2012.11.11 14:10:34 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2012.11.11 14:10:30 | 000,133,824 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2012.11.11 14:10:30 | 000,083,432 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2012.11.11 14:10:30 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2012.11.11 14:10:24 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2012.11.11 14:10:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
[2012.11.11 14:09:09 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2012.11.11 14:09:00 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2012.11.11 14:08:21 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2012.11.11 14:07:49 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cabview.dll
[2012.11.11 14:01:38 | 000,000,000 | ---D | C] -- C:\Update
[2012.11.11 14:01:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2012.11.11 12:57:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012.11.11 12:51:50 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2012.11.11 12:51:50 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2012.11.11 12:51:50 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2012.11.11 12:51:45 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2012.11.11 12:51:45 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2012.11.11 12:51:45 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2012.11.11 12:51:45 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2012.11.11 12:51:45 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2012.11.11 12:51:45 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2012.11.11 12:51:45 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2012.11.11 12:51:45 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2012.11.11 12:51:45 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2012.11.11 12:51:45 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2012.11.11 12:51:45 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2012.11.11 12:51:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2012.11.11 12:51:44 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2012.11.11 12:51:44 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2012.11.11 12:51:44 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2012.11.11 12:51:44 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2012.11.11 12:51:44 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2012.11.11 12:51:44 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2012.11.11 12:51:43 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2012.11.11 12:51:43 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2012.11.11 12:51:43 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2012.11.11 12:51:43 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2012.11.11 12:51:43 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2012.11.11 12:51:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2012.11.11 12:51:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2012.11.11 12:51:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2012.11.11 12:51:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2012.11.11 12:51:41 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2012.11.11 12:51:41 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2012.11.11 12:51:41 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2012.11.11 12:51:41 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2012.11.11 12:51:41 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2012.11.11 12:51:41 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2012.11.11 12:51:41 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2012.11.11 12:51:40 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2012.11.11 12:51:40 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2012.11.11 12:51:40 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2012.11.11 12:51:40 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2012.11.11 12:51:40 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2012.11.11 12:51:40 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2012.11.11 12:51:40 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2012.11.11 12:51:39 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2012.11.11 12:51:39 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2012.11.11 12:51:39 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2012.11.11 12:51:39 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2012.11.11 12:51:39 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2012.11.11 12:51:39 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2012.11.11 12:51:39 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2012.11.11 12:51:39 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2012.11.11 12:51:38 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2012.11.11 12:51:38 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2012.11.11 12:51:37 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2012.11.11 12:51:37 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2012.11.11 12:51:37 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2012.11.11 12:51:37 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2012.11.11 12:51:35 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2012.11.11 12:51:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-de
[2012.11.11 12:51:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2012.11.11 12:51:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de
[2012.11.11 12:51:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2012.11.11 12:49:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2012.11.11 12:47:23 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2012.11.11 12:47:23 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2012.11.11 12:47:23 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2012.11.11 12:47:23 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2012.11.11 12:47:23 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2012.11.11 12:47:23 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2012.11.11 12:47:23 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2012.11.11 12:47:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2012.11.11 12:47:22 | 000,701,952 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2012.11.11 12:47:22 | 000,327,168 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2012.11.11 12:47:22 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2012.11.11 12:47:22 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2012.11.11 12:47:22 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2012.11.11 12:47:22 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2012.11.11 12:47:22 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2012.11.11 12:47:22 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2012.11.11 12:47:22 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2012.11.11 12:47:22 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2012.11.11 12:47:22 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2012.11.11 12:47:22 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2012.11.11 12:47:22 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2012.11.11 12:47:22 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2012.11.11 12:47:22 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2012.11.11 12:47:22 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2012.11.11 12:47:22 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2012.11.11 12:47:22 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2012.11.11 12:47:22 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2012.11.11 12:47:22 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2012.11.11 12:47:21 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2012.11.11 12:47:21 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2012.11.11 12:47:21 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2012.11.11 12:47:21 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2012.11.11 12:47:21 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2012.11.11 12:47:21 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2012.11.11 12:47:21 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2012.11.11 12:47:21 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2012.11.11 12:47:21 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2012.11.11 12:47:20 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2012.11.11 12:47:20 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2012.11.11 12:47:20 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2012.11.11 12:47:20 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2012.11.11 12:47:19 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2012.11.11 12:47:19 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2012.11.11 12:47:19 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2012.11.11 12:47:19 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2012.11.11 12:47:19 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2012.11.11 12:47:19 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2012.11.11 12:47:19 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2012.11.11 12:47:19 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2012.11.11 12:47:19 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2012.11.11 12:47:19 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2012.11.11 12:47:19 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2012.11.11 12:47:18 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2012.11.11 12:47:18 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2012.11.11 12:47:18 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2012.11.11 12:47:18 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2012.11.11 12:47:18 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2012.11.11 12:47:18 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2012.11.11 12:43:32 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2012.11.11 12:43:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2012.11.11 12:38:59 | 328,324,136 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\WindowsXP-KB936929-SP3-x86-DEU.exe
[2012.11.11 12:27:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Click to DVD
[2012.11.11 12:26:09 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll
[2012.11.11 12:25:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office
[2012.11.11 12:24:56 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DESIGNER
[2012.11.11 12:24:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2012.11.11 12:23:48 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012.11.11 12:23:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Works
[2012.11.11 12:22:50 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office
[2012.11.11 12:20:43 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Works
[2012.11.11 12:19:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\Adobe
[2012.11.11 12:18:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Adobe PDF
[2012.11.11 12:18:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VAIO Edit Components
[2012.11.11 12:17:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VAIO Launcher
[2012.11.11 12:16:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VAIO Zone
[2012.11.11 12:15:28 | 000,033,340 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbmsqlgc.dll
[2012.11.11 12:15:28 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbmsgnet.dll
[2012.11.11 12:15:25 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe
[2012.11.11 12:15:10 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft SQL Server
[2012.11.11 12:13:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\VAIO Media Platform
[2012.11.11 12:13:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VAIO Media
[2012.11.11 12:13:36 | 000,000,000 | ---D | C] -- C:\Programme\Moodlogic HTML
[2012.11.11 12:13:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MoodLogic
[2012.11.11 12:13:29 | 000,000,000 | ---D | C] -- C:\Programme\MoodLogic
[2012.11.11 12:12:37 | 000,061,440 | ---- | C] (QSound Labs, Inc.) -- C:\WINDOWS\System32\SonyAIwo.dll
[2012.11.11 12:12:37 | 000,052,736 | ---- | C] (QSound Labs, Inc.) -- C:\WINDOWS\System32\SonyAIds.dll
[2012.11.11 12:12:37 | 000,042,496 | ---- | C] (QSound Labs, Inc.) -- C:\WINDOWS\System32\SonyAIwd.dll
[2012.11.11 12:12:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\SonicStage Mastering Studio
[2012.11.11 12:11:55 | 000,757,760 | ---- | C] (Gracenote) -- C:\WINDOWS\System32\CDDBUI.dll
[2012.11.11 12:11:55 | 000,630,784 | ---- | C] (Gracenote (formerly CDDB, Inc.)) -- C:\WINDOWS\System32\CDDBControl.dll
[2012.11.11 12:11:55 | 000,110,592 | ---- | C] (Gracenote) -- C:\WINDOWS\System32\CddbLangDE.dll
[2012.11.11 12:11:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\SonicStage
[2012.11.11 12:11:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Skype
[2012.11.11 12:11:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\My Skype Pictures
[2012.11.11 12:11:20 | 000,000,000 | ---D | C] -- C:\Programme\Skype
[2012.11.11 12:09:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Roxio
[2012.11.11 12:09:54 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Sonic Shared
[2012.11.11 12:09:09 | 002,981,888 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\iplw7.dll
[2012.11.11 12:09:08 | 002,502,656 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\iplpx.dll
[2012.11.11 12:09:07 | 002,785,280 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\iplm6.dll
[2012.11.11 12:09:07 | 002,686,976 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\iplm5.dll
[2012.11.11 12:09:07 | 002,531,328 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\iplp6.dll
[2012.11.11 12:09:06 | 002,973,696 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ipla6.dll
[2012.11.11 12:09:06 | 000,053,248 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ipl.dll
[2012.11.11 12:08:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PictureGear Studio
[2012.11.11 12:07:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\ImageConverter2
[2012.11.11 12:07:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Image Converter 2
[2012.11.11 12:07:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\DVgate Plus
[2012.11.11 12:06:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Memory Stick Utility
[2012.11.11 12:05:56 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Microsoft
[2012.11.11 12:05:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Identities
[2012.11.11 12:05:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Adobe
[2012.11.11 12:05:55 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Frank\SendTo
[2012.11.11 12:05:55 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Frank\Recent
[2012.11.11 12:05:55 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten
[2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Zubehör
[2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Startmenü
[2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Favoriten
[2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Eigene Musik
[2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien
[2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Eigene Bilder
[2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Autostart
[2012.11.11 12:05:55 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Frank\Cookies
[2012.11.11 12:05:55 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Frank\Vorlagen
[2012.11.11 12:05:55 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Frank\Netzwerkumgebung
[2012.11.11 12:05:55 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen
[2012.11.11 12:05:55 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Frank\Druckumgebung
[2012.11.11 12:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Symantec
[2012.11.11 12:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Sony Corporation
[2012.11.11 12:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2012.11.11 12:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Desktop
[2012.11.11 12:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\{3248F0A6-6813-11D6-A77B-00B0D0150030}
[2012.11.11 12:04:38 | 000,000,000 | ---D | C] -- C:\Programme\Programmverknüpfungen
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.18 11:46:41 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.11.18 11:20:53 | 000,022,745 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012.11.18 11:12:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.11.18 11:12:45 | 535,285,760 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.17 17:00:17 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012.11.17 16:51:36 | 000,000,760 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.11.17 16:08:36 | 000,133,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2012.11.17 16:08:36 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2012.11.17 16:08:35 | 000,083,432 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2012.11.17 15:47:08 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.11.11 17:14:33 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012.11.11 17:14:27 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012.11.11 17:14:27 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2012.11.11 17:14:27 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012.11.11 17:14:27 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.11.11 17:14:27 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.11.11 17:14:27 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012.11.11 17:13:14 | 000,339,804 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.11.11 17:13:14 | 000,329,768 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.11.11 17:13:14 | 000,058,692 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.11.11 17:13:14 | 000,047,874 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.11.11 17:03:58 | 000,267,800 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.11.11 16:32:22 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.11.11 16:32:21 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.11.11 14:26:23 | 000,000,700 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2012.11.11 14:24:35 | 018,090,960 | ---- | M] (Mozilla) -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Firefox_Setup_16.0.2.exe
[2012.11.11 14:10:53 | 000,001,675 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk
[2012.11.11 12:57:53 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012.11.11 12:47:00 | 000,251,712 | RHS- | M] () -- C:\ntldr
[2012.11.11 12:29:15 | 000,001,428 | ---- | M] () -- C:\WINDOWS\System32\SNYSPLST.OEM
[2012.11.11 12:29:15 | 000,000,028 | ---- | M] () -- C:\WINDOWS\System32\SNYINST.OEM
[2012.11.11 12:29:10 | 000,033,738 | ---- | M] () -- C:\WINDOWS\System32\Snyres.oem
[2012.11.11 12:26:20 | 000,000,400 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2012.11.11 12:10:37 | 000,000,056 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2012.11.11 12:04:50 | 000,000,164 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012.11.11 12:04:46 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2012.11.11 12:04:46 | 000,000,000 | RH-- | M] () -- C:\WINDOWS\System32\drivers\Sony_VGN-FS315M.mrk
[2012.11.10 15:01:00 | 104,044,560 | ---- | M] () -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\avira_free_antivirus_de.exe
[2012.11.10 14:28:30 | 328,324,136 | ---- | M] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\WindowsXP-KB936929-SP3-x86-DEU.exe
[2012.10.22 20:56:29 | 001,866,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2012.10.22 20:56:29 | 001,866,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.11.17 16:51:36 | 000,000,760 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.11.11 18:39:53 | 535,285,760 | -HS- | C] () -- C:\hiberfil.sys
[2012.11.11 14:31:15 | 000,000,940 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VAIO Update.lnk
[2012.11.11 14:28:09 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.11.11 14:28:09 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012.11.11 14:26:23 | 000,000,700 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2012.11.11 14:26:20 | 000,000,706 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk
[2012.11.11 14:10:53 | 000,001,675 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk
[2012.11.11 14:08:18 | 104,044,560 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\avira_free_antivirus_de.exe
[2012.11.11 12:47:21 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2012.11.11 12:47:21 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2012.11.11 12:47:20 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2012.11.11 12:26:24 | 000,000,845 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Microsoft Office 2003 Editionen 60-Tage-Testversion.lnk
[2012.11.11 12:26:20 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2012.11.11 12:23:03 | 000,001,767 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office PowerPoint Viewer 2003.lnk
[2012.11.11 12:23:03 | 000,001,683 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Works-Start.lnk
[2012.11.11 12:19:53 | 000,001,811 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Acrobat Professional Installer.lnk
[2012.11.11 12:18:40 | 000,001,826 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Acrobat 7.0 Elements.lnk
[2012.11.11 12:10:37 | 000,000,056 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2012.11.11 12:09:06 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2012.11.11 12:05:57 | 000,001,599 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Remoteunterstützung.lnk
[2012.11.11 12:05:57 | 000,000,787 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Internet Explorer.lnk
[2012.11.11 12:05:57 | 000,000,776 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Windows Media Player.lnk
[2012.11.11 12:05:57 | 000,000,722 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Outlook Express.lnk
[2012.11.11 12:04:46 | 000,000,000 | RH-- | C] () -- C:\WINDOWS\System32\drivers\Sony_VGN-FS315M.mrk
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012.08.30 21:28:07 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 07:52:34 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
 
========== Purity Check ==========
 
 

< End of report >
Code:
OTL Extras logfile created on: 18.11.2012 11:54:06 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
510,42 Mb Total Physical Memory | 158,67 Mb Available Physical Memory | 31,09% Memory free
1,22 Gb Paging File | 0,59 Gb Available in Paging File | 48,03% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 32,60 Gb Total Space | 20,40 Gb Free Space | 62,56% Space Free | Partition Type: NTFS
Drive D: | 34,94 Gb Total Space | 22,74 Gb Free Space | 65,07% Space Free | Partition Type: NTFS
 
