Hallo an Alle,
zuerst: schein hier ein Forum mit sehr konkreten Infos zu sein und wirklich kompetenter Hilfe. Und die brauche ich dringend:
Die CPU-Auslastung des Rechners ist unglaublich hoch. Nahe 100%. Anwendungen reagieren gar nicht oder erst nach zig Minuten. Und AVIRA, Malwarebytes, AdSpyware haben nichts gefunden.
Habe jetzt mal Eure Anweisungen befolgt und verschiedene Tests gemacht. Die Logs sind hier:
OLT:Code:$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ º º hjtscanlist v2.0 º º $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ Microsoft Windows [Version 6.1.7600] C: 05.03.2010 21:11 C:\ProgramData --------- 12288 05.03.2010 21:09 C:\Program Files (x86) --------- 20480 05.03.2010 21:09 C:\System Volume Information --------- 24576 C:\hiberfil.sys --------- C:\pagefile.sys --------- 05.03.2010 19:20 C:\aaw7boot.log --------- 2236 28.02.2010 15:14 C:\Windows --------- 28672 27.02.2010 17:47 C:\Program Files --------- 12288 20.02.2010 13:40 C:\MSOCache --------- 0 23.01.2010 18:01 C:\$Recycle.Bin --------- 4096 23.01.2010 18:01 C:\Users --------- 4096 21.01.2010 08:04 C:\Update --------- 0 18.01.2010 21:16 C:\ExifPilotLight.tags --------- 34559 16.12.2009 20:06 C:\Click to Disc --------- 0 29.11.2009 17:22 C:\VAIO Entertainment --------- 0 20.11.2009 09:12 C:\Medion --------- 0 18.11.2009 22:58 C:\Garmin --------- 8192 16.11.2009 19:47 C:\Dokumente und Einstellungen --------- 0 16.11.2009 19:47 C:\Programme --------- 0 06.09.2009 10:28 C:\_FS_SWRINFO --------- 0 06.09.2009 10:28 C:\Documentation --------- 0 06.09.2009 10:05 C:\Installer_Setup.log --------- 187 17.08.2009 18:23 C:\RHDSetup.log --------- 2212 17.08.2009 18:21 C:\Intel --------- 0 14.07.2009 06:08 C:\Documents and Settings --------- 0 14.07.2009 04:20 C:\PerfLogs --------- 0 01.12.2006 23:37 C:\msdia80.dll --------- 904704 ---------------------------------------- C:\Windows 05.03.2010 21:03 C:\Windows\WindowsUpdate.log --------- 1269236 05.03.2010 19:20 C:\Windows\setupact.log --------- 57374 05.03.2010 19:20 C:\Windows\bootstat.dat --------- 67584 28.02.2010 15:24 C:\Windows\PFRO.log --------- 406540 20.02.2010 17:51 C:\Windows\win.ini --------- 510 18.12.2009 07:30 C:\Windows\LDPINST.LOG --------- 10893 14.12.2009 20:58 C:\Windows\DPINST.LOG --------- 118570 01.12.2009 20:17 C:\Windows\DirectX.log --------- 72093 01.12.2009 20:16 C:\Windows\ —* --------- 20 26.11.2009 07:42 C:\Windows\msxml4-KB973688-enu.LOG --------- 293274 17.11.2009 21:02 C:\Windows\setup.log --------- 234 17.11.2009 07:26 C:\Windows\unins000.dat --------- 2482 17.11.2009 07:26 C:\Windows\unins000.exe --------- 684377 17.11.2009 07:21 C:\Windows\nsreg.dat --------- 0 16.11.2009 20:18 C:\Windows\LDM.log --------- 86 16.11.2009 20:17 C:\Windows\KE.log --------- 86 16.11.2009 20:03 C:\Windows\msxml4-KB954430-enu.LOG --------- 301750 16.11.2009 19:49 C:\Windows\ie8_main.log --------- 31522 16.11.2009 18:29 C:\Windows\DtcInstall.log --------- 3806 16.11.2009 18:29 C:\Windows\TSSysprep.log --------- 5767 