Computer Name: NOTEBOOK | User Name: Frank | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Yahoo!\Messenger\YPager.exe" = C:\Programme\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Programme\Yahoo!\Messenger\YServer.exe" = C:\Programme\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- (Yahoo! Inc.)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- ()
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{013E1BA8-C815-4E27-BCB9-D6B1B2E24094}" = SonicStage Mastering Studio Audio Filter Custom Preset
"{01AE599F-7B72-4135-8C56-9191F4ACBA88}" = VAIO Edit Components
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony MP4 Shared Library
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio DigitalMedia Data
"{169C78C0-8C32-4CA1-9602-D8E998ECE96A}" = VAIO Original Screen Saver VAIO Scene HD Wide Contents
"{1A91D1FA-B9B3-4556-9878-5C61059A19B2}" = InterVideo WinDVDX
"{1BEF9285-5530-426B-A5F1-5836B95C7EB1}" = VAIO Original Screen Saver
"{1EB317D8-8945-4FD6-B37F-DF470317C6AB}" = VAIO Media 4.0
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{25CF0627-2EF6-4FCE-A0DE-7D6350C774B2}" = VAIO Original Screen Saver VAIO Scene HD Normal Contents
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{27337663-2619-11D4-99DC-0000F49094C7}" = Memory Stick Formatter
"{28DA872A-0848-48CF-B749-19A198157A2A}" = mDriver
"{29999594-B540-4C88-A8D3-C99CA43809FC}" = Image Converter 2
"{3248F0A8-6813-11D6-A77B-00B0D0150030}" = J2SE Runtime Environment 5.0 Update 3
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51735133-A296-4EB0-BF16-AD93B55BD000}" = VAIO Original Screen Saver VAIO Motion SD Wide Contents
"{531C0C3A-7112-4986-8222-5778FB547D81}" = VAIO Original Screen Saver VAIO Motion HD Normal Contents
"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{61D6E4FB-1A62-4EB1-BE56-929B00C155CF}" = Wireless LAN Starter
"{639BB4D3-AA30-4A7B-8CB5-6DE681AD6659}" = VAIO Light Flo Wallpaper
"{668B1BD6-4593-4959-970E-249AFFE6F35C}" = VOR
"{685BCC47-B8EC-45EC-BBCE-77DF2451502C}" = DVgate Plus
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{71249EFF-EFAB-48A0-B967-630F4E70BBC3}" = VAIO Original Screen Saver VAIO Scene SD Normal Contents
"{7128C69B-8F7E-4336-8698-3FD3CDD955EC}" = VAIO Media Redistribution 4.0
"{7998F67D-655B-42E3-B651-18D96DD17268}" = Adobe Premiere Standard
"{7A79D11B-FD82-4A5E-834F-20173515DD14}" = VAIO Media Integrated Server 4.2
"{805BC1AB-46C5-438C-BCB7-537A1A32290C}" = VAIO Original Screen Saver VAIO Motion SD Normal Contents
"{849ABF1A-6AE3-45E1-B260-D5447B2F29F5}" = OpenMG Secure Module 4.2.00
"{851C67EF-068A-4060-9EF5-2E3DDCD68382}" = Adobe Photoshop Elements 3.0
"{88DA0A52-3372-4803-971A-ADFB961707E8}" = PictureGear Studio 2.0
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{9080C5D2-82FA-452A-87FA-CBB4B05D67A5}" = VPS
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for VAIO
"{91CA0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management
"{9E407618-D9CD-4F39-9490-9ED45294073D}" = Click to DVD 2.0.03 Menu Data
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 3.2
"{A43F939E-A863-433D-AC78-0897E44CFEB2}" = VAIO Launcher
"{AB467B85-4F52-48C2-AEED-0673D00417B0}" = SonicStage Mastering Studio Audio Filter
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio DigitalMedia Audio
"{AC76BA86-7AD7-1031-7B44-A70000000000}" = Adobe Reader 7.0 - Deutsch
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 4.0
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio DigitalMedia Copy
"{B26E3B0D-C2FA-4370-B068-7C476766F029}" = Microsoft Works
"{BBD4DAC9-DF99-48CA-8F62-AE6F2BD47063}" = VAIO Original Screen Saver VAIO Motion HD Wide Contents
"{BBFFB027-7D53-4E1B-95BC-35A2216D1D60}" = VAIO Long Battery Life Wallpaper
"{BE56FEF0-1A0F-4719-B3AD-34B5087AFA6D}" = Sony Video Shared Library
"{BF3B304B-8A18-452D-A19F-6012CA8418D7}" = SonicStage Mastering Studio 1.4
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D917FD82-6CE5-489A-AAF8-C701AAC85C4D}" = VAIO Entertainment Platform
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (VAIO_VEDB)
"{E365AAB7-F160-4E2F-ACAC-28D487ACF47D}" = VAIO Original Screen Saver VAIO Scene SD Wide Contents
"{E4715C25-7114-4F40-A915-C1951D4D7520}" = VAIO Update Merge Module x86
"{E5E6E687-1031-0000-0000-000000000002}" = Adobe Acrobat  7.0 Elements - Deutsch
"{E809063C-51A3-4269-8984-D1EB742F2151}" = Click to DVD 2.4.10
"{ED8D39F2-7FFA-45EC-B148-EF2472955BB4}" = VAIO Zone
"{EE7EB179-5AA2-4B28-AC92-5CBAAF82BA7F}" = SonicStage Mastering Studio Plugins
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FC37C108-821D-4EDE-8F40-D5B497586805}" = VAIO Control Center
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}" = LAN-Express AS IEEE 802.11 Wireless LAN
"Adobe Acrobat  7.0 Elements - Deutsch" = Adobe Acrobat  7.0 Elements - Deutsch
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030003" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"ie8" = Windows Internet Explorer 8
"InstallShield_{668B1BD6-4593-4959-970E-249AFFE6F35C}" = VAIO-Online-Registrierung (Deutsch)
"InstallShield_{849ABF1A-6AE3-45E1-B260-D5447B2F29F5}" = OpenMG Secure Module 4.2.00
"InstallShield_{9080C5D2-82FA-452A-87FA-CBB4B05D67A5}" = VAIO Product Survey
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"MoodLogic" = MoodLogic
"MouseSuite98" = Sony USB Mouse
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel(R) PROSet/Wireless Software
"PROSet" = Intel(R) PRO Network Connections Drivers
"Skype_is1" = Skype 1.3
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"Yahoo! Messenger" = Yahoo! Messenger
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 11.11.2012 09:11:38 | Computer Name = NOTEBOOK | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
 von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
 ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung
 zurückgegeben.  .
 
Error - 17.11.2012 11:29:15 | Computer Name = NOTEBOOK | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
 von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
 ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung
 zurückgegeben.  .
 
[ System Events ]
Error - 11.11.2012 12:37:26 | Computer Name = NOTEBOOK | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 11.11.2012 12:37:42 | Computer Name = NOTEBOOK | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
 
Error - 11.11.2012 12:37:52 | Computer Name = NOTEBOOK | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 11.11.2012 12:38:12 | Computer Name = NOTEBOOK | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 11.11.2012 12:38:23 | Computer Name = NOTEBOOK | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
 
Error - 11.11.2012 12:38:35 | Computer Name = NOTEBOOK | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 11.11.2012 12:38:45 | Computer Name = NOTEBOOK | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
 
Error - 11.11.2012 12:39:01 | Computer Name = NOTEBOOK | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 11.11.2012 12:39:20 | Computer Name = NOTEBOOK | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
 
Error - 11.11.2012 12:39:30 | Computer Name = NOTEBOOK | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
 
 
< End of report >
4. Gmer

Code:
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-11-18 14:50:43
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 HTS421280H9AT00 rev.HAJOA70G
Running: 6e5b5bgf.exe; Driver: C:\DOKUME~1\Frank\LOKALE~1\Temp\uwloqpow.sys


---- System - GMER 1.0.15 ----

SSDT  F8AFDA94                                                            ZwClose
SSDT  F8AFDA4E                                                            ZwCreateKey
SSDT  F8AFDA9E                                                            ZwCreateSection
SSDT  F8AFDA44                                                            ZwCreateThread
SSDT  F8AFDA53                                                            ZwDeleteKey
SSDT  F8AFDA5D                                                            ZwDeleteValueKey
SSDT  F8AFDA8F                                                            ZwDuplicateObject
SSDT  F8AFDA62                                                            ZwLoadKey
SSDT  F8AFDA30                                                            ZwOpenProcess
SSDT  F8AFDA35                                                            ZwOpenThread
SSDT  F8AFDAB7                                                            ZwQueryValueKey
SSDT  F8AFDA6C                                                            ZwReplaceKey
SSDT  F8AFDAA8                                                            ZwRequestWaitReplyPort
SSDT  F8AFDA67                                                            ZwRestoreKey
SSDT  F8AFDAA3                                                            ZwSetContextThread
SSDT  F8AFDAAD                                                            ZwSetSecurityObject
SSDT  F8AFDA58                                                            ZwSetValueKey
SSDT  F8AFDAB2                                                            ZwSystemDebugControl
SSDT  F8AFDA3F                                                            ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

.text  C:\WINDOWS\system32\DRIVERS\nv4_mini.sys                            section is writeable [0xF7997360, 0x1DD36D, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

?      C:\WINDOWS\system32\winlogon.exe[800] C:\WINDOWS\system32\ntdll.dll  image checksum mismatch; number of sections mismatch; time/date stamp mismatch; unknown module: WINMM.dllunknown module: MSGINA.dllunknown module: RASAPI32.dllunknown module: MPR.dllunknown module: AUTHZ.dllunknown module: NDdeApi.dllunknown module: PROFMAP.dllunknown module: SETUPAPI.dllunknown module: VERSION.dllunknown module: WINSTA.dllunknown module: WINTRUST.dll

---- EOF - GMER 1.0.15 ----

Ich mache dies zum ersten Mal und hoffe, dass die Informationen für´s erste ausreichend sind. Leider habe ich das Problem, dass ich wochentags im Ausland wohne und arbeite und das Notebook hier in Deutschland bleibt. Ich werde eure Anmerkungen und Fragen zwar lesen, aber erst am Wochenende beantworten können. Es wird dann zwar etwas langwieriger - aber ich hoffe, dass ihr mir trotzdem weiterhelfen könnt.

Ich bin übrigens bereit, das Notebook erneut neu aufzubauen, wenn dies die einfachere Variante ist. Ich müsste dann nur wissen, was mein Problem (Virus ???) ist und wie ich es in Zukunft vermeiden kann.

Herzlichen Dank im Voraus für eure Hilfe !

Frank

cosinus 19.11.2012 14:30
Hallo und :hallo:

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.


Zitat:
d.h. die C: Partitur mit der Hilfe Wiederherstellungspartitur formatiert und neu installiert. Ich habe noch eine D: Partitur
Man nenn dieses Gebilde nicht "Partitur" sondern Partition auch wenn ich weiß was du damit meinst - klingt vllt kleinlich, es ist aber schon wichtig, dass man nicht unnötigerweise verschiedenes Vokabular verwendet oder in diesem Falle sogar ein falscher Begriff siehe http://de.wikipedia.org/wiki/Partitur


Zitat:
C:\WINDOWS\system32\winlogon.exe[800] C:\WINDOWS\system32\ntdll.dll image checksum mismatch; number of sections mismatch; time/date stamp
Siehtman auch nicht alle Tage im GMER Log :wtf:

1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.


2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtg4nzy0ywy5/settings_2012-09-04.png

flkor 19.11.2012 22:38
PC langsam bei hoher CPU Auslastung ohne erkennbaren Grund
 
Hallo Cosinus,

vielen Dank für deine Antwort. Ich möchte mich nur melden, damit du weisst, dass ich die Antworten checke. Wie im Thread schon mitgeteilt, kann ich frühestens Freitag Abend oder Samstag Nachmittag deine Anweisungen durchführen. Bitte also den Thread nicht herauskicken - ich werde mich ganz sicher melden.

Bezüglich "Partitur" - bitte entschuldige die Freudsche Fehlleistung - ich wollte ganz sicher "Partition" schreiben, wir sind schliesslich nicht im Klavierforum :headbang:

Grüsse aus der Schweiz und bis Freitag dann...


Frank

Zitat:
Zitat von cosinus (Beitrag 959238)
Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
Kannst du mir bitte noch mitteilen, was ich durchführen muss, um den Virenscanner von Avira abzuschalten.

Vielen Dank

Frank

flkor 23.11.2012 21:46
Hi Cosinus,

ich habe die beiden Punkte ausgeführt:

1. aswMBR

Erster Scan "Quick Scan" ist mit "Blue Screen" abgeschmiert.

Zweiter Scan "None" ist durchgelaufen -> LOG

Code:
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-23 21:16:17
-----------------------------
21:16:17.343    OS Version: Windows 5.1.2600 Service Pack 3
21:16:17.343    Number of processors: 1 586 0xD08
21:16:17.343    ComputerName: NOTEBOOK  UserName: Frank
21:16:25.531    Initialize success
21:19:56.218    AVAST engine defs: 12112301
21:21:20.078    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
21:21:20.078    Disk 0 Vendor: HTS421280H9AT00 HAJOA70G Size: 76319MB BusType: 3
21:21:20.078    Disk 1  \Device\Harddisk1\DR4 -> \Device\0000007b
21:21:20.078    Disk 1 Vendor: (  Size: 76319MB BusType: 0
21:21:20.531    Disk 0 MBR read successfully
21:21:20.531    Disk 0 MBR scan
21:21:26.109    Disk 0 Windows XP default MBR code
21:21:26.171    Disk 0 Partition 1 00    12  Compaq diag NTFS        7153 MB offset 63
21:21:28.390    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        33385 MB offset 14651280
21:21:29.000    Disk 0 Partition - 00    0F Extended LBA            35777 MB offset 83023920
21:21:29.171    Disk 0 Partition 3 00    07    HPFS/NTFS NTFS        35777 MB offset 83023983
21:21:30.234    Disk 0 scanning sectors +156296385
21:21:33.093    Disk 0 scanning C:\WINDOWS\system32\drivers
21:24:15.390    Service scanning
21:26:52.890    Modules scanning
21:27:39.218    Disk 0 trace - called modules:
21:27:39.234    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys
21:27:39.234    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8298aab8]
21:27:39.234    3 CLASSPNP.SYS[f8506fd7] -> nt!IofCallDriver -> \Device\00000073[0x8291a9e8]
21:27:39.234    5 ACPI.sys[f837c620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x8291ad98]
21:27:39.234    Scan finished successfully
21:29:02.671    Disk 0 MBR has been saved successfully to "D:\Download\Virus-Software\MBR.dat"
21:29:02.671    The log file has been saved successfully to "D:\Download\Virus-Software\aswMBR.txt"

2. TDSS-Killer

Code:
21:30:44.0578 1216  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:30:44.0812 1216  ============================================================
21:30:44.0812 1216  Current date / time: 2012/11/23 21:30:44.0812
21:30:44.0812 1216  SystemInfo:
21:30:44.0812 1216 
21:30:44.0812 1216  OS Version: 5.1.2600 ServicePack: 3.0
21:30:44.0812 1216  Product type: Workstation
21:30:44.0812 1216  ComputerName: NOTEBOOK
21:30:44.0812 1216  UserName: Frank
21:30:44.0812 1216  Windows directory: C:\WINDOWS
21:30:44.0812 1216  System windows directory: C:\WINDOWS
21:30:44.0812 1216  Processor architecture: Intel x86
21:30:44.0812 1216  Number of processors: 1
21:30:44.0812 1216  Page size: 0x1000
21:30:44.0812 1216  Boot type: Normal boot
21:30:44.0812 1216  ============================================================
21:30:48.0953 1216  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:30:48.0968 1216  ============================================================
21:30:48.0968 1216  \Device\Harddisk0\DR0:
21:30:48.0968 1216  MBR partitions:
21:30:48.0968 1216  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xDF8F90, BlocksNum 0x41348A0
21:30:48.0984 1216  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x4F2D86F, BlocksNum 0x45E0C52
21:30:48.0984 1216  ============================================================
21:30:49.0062 1216  C: <-> \Device\Harddisk0\DR0\Partition1
21:30:49.0140 1216  D: <-> \Device\Harddisk0\DR0\Partition2
21:30:49.0140 1216  ============================================================
21:30:49.0140 1216  Initialize success
21:30:49.0140 1216  ============================================================
21:31:14.0203 1136  ============================================================
21:31:14.0203 1136  Scan started
21:31:14.0203 1136  Mode: Manual; SigCheck; TDLFS;
21:31:14.0203 1136  ============================================================
21:31:16.0390 1136  ================ Scan system memory ========================
21:31:16.0390 1136  System memory - ok
21:31:16.0406 1136  ================ Scan services =============================
21:31:16.0843 1136  Abiosdsk - ok
21:31:16.0859 1136  abp480n5 - ok
21:31:17.0031 1136  [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:31:17.0906 1136  ACPI - ok
21:31:17.0953 1136  [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
21:31:18.0093 1136  ACPIEC - ok
21:31:18.0281 1136  [ 0F6D872FD048D437DCBF5C1A80194886 ] AdobeActiveFileMonitor C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
21:31:18.0390 1136  AdobeActiveFileMonitor ( UnsignedFile.Multi.Generic ) - warning
21:31:18.0390 1136  AdobeActiveFileMonitor - detected UnsignedFile.Multi.Generic (1)
21:31:18.0390 1136  adpu160m - ok
21:31:18.0500 1136  [ 8BED39E3C35D6A489438B8141717A557 ] aec            C:\WINDOWS\system32\drivers\aec.sys
21:31:18.0687 1136  aec - ok
21:31:18.0750 1136  [ 2C5C22990156A1063E19AD162191DC1D ] AegisP          C:\WINDOWS\system32\DRIVERS\AegisP.sys
21:31:18.0781 1136  AegisP ( UnsignedFile.Multi.Generic ) - warning
21:31:18.0781 1136  AegisP - detected UnsignedFile.Multi.Generic (1)
21:31:18.0906 1136  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD            C:\WINDOWS\System32\drivers\afd.sys
21:31:19.0015 1136  AFD - ok
21:31:19.0015 1136  Aha154x - ok
21:31:19.0031 1136  aic78u2 - ok
21:31:19.0046 1136  aic78xx - ok
21:31:19.0125 1136  [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter        C:\WINDOWS\system32\alrsvc.dll
21:31:19.0281 1136  Alerter - ok
21:31:19.0328 1136  [ 190CD73D4984F94D823F9444980513E5 ] ALG            C:\WINDOWS\System32\alg.exe
21:31:19.0484 1136  ALG - ok
21:31:19.0500 1136  AliIde - ok
21:31:19.0500 1136  amsint - ok
21:31:19.0687 1136  [ A5569C4429D1C5494049FBFE2B2D20FF ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
21:31:19.0781 1136  AntiVirSchedulerService - ok
21:31:19.0875 1136  [ CB7EA00A4E70DF6828EBB68633D000D2 ] AntiVirService  C:\Programme\Avira\AntiVir Desktop\avguard.exe
21:31:19.0921 1136  AntiVirService - ok
21:31:20.0000 1136  [ D3DA11B88AB29076B78FF79F35F0586B ] ApfiltrService  C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
21:31:20.0093 1136  ApfiltrService - ok
21:31:20.0109 1136  AppMgmt - ok
21:31:20.0171 1136  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394        C:\WINDOWS\system32\DRIVERS\arp1394.sys
21:31:20.0312 1136  Arp1394 - ok
21:31:20.0312 1136  asc - ok
21:31:20.0328 1136  asc3350p - ok
21:31:20.0328 1136  asc3550 - ok
21:31:20.0437 1136  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:31:20.0562 1136  AsyncMac - ok
21:31:20.0640 1136  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi          C:\WINDOWS\system32\DRIVERS\atapi.sys
21:31:20.0875 1136  atapi - ok
21:31:20.0921 1136  Atdisk - ok
21:31:21.0015 1136  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc        C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:31:21.0187 1136  Atmarpc - ok
21:31:21.0250 1136  [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
21:31:21.0421 1136  AudioSrv - ok
21:31:21.0546 1136  [ D9F724AA26C010A217C97606B160ED68 ] audstub        C:\WINDOWS\system32\DRIVERS\audstub.sys
21:31:21.0671 1136  audstub - ok
21:31:21.0734 1136  [ 680B3A1BE559B5D5AAC04C7949469DD6 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
21:31:21.0828 1136  avgntflt - ok
21:31:21.0953 1136  [ 6B289080B9752DAD39C1C2B98B479DCE ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
21:31:22.0015 1136  avipbb - ok
21:31:22.0062 1136  [ FFB78D74E1EA5F811341A6E7AC547A46 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
21:31:22.0078 1136  avkmgr - ok
21:31:22.0140 1136  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
21:31:22.0296 1136  Beep - ok
21:31:22.0578 1136  [ D6F603772A789BB3228F310D650B8BD1 ] BITS            C:\WINDOWS\system32\qmgr.dll
21:31:23.0218 1136  BITS - ok
21:31:23.0312 1136  [ B71549F23736ADF83A571061C47777FD ] Browser        C:\WINDOWS\System32\browser.dll
21:31:23.0406 1136  Browser - ok
21:31:23.0453 1136  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k        C:\WINDOWS\system32\drivers\cbidf2k.sys
21:31:23.0625 1136  cbidf2k - ok
21:31:23.0625 1136  cd20xrnt - ok
21:31:23.0671 1136  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio        C:\WINDOWS\system32\drivers\Cdaudio.sys
21:31:23.0828 1136  Cdaudio - ok
21:31:23.0906 1136  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
21:31:24.0046 1136  Cdfs - ok
21:31:24.0093 1136  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom          C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:31:24.0281 1136  Cdrom - ok
21:31:24.0281 1136  Changer - ok
21:31:24.0328 1136  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc          C:\WINDOWS\system32\cisvc.exe
21:31:24.0468 1136  CiSvc - ok
21:31:24.0500 1136  [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv        C:\WINDOWS\system32\clipsrv.exe
21:31:24.0765 1136  ClipSrv - ok
21:31:24.0796 1136  [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
21:31:24.0921 1136  CmBatt - ok
21:31:24.0921 1136  CmdIde - ok
21:31:24.0953 1136  [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
21:31:25.0078 1136  Compbatt - ok
21:31:25.0093 1136  COMSysApp - ok
21:31:25.0109 1136  Cpqarray - ok
21:31:25.0250 1136  [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
21:31:25.0421 1136  CryptSvc - ok
21:31:25.0437 1136  dac2w2k - ok
21:31:25.0437 1136  dac960nt - ok
21:31:25.0718 1136  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
21:31:26.0234 1136  DcomLaunch - ok
21:31:26.0375 1136  [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
21:31:26.0593 1136  Dhcp - ok
21:31:26.0718 1136  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
21:31:26.0859 1136  Disk - ok
21:31:26.0859 1136  dmadmin - ok
21:31:27.0437 1136  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
21:31:28.0359 1136  dmboot - ok
21:31:28.0406 1136  [ 526192BF7696F72E29777BF4A180513A ] DMICall        C:\WINDOWS\system32\DRIVERS\DMICall.sys
21:31:28.0531 1136  DMICall - ok
21:31:28.0671 1136  [ 53720AB12B48719D00E327DA470A619A ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
21:31:28.0859 1136  dmio - ok
21:31:28.0906 1136  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
21:31:29.0046 1136  dmload - ok
21:31:29.0093 1136  [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver        C:\WINDOWS\System32\dmserver.dll
21:31:29.0281 1136  dmserver - ok
21:31:29.0328 1136  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
21:31:29.0468 1136  DMusic - ok
21:31:29.0562 1136  [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
21:31:29.0906 1136  Dnscache - ok
21:31:30.0046 1136  [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc        C:\WINDOWS\System32\dot3svc.dll
21:31:30.0328 1136  Dot3svc - ok
21:31:30.0328 1136  dpti2o - ok
21:31:30.0359 1136  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud        C:\WINDOWS\system32\drivers\drmkaud.sys
21:31:30.0500 1136  drmkaud - ok
21:31:30.0640 1136  [ 95974E66D3DE4951D29E28E8BC0B644C ] E100B          C:\WINDOWS\system32\DRIVERS\e100b325.sys
21:31:30.0703 1136  E100B - ok
21:31:30.0765 1136  [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost        C:\WINDOWS\System32\eapsvc.dll
21:31:30.0937 1136  EapHost - ok
21:31:30.0984 1136  [ 877C18558D70587AA7823A1A308AC96B ] ERSvc          C:\WINDOWS\System32\ersvc.dll
21:31:31.0125 1136  ERSvc - ok
21:31:31.0250 1136  [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog        C:\WINDOWS\system32\services.exe
21:31:31.0343 1136  Eventlog - ok
21:31:31.0546 1136  [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem    C:\WINDOWS\system32\es.dll
21:31:31.0750 1136  EventSystem - ok
21:31:31.0859 1136  [ 12B0134BB2F5E482128F901E34E7138E ] EvtEng          C:\Programme\Intel\Wireless\Bin\EvtEng.exe
21:31:31.0937 1136  EvtEng ( UnsignedFile.Multi.Generic ) - warning
21:31:31.0937 1136  EvtEng - detected UnsignedFile.Multi.Generic (1)
21:31:32.0062 1136  [ 38D332A6D56AF32635675F132548343E ] Fastfat        C:\WINDOWS\system32\drivers\Fastfat.sys
21:31:32.0296 1136  Fastfat - ok
21:31:32.0406 1136  [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:31:32.0578 1136  FastUserSwitchingCompatibility - ok
21:31:32.0609 1136  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc            C:\WINDOWS\system32\drivers\Fdc.sys
21:31:32.0734 1136  Fdc - ok
21:31:32.0796 1136  [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
21:31:32.0921 1136  Fips - ok
21:31:32.0937 1136  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
21:31:33.0093 1136  Flpydisk - ok
21:31:33.0187 1136  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
21:31:33.0359 1136  FltMgr - ok
21:31:33.0390 1136  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:31:33.0515 1136  Fs_Rec - ok
21:31:33.0625 1136  [ 8F1955CE42E1484714B542F341647778 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:31:33.0812 1136  Ftdisk - ok
21:31:33.0859 1136  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc            C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:31:33.0984 1136  Gpc - ok
21:31:34.0109 1136  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:31:34.0343 1136  HDAudBus - ok
21:31:34.0421 1136  [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc        C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:31:34.0593 1136  helpsvc - ok
21:31:34.0593 1136  HidServ - ok
21:31:34.0640 1136  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:31:34.0828 1136  HidUsb - ok
21:31:34.0937 1136  [ ED29F14101523A6E0E808107405D452C ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
21:31:35.0109 1136  hkmsvc - ok
21:31:35.0109 1136  hpn - ok
21:31:35.0265 1136  [ 9BEC5D4AC6EFDAAF001D42C77811E3DB ] HSFHWAZL        C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
21:31:35.0390 1136  HSFHWAZL - ok
21:31:36.0046 1136  [ 6CAD234BECF58529879B6C303F02777F ] HSF_DPV        C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
21:31:37.0265 1136  HSF_DPV - ok
21:31:37.0468 1136  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
21:31:37.0640 1136  HTTP - ok
21:31:37.0703 1136  [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
21:31:37.0859 1136  HTTPFilter - ok
21:31:37.0859 1136  i2omgmt - ok
21:31:37.0859 1136  i2omp - ok
21:31:37.0984 1136  [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:31:38.0125 1136  i8042prt - ok
21:31:38.0937 1136  [ C8B13676374AE2418B653B10D2EDDA0E ] ialm            C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
21:31:40.0156 1136  ialm - ok
21:31:40.0390 1136  [ 29007134FAA5C261C1DC4E6BC47FB68E ] Image Converter video recording monitor for VAIO Entertainment C:\Programme\Sony\Image Converter 2\IcVzMon.exe
21:31:40.0453 1136  Image Converter video recording monitor for VAIO Entertainment ( UnsignedFile.Multi.Generic ) - warning
21:31:40.0453 1136  Image Converter video recording monitor for VAIO Entertainment - detected UnsignedFile.Multi.Generic (1)
21:31:40.0500 1136  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi          C:\WINDOWS\system32\DRIVERS\imapi.sys
21:31:40.0640 1136  Imapi - ok
21:31:40.0859 1136  [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService    C:\WINDOWS\system32\imapi.exe
21:31:41.0093 1136  ImapiService - ok
21:31:41.0093 1136  ini910u - ok
21:31:43.0156 1136  [ 5F2657F8781376892035976CF8122A2D ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
21:31:47.0140 1136  IntcAzAudAddService - ok
21:31:47.0156 1136  [ 69C4E3C9E67A1F103B94E14FDD5F3213 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
21:31:47.0281 1136  IntelIde - ok
21:31:47.0343 1136  [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:31:47.0484 1136  intelppm - ok
21:31:47.0515 1136  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw          C:\WINDOWS\system32\drivers\ip6fw.sys
21:31:47.0656 1136  Ip6Fw - ok
21:31:47.0718 1136  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:31:47.0875 1136  IpFilterDriver - ok
21:31:47.0906 1136  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:31:48.0031 1136  IpInIp - ok
21:31:48.0156 1136  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat          C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:31:48.0375 1136  IpNat - ok
21:31:48.0437 1136  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec          C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:31:48.0562 1136  IPSec - ok
21:31:48.0593 1136  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
21:31:48.0750 1136  IRENUM - ok
21:31:48.0812 1136  [ 6DFB88F64135C525433E87648BDA30DE ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:31:48.0953 1136  isapnp - ok
21:31:49.0625 1136  [ B591E761161D1EF547D76EF236EAA6A5 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
21:31:49.0750 1136  JavaQuickStarterService - ok
21:31:49.0796 1136  [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:31:49.0968 1136  Kbdclass - ok
21:31:50.0140 1136  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
21:31:50.0328 1136  kmixer - ok
21:31:50.0437 1136  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
21:31:50.0515 1136  KSecDD - ok
21:31:50.0640 1136  [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
21:31:50.0765 1136  lanmanserver - ok
21:31:50.0890 1136  [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:31:51.0000 1136  lanmanworkstation - ok
21:31:51.0015 1136  lbrtfdc - ok
21:31:51.0343 1136  [ F03FC45E839912CB576E2496F582867C ] LEX_AS_NIC_SERVICE_YNOS C:\WINDOWS\system32\DRIVERS\ExpasAG.sys
21:31:51.0828 1136  LEX_AS_NIC_SERVICE_YNOS - ok
21:31:51.0875 1136  [ 636714B7D43C8D0C80449123FD266920 ] LmHosts        C:\WINDOWS\System32\lmhsvc.dll
21:31:52.0015 1136  LmHosts - ok
21:31:52.0078 1136  [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector  C:\WINDOWS\system32\drivers\mbam.sys
21:31:52.0093 1136  MBAMProtector - ok
21:31:52.0375 1136  [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler  C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:31:52.0812 1136  MBAMScheduler - ok
21:31:53.0265 1136  [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService    C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
21:31:54.0046 1136  MBAMService - ok
21:31:54.0109 1136  [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy  C:\WINDOWS\system32\drivers\mbamswissarmy.sys
21:31:54.0125 1136  MBAMSwissArmy - ok
21:31:54.0187 1136  [ 3C318B9CD391371BED62126581EE9961 ] mdmxsdk        C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
21:31:54.0203 1136  mdmxsdk - ok
21:31:54.0281 1136  [ B7550A7107281D170CE85524B1488C98 ] Messenger      C:\WINDOWS\System32\msgsvc.dll
21:31:54.0453 1136  Messenger - ok
21:31:54.0500 1136  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd          C:\WINDOWS\system32\drivers\mnmdd.sys
21:31:54.0640 1136  mnmdd - ok
21:31:54.0703 1136  [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc        C:\WINDOWS\system32\mnmsrvc.exe
21:31:54.0843 1136  mnmsrvc - ok
21:31:54.0953 1136  [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem          C:\WINDOWS\system32\drivers\Modem.sys
21:31:55.0109 1136  Modem - ok
21:31:55.0140 1136  [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:31:55.0265 1136  Mouclass - ok
21:31:55.0343 1136  [ 66A6F73C74E1791464160A7065CE711A ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:31:55.0484 1136  mouhid - ok
21:31:55.0546 1136  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
21:31:55.0687 1136  MountMgr - ok
21:31:55.0890 1136  [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
21:31:56.0031 1136  MozillaMaintenance - ok
21:31:56.0046 1136  mraid35x - ok
21:31:56.0156 1136  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:31:56.0437 1136  MRxDAV - ok
21:31:56.0765 1136  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:31:57.0218 1136  MRxSmb - ok
21:31:57.0328 1136  [ A5FE164169E82E446D717511B390D5D2 ] MSCSPTISRV      C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\MSCSPTISRV.exe
21:31:57.0390 1136  MSCSPTISRV ( UnsignedFile.Multi.Generic ) - warning
21:31:57.0390 1136  MSCSPTISRV - detected UnsignedFile.Multi.Generic (1)
21:31:57.0421 1136  [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC          C:\WINDOWS\system32\msdtc.exe
21:31:57.0562 1136  MSDTC - ok
21:31:57.0593 1136  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
21:31:57.0718 1136  Msfs - ok
21:31:57.0734 1136  MSIServer - ok
21:31:57.0765 1136  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV        C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:31:57.0890 1136  MSKSSRV - ok
21:31:57.0906 1136  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:31:58.0046 1136  MSPCLOCK - ok
21:31:58.0078 1136  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM          C:\WINDOWS\system32\drivers\MSPQM.sys
21:31:58.0203 1136  MSPQM - ok
21:31:58.0234 1136  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:31:58.0375 1136  mssmbios - ok
21:31:58.0421 1136  MSSQL$VAIO_VEDB - ok
21:31:58.0531 1136  [ CB7524C21727404BD3140DCA32DEB7DE ] MSSQLServerADHelper C:\Programme\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
21:31:58.0609 1136  MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - warning
21:31:58.0609 1136  MSSQLServerADHelper - detected UnsignedFile.Multi.Generic (1)
21:31:58.0703 1136  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup            C:\WINDOWS\system32\drivers\Mup.sys
21:31:58.0765 1136  Mup - ok
21:31:59.0000 1136  [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent        C:\WINDOWS\System32\qagentrt.dll
21:31:59.0437 1136  napagent - ok
21:31:59.0593 1136  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
21:31:59.0796 1136  NDIS - ok
21:31:59.0843 1136  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:31:59.0890 1136  NdisTapi - ok
21:31:59.0921 1136  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio        C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:32:00.0125 1136  Ndisuio - ok
21:32:00.0187 1136  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan        C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:32:00.0390 1136  NdisWan - ok
21:32:00.0453 1136  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy        C:\WINDOWS\system32\drivers\NDProxy.sys
21:32:00.0500 1136  NDProxy - ok
21:32:00.0546 1136  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS        C:\WINDOWS\system32\DRIVERS\netbios.sys
21:32:00.0687 1136  NetBIOS - ok
21:32:00.0812 1136  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT          C:\WINDOWS\system32\DRIVERS\netbt.sys
21:32:01.0000 1136  NetBT - ok
21:32:01.0140 1136  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE          C:\WINDOWS\system32\netdde.exe
21:32:01.0546 1136  NetDDE - ok
21:32:01.0625 1136  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
21:32:01.0750 1136  NetDDEdsdm - ok
21:32:01.0781 1136  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon        C:\WINDOWS\system32\lsass.exe
21:32:01.0921 1136  Netlogon - ok
21:32:02.0062 1136  [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman          C:\WINDOWS\System32\netman.dll
21:32:02.0359 1136  Netman - ok
21:32:02.0453 1136  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394        C:\WINDOWS\system32\DRIVERS\nic1394.sys
21:32:02.0593 1136  NIC1394 - ok
21:32:02.0765 1136  [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla            C:\WINDOWS\System32\mswsock.dll
21:32:02.0921 1136  Nla - ok
21:32:02.0953 1136  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
21:32:03.0078 1136  Npfs - ok
21:32:03.0515 1136  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
21:32:04.0140 1136  Ntfs - ok
21:32:04.0171 1136  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp        C:\WINDOWS\system32\lsass.exe
21:32:04.0296 1136  NtLmSsp - ok
21:32:04.0640 1136  [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc        C:\WINDOWS\system32\ntmssvc.dll
21:32:05.0265 1136  NtmsSvc - ok
21:32:05.0312 1136  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
21:32:05.0484 1136  Null - ok
21:32:07.0593 1136  [ 0A71BC580C55DC6FEC466D8533569E66 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
21:32:11.0453 1136  nv - ok
21:32:11.0578 1136  [ A3469A25100D510EEF5B8A65A890286F ] NVSvc          C:\WINDOWS\system32\nvsvc32.exe
21:32:11.0687 1136  NVSvc - ok
21:32:11.0734 1136  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:32:11.0875 1136  NwlnkFlt - ok
21:32:11.0906 1136  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:32:12.0046 1136  NwlnkFwd - ok
21:32:12.0140 1136  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
21:32:12.0265 1136  ohci1394 - ok
21:32:12.0390 1136  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose            C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
21:32:12.0468 1136  ose - ok
21:32:12.0531 1136  [ 2AACB80F75A0683E32CF350B0C60A17F ] PACSPTISVR      C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\PACSPTISVR.exe
21:32:12.0593 1136  PACSPTISVR ( UnsignedFile.Multi.Generic ) - warning
21:32:12.0593 1136  PACSPTISVR - detected UnsignedFile.Multi.Generic (1)