10.11.2009 10:28 C:\Windows\PCTBDCore.dll.old --------- 1640400 10.11.2009 10:26 C:\Windows\BDTSupport.dll.old --------- 767952 31.10.2009 07:34 C:\Windows\explorer.exe --------- 2870272 06.09.2009 10:23 C:\Windows\ocsetup_install_OEMHelpCustomization.etl --------- 196608 06.09.2009 10:23 C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.txt --------- 28728 06.09.2009 10:23 C:\Windows\VAIOUpdt.INI --------- 0 06.09.2009 10:16 C:\Windows\xpsp1hfm.log --------- 1382 06.09.2009 10:00 C:\Windows\csup.txt --------- 12 31.07.2009 21:13 C:\Windows\snymsico.dll --------- 623616 24.07.2009 05:30 C:\Windows\RtlExUpd.dll --------- 831488 14.07.2009 05:54 C:\Windows\WindowsShell.Manifest --------- 749 14.07.2009 05:51 C:\Windows\setuperr.log --------- 0 14.07.2009 02:39 C:\Windows\write.exe --------- 10240 14.07.2009 02:39 C:\Windows\splwow64.exe --------- 61952 14.07.2009 02:39 C:\Windows\regedit.exe --------- 427008 14.07.2009 02:39 C:\Windows\notepad.exe --------- 193536 14.07.2009 02:39 C:\Windows\HelpPane.exe --------- 733696 14.07.2009 02:39 C:\Windows\hh.exe --------- 16896 14.07.2009 02:39 C:\Windows\fveupdate.exe --------- 15360 14.07.2009 02:38 C:\Windows\bfsvc.exe --------- 71168 14.07.2009 02:16 C:\Windows\twain_32.dll --------- 51200 14.07.2009 02:14 C:\Windows\winhlp32.exe --------- 9728 14.07.2009 02:14 C:\Windows\twunk_32.exe --------- 31232 14.07.2009 00:06 C:\Windows\mib.bin --------- 43131 10.07.2009 13:10 C:\Windows\WLXPGSS.SCR --------- 307568 17.06.2009 17:53 C:\Windows\KHALMNPR.Exe --------- 130576 10.06.2009 22:41 C:\Windows\twunk_16.exe --------- 49680 10.06.2009 22:41 C:\Windows\twain.dll --------- 94784 10.06.2009 22:08 C:\Windows\system.ini --------- 219 10.06.2009 21:52 C:\Windows\WMSysPr9.prx --------- 316640 10.06.2009 21:36 C:\Windows\msdfmap.ini --------- 1405 10.06.2009 21:31 C:\Windows\Starter.xml --------- 48201 10.06.2009 21:30 C:\Windows\HomePremium.xml --------- 48265 27.11.2008 18:11 C:\Windows\midas.dll --------- 383488 15.01.2008 17:47 C:\Windows\HHActiveX.dll --------- 458752 17.11.1998 13:44 C:\Windows\IsUn0407.exe --------- 328704 ---------------------------------------- C:\Windows\System 04.09.2008 16:06 C:\Windows\System\ArcSoftKsUFilter.dll --------- 55808 ---------------------------------------- C:\Windows\System32 05.03.2010 21:02 C:\Windows\system32\Tasks --------- 8192 05.03.2010 19:40 C:\Windows\system32\config --------- 16384 05.03.2010 19:27 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 --------- 9696 05.03.2010 19:27 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 --------- 9696 28.02.2010 15:36 C:\Windows\system32\catroot --------- 4096 28.02.2010 15:36 C:\Windows\system32\drivers --------- 65536 28.02.2010 15:36 C:\Windows\system32\DRVSTORE --------- 0 28.02.2010 15:36 C:\Windows\system32\lsdelete.exe --------- 15880 27.02.2010 17:05 C:\Windows\system32\perfh009.dat --------- 607190 27.02.2010 17:05 C:\Windows\system32\perfc009.dat --------- 103568 27.02.2010 17:05 C:\Windows\system32\perfh007.dat --------- 643866 27.02.2010 17:05 C:\Windows\system32\perfc007.dat --------- 126394 27.02.2010 17:05 C:\Windows\system32\PerfStringBackup.INI --------- 1472002 25.02.2010 10:05 C:\Windows\system32\TURegOpt.exe --------- 34632 25.02.2010 09:59 C:\Windows\system32\authuitu.dll --------- 25928 25.02.2010 09:59 C:\Windows\system32\uxtuneup.dll --------- 36168 24.02.2010 19:41 C:\Windows\system32\catroot2 --------- 12288 24.02.2010 19:26 C:\Windows\system32\de-DE --------- 327680 24.02.2010 09:16 C:\Windows\system32\MpSigStub.exe --------- 212864 20.02.2010 15:39 C:\Windows\system32\FNTCACHE.DAT --------- 467376 19.02.2010 20:17 C:\Windows\system32\LogFiles --------- 4096 19.02.2010 20:17 C:\Windows\system32\DriverStore --------- 4096 06.02.2010 16:49 C:\Windows\system32\wdi --------- 4096 02.02.2010 09:36 C:\Windows\system32\tzres.dll --------- 2048 01.02.2010 20:56 C:\Windows\system32\MRT.exe --------- 31438792 31.01.2010 18:41 C:\Windows\system32\FxsTmp --------- 0 23.01.2010 17:50 C:\Windows\system32\GroupPolicyUsers --------- 0 23.01.2010 17:50 C:\Windows\system32\GroupPolicy --------- 0 19.01.2010 10:05 C:\Windows\system32\secproc_ssp_isv.dll --------- 121856 19.01.2010 10:05 C:\Windows\system32\secproc_ssp.dll --------- 121856 19.01.2010 10:05 C:\Windows\system32\secproc_isv.dll --------- 422912 19.01.2010 10:05 C:\Windows\system32\secproc.dll --------- 424960 19.01.2010 10:00 C:\Windows\system32\RMActivate_ssp_isv.exe --------- 305152 19.01.2010 10:00 C:\Windows\system32\RMActivate_isv.exe --------- 357888 19.01.2010 10:00 C:\Windows\system32\RMActivate_ssp.exe --------- 306688 19.01.2010 10:00 C:\Windows\system32\RMActivate.exe --------- 356352 11.01.2010 08:44 C:\Windows\system32\iedkcs32.dll --------- 445952 05.01.2010 11:11 C:\Windows\system32\nvuhda6.exe --------- 541216 05.01.2010 11:11 C:\Windows\system32\nvhdap64.dll --------- 22528 05.01.2010 11:11 C:\Windows\system32\nvhda.nvu --------- 1481 05.01.2010 11:11 C:\Windows\system32\nvcohda6.dll --------- 171520 05.01.2010 11:11 C:\Windows\system32\nvapo64v.dll --------- 62976 05.01.2010 11:11 C:\Windows\system32\nvwgf2umx.dll --------- 4452968 05.01.2010 11:11 C:\Windows\system32\nvudisp.exe --------- 637544 05.01.2010 11:11 C:\Windows\system32\nvoglv64.dll --------- 14725224 05.01.2010 11:11 C:\Windows\system32\nvdisp.nvu --------- 14738 05.01.2010 11:11 C:\Windows\system32\nvdecodemft.dll --------- 323176 05.01.2010 11:11 C:\Windows\system32\nvd3dumx.dll --------- 9613416 05.01.2010 11:11 C:\Windows\system32\nvcuvid.dll --------- 733800 05.01.2010 11:11 C:\Windows\system32\nvcuda.dll --------- 2361448 05.01.2010 11:11 C:\Windows\system32\nvcod.dll --------- 183912 05.01.2010 11:11 C:\Windows\system32\nvcod172.dll --------- 183912 05.01.2010 11:11 C:\Windows\system32\nvapi64.dll --------- 1313896 22.12.2009 09:36 C:\Windows\system32\wow64.dll --------- 243200 19.12.2009 10:51 C:\Windows\system32\wininet.dll --------- 1192960 19.12.2009 10:51 C:\Windows\system32\urlmon.dll --------- 1492480 19.12.2009 