21:32:12.0687 1136  [ F84785660305B9B903FB3BCA8BA29837 ] Parport        C:\WINDOWS\system32\drivers\Parport.sys
21:32:12.0828 1136  Parport - ok
21:32:12.0859 1136  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr        C:\WINDOWS\system32\drivers\PartMgr.sys
21:32:12.0984 1136  PartMgr - ok
21:32:13.0031 1136  [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
21:32:13.0171 1136  ParVdm - ok
21:32:13.0234 1136  [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI            C:\WINDOWS\system32\DRIVERS\pci.sys
21:32:13.0375 1136  PCI - ok
21:32:13.0375 1136  PCIDump - ok
21:32:13.0406 1136  [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
21:32:13.0546 1136  PCIIde - ok
21:32:13.0625 1136  [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia          C:\WINDOWS\system32\DRIVERS\pcmcia.sys
21:32:13.0796 1136  Pcmcia - ok
21:32:13.0812 1136  PDCOMP - ok
21:32:13.0812 1136  PDFRAME - ok
21:32:13.0828 1136  PDRELI - ok
21:32:13.0828 1136  PDRFRAME - ok
21:32:13.0843 1136  perc2 - ok
21:32:13.0843 1136  perc2hib - ok
21:32:14.0015 1136  [ E0297D369962F00E52BBACE14A554DF5 ] PhotoshopElementsDeviceConnect C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
21:32:14.0109 1136  PhotoshopElementsDeviceConnect ( UnsignedFile.Multi.Generic ) - warning
21:32:14.0109 1136  PhotoshopElementsDeviceConnect - detected UnsignedFile.Multi.Generic (1)
21:32:14.0203 1136  [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay        C:\WINDOWS\system32\services.exe
21:32:14.0218 1136  PlugPlay - ok
21:32:14.0234 1136  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent    C:\WINDOWS\system32\lsass.exe
21:32:14.0359 1136  PolicyAgent - ok
21:32:14.0421 1136  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:32:14.0546 1136  PptpMiniport - ok
21:32:14.0562 1136  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:32:14.0671 1136  ProtectedStorage - ok
21:32:14.0734 1136  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
21:32:14.0875 1136  PSched - ok
21:32:14.0921 1136  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink        C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:32:15.0062 1136  Ptilink - ok
21:32:15.0109 1136  [ 86724469CD077901706854974CD13C3E ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:32:15.0125 1136  PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
21:32:15.0125 1136  PxHelp20 - detected UnsignedFile.Multi.Generic (1)
21:32:15.0125 1136  ql1080 - ok
21:32:15.0140 1136  Ql10wnt - ok
21:32:15.0140 1136  ql12160 - ok
21:32:15.0156 1136  ql1240 - ok
21:32:15.0156 1136  ql1280 - ok
21:32:15.0203 1136  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:32:15.0406 1136  RasAcd - ok
21:32:15.0500 1136  [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto        C:\WINDOWS\System32\rasauto.dll
21:32:15.0703 1136  RasAuto - ok
21:32:15.0750 1136  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp        C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:32:15.0906 1136  Rasl2tp - ok
21:32:16.0046 1136  [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan          C:\WINDOWS\System32\rasmans.dll
21:32:16.0296 1136  RasMan - ok
21:32:16.0328 1136  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:32:16.0484 1136  RasPppoe - ok
21:32:16.0531 1136  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
21:32:16.0671 1136  Raspti - ok
21:32:16.0796 1136  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss          C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:32:17.0000 1136  Rdbss - ok
21:32:17.0031 1136  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:32:17.0171 1136  RDPCDD - ok
21:32:17.0312 1136  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD          C:\WINDOWS\system32\drivers\RDPWD.sys
21:32:17.0484 1136  RDPWD - ok
21:32:17.0609 1136  [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr      C:\WINDOWS\system32\sessmgr.exe
21:32:17.0859 1136  RDSessMgr - ok
21:32:17.0937 1136  [ ED761D453856F795A7FE056E42C36365 ] redbook        C:\WINDOWS\system32\DRIVERS\redbook.sys
21:32:18.0078 1136  redbook - ok
21:32:18.0187 1136  [ B9732EAAEF554978E61DC97D15A1C877 ] RegSrvc        C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
21:32:18.0312 1136  RegSrvc ( UnsignedFile.Multi.Generic ) - warning
21:32:18.0312 1136  RegSrvc - detected UnsignedFile.Multi.Generic (1)
21:32:18.0390 1136  [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
21:32:18.0562 1136  RemoteAccess - ok
21:32:18.0625 1136  [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator      C:\WINDOWS\system32\locator.exe
21:32:18.0812 1136  RpcLocator - ok
21:32:19.0078 1136  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs          C:\WINDOWS\system32\rpcss.dll
21:32:19.0281 1136  RpcSs - ok
21:32:19.0468 1136  [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP            C:\WINDOWS\system32\rsvp.exe
21:32:19.0687 1136  RSVP - ok
21:32:20.0031 1136  [ 02B4B912D7AD5ED9F2F37EAC6A68D4AF ] S24EventMonitor C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
21:32:20.0500 1136  S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
21:32:20.0500 1136  S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
21:32:20.0531 1136  [ 208491A652C79871737EDFE629DE2C45 ] s24trans        C:\WINDOWS\system32\DRIVERS\s24trans.sys
21:32:20.0546 1136  s24trans ( UnsignedFile.Multi.Generic ) - warning
21:32:20.0546 1136  s24trans - detected UnsignedFile.Multi.Generic (1)
21:32:20.0578 1136  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs          C:\WINDOWS\system32\lsass.exe
21:32:20.0687 1136  SamSs - ok
21:32:20.0859 1136  [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
21:32:21.0078 1136  SCardSvr - ok
21:32:21.0218 1136  [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule        C:\WINDOWS\system32\schedsvc.dll
21:32:21.0531 1136  Schedule - ok
21:32:21.0562 1136  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:32:21.0687 1136  Secdrv - ok
21:32:21.0812 1136  [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon        C:\WINDOWS\System32\seclogon.dll
21:32:21.0968 1136  seclogon - ok
21:32:22.0000 1136  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS            C:\WINDOWS\system32\sens.dll
21:32:22.0156 1136  SENS - ok
21:32:22.0234 1136  [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
21:32:22.0375 1136  Serial - ok
21:32:22.0406 1136  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy        C:\WINDOWS\system32\drivers\Sfloppy.sys
21:32:22.0546 1136  Sfloppy - ok
21:32:22.0796 1136  [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
21:32:23.0312 1136  SharedAccess - ok
21:32:23.0421 1136  [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:32:23.0453 1136  ShellHWDetection - ok
21:32:23.0453 1136  Simbad - ok
21:32:23.0531 1136  [ BE6038E0A7D2E2FE69107E41A0265831 ] SNC            C:\WINDOWS\system32\Drivers\SonyNC.sys
21:32:23.0593 1136  SNC - ok
21:32:23.0593 1136  Sparrow - ok
21:32:23.0625 1136  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
21:32:23.0734 1136  splitter - ok
21:32:23.0812 1136  [ 60784F891563FB1B767F70117FC2428F ] Spooler        C:\WINDOWS\system32\spoolsv.exe
21:32:23.0906 1136  Spooler - ok
21:32:24.0000 1136  [ B451765E79957D651FB4B7ABB2DD804F ] SPTISRV        C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SPTISRV.exe
21:32:24.0062 1136  SPTISRV ( UnsignedFile.Multi.Generic ) - warning
21:32:24.0062 1136  SPTISRV - detected UnsignedFile.Multi.Generic (1)
21:32:24.0062 1136  SQLAgent$VAIO_VEDB - ok
21:32:24.0125 1136  [ 50FA898F8C032796D3B1B9951BB5A90F ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
21:32:24.0250 1136  sr - ok
21:32:24.0390 1136  [ FE77A85495065F3AD59C5C65B6C54182 ] srservice      C:\WINDOWS\system32\srsvc.dll
21:32:24.0734 1136  srservice - ok
21:32:25.0000 1136  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv            C:\WINDOWS\system32\DRIVERS\srv.sys
21:32:25.0421 1136  Srv - ok
21:32:25.0500 1136  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV        C:\WINDOWS\System32\ssdpsrv.dll
21:32:25.0687 1136  SSDPSRV - ok
21:32:25.0750 1136  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
21:32:25.0781 1136  ssmdrv - ok
21:32:25.0843 1136  [ ACB893CDED2C6EA692782433EA885CEA ] SSScsiSV        C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SSScsiSV.exe
21:32:25.0921 1136  SSScsiSV ( UnsignedFile.Multi.Generic ) - warning
21:32:25.0921 1136  SSScsiSV - detected UnsignedFile.Multi.Generic (1)
21:32:26.0171 1136  [ BC2C5985611C5356B24AEB370953DED9 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
21:32:26.0671 1136  stisvc - ok
21:32:26.0796 1136  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
21:32:26.0937 1136  swenum - ok
21:32:26.0984 1136  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
21:32:27.0125 1136  swmidi - ok
21:32:27.0125 1136  SwPrv - ok
21:32:27.0140 1136  symc810 - ok
21:32:27.0156 1136  symc8xx - ok
21:32:27.0156 1136  sym_hi - ok
21:32:27.0171 1136  sym_u3 - ok
21:32:27.0296 1136  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
21:32:27.0437 1136  sysaudio - ok
21:32:27.0515 1136  [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog      C:\WINDOWS\system32\smlogsvc.exe
21:32:27.0703 1136  SysmonLog - ok
21:32:27.0890 1136  [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv        C:\WINDOWS\System32\tapisrv.dll
21:32:28.0171 1136  TapiSrv - ok
21:32:28.0437 1136  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip          C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:32:28.0937 1136  Tcpip - ok
21:32:28.0968 1136  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
21:32:29.0093 1136  TDPIPE - ok
21:32:29.0140 1136  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP          C:\WINDOWS\system32\drivers\TDTCP.sys
21:32:29.0281 1136  TDTCP - ok
21:32:29.0312 1136  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
21:32:29.0453 1136  TermDD - ok
21:32:29.0703 1136  [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService    C:\WINDOWS\System32\termsrv.dll
21:32:30.0015 1136  TermService - ok
21:32:30.0125 1136  [ 2DB7D303C36DDD055215052F118E8E75 ] Themes          C:\WINDOWS\System32\shsvcs.dll
21:32:30.0140 1136  Themes - ok
21:32:30.0234 1136  [ BD9B64B745B7EE6C45B70F93703864A2 ] tifmsony        C:\WINDOWS\system32\drivers\tifmsony.sys
21:32:30.0281 1136  tifmsony - ok
21:32:30.0281 1136  TosIde - ok
21:32:30.0359 1136  [ 626504572B175867F30F3215C04B3E2F ] TrkWks          C:\WINDOWS\system32\trkwks.dll
21:32:30.0625 1136  TrkWks - ok
21:32:30.0734 1136  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
21:32:31.0125 1136  Udfs - ok
21:32:31.0125 1136  ultra - ok
21:32:31.0187 1136  [ C81B8635DEE0D3EF5F64B3DD643023A5 ] UMWdf          C:\WINDOWS\system32\wdfmgr.exe
21:32:31.0265 1136  UMWdf - ok
21:32:31.0531 1136  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
21:32:32.0031 1136  Update - ok
21:32:32.0203 1136  [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost        C:\WINDOWS\System32\upnphost.dll
21:32:32.0468 1136  upnphost - ok
21:32:32.0515 1136  [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS            C:\WINDOWS\System32\ups.exe
21:32:32.0671 1136  UPS - ok
21:32:32.0734 1136  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci        C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:32:32.0875 1136  usbehci - ok
21:32:32.0953 1136  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:32:33.0078 1136  usbhub - ok
21:32:33.0140 1136  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR        C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:32:33.0281 1136  USBSTOR - ok
21:32:33.0312 1136  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci        C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:32:33.0421 1136  usbuhci - ok
21:32:33.0562 1136  [ D3F969831F38F098CDE83994D1E9088E ] VAIO Entertainment Aggregation and Control Service C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
21:32:33.0671 1136  VAIO Entertainment Aggregation and Control Service ( UnsignedFile.Multi.Generic ) - warning
21:32:33.0671 1136  VAIO Entertainment Aggregation and Control Service - detected UnsignedFile.Multi.Generic (1)
21:32:34.0125 1136  [ 984861F9E6954395C067664034DE90C1 ] VAIO Entertainment Task Scheduler C:\Programme\Sony\VAIO Entertainment\VzTaskScheduler.exe
21:32:34.0718 1136  VAIO Entertainment Task Scheduler ( UnsignedFile.Multi.Generic ) - warning
21:32:34.0718 1136  VAIO Entertainment Task Scheduler - detected UnsignedFile.Multi.Generic (1)
21:32:34.0828 1136  [ B648E3C89F2944A013ED452A8BFB6D68 ] VAIO Entertainment TV Device Arbitration Service C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
21:32:34.0937 1136  VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - warning
21:32:34.0937 1136  VAIO Entertainment TV Device Arbitration Service - detected UnsignedFile.Multi.Generic (1)
21:32:35.0078 1136  [ 2B0EAC2B6E5F1C5E007DABAE101028B0 ] VAIO Event Service C:\Programme\Sony\VAIO Event Service\VESMgr.exe
21:32:35.0203 1136  VAIO Event Service ( UnsignedFile.Multi.Generic ) - warning
21:32:35.0203 1136  VAIO Event Service - detected UnsignedFile.Multi.Generic (1)
21:32:36.0421 1136  [ 563335C39DC70DEA5318DE264CDAADA7 ] VAIOMediaPlatform-IntegratedServer-AppServer C:\Programme\Sony\VAIO Media Integrated Server\VMISrv.exe
21:32:38.0656 1136  VAIOMediaPlatform-IntegratedServer-AppServer ( UnsignedFile.Multi.Generic ) - warning
21:32:38.0656 1136  VAIOMediaPlatform-IntegratedServer-AppServer - detected UnsignedFile.Multi.Generic (1)
21:32:38.0718 1136  [ ECBCC89C8DA6EB5D73301792E5E44DA6 ] VAIOMediaPlatform-IntegratedServer-HTTP C:\Programme\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
21:32:38.0781 1136  VAIOMediaPlatform-IntegratedServer-HTTP ( UnsignedFile.Multi.Generic ) - warning
21:32:38.0781 1136  VAIOMediaPlatform-IntegratedServer-HTTP - detected UnsignedFile.Multi.Generic (1)
21:32:39.0328 1136  [ 028D7AA7C9E7BA459534795908AB414C ] VAIOMediaPlatform-IntegratedServer-UPnP C:\Programme\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
21:32:40.0187 1136  VAIOMediaPlatform-IntegratedServer-UPnP ( UnsignedFile.Multi.Generic ) - warning
21:32:40.0187 1136  VAIOMediaPlatform-IntegratedServer-UPnP - detected UnsignedFile.Multi.Generic (1)
21:32:40.0343 1136  [ E81C0AB3E6B82E812B5FF255772CFA15 ] VAIOMediaPlatform-Mobile-Gateway C:\Programme\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
21:32:40.0500 1136  VAIOMediaPlatform-Mobile-Gateway ( UnsignedFile.Multi.Generic ) - warning
21:32:40.0500 1136  VAIOMediaPlatform-Mobile-Gateway - detected UnsignedFile.Multi.Generic (1)
21:32:40.0859 1136  [ 55A47A048E5FD13977CA47DF39CBA5FF ] VCI            C:\Programme\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
21:32:41.0328 1136  VCI ( UnsignedFile.Multi.Generic ) - warning
21:32:41.0328 1136  VCI - detected UnsignedFile.Multi.Generic (1)
21:32:41.0328 1136  Vcsw - ok
21:32:41.0375 1136  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave        C:\WINDOWS\System32\drivers\vga.sys
21:32:41.0484 1136  VgaSave - ok
21:32:41.0500 1136  ViaIde - ok
21:32:41.0562 1136  [ A5A712F4E880874A477AF790B5186E1D ] VolSnap        C:\WINDOWS\system32\drivers\VolSnap.sys
21:32:41.0687 1136  VolSnap - ok
21:32:41.0937 1136  [ 68F106273BE29E7B7EF8266977268E78 ] VSS            C:\WINDOWS\System32\vssvc.exe
21:32:42.0265 1136  VSS - ok
21:32:43.0015 1136  [ BDB755F9B3E01BF33993C10C007202DF ] VUAgent        C:\Programme\Sony\VAIO Update Common\VUAgent.exe
21:32:44.0140 1136  VUAgent - ok
21:32:44.0343 1136  [ 0BD64CCEA7B4BF25CA2FB9BF1444DFD9 ] VzCdbSvc        C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
21:32:44.0484 1136  VzCdbSvc ( UnsignedFile.Multi.Generic ) - warning
21:32:44.0484 1136  VzCdbSvc - detected UnsignedFile.Multi.Generic (1)
21:32:44.0593 1136  [ E81E8C7DC7EBC6CEDE156EAAD5EF9C8E ] VzFw            C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
21:32:44.0703 1136  VzFw ( UnsignedFile.Multi.Generic ) - warning
21:32:44.0703 1136  VzFw - detected UnsignedFile.Multi.Generic (1)
21:32:46.0875 1136  [ 67CAA926EF06E07F2D31056B39F51C54 ] w29n51          C:\WINDOWS\system32\DRIVERS\w29n51.sys
21:32:50.0843 1136  w29n51 - ok
21:32:51.0015 1136  [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time        C:\WINDOWS\system32\w32time.dll
21:32:51.0250 1136  W32Time - ok
21:32:51.0328 1136  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:32:51.0453 1136  Wanarp - ok
21:32:51.0468 1136  WDICA - ok
21:32:51.0531 1136  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
21:32:51.0671 1136  wdmaud - ok
21:32:51.0734 1136  [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient      C:\WINDOWS\System32\webclnt.dll
21:32:51.0906 1136  WebClient - ok
21:32:52.0390 1136  [ AB7646D4CB9BB83D29D21EF7E00A0D15 ] winachsf        C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
21:32:53.0171 1136  winachsf - ok
21:32:53.0359 1136  [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt        C:\WINDOWS\system32\wbem\WMIsvc.dll
21:32:53.0578 1136  winmgmt - ok
21:32:53.0640 1136  [ A477391B7A8B0A0DAABADB17CF533A4B ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
21:32:53.0750 1136  WmdmPmSN - ok
21:32:53.0875 1136  [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:32:54.0078 1136  WmiApSrv - ok
21:32:54.0156 1136  [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
21:32:54.0343 1136  wscsvc - ok
21:32:54.0406 1136  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
21:32:54.0531 1136  wuauserv - ok
21:32:54.0890 1136  [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
21:32:55.0500 1136  WZCSVC - ok
21:32:55.0593 1136  [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov        C:\WINDOWS\System32\xmlprov.dll
21:32:55.0859 1136  xmlprov - ok
21:32:55.0875 1136  ================ Scan global ===============================
21:32:55.0953 1136  [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
21:32:56.0218 1136  [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
21:32:56.0593 1136  [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
21:32:56.0687 1136  [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
21:32:56.0687 1136  [Global] - ok
21:32:56.0687 1136  ================ Scan MBR ==================================
21:32:56.0718 1136  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
21:32:57.0312 1136  \Device\Harddisk0\DR0 - ok
21:32:57.0328 1136  ================ Scan VBR ==================================
21:32:57.0328 1136  [ 20A5CE395DB3D6160187C2AC6EE5092E ] \Device\Harddisk0\DR0\Partition1
21:32:57.0343 1136  \Device\Harddisk0\DR0\Partition1 - ok
21:32:57.0343 1136  [ 4017084AF9C22851246DC9BCBBBBA4C8 ] \Device\Harddisk0\DR0\Partition2
21:32:57.0359 1136  \Device\Harddisk0\DR0\Partition2 - ok
21:32:57.0359 1136  ============================================================
21:32:57.0359 1136  Scan finished
21:32:57.0359 1136  ============================================================
21:32:57.0468 2760  Detected object count: 25
21:32:57.0468 2760  Actual detected object count: 25
21:33:29.0484 2760  AdobeActiveFileMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0484 2760  AdobeActiveFileMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0484 2760  AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0484 2760  AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0484 2760  EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0484 2760  EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0484 2760  Image Converter video recording monitor for VAIO Entertainment ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0484 2760  Image Converter video recording monitor for VAIO Entertainment ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0484 2760  MSCSPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0484 2760  MSCSPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0484 2760  MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0484 2760  MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0484 2760  PACSPTISVR ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0484 2760  PACSPTISVR ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0484 2760  PhotoshopElementsDeviceConnect ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0484 2760  PhotoshopElementsDeviceConnect ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0500 2760  PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0500 2760  PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0500 2760  RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0500 2760  RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0500 2760  S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0500 2760  S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0500 2760  s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0500 2760  s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0500 2760  SPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0500 2760  SPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0500 2760  SSScsiSV ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0500 2760  SSScsiSV ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0500 2760  VAIO Entertainment Aggregation and Control Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0500 2760  VAIO Entertainment Aggregation and Control Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0500 2760  VAIO Entertainment Task Scheduler ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0500 2760  VAIO Entertainment Task Scheduler ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0500 2760  VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0500 2760  VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0500 2760  VAIO Event Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0500 2760  VAIO Event Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0500 2760  VAIOMediaPlatform-IntegratedServer-AppServer ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0500 2760  VAIOMediaPlatform-IntegratedServer-AppServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0500 2760  VAIOMediaPlatform-IntegratedServer-HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0500 2760  VAIOMediaPlatform-IntegratedServer-HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0515 2760  VAIOMediaPlatform-IntegratedServer-UPnP ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0515 2760  VAIOMediaPlatform-IntegratedServer-UPnP ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0515 2760  VAIOMediaPlatform-Mobile-Gateway ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0515 2760  VAIOMediaPlatform-Mobile-Gateway ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0515 2760  VCI ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0515 2760  VCI ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0515 2760  VzCdbSvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0515 2760  VzCdbSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0515 2760  VzFw ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0515 2760  VzFw ( UnsignedFile.Multi.Generic ) - User select action: Skip
Ich hoffe, dass ich alles korrekt umgesetzt habe und du mit den Informationen etwas anfangen kannst.

Vielen Dank für dein Feedback !

Frank

flkor 25.11.2012 02:06
Hallo Cosinus,

zusätzliche Info: ich habe AVAST FREE ANIVIRUS anstelle von AVIRA installiert und einen Full Scan durchgeführt. Auch AVAST hat keinen Befund festgestellt. Das Problem habe ich aber immer noch und hoffe sehr, dass du mir helfen kannst.

Vielen Dank für dein Feedback

Frank

cosinus 26.11.2012 16:43
Mach bitte einen CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.

Code:
msconfig
netsvcs
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMROOT%\system32\drivers\*.sys /lockedfiles
%SYSTEMROOT%\System32\config\*.sav
%SYSTEMROOT%\*. /mp /s
%SYSTEMROOT%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

flkor 30.11.2012 19:48
Hi Cosinus,

your wish is my command... Ich hoffe, dass es in Ordnung ist:

OTL Logfile:
Code:
OTL logfile created on: 30.11.2012 19:26:02 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
510,42 Mb Total Physical Memory | 206,91 Mb Available Physical Memory | 40,54% Memory free
1,22 Gb Paging File | 0,95 Gb Available in Paging File | 78,23% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 32,60 Gb Total Space | 20,55 Gb Free Space | 63,03% Space Free | Partition Type: NTFS
Drive D: | 34,94 Gb Total Space | 22,59 Gb Free Space | 64,66% Space Free | Partition Type: NTFS
 
Computer Name: NOTEBOOK | User Name: Frank | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Sony\VAIO Update 5\VAIOUpdt.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Update Common\VUAgent.exe (Sony Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe (Sony Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
PRC - C:\Programme\Adobe\Acrobat 7.0\Distillr\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe ()
PRC - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe ()
PRC - C:\Programme\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\Apoint\ApntEx.exe (Alps Electric Co., Ltd.)
PRC - C:\WINDOWS\system32\ico.exe (Primax Electronics Ltd.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\AVAST Software\Avast\defs\12113000\algo.dll ()
MOD - C:\WINDOWS\system32\msjetoledb40.dll ()
MOD - C:\Programme\Sony\VAIO Event Service\VESBasePS.dll ()
MOD - C:\Programme\Adobe\Acrobat 7.0\Distillr\AdistRes.DEU ()
MOD - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe ()
MOD - C:\Programme\Adobe\Photoshop Elements 3.0\platform.dll ()
MOD - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe ()
 
 
========== Services (SafeList) ==========
 
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update Common\VUAgent.exe (Sony Corporation)
SRV - (VAIO Entertainment Task Scheduler) -- C:\Programme\Sony\VAIO Entertainment\VzTaskScheduler.exe (Sony Corporation)
SRV - (VAIO Entertainment Aggregation and Control Service) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VzFw) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-AppServer) -- C:\Programme\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-UPnP) -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-HTTP) -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-Mobile-Gateway) -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation)
SRV - (MSCSPTISRV) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (SSScsiSV) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation)
SRV - (VAIO Event Service) -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (Image Converter video recording monitor for VAIO Entertainment) -- C:\Programme\Sony\Image Converter 2\IcVzMon.exe (Sony Corporation)
SRV - (VCI) -- C:\Programme\Sony\VAIO Cooperated Initialisation\VCI_svc.exe (Sony Corporation)
SRV - (AdobeActiveFileMonitor) -- C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe ()
SRV - (PhotoshopElementsDeviceConnect) -- C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe ()
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WDICA) --  File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (lbrtfdc) --  File not found
DRV - (i2omgmt) --  File not found
DRV - (Changer) --  File not found
DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (AswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (tifmsony) -- C:\WINDOWS\system32\drivers\tifmsony.sys (Texas Instruments)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (w29n51) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation)
DRV - (LEX_AS_NIC_SERVICE_YNOS) -- C:\WINDOWS\system32\drivers\ExpasAG.sys (Atheros Communications, Inc.)
DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (DMICall) -- C:\WINDOWS\system32\drivers\DMICall.sys (Sony Corporation)
DRV - (SNC) -- C:\WINDOWS\system32\drivers\SonyNC.sys (Sony Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/de/
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/de/
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/de/
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/de/
 
IE - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/de/
IE - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Programme\AVAST Software\Avast\WebRep\FF [2012.11.24 15:10:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.11.11 14:25:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins
 
[2012.11.11 14:27:24 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Mozilla\Extensions
[2012.11.11 14:25:28 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.10.24 18:50:04 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.10.24 23:03:12 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.24 23:03:11 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.10.24 23:03:12 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.24 23:03:12 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.24 23:03:12 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.24 23:03:11 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2004.08.04 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avast] C:\Programme\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Programme\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SonyPowerCfg] C:\Programme\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [VAIO Update 5] C:\Programme\Sony\VAIO Update 5\VAIOUpdt.exe (Sony Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\Default User\Startmenü\Programme\Autostart\VAIO Launcher.lnk = C:\Programme\Sony\VAIO Launcher\Launcher.exe (Sony Corporation)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Google Search - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Ähnliche Seiten - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Im Cache gespeicherte Seite - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Verweisseiten - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_03\bin\NPJPI150_03.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Programme\Yahoo!\Messenger\YPager.exe (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Programme\Yahoo!\Messenger\YPager.exe (Yahoo! Inc.)
O15 - HKU\.DEFAULT\..Trusted Domains: sony-europe.com ([] in Lokales Intranet)
O15 - HKU\.DEFAULT\..Trusted Domains: sony-europe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sonystyle-europe.com ([] in Lokales Intranet)
O15 - HKU\.DEFAULT\..Trusted Domains: sonystyle-europe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\.DEFAULT\..Trusted Domains: vaio-link.com ([] in Lokales Intranet)
O15 - HKU\.DEFAULT\..Trusted Domains: vaio-link.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony-europe.com ([] in Lokales Intranet)
O15 - HKU\S-1-5-18\..Trusted Domains: sony-europe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sonystyle-europe.com ([] in Lokales Intranet)
O15 - HKU\S-1-5-18\..Trusted Domains: sonystyle-europe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-18\..Trusted Domains: vaio-link.com ([] in Lokales Intranet)
O15 - HKU\S-1-5-18\..Trusted Domains: vaio-link.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\..Trusted Domains: sony-europe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\..Trusted Domains: sonystyle-europe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\..Trusted Domains: vaio-link.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab (Java Plug-in 1.5.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF0C9646-5918-4994-9118-2A7FDF8E97A3}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\WINDOWS\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\VAIO Light Flo Wallpaper TrueColor 1280x800.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\VAIO Light Flo Wallpaper TrueColor 1280x800.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.07.13 11:03:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
 