10:50 C:\Windows\system32\tsbyuv.dll --------- 14848 19.12.2009 10:49 C:\Windows\system32\quartz.dll --------- 1572352 19.12.2009 10:47 C:\Windows\system32\msyuv.dll --------- 25088 19.12.2009 10:47 C:\Windows\system32\msvidc32.dll --------- 38912 19.12.2009 10:47 C:\Windows\system32\msrle32.dll --------- 16384 19.12.2009 10:47 C:\Windows\system32\mshtml.dll --------- 9276928 19.12.2009 10:47 C:\Windows\system32\msfeedsbs.dll --------- 82944 19.12.2009 10:46 C:\Windows\system32\iyuv_32.dll --------- 54272 19.12.2009 10:46 C:\Windows\system32\ieframe.dll --------- 12356608 13.12.2009 10:46 C:\Windows\system32\psisdecd.dll --------- 613888 13.12.2009 10:46 C:\Windows\system32\CPFilters.dll --------- 960512 13.12.2009 10:46 C:\Windows\system32\msdri.dll --------- 552960 13.12.2009 10:44 C:\Windows\system32\MSNP.ax --------- 288256 02.12.2009 10:15 C:\Windows\system32\jscript.dll --------- 852480 26.11.2009 20:46 C:\Windows\system32\CanonIJ Uninstaller Information --------- 0 26.11.2009 20:45 C:\Windows\system32\STRING --------- 0 26.11.2009 20:45 C:\Windows\system32\CHM --------- 0 17.11.2009 22:03 C:\Windows\system32\javaws.exe --------- 181760 17.11.2009 22:03 C:\Windows\system32\javaw.exe --------- 165888 17.11.2009 22:03 C:\Windows\system32\java.exe --------- 165888 17.11.2009 22:03 C:\Windows\system32\deploytk.dll --------- 455680 16.11.2009 20:02 C:\Windows\system32\restore --------- 0 16.11.2009 18:33 C:\Windows\system32\license.rtf --------- 52953 02.11.2009 03:49 C:\Windows\system32\nvcpl.cpl --------- 410728 02.11.2009 03:49 C:\Windows\system32\nvcplui.exe --------- 2591336 02.11.2009 03:49 C:\Windows\system32\nvcpluir.dll --------- 1495144 02.11.2009 03:49 C:\Windows\system32\NvApps.xml --------- 255905 02.11.2009 03:49 C:\Windows\system32\NvwsApps.xml --------- 65000 02.11.2009 03:49 C:\Windows\system32\nvdispsr.dll --------- 6081640 02.11.2009 03:49 C:\Windows\system32\nvdisps.dll --------- 4424296 02.11.2009 03:49 C:\Windows\system32\nvsvsr.dll --------- 1349736 02.11.2009 03:49 C:\Windows\system32\nvvsvc.exe --------- 392296 02.11.2009 03:49 C:\Windows\system32\nvwssr.dll --------- 3608680 02.11.2009 03:49 C:\Windows\system32\nvgamesr.dll --------- 4407400 02.11.2009 03:49 C:\Windows\system32\nvwss.dll --------- 3683944 02.11.2009 03:49 C:\Windows\system32\nvsvs.dll --------- 1627240 02.11.2009 03:49 C:\Windows\system32\nvmccss.dll --------- 289384 02.11.2009 03:49 C:\Windows\system32\nvgames.dll --------- 5138024 02.11.2009 03:49 C:\Windows\system32\nvmccssr.dll --------- 455784 02.11.2009 03:49 C:\Windows\system32\nvmctray.dll --------- 82536 02.11.2009 03:49 C:\Windows\system32\nvcpl.dll --------- 16395880 02.11.2009 03:49 C:\Windows\system32\nvmobls.dll --------- 1640552 02.11.2009 03:49 C:\Windows\system32\nvmoblsr.dll --------- 2852968 02.11.2009 03:49 C:\Windows\system32\nvvitvsr.dll --------- 4551784 ---------------------------------------- C:\Windows\Prefetch ---------------------------------------- C:\Windows\Tasks 05.03.2010 21:11 