NetSvcs: 6to4 -  File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
 
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.dvsd - C:\Programme\Gemeinsame Dateien\Sony Shared\VideoLib\sonydv.dll (Sony Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.24 15:14:34 | 000,021,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012.11.24 15:14:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\avast! Free Antivirus
[2012.11.24 15:14:33 | 000,361,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012.11.24 15:14:28 | 000,035,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012.11.24 15:14:27 | 000,054,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012.11.24 15:14:25 | 000,738,504 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012.11.24 15:14:21 | 000,097,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012.11.24 15:14:21 | 000,089,752 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012.11.24 15:14:18 | 000,025,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012.11.24 15:10:11 | 000,041,224 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012.11.24 15:10:03 | 000,227,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012.11.24 15:06:39 | 000,000,000 | ---D | C] -- C:\Programme\AVAST Software
[2012.11.24 15:06:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software
[2012.11.18 14:15:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2012.11.18 13:10:55 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.11.17 17:00:17 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012.11.17 16:52:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Malwarebytes
[2012.11.17 16:51:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.11.11 20:59:50 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012.11.11 17:24:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\Sun
[2012.11.11 17:15:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun
[2012.11.11 17:10:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Sun
[2012.11.11 17:04:23 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Frank\IETldCache
[2012.11.11 16:59:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2012.11.11 16:58:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2012.11.11 16:57:21 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012.11.11 14:39:53 | 000,000,000 | ---D | C] -- C:\Programme\MSXML 4.0
[2012.11.11 14:29:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Downloads
[2012.11.11 14:27:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\Mozilla
[2012.11.11 14:27:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Mozilla
[2012.11.11 14:26:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mozilla
[2012.11.11 14:26:06 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Maintenance Service
[2012.11.11 14:25:20 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2012.11.11 14:17:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2012.11.11 14:13:01 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Frank\UserData
[2012.11.11 14:12:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Macromedia
[2012.11.11 14:01:38 | 000,000,000 | ---D | C] -- C:\Update
[2012.11.11 14:01:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2012.11.11 12:57:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012.11.11 12:51:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-de
[2012.11.11 12:51:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2012.11.11 12:51:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de
[2012.11.11 12:51:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2012.11.11 12:49:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2012.11.11 12:47:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2012.11.11 12:43:32 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2012.11.11 12:43:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2012.11.11 12:27:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Click to DVD
[2012.11.11 12:25:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office
[2012.11.11 12:24:56 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DESIGNER
[2012.11.11 12:24:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2012.11.11 12:23:48 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012.11.11 12:23:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Works
[2012.11.11 12:22:50 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office
[2012.11.11 12:20:43 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Works
[2012.11.11 12:19:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\Adobe
[2012.11.11 12:18:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Adobe PDF
[2012.11.11 12:18:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VAIO Edit Components
[2012.11.11 12:17:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VAIO Launcher
[2012.11.11 12:16:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VAIO Zone
[2012.11.11 12:15:10 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft SQL Server
[2012.11.11 12:13:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\VAIO Media Platform
[2012.11.11 12:13:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VAIO Media
[2012.11.11 12:13:36 | 000,000,000 | ---D | C] -- C:\Programme\Moodlogic HTML
[2012.11.11 12:13:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MoodLogic
[2012.11.11 12:13:29 | 000,000,000 | ---D | C] -- C:\Programme\MoodLogic
[2012.11.11 12:12:37 | 000,061,440 | ---- | C] (QSound Labs, Inc.) -- C:\WINDOWS\System32\SonyAIwo.dll
[2012.11.11 12:12:37 | 000,052,736 | ---- | C] (QSound Labs, Inc.) -- C:\WINDOWS\System32\SonyAIds.dll
[2012.11.11 12:12:37 | 000,042,496 | ---- | C] (QSound Labs, Inc.) -- C:\WINDOWS\System32\SonyAIwd.dll
[2012.11.11 12:12:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\SonicStage Mastering Studio
[2012.11.11 12:11:55 | 000,757,760 | ---- | C] (Gracenote) -- C:\WINDOWS\System32\CDDBUI.dll
[2012.11.11 12:11:55 | 000,630,784 | ---- | C] (Gracenote (formerly CDDB, Inc.)) -- C:\WINDOWS\System32\CDDBControl.dll
[2012.11.11 12:11:55 | 000,110,592 | ---- | C] (Gracenote) -- C:\WINDOWS\System32\CddbLangDE.dll
[2012.11.11 12:11:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\SonicStage
[2012.11.11 12:11:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Skype
[2012.11.11 12:11:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\My Skype Pictures
[2012.11.11 12:11:20 | 000,000,000 | ---D | C] -- C:\Programme\Skype
[2012.11.11 12:09:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Roxio
[2012.11.11 12:09:54 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Sonic Shared
[2012.11.11 12:08:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PictureGear Studio
[2012.11.11 12:07:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\ImageConverter2
[2012.11.11 12:07:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Image Converter 2
[2012.11.11 12:07:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\DVgate Plus
[2012.11.11 12:06:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Memory Stick Utility
[2012.11.11 12:05:56 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Microsoft
[2012.11.11 12:05:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Identities
[2012.11.11 12:05:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Adobe
[2012.11.11 12:05:55 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Frank\SendTo
[2012.11.11 12:05:55 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Frank\Recent
[2012.11.11 12:05:55 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten
[2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Zubehör
[2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Startmenü
[2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Favoriten
[2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Eigene Musik
[2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien
[2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Eigene Bilder
[2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Autostart
[2012.11.11 12:05:55 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Frank\Cookies
[2012.11.11 12:05:55 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Frank\Vorlagen
[2012.11.11 12:05:55 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Frank\Netzwerkumgebung
[2012.11.11 12:05:55 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen
[2012.11.11 12:05:55 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Frank\Druckumgebung
[2012.11.11 12:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Symantec
[2012.11.11 12:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Sony Corporation
[2012.11.11 12:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2012.11.11 12:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Desktop
[2012.11.11 12:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\{3248F0A6-6813-11D6-A77B-00B0D0150030}
[2012.11.11 12:04:38 | 000,000,000 | ---D | C] -- C:\Programme\Programmverknüpfungen
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.30 19:01:21 | 000,000,306 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.11.30 19:00:11 | 000,022,745 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012.11.30 18:59:56 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.11.30 18:59:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.11.30 18:59:39 | 535,285,760 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.24 15:14:35 | 000,001,657 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk
[2012.11.24 15:14:23 | 000,003,001 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.11.18 14:02:30 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Frank\defogger_reenable
[2012.11.18 13:04:48 | 000,329,768 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.11.18 13:04:47 | 000,339,804 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.11.18 13:04:47 | 000,058,692 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.11.18 13:04:47 | 000,047,874 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.11.18 12:43:12 | 000,267,800 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.11.18 11:46:41 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.11.17 17:00:17 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012.11.11 14:26:23 | 000,000,700 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2012.11.11 12:57:53 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012.11.11 12:47:00 | 000,251,712 | RHS- | M] () -- C:\ntldr
[2012.11.11 12:29:15 | 000,001,428 | ---- | M] () -- C:\WINDOWS\System32\SNYSPLST.OEM
[2012.11.11 12:29:15 | 000,000,028 | ---- | M] () -- C:\WINDOWS\System32\SNYINST.OEM
[2012.11.11 12:29:10 | 000,033,738 | ---- | M] () -- C:\WINDOWS\System32\Snyres.oem
[2012.11.11 12:26:20 | 000,000,400 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2012.11.11 12:10:37 | 000,000,056 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2012.11.11 12:04:50 | 000,000,164 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012.11.11 12:04:46 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2012.11.11 12:04:46 | 000,000,000 | RH-- | M] () -- C:\WINDOWS\System32\drivers\Sony_VGN-FS315M.mrk
[2012.11.10 15:01:00 | 104,044,560 | ---- | M] () -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\avira_free_antivirus_de.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.11.24 15:14:35 | 000,001,657 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk
[2012.11.24 15:14:27 | 000,000,306 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.11.18 14:02:30 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\defogger_reenable
[2012.11.11 18:39:53 | 535,285,760 | -HS- | C] () -- C:\hiberfil.sys
[2012.11.11 14:31:15 | 000,000,940 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VAIO Update.lnk
[2012.11.11 14:28:09 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.11.11 14:28:09 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012.11.11 14:26:23 | 000,000,700 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2012.11.11 14:26:20 | 000,000,706 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk
[2012.11.11 14:08:18 | 104,044,560 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\avira_free_antivirus_de.exe
[2012.11.11 12:47:21 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2012.11.11 12:47:21 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2012.11.11 12:47:20 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2012.11.11 12:26:24 | 000,000,845 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Microsoft Office 2003 Editionen 60-Tage-Testversion.lnk
[2012.11.11 12:26:20 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2012.11.11 12:23:03 | 000,001,767 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office PowerPoint Viewer 2003.lnk
[2012.11.11 12:23:03 | 000,001,683 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Works-Start.lnk
[2012.11.11 12:19:53 | 000,001,811 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Acrobat Professional Installer.lnk
[2012.11.11 12:18:40 | 000,001,826 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Acrobat 7.0 Elements.lnk
[2012.11.11 12:10:37 | 000,000,056 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2012.11.11 12:09:06 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2012.11.11 12:05:57 | 000,001,599 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Remoteunterstützung.lnk
[2012.11.11 12:05:57 | 000,000,787 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Internet Explorer.lnk
[2012.11.11 12:05:57 | 000,000,776 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Windows Media Player.lnk
[2012.11.11 12:05:57 | 000,000,722 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Outlook Express.lnk
[2012.11.11 12:04:46 | 000,000,000 | RH-- | C] () -- C:\WINDOWS\System32\drivers\Sony_VGN-FS315M.mrk
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012.08.30 21:28:07 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 07:52:34 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012.11.24 15:06:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2005.07.13 14:34:50 | 000,000,000 | ---D | M] -- C:\Documentation
[2012.11.11 12:05:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen
[2005.07.22 15:39:15 | 000,000,000 | ---D | M] -- C:\Drivers
[2012.11.11 12:23:48 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2012.11.24 15:27:15 | 000,000,000 | R--D | M] -- C:\Programme
[2012.11.30 19:18:24 | 000,000,000 | -HSD | M] -- C:\RECYCLER
[2012.11.11 12:04:52 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.11.11 14:35:14 | 000,000,000 | ---D | M] -- C:\Update
[2012.11.24 15:10:11 | 000,000,000 | ---D | M] -- C:\WINDOWS
[2012.11.18 13:10:55 | 000,000,000 | ---D | M] -- C:\_OTL
 
< %ALLUSERSPROFILE%\Application Data\*. >
[2005.07.13 14:36:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Application Data\Adobe
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.11.11 17:42:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Adobe
[2005.07.13 11:03:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Identities
[2012.11.11 14:12:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Macromedia
[2012.11.17 16:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Malwarebytes
[2005.07.13 14:52:03 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Microsoft
[2012.11.11 14:27:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Mozilla
[2012.11.11 14:07:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Sony Corporation
[2012.11.11 17:10:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Sun
[2005.07.13 14:39:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Symantec
 
< %APPDATA%\*.exe /s >
 
< %SYSTEMROOT%\system32\drivers\*.sys /lockedfiles >
 
< %SYSTEMROOT%\System32\config\*.sav >
[2005.07.13 12:55:07 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2005.07.13 12:55:07 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2005.07.13 12:55:07 | 000,421,888 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
 
< %SYSTEMROOT%\*. /mp /s >
 
< %SYSTEMROOT%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< End of report >
--- --- ---

[/CODE]

Vielen Dank für deine Prüfung :crazy:

Gruss

FLKOR

cosinus 30.11.2012 21:36
Ist sehr unauffällig

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)

flkor 01.12.2012 00:17
Hi Cosinus,

vielen Dank für die schnelle Antwort. Hier das Ergebnis des Scans mit ADWCLEANER:

Code:
# AdwCleaner v2.010 - Datei am 01/12/2012 um 00:05:47 erstellt
# Aktualisiert am 29/11/2012 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : Frank - NOTEBOOK
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Downloads\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKLM\Software\Description

***** [Internet Browser] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Die Registrierungsdatenbank ist sauber.

*************************

AdwCleaner[R1].txt - [649 octets] - [01/12/2012 00:05:47]

########## EOF - C:\AdwCleaner[R1].txt - [708 octets] ##########
Ich hoffe, das Ergebnis bringt dich weiter...

Vielen Dank

Frank

cosinus 01.12.2012 00:34
Du bist fast clean lt. adwCleaner beim ersten Mal :D das ist sehr selten ;)

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.

flkor 01.12.2012 13:52
Hi Cosinus,

hier die Protokolle:

1. AdwCleaner

Code:
# AdwCleaner v2.010 - Datei am 01/12/2012 um 12:02:57 erstellt
# Aktualisiert am 29/11/2012 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : Frank - NOTEBOOK
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKLM\Software\Description

***** [Internet Browser] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Die Registrierungsdatenbank ist sauber.

*************************

AdwCleaner[R1].txt - [776 octets] - [01/12/2012 00:05:47]
AdwCleaner[S1].txt - [710 octets] - [01/12/2012 12:02:57]

########## EOF - C:\AdwCleaner[S1].txt - [769 octets] ##########
2. OTL

OTL Logfile:
Code:
OTL logfile created on: 01.12.2012 12:17:22 - Run 2
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
510,42 Mb Total Physical Memory | 134,99 Mb Available Physical Memory | 26,45% Memory free
1,22 Gb Paging File | 0,85 Gb Available in Paging File | 69,91% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 32,60 Gb Total Space | 20,35 Gb Free Space | 62,42% Space Free | Partition Type: NTFS
Drive D: | 34,94 Gb Total Space | 22,59 Gb Free Space | 64,66% Space Free | Partition Type: NTFS
 
Computer Name: NOTEBOOK | User Name: Frank | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Sony\VAIO Update 5\VAIOUpdt.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Update Common\VUAgent.exe (Sony Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe (Sony Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
PRC - C:\Programme\Adobe\Acrobat 7.0\Distillr\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe ()
PRC - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe ()
PRC - C:\Programme\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\Apoint\ApntEx.exe (Alps Electric Co., Ltd.)
PRC - C:\WINDOWS\system32\ico.exe (Primax Electronics Ltd.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\AVAST Software\Avast\defs\12113001\algo.dll ()
MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\WINDOWS\system32\msjetoledb40.dll ()
MOD - C:\Programme\Sony\VAIO Event Service\VESBasePS.dll ()
MOD - C:\Programme\Adobe\Acrobat 7.0\Distillr\AdistRes.DEU ()
MOD - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe ()
MOD - C:\Programme\Adobe\Photoshop Elements 3.0\platform.dll ()
MOD - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe ()
 