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job --------- 1122 05.03.2010 19:21 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job --------- 1118 05.03.2010 19:20 C:\Windows\Tasks\SA.DAT --------- 6 18.01.2010 19:57 C:\Windows\Tasks\SCHEDLGU.TXT --------- 32632 ---------------------------------------- C:\Windows\Temp ---------------------------------------- C:\Users\RAINER~1\AppData\Local\Temp 05.03.2010 21:21 C:\Users\RAINER~1\AppData\Local\Temp\Temp1_hjtscanlist[1].zip --------- 0 05.03.2010 21:17 C:\Users\RAINER~1\AppData\Local\Temp\Low --------- 4096 05.03.2010 21:16 C:\Users\RAINER~1\AppData\Local\Temp\~DF36DF2B145E366D8E.TMP --------- 20480 05.03.2010 21:04 C:\Users\RAINER~1\AppData\Local\Temp\StructuredQuery.log --------- 168108 05.03.2010 21:03 C:\Users\RAINER~1\AppData\Local\Temp\~DF37F4A53C7C20FB90.TMP --------- 16384 05.03.2010 20:58 C:\Users\RAINER~1\AppData\Local\Temp\sarscan.log --------- 6886 05.03.2010 20:58 C:\Users\RAINER~1\AppData\Local\Temp\samples.sar --------- 9084828 05.03.2010 19:22 C:\Users\RAINER~1\AppData\Local\Temp\~DFA923C0DCE61A9E77.TMP --------- 512 05.03.2010 19:22 C:\Users\RAINER~1\AppData\Local\Temp\~DF9BBC32695558539D.TMP --------- 180224 05.03.2010 19:22 C:\Users\RAINER~1\AppData\Local\Temp\~DFEB7295F58B15409B.TMP --------- 512 05.03.2010 19:22 C:\Users\RAINER~1\AppData\Local\Temp\~DF14F6B5BABDF217B1.TMP --------- 491520 05.03.2010 19:22 C:\Users\RAINER~1\AppData\Local\Temp\~DF184BBB0E2E7176D0.TMP --------- 512 05.03.2010 19:22 C:\Users\RAINER~1\AppData\Local\Temp\~DFFD795977F14C6F4A.TMP --------- 114688 05.03.2010 19:22 C:\Users\RAINER~1\AppData\Local\Temp\~DFBE93E9E008E23158.TMP --------- 512 05.03.2010 19:22 C:\Users\RAINER~1\AppData\Local\Temp\~DF0A12A4353AE684D3.TMP --------- 114688 05.03.2010 19:22 C:\Users\RAINER~1\AppData\Local\Temp\~DF45D997BA328AD550.TMP --------- 16384 05.03.2010 19:22 C:\Users\RAINER~1\AppData\Local\Temp\~DF7E8917E3F853BD9B.TMP --------- 16384 05.03.2010 19:22 C:\Users\RAINER~1\AppData\Local\Temp\~DFAD2FCDAA7F83A3D0.TMP --------- 512 05.03.2010 19:22 C:\Users\RAINER~1\AppData\Local\Temp\~DFE4C9DFEEA2B251ED.TMP --------- 16384 05.03.2010 19:21 C:\Users\RAINER~1\AppData\Local\Temp\WPDNSE --------- 0 04.03.2010 08:09 C:\Users\RAINER~1\AppData\Local\Temp\hsperfdata_Rainer Dangel --------- 0 04.03.2010 08:07 C:\Users\RAINER~1\AppData\Local\Temp\java_install_reg.log --------- 24189 04.03.2010 08:01 C:\Users\RAINER~1\AppData\Local\Temp\moz_mapi --------- 0 04.03.2010 07:59 C:\Users\RAINER~1\AppData\Local\Temp\TWAIN.LOG --------- 875 04.03.2010 07:59 C:\Users\RAINER~1\AppData\Local\Temp\Twain001.Mtx --------- 4 04.03.2010 07:59 C:\Users\RAINER~1\AppData\Local\Temp\Twunk001.MTX --------- 156 03.03.2010 20:32 C:\Users\RAINER~1\AppData\Local\Temp\AdobeARM.log --------- 275318 03.03.2010 07:26 C:\Users\RAINER~1\AppData\Local\Temp\Word8.0 --------- 0 02.03.2010 07:52 C:\Users\RAINER~1\AppData\Local\Temp\wmplog03.sqm --------- 1488 02.03.2010 07:52 C:\Users\RAINER~1\AppData\Local\Temp\{27d58de6-2672-4129-ac81-3eb03be2cb9e} --------- 