 
========== Services (SafeList) ==========
 
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update Common\VUAgent.exe (Sony Corporation)
SRV - (VAIO Entertainment Task Scheduler) -- C:\Programme\Sony\VAIO Entertainment\VzTaskScheduler.exe (Sony Corporation)
SRV - (VAIO Entertainment Aggregation and Control Service) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VzFw) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-AppServer) -- C:\Programme\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-UPnP) -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-HTTP) -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-Mobile-Gateway) -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation)
SRV - (MSCSPTISRV) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (SSScsiSV) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation)
SRV - (VAIO Event Service) -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (Image Converter video recording monitor for VAIO Entertainment) -- C:\Programme\Sony\Image Converter 2\IcVzMon.exe (Sony Corporation)
SRV - (VCI) -- C:\Programme\Sony\VAIO Cooperated Initialisation\VCI_svc.exe (Sony Corporation)
SRV - (AdobeActiveFileMonitor) -- C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe ()
SRV - (PhotoshopElementsDeviceConnect) -- C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe ()
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WDICA) --  File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (lbrtfdc) --  File not found
DRV - (i2omgmt) --  File not found
DRV - (Changer) --  File not found
DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (AswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (tifmsony) -- C:\WINDOWS\system32\drivers\tifmsony.sys (Texas Instruments)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (w29n51) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation)
DRV - (LEX_AS_NIC_SERVICE_YNOS) -- C:\WINDOWS\system32\drivers\ExpasAG.sys (Atheros Communications, Inc.)
DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (DMICall) -- C:\WINDOWS\system32\drivers\DMICall.sys (Sony Corporation)
DRV - (SNC) -- C:\WINDOWS\system32\drivers\SonyNC.sys (Sony Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/de/
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/de/
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/de/
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/de/
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/de/
IE - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Programme\AVAST Software\Avast\WebRep\FF [2012.11.24 15:10:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.11.11 14:25:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins
 
[2012.11.11 14:27:24 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Mozilla\Extensions
[2012.11.11 14:25:28 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.10.24 18:50:04 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.10.24 23:03:12 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.24 23:03:11 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.10.24 23:03:12 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.24 23:03:12 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.24 23:03:12 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.24 23:03:11 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2004.08.04 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avast] C:\Programme\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Programme\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SonyPowerCfg] C:\Programme\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [VAIO Update 5] C:\Programme\Sony\VAIO Update 5\VAIOUpdt.exe (Sony Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\Default User\Startmenü\Programme\Autostart\VAIO Launcher.lnk = C:\Programme\Sony\VAIO Launcher\Launcher.exe (Sony Corporation)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Google Search - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Ähnliche Seiten - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Im Cache gespeicherte Seite - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Verweisseiten - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_03\bin\NPJPI150_03.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Programme\Yahoo!\Messenger\YPager.exe (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Programme\Yahoo!\Messenger\YPager.exe (Yahoo! Inc.)
O15 - HKU\.DEFAULT\..Trusted Domains: sony-europe.com ([] in Lokales Intranet)
O15 - HKU\.DEFAULT\..Trusted Domains: sony-europe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sonystyle-europe.com ([] in Lokales Intranet)
O15 - HKU\.DEFAULT\..Trusted Domains: sonystyle-europe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\.DEFAULT\..Trusted Domains: vaio-link.com ([] in Lokales Intranet)
O15 - HKU\.DEFAULT\..Trusted Domains: vaio-link.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony-europe.com ([] in Lokales Intranet)
O15 - HKU\S-1-5-18\..Trusted Domains: sony-europe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sonystyle-europe.com ([] in Lokales Intranet)
O15 - HKU\S-1-5-18\..Trusted Domains: sonystyle-europe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-18\..Trusted Domains: vaio-link.com ([] in Lokales Intranet)
O15 - HKU\S-1-5-18\..Trusted Domains: vaio-link.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\..Trusted Domains: sony-europe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\..Trusted Domains: sonystyle-europe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\..Trusted Domains: vaio-link.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab (Java Plug-in 1.5.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF0C9646-5918-4994-9118-2A7FDF8E97A3}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\WINDOWS\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\VAIO Light Flo Wallpaper TrueColor 1280x800.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\VAIO Light Flo Wallpaper TrueColor 1280x800.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.07.13 11:03:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.24 15:14:34 | 000,021,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012.11.24 15:14:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\avast! Free Antivirus
[2012.11.24 15:14:33 | 000,361,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012.11.24 15:14:28 | 000,035,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012.11.24 15:14:27 | 000,054,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012.11.24 15:14:25 | 000,738,504 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012.11.24 15:14:21 | 000,097,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012.11.24 15:14:21 | 000,089,752 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012.11.24 15:14:18 | 000,025,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012.11.24 15:10:11 | 000,041,224 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012.11.24 15:10:03 | 000,227,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012.11.24 15:06:39 | 000,000,000 | ---D | C] -- C:\Programme\AVAST Software
[2012.11.24 15:06:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software
[2012.11.18 14:15:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2012.11.18 13:42:20 | 000,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2012.11.18 13:10:55 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.11.17 17:00:17 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012.11.17 16:52:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Malwarebytes
[2012.11.17 16:51:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.11.11 20:59:50 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012.11.11 17:24:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\Sun
[2012.11.11 17:15:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun
[2012.11.11 17:14:57 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012.11.11 17:14:57 | 000,746,984 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2012.11.11 17:14:57 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012.11.11 17:14:56 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012.11.11 17:14:47 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.11.11 17:14:47 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.11.11 17:14:47 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012.11.11 17:10:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Sun
[2012.11.11 17:04:23 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Frank\IETldCache
[2012.11.11 17:00:53 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2012.11.11 16:59:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2012.11.11 16:59:17 | 002,000,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2012.11.11 16:59:17 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2012.11.11 16:59:17 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2012.11.11 16:59:16 | 011,111,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2012.11.11 16:59:16 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2012.11.11 16:58:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2012.11.11 16:57:21 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012.11.11 16:32:22 | 000,697,272 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.11.11 16:32:21 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.11.11 16:26:42 | 000,273,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2012.11.11 16:25:31 | 000,954,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40.dll
[2012.11.11 16:25:31 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2012.11.11 16:24:59 | 000,456,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2012.11.11 16:24:43 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2012.11.11 16:24:22 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2012.11.11 16:23:09 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2012.11.11 16:22:38 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2012.11.11 16:21:36 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2012.11.11 16:21:36 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2012.11.11 14:40:38 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2012.11.11 14:39:53 | 000,000,000 | ---D | C] -- C:\Programme\MSXML 4.0
[2012.11.11 14:38:51 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2012.11.11 14:31:46 | 000,138,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\afd.sys
[2012.11.11 14:31:44 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2012.11.11 14:31:22 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2012.11.11 14:30:35 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2012.11.11 14:29:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Downloads
[2012.11.11 14:28:46 | 002,151,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2012.11.11 14:28:45 | 002,030,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2012.11.11 14:28:44 | 002,195,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2012.11.11 14:28:39 | 002,071,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2012.11.11 14:28:12 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2012.11.11 14:28:04 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\packager.exe
[2012.11.11 14:27:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\Mozilla
[2012.11.11 14:27:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Mozilla
[2012.11.11 14:26:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mozilla
[2012.11.11 14:26:06 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Maintenance Service
[2012.11.11 14:25:20 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2012.11.11 14:23:56 | 018,090,960 | ---- | C] (Mozilla) -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Firefox_Setup_16.0.2.exe
[2012.11.11 14:23:48 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2012.11.11 14:21:41 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2012.11.11 14:21:29 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll
[2012.11.11 14:17:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2012.11.11 14:13:01 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Frank\UserData
[2012.11.11 14:12:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Macromedia
[2012.11.11 14:09:09 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2012.11.11 14:09:00 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2012.11.11 14:08:21 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2012.11.11 14:07:49 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cabview.dll
[2012.11.11 14:01:38 | 000,000,000 | ---D | C] -- C:\Update
[2012.11.11 14:01:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2012.11.11 12:57:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012.11.11 12:51:50 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2012.11.11 12:51:50 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2012.11.11 12:51:50 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2012.11.11 12:51:45 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2012.11.11 12:51:45 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2012.11.11 12:51:45 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2012.11.11 12:51:45 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2012.11.11 12:51:45 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2012.11.11 12:51:45 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2012.11.11 12:51:45 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2012.11.11 12:51:45 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2012.11.11 12:51:45 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2012.11.11 12:51:45 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2012.11.11 12:51:45 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2012.11.11 12:51:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2012.11.11 12:51:44 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2012.11.11 12:51:44 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2012.11.11 12:51:44 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2012.11.11 12:51:44 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2012.11.11 12:51:44 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2012.11.11 12:51:44 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2012.11.11 12:51:43 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2012.11.11 12:51:43 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2012.11.11 12:51:43 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2012.11.11 12:51:43 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2012.11.11 12:51:43 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2012.11.11 12:51:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2012.11.11 12:51:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2012.11.11 12:51:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2012.11.11 12:51:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2012.11.11 12:51:41 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2012.11.11 12:51:41 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2012.11.11 12:51:41 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2012.11.11 12:51:41 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2012.11.11 12:51:41 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2012.11.11 12:51:41 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2012.11.11 12:51:41 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2012.11.11 12:51:40 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2012.11.11 12:51:40 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2012.11.11 12:51:40 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2012.11.11 12:51:40 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2012.11.11 12:51:40 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2012.11.11 12:51:40 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2012.11.11 12:51:40 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2012.11.11 12:51:39 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2012.11.11 12:51:39 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2012.11.11 12:51:39 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2012.11.11 12:51:39 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2012.11.11 12:51:39 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2012.11.11 12:51:39 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2012.11.11 12:51:39 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2012.11.11 12:51:39 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2012.11.11 12:51:38 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2012.11.11 12:51:38 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2012.11.11 12:51:37 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2012.11.11 12:51:37 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2012.11.11 12:51:37 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2012.11.11 12:51:37 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2012.11.11 12:51:35 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2012.11.11 12:51:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-de
[2012.11.11 12:51:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2012.11.11 12:51:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de
[2012.11.11 12:51:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2012.11.11 12:49:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2012.11.11 12:47:23 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2012.11.11 12:47:23 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2012.11.11 12:47:23 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2012.11.11 12:47:23 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2012.11.11 12:47:23 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2012.11.11 12:47:23 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2012.11.11 12:47:23 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2012.11.11 12:47:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2012.11.11 12:47:22 | 000,701,952 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2012.11.11 12:47:22 | 000,327,168 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2012.11.11 12:47:22 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2012.11.11 12:47:22 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2012.11.11 12:47:22 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2012.11.11 12:47:22 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2012.11.11 12:47:22 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2012.11.11 12:47:22 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2012.11.11 12:47:22 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2012.11.11 12:47:22 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2012.11.11 12:47:22 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2012.11.11 12:47:22 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2012.11.11 12:47:22 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2012.11.11 12:47:22 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2012.11.11 12:47:22 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2012.11.11 12:47:22 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2012.11.11 12:47:22 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2012.11.11 12:47:22 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2012.11.11 12:47:22 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2012.11.11 12:47:22 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2012.11.11 12:47:21 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2012.11.11 12:47:21 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2012.11.11 12:47:21 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2012.11.11 12:47:21 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2012.11.11 12:47:21 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2012.11.11 12:47:21 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2012.11.11 12:47:21 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2012.11.11 12:47:21 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2012.11.11 12:47:21 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2012.11.11 12:47:20 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2012.11.11 12:47:20 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2012.11.11 12:47:20 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2012.11.11 12:47:20 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2012.11.11 12:47:19 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2012.11.11 12:47:19 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2012.11.11 12:47:19 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2012.11.11 12:47:19 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2012.11.11 12:47:19 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2012.11.11 12:47:19 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2012.11.11 12:47:19 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2012.11.11 12:47:19 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2012.11.11 12:47:19 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2012.11.11 12:47:19 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2012.11.11 12:47:19 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2012.11.11 12:47:18 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2012.11.11 12:47:18 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2012.11.11 12:47:18 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2012.11.11 12:47:18 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2012.11.11 12:47:18 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2012.11.11 12:47:18 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2012.11.11 12:43:32 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2012.11.11 12:43:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2012.11.11 12:38:59 | 328,324,136 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\WindowsXP-KB936929-SP3-x86-DEU.exe
[2012.11.11 12:27:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Click to DVD
[2012.11.11 12:26:09 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll
[2012.11.11 12:25:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office
[2012.11.11 12:24:56 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DESIGNER
[2012.11.11 12:24:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2012.11.11 12:23:48 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012.11.11 12:23:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Works
[2012.11.11 12:22:50 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office
[2012.11.11 12:20:43 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Works
[2012.11.11 12:19:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\Adobe
[2012.11.11 12:18:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Adobe PDF
[2012.11.11 12:18:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VAIO Edit Components
[2012.11.11 12:17:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VAIO Launcher
[2012.11.11 12:16:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VAIO Zone
[2012.11.11 12:15:28 | 000,033,340 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbmsqlgc.dll
[2012.11.11 12:15:28 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbmsgnet.dll
[2012.11.11 12:15:25 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe
[2012.11.11 12:15:10 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft SQL Server
[2012.11.11 12:13:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\VAIO Media Platform
[2012.11.11 12:13:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VAIO Media
[2012.11.11 12:13:36 | 000,000,000 | ---D | C] -- C:\Programme\Moodlogic HTML
[2012.11.11 12:13:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MoodLogic
[2012.11.11 12:13:29 | 000,000,000 | ---D | C] -- C:\Programme\MoodLogic
[2012.11.11 12:12:37 | 000,061,440 | ---- | C] (QSound Labs, Inc.) -- C:\WINDOWS\System32\SonyAIwo.dll
[2012.11.11 12:12:37 | 000,052,736 | ---- | C] (QSound Labs, Inc.) -- C:\WINDOWS\System32\SonyAIds.dll
[2012.11.11 12:12:37 | 000,042,496 | ---- | C] (QSound Labs, Inc.) -- C:\WINDOWS\System32\SonyAIwd.dll
[2012.11.11 12:12:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\SonicStage Mastering Studio
[2012.11.11 12:11:55 | 000,757,760 | ---- | C] (Gracenote) -- C:\WINDOWS\System32\CDDBUI.dll
[2012.11.11 12:11:55 | 000,630,784 | ---- | C] (Gracenote (formerly CDDB, Inc.)) -- C:\WINDOWS\System32\CDDBControl.dll
[2012.11.11 12:11:55 | 000,110,592 | ---- | C] (Gracenote) -- C:\WINDOWS\System32\CddbLangDE.dll
[2012.11.11 12:11:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\SonicStage
[2012.11.11 12:11:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Skype
[2012.11.11 12:11:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\My Skype Pictures
[2012.11.11 12:11:20 | 000,000,000 | ---D | C] -- C:\Programme\Skype
[2012.11.11 12:09:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Roxio
[2012.11.11 12:09:54 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Sonic Shared
[2012.11.11 12:09:09 | 002,981,888 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\iplw7.dll
[2012.11.11 12:09:08 | 002,502,656 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\iplpx.dll
[2012.11.11 12:09:07 | 002,785,280 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\iplm6.dll
[2012.11.11 12:09:07 | 002,686,976 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\iplm5.dll
[2012.11.11 12:09:07 | 002,531,328 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\iplp6.dll
[2012.11.11 12:09:06 | 002,973,696 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ipla6.dll
[2012.11.11 12:09:06 | 000,053,248 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ipl.dll
[2012.11.11 12:08:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PictureGear Studio
[2012.11.11 12:07:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\ImageConverter2
[2012.11.11 12:07:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Image Converter 2
[2012.11.11 12:07:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\DVgate Plus
[2012.11.11 12:06:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Memory Stick Utility
[2012.11.11 12:05:56 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Microsoft
[2012.11.11 12:05:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Identities
[2012.11.11 12:05:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Adobe
[2012.11.11 12:05:55 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Frank\SendTo
[2012.11.11 12:05:55 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Frank\Recent
[2012.11.11 12:05:55 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten
[2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Zubehör
[2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Startmenü
[2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Favoriten
[2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Eigene Musik
[2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien
[2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Eigene Bilder
[2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Autostart
[2012.11.11 12:05:55 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Frank\Cookies
[2012.11.11 12:05:55 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Frank\Vorlagen
[2012.11.11 12:05:55 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Frank\Netzwerkumgebung
[2012.11.11 12:05:55 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen
[2012.11.11 12:05:55 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Frank\Druckumgebung
[2012.11.11 12:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Symantec
[2012.11.11 12:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Sony Corporation
[2012.11.11 12:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2012.11.11 12:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Desktop
[2012.11.11 12:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\{3248F0A6-6813-11D6-A77B-00B0D0150030}
[2012.11.11 12:04:38 | 000,000,000 | ---D | C] -- C:\Programme\Programmverknüpfungen
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.12.01 12:09:01 | 000,000,306 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.12.01 12:07:16 | 000,022,745 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012.12.01 12:06:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.12.01 12:06:35 | 535,285,760 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.30 18:59:56 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.11.24 15:14:35 | 000,001,657 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk
[2012.11.24 15:14:23 | 000,003,001 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.11.18 14:02:30 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Frank\defogger_reenable
[2012.11.18 13:04:48 | 000,329,768 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.11.18 13:04:47 | 000,339,804 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.11.18 13:04:47 | 000,058,692 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.11.18 13:04:47 | 000,047,874 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.11.18 12:43:12 | 000,267,800 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.11.18 11:46:41 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.11.17 17:00:17 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012.11.11 17:14:33 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012.11.11 17:14:27 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012.11.11 17:14:27 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2012.11.11 17:14:27 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012.11.11 17:14:27 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.11.11 17:14:27 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.11.11 17:14:27 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012.11.11 16:32:22 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.11.11 16:32:21 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.11.11 14:26:23 | 000,000,700 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2012.11.11 14:24:35 | 018,090,960 | ---- | M] (Mozilla) -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Firefox_Setup_16.0.2.exe
[2012.11.11 12:57:53 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012.11.11 12:47:00 | 000,251,712 | RHS- | M] () -- C:\ntldr
[2012.11.11 12:29:15 | 000,001,428 | ---- | M] () -- C:\WINDOWS\System32\SNYSPLST.OEM
[2012.11.11 12:29:15 | 000,000,028 | ---- | M] () -- C:\WINDOWS\System32\SNYINST.OEM
[2012.11.11 12:29:10 | 000,033,738 | ---- | M] () -- C:\WINDOWS\System32\Snyres.oem
[2012.11.11 12:26:20 | 000,000,400 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2012.11.11 12:10:37 | 000,000,056 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2012.11.11 12:04:50 | 000,000,164 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012.11.11 12:04:46 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2012.11.11 12:04:46 | 000,000,000 | RH-- | M] () -- C:\WINDOWS\System32\drivers\Sony_VGN-FS315M.mrk
[2012.11.10 15:01:00 | 104,044,560 | ---- | M] () -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\avira_free_antivirus_de.exe
[2012.11.10 14:28:30 | 328,324,136 | ---- | M] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\WindowsXP-KB936929-SP3-x86-DEU.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.11.24 15:14:35 | 000,001,657 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk
[2012.11.24 15:14:27 | 000,000,306 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.11.18 14:02:30 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\defogger_reenable
[2012.11.11 18:39:53 | 535,285,760 | -HS- | C] () -- C:\hiberfil.sys
[2012.11.11 14:31:15 | 000,000,940 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VAIO Update.lnk
[2012.11.11 14:28:09 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.11.11 14:28:09 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012.11.11 14:26:23 | 000,000,700 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2012.11.11 14:26:20 | 000,000,706 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk
[2012.11.11 14:08:18 | 104,044,560 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\avira_free_antivirus_de.exe
[2012.11.11 12:47:21 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2012.11.11 12:47:21 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2012.11.11 12:47:20 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2012.11.11 12:26:24 | 000,000,845 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Microsoft Office 2003 Editionen 60-Tage-Testversion.lnk
[2012.11.11 12:26:20 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2012.11.11 12:23:03 | 000,001,767 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office PowerPoint Viewer 2003.lnk
[2012.11.11 12:23:03 | 000,001,683 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Works-Start.lnk
[2012.11.11 12:19:53 | 000,001,811 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Acrobat Professional Installer.lnk
[2012.11.11 12:18:40 | 000,001,826 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Acrobat 7.0 Elements.lnk
[2012.11.11 12:10:37 | 000,000,056 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2012.11.11 12:09:06 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2012.11.11 12:05:57 | 000,001,599 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Remoteunterstützung.lnk
[2012.11.11 12:05:57 | 000,000,787 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Internet Explorer.lnk
[2012.11.11 12:05:57 | 000,000,776 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Windows Media Player.lnk
[2012.11.11 12:05:57 | 000,000,722 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Outlook Express.lnk
[2012.11.11 12:04:46 | 000,000,000 | RH-- | C] () -- C:\WINDOWS\System32\drivers\Sony_VGN-FS315M.mrk
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012.08.30 21:28:07 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 07:52:34 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
--- --- ---

[/CODE]

OTL Logfile:
Code:
OTL Extras logfile created on: 01.12.2012 12:17:22 - Run 2
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
510,42 Mb Total Physical Memory | 134,99 Mb Available Physical Memory | 26,45% Memory free
1,22 Gb Paging File | 0,85 Gb Available in Paging File | 69,91% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 32,60 Gb Total Space | 20,35 Gb Free Space | 62,42% Space Free | Partition Type: NTFS
Drive D: | 34,94 Gb Total Space | 22,59 Gb Free Space | 64,66% Space Free | Partition Type: NTFS
 
Computer Name: NOTEBOOK | User Name: Frank | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
[HKEY_USERS\S-1-5-21-4280729442-2380449788-443276291-1006\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Yahoo!\Messenger\YPager.exe" = C:\Programme\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Programme\Yahoo!\Messenger\YServer.exe" = C:\Programme\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- (Yahoo! Inc.)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- ()
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{013E1BA8-C815-4E27-BCB9-D6B1B2E24094}" = SonicStage Mastering Studio Audio Filter Custom Preset
"{01AE599F-7B72-4135-8C56-9191F4ACBA88}" = VAIO Edit Components
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony MP4 Shared Library
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio DigitalMedia Data
"{169C78C0-8C32-4CA1-9602-D8E998ECE96A}" = VAIO Original Screen Saver VAIO Scene HD Wide Contents
"{1A91D1FA-B9B3-4556-9878-5C61059A19B2}" = InterVideo WinDVDX
"{1BEF9285-5530-426B-A5F1-5836B95C7EB1}" = VAIO Original Screen Saver
"{1EB317D8-8945-4FD6-B37F-DF470317C6AB}" = VAIO Media 4.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{25CF0627-2EF6-4FCE-A0DE-7D6350C774B2}" = VAIO Original Screen Saver VAIO Scene HD Normal Contents
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{27337663-2619-11D4-99DC-0000F49094C7}" = Memory Stick Formatter
"{28DA872A-0848-48CF-B749-19A198157A2A}" = mDriver
"{29999594-B540-4C88-A8D3-C99CA43809FC}" = Image Converter 2
"{3248F0A8-6813-11D6-A77B-00B0D0150030}" = J2SE Runtime Environment 5.0 Update 3
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51735133-A296-4EB0-BF16-AD93B55BD000}" = VAIO Original Screen Saver VAIO Motion SD Wide Contents
"{531C0C3A-7112-4986-8222-5778FB547D81}" = VAIO Original Screen Saver VAIO Motion HD Normal Contents
"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{61D6E4FB-1A62-4EB1-BE56-929B00C155CF}" = Wireless LAN Starter
"{639BB4D3-AA30-4A7B-8CB5-6DE681AD6659}" = VAIO Light Flo Wallpaper
"{668B1BD6-4593-4959-970E-249AFFE6F35C}" = VOR
"{685BCC47-B8EC-45EC-BBCE-77DF2451502C}" = DVgate Plus
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{71249EFF-EFAB-48A0-B967-630F4E70BBC3}" = VAIO Original Screen Saver VAIO Scene SD Normal Contents
"{7128C69B-8F7E-4336-8698-3FD3CDD955EC}" = VAIO Media Redistribution 4.0
"{7998F67D-655B-42E3-B651-18D96DD17268}" = Adobe Premiere Standard
"{7A79D11B-FD82-4A5E-834F-20173515DD14}" = VAIO Media Integrated Server 4.2
"{805BC1AB-46C5-438C-BCB7-537A1A32290C}" = VAIO Original Screen Saver VAIO Motion SD Normal Contents
"{849ABF1A-6AE3-45E1-B260-D5447B2F29F5}" = OpenMG Secure Module 4.2.00
"{851C67EF-068A-4060-9EF5-2E3DDCD68382}" = Adobe Photoshop Elements 3.0
"{88DA0A52-3372-4803-971A-ADFB961707E8}" = PictureGear Studio 2.0
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{9080C5D2-82FA-452A-87FA-CBB4B05D67A5}" = VPS
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for VAIO
"{91CA0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management
"{9E407618-D9CD-4F39-9490-9ED45294073D}" = Click to DVD 2.0.03 Menu Data
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 3.2
"{A43F939E-A863-433D-AC78-0897E44CFEB2}" = VAIO Launcher
"{AB467B85-4F52-48C2-AEED-0673D00417B0}" = SonicStage Mastering Studio Audio Filter
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio DigitalMedia Audio
"{AC76BA86-7AD7-1031-7B44-A70000000000}" = Adobe Reader 7.0 - Deutsch
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 4.0
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio DigitalMedia Copy
"{B26E3B0D-C2FA-4370-B068-7C476766F029}" = Microsoft Works
"{BBD4DAC9-DF99-48CA-8F62-AE6F2BD47063}" = VAIO Original Screen Saver VAIO Motion HD Wide Contents
"{BBFFB027-7D53-4E1B-95BC-35A2216D1D60}" = VAIO Long Battery Life Wallpaper
"{BE56FEF0-1A0F-4719-B3AD-34B5087AFA6D}" = Sony Video Shared Library
"{BF3B304B-8A18-452D-A19F-6012CA8418D7}" = SonicStage Mastering Studio 1.4
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D917FD82-6CE5-489A-AAF8-C701AAC85C4D}" = VAIO Entertainment Platform
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (VAIO_VEDB)
"{E365AAB7-F160-4E2F-ACAC-28D487ACF47D}" = VAIO Original Screen Saver VAIO Scene SD Wide Contents
"{E4715C25-7114-4F40-A915-C1951D4D7520}" = VAIO Update Merge Module x86
"{E5E6E687-1031-0000-0000-000000000002}" = Adobe Acrobat  7.0 Elements - Deutsch
"{E809063C-51A3-4269-8984-D1EB742F2151}" = Click to DVD 2.4.10
"{ED8D39F2-7FFA-45EC-B148-EF2472955BB4}" = VAIO Zone
"{EE7EB179-5AA2-4B28-AC92-5CBAAF82BA7F}" = SonicStage Mastering Studio Plugins
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FC37C108-821D-4EDE-8F40-D5B497586805}" = VAIO Control Center
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}" = LAN-Express AS IEEE 802.11 Wireless LAN
"Adobe Acrobat  7.0 Elements - Deutsch" = Adobe Acrobat  7.0 Elements - Deutsch
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030003" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"ie8" = Windows Internet Explorer 8
"InstallShield_{668B1BD6-4593-4959-970E-249AFFE6F35C}" = VAIO-Online-Registrierung (Deutsch)
"InstallShield_{849ABF1A-6AE3-45E1-B260-D5447B2F29F5}" = OpenMG Secure Module 4.2.00
"InstallShield_{9080C5D2-82FA-452A-87FA-CBB4B05D67A5}" = VAIO Product Survey
"MoodLogic" = MoodLogic
"MouseSuite98" = Sony USB Mouse
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel(R) PROSet/Wireless Software
"PROSet" = Intel(R) PRO Network Connections Drivers
"Skype_is1" = Skype 1.3
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"Yahoo! Messenger" = Yahoo! Messenger
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 11.11.2012 09:11:38 | Computer Name = NOTEBOOK | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
 von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
 ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung
 zurückgegeben.  .
 
Error - 17.11.2012 11:29:15 | Computer Name = NOTEBOOK | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
 von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
 ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung
 zurückgegeben.  .
 
Error - 18.11.2012 08:01:21 | Computer Name = NOTEBOOK | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
 
Error - 20.11.2012 03:12:38 | Computer Name = NOTEBOOK | Source = EventSystem | ID = 4614
Description = Das COM+-Ereignissystem hat eine Inkonsistenz in seinem internen Status
 erkannt. Fehler bei der Assertion "GetLastError() == 122L" in Zeile 162 von d:\comxp_sp3\com\com1x\src\events\shared\sectools.cpp.
 Wenden Sie sich an den Microsoft-Produktsuppor
 
[ System Events ]
Error - 17.11.2012 10:54:03 | Computer Name = NOTEBOOK | Source = Service Control Manager | ID = 7011
Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung
 von Dienst NVSvc.
 
Error - 17.11.2012 11:19:57 | Computer Name = NOTEBOOK | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:  %%5
 
Error - 17.11.2012 11:19:57 | Computer Name = NOTEBOOK | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:  %%5
 
Error - 17.11.2012 11:19:57 | Computer Name = NOTEBOOK | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies
 ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden
 durchgeführt: Starten Sie den Dienst neu..
 
Error - 17.11.2012 11:19:57 | Computer Name = NOTEBOOK | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:  %%5
 
Error - 17.11.2012 11:19:57 | Computer Name = NOTEBOOK | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:  %%5
 
Error - 17.11.2012 11:19:57 | Computer Name = NOTEBOOK | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Avira Planer" wurde unerwartet beendet. Dies ist bereits
 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt:
 Starten Sie den Dienst neu..
 
Error - 17.11.2012 11:19:57 | Computer Name = NOTEBOOK | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:  %%5
 
Error - 17.11.2012 11:19:57 | Computer Name = NOTEBOOK | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:  %%5
 
Error - 17.11.2012 11:20:10 | Computer Name = NOTEBOOK | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Avira Planer" wurde aufgrund folgenden Fehlers nicht gestartet:
  %%109
 
 
< End of report >
--- --- ---

[/CODE]

Ich hoffe, dies hilft dir weiter, da das Problem leider immer noch besteht :heulen:

Viele Grüsse

Frank

cosinus 03.12.2012 11:30
Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


flkor 03.12.2012 13:14
Hi Cosinus,

ich werde (wie gewohnt) am Freitag weitertesten. Soweit ich mich erinnere, habe ich Mailwarebytes wieder deinstalliert, da die Testperiode abgelaufen war. Ich versuche, es wieder neu zu installieren.

Ich habe noch einen Hinweis: da das Problem ja immer noch besteht, hatte ich den Scan mit AdwCleaner nochmals durchgeführt. Siehe da, der Eintrag:

Code:
***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKLM\Software\Description
ist wieder aufgetaucht, obwohl er ja eigentlich gelöscht sein sollte. Ich habe nichts weiter unternommen und möchte dir dieses "seltsame" Verhalten nur mitteilen.

Grüsse aus Basel

Frank

cosinus 03.12.2012 14:55
Zitat:
da die Testperiode abgelaufen war. Ich versuche, es wieder neu zu installieren.
Das muss man nicht! Lass diese Testperiode einfach sein und nutze es als reine Freeware-Variante!

flkor 08.12.2012 10:17
Hi Cosinus,

ich habe MalWareBytes nochmal installiert und laufen lassen:

Code:
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.12.07.09

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Frank :: NOTEBOOK [Administrator]

07.12.2012 20:15:04
mbam-log-2012-12-07 (20-15-04).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 197582
Laufzeit: 31 Minute(n), 43 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Und hier das Log von ESET:

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6844
# api_version=3.0.2
# EOSSerial=a912a13257d9b645ae1f1ada66f3459e
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-12-08 01:41:37
# local_time=2012-12-08 02:41:37 (+0100, Westeuropäische Normalzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=774 16777213 100 91 1168203 131640769 0 0
# scanned=62428
# found=0
# cleaned=0
# scan_time=20328
Das sieht zwar alles gut aus, aber das Problem besteht leider immer noch in der vollen Stärke.

Gruss

Frank


Alle Zeitangaben in WEZ +1. Es ist jetzt 18:10 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19