0 01.03.2010 22:04 C:\Users\RAINER~1\AppData\Local\Temp\amt.log --------- 23619 01.03.2010 22:04 C:\Users\RAINER~1\AppData\Local\Temp\alm.log --------- 124047 01.03.2010 22:03 C:\Users\RAINER~1\AppData\Local\Temp\swtag.log --------- 70991 01.03.2010 20:34 C:\Users\RAINER~1\AppData\Local\Temp\jusched.log --------- 116193 01.03.2010 20:26 C:\Users\RAINER~1\AppData\Local\Temp\wmplog02.sqm --------- 3188 01.03.2010 20:25 C:\Users\RAINER~1\AppData\Local\Temp\wmsetup.log --------- 6719 28.02.2010 15:35 C:\Users\RAINER~1\AppData\Local\Temp\info.txt --------- 2175 28.02.2010 15:35 C:\Users\RAINER~1\AppData\Local\Temp\emailaddress.txt --------- 9832 28.02.2010 15:15 C:\Users\RAINER~1\AppData\Local\Temp\Uninstall Log 2010-02-28 #001.txt --------- 76449 28.02.2010 15:14 C:\Users\RAINER~1\AppData\Local\Temp\Uninstall Log 2010-02-28 #004.txt --------- 6527 28.02.2010 15:14 C:\Users\RAINER~1\AppData\Local\Temp\Uninstall Log 2010-02-28 #003.txt --------- 4232 28.02.2010 15:14 C:\Users\RAINER~1\AppData\Local\Temp\Uninstall Log 2010-02-28 #002.txt --------- 6163 28.02.2010 15:14 C:\Users\RAINER~1\AppData\Local\Temp\GenericTdiDll.txt --------- 412 27.02.2010 17:29 C:\Users\RAINER~1\AppData\Local\Temp\Setup Log 2010-02-27 #001.txt --------- 148362 27.02.2010 17:29 C:\Users\RAINER~1\AppData\Local\Temp\is-QBIVG.tmp --------- 0 27.02.2010 17:21 C:\Users\RAINER~1\AppData\Local\Temp\PCTInstaller --------- 0 27.02.2010 17:20 C:\Users\RAINER~1\AppData\Local\Temp\Setup Log 2010-02-27 #004.txt --------- 16780 27.02.2010 17:18 C:\Users\RAINER~1\AppData\Local\Temp\Setup Log 2010-02-27 #003.txt --------- 4125 27.02.2010 17:18 C:\Users\RAINER~1\AppData\Local\Temp\Setup Log 2010-02-27 #002.txt --------- 6696 27.02.2010 17:18 C:\Users\RAINER~1\AppData\Local\Temp\dd_vcredistUI656F.txt --------- 11206 27.02.2010 17:18 C:\Users\RAINER~1\AppData\Local\Temp\dd_vcredistMSI656F.txt --------- 381198 27.02.2010 17:18 C:\Users\RAINER~1\AppData\Local\Temp\dd_vcredistUI6570.txt --------- 10602 27.02.2010 13:23 C:\Users\RAINER~1\AppData\Local\Temp\NccTemp --------- 0 27.02.2010 13:09 C:\Users\RAINER~1\AppData\Local\Temp\TUM5DB9.tmp --------- 2600448 24.02.2010 20:47 C:\Users\RAINER~1\AppData\Local\Temp\nsemail.eml --------- 4908189 24.02.2010 20:47 C:\Users\RAINER~1\AppData\Local\Temp\nsemail-1.eml --------- 484 24.02.2010 20:21 C:\Users\RAINER~1\AppData\Local\Temp\comtypes_cache --------- 0 23.02.2010 07:13 C:\Users\RAINER~1\AppData\Local\Temp\NGLALog.txt --------- 22512 20.02.2010 16:30 C:\Users\RAINER~1\AppData\Local\Temp\DMIA6D9.tmp --------- 0 20.02.2010 13:46 C:\Users\RAINER~1\AppData\Local\Temp\SetupExe(20100220133950FF0).log --------- 136526 19.02.2010 20:22 C:\Users\RAINER~1\AppData\Local\Temp\byeE752.tmp --------- 0 19.02.2010 20:21 C:\Users\RAINER~1\AppData\Local\Temp\NaviMgrInstaller.exe --------- 17369579 19.02.2010 20:17 C:\Users\RAINER~1\AppData\Local\Temp\MSI1f298.LOG --------- 1273874 19.02.2010 20:08 C:\Users\RAINER~1\AppData\Local\Temp\isp2686.tmp --------- 0 16.02.2010 20:29 C:\Users\RAINER~1\AppData\Local\Temp\wmplog01.sqm --------- 1544 16.02.2010 10:51 C:\Users\RAINER~1\AppData\Local\Temp\PSAlbumImport --------- 0 16.02.2010 10:37 C:\Users\RAINER~1\AppData\Local\Temp\wmplog00.sqm --------- 1770 16.02.2010 09:23 C:\Users\RAINER~1\AppData\Local\Temp\MMCULog2.txt --------- 2 16.02.2010 09:23 C:\Users\RAINER~1\AppData\Local\Temp\Nokia Communication Centre - Messages --------- 0 16.02.2010 09:20 C:\Users\RAINER~1\AppData\Local\Temp\CalendarViewLog.txt --------- 0 16.02.2010 09:16 C:\Users\RAINER~1\AppData\Local\Temp\addonscheck.xml --------- 174 16.02.2010 09:16 C:\Users\RAINER~1\AppData\Local\Temp\pcsuitecheck_new.xml --------- 52556 16.02.2010 09:16 C:\Users\RAINER~1\AppData\Local\Temp\_pcsuitecheck_new.xml --------- 52556 13.02.2010 15:52 C:\Users\RAINER~1\AppData\Local\Temp\~nsu.tmp --------- 0 08.02.2010 22:01 C:\Users\RAINER~1\AppData\Local\Temp\nsmail.pdf --------- 2146732 08.02.2010 21:05 C:\Users\RAINER~1\AppData\Local\Temp\MozillaMailnews --------- 0 06.02.2010 17:16 C:\Users\RAINER~1\AppData\Local\Temp\nsemail.html --------- 232 30.01.2010 15:19 C:\Users\RAINER~1\AppData\Local\Temp\WebUpdater --------- 0 30.01.2010 15:18 C:\Users\RAINER~1\AppData\Local\Temp\Garmin Software Updates --------- 0 23.01.2010 17:57 C:\Users\RAINER~1\AppData\Local\Temp\Nina.bmp --------- 31832 23.01.2010 17:57 C:\Users\RAINER~1\AppData\Local\Temp\Rainer Dangel.bmp --------- 31832 23.01.2010 17:55 C:\Users\RAINER~1\AppData\Local\Temp\Gast.bmp --------- 49208 23.01.2010 17:55 C:\Users\RAINER~1\AppData\Local\Temp\Sabine Dangel.bmp --------- 31832 23.01.2010 17:55 C:\Users\RAINER~1\AppData\Local\Temp\HomeGroupUser$.bmp --------- 49208 23.01.2010 17:55 C:\Users\RAINER~1\AppData\Local\Temp\Administrator.bmp --------- 49208 23.01.2010 10:31 C:\Users\RAINER~1\AppData\Local\Temp\RG275179282.pdf --------- 60834 21.01.2010 08:02 C:\Users\RAINER~1\AppData\Local\Temp\{E17F14EF-BFD6-4AA7-9FBB-EC2E74A78A8F} --------- 0 19.01.2010 11:59 C:\Users\RAINER~1\AppData\Local\Temp\etilqs_RT76RhxuzyWGqMV9N34B --------- 146432 19.01.2010 11:59 C:\Users\RAINER~1\AppData\Local\Temp\etilqs_DWlZTXnbUtNCwpaDyVur --------- 648192 18.01.2010 21:19 C:\Users\RAINER~1\AppData\Local\Temp\Temp1_exiflite[1].zip --------- 0 17.01.2010 11:58 C:\Users\RAINER~1\AppData\Local\Temp\MPSampleSubmit --------- 0 05.01.2010 11:52 C:\Users\RAINER~1\AppData\Local\Temp\AVSETUP_4b43190c --------- 0 05.01.2010 11:48 C:\Users\RAINER~1\AppData\Local\Temp\dd_vcredistUI3BDD.txt --------- 12286 05.01.2010 11:48 C:\Users\RAINER~1\AppData\Local\Temp\dd_vcredistMSI3BDD.txt --------- 374314 05.01.2010 11:14 C:\Users\RAINER~1\AppData\Local\Temp\{270C844F-AFBA-4A27-80B2-187DC02AB231} --------- 0 05.01.2010 11:13 C:\Users\RAINER~1\AppData\Local\Temp\{496A050C-922A-4153-AFC5-910B2881FD0F} --------- 0 05.01.2010 10:34 C:\Users\RAINER~1\AppData\Local\Temp\{19D51CEB-2F29-4751-9794-BDCE03C3A876} --------- 0 20.12.2009 12:11 C:\Users\RAINER~1\AppData\Local\Temp\msdt --------- 0 20.12.2009 12:10 C:\Users\RAINER~1\AppData\Local\Temp\PCW208B.xml --------- 718 20.12.2009 12:10 C:\Users\RAINER~1\AppData\Local\Temp\PCW208B.tmp --------- 0 20.12.2009 11:19 C:\Users\RAINER~1\AppData\Local\Temp\FlashPlayerUpdate.exe --------- 1956736 18.12.2009 07:30 C:\Users\RAINER~1\AppData\Local\Temp\{3AD3B9CA-EB5F-45B9-8B77-D7C06B4FEF5E} --------- 0 18.12.2009 07:30 C:\Users\RAINER~1\AppData\Local\Temp\KE.log --------- 86 18.12.2009 07:24 C:\Users\RAINER~1\AppData\Local\Temp\setpointDEU.exe --------- 70521040 18.12.2009 07:23 C:\Users\RAINER~1\AppData\Local\Temp\setpointDEU.exe.sig --------- 128 17.12.2009 08:12 C:\Users\RAINER~1\AppData\Local\Temp\{0BD6AC87-61D9-47F9-8DD2-C66696F520AD} --------- 0 17.12.2009 08:12 C:\Users\RAINER~1\AppData\Local\Temp\{8F7E4AEB-DAAE-46A1-98FD-9A13FB530551} --------- 0 16.12.2009 20:07 C:\Users\RAINER~1\AppData\Local\Temp\CTDE_LOG.txt --------- 21378 16.12.2009 20:07 C:\Users\RAINER~1\AppData\Local\Temp\Click to Disc Editor --------- 0 15.12.2009 20:44 C:\Users\RAINER~1\AppData\Local\Temp\.Sony_PMBrowser3000_BrowserDiskCache --------- 8371200 15.12.2009 20:44 C:\Users\RAINER~1\AppData\Local\Temp\.Sony_PMBrowser3000_BrowserDiskCache.idx --------- 52320 15.12.2009 20:39 C:\Users\RAINER~1\AppData\Local\Temp\SubDlResult.xml --------- 372 15.12.2009 20:39 C:\Users\RAINER~1\AppData\Local\Temp\AllServicesInfoFiles --------- 0 14.12.2009 21:04 C:\Users\RAINER~1\AppData\Local\Temp\{73F94167-5E13-460E-9B89-F7B8935BCD42} --------- 0 14.12.2009 20:57 C:\Users\RAINER~1\AppData\Local\Temp\iProInstLogs --------- 0 14.12.2009 20:53 C:\Users\RAINER~1\AppData\Local\Temp\{D4BAB2B0-3A79-4E67-927C-3B6F89E39A5D} --------- 0 14.12.2009 20:40 C:\Users\RAINER~1\AppData\Local\Temp\msdtadmin --------- 0 14.12.2009 20:22 C:\Users\RAINER~1\AppData\Local\Temp\{86C605E2-894F-4155-9BBE-4E8B843F01EC} --------- 0 14.12.2009 20:20 C:\Users\RAINER~1\AppData\Local\Temp\{11E05DF2-0BE1-4A19-B3CE-5D9ADF9C7C2B} --------- 0 05.12.2009 16:41 C:\Users\RAINER~1\AppData\Local\Temp\{9886eee8-36cb-4eed-824a-f075366e2131} --------- 0 05.12.2009 13:01 C:\Users\RAINER~1\AppData\Local\Temp\Sonic.tmp --------- 0 01.12.2009 20:16 C:\Users\RAINER~1\AppData\Local\Temp\120120160000076ca5smde3pbu --------- 0 01.12.2009 20:15 C:\Users\RAINER~1\AppData\Local\Temp\120120150000076c561p6hl7jb --------- 0 01.12.2009 20:15 C:\Users\RAINER~1\AppData\Local\Temp\120120150000076ckf9njb0pey --------- 0 01.12.2009 20:15 C:\Users\RAINER~1\AppData\Local\Temp\120120150000076cmhupn7rync --------- 0 01.12.2009 20:15 C:\Users\RAINER~1\AppData\Local\Temp\120120150000076chwulesypm4 --------- 0 01.12.2009 20:12 C:\Users\RAINER~1\AppData\Local\Temp\MSI601bb.LOG --------- 710 01.12.2009 20:08 C:\Users\RAINER~1\AppData\Local\Temp\msg83C.exe --------- 36352872 29.11.2009 17:24 C:\Users\RAINER~1\AppData\Local\Temp\MessengerCache --------- 0 26.11.2009 21:39 C:\Users\RAINER~1\AppData\Local\Temp\{e6ee5b45-49f8-432d-aaea-89361b242237} --------- 0 26.11.2009 21:30 C:\Users\RAINER~1\AppData\Local\Temp\{9de501da-adf8-4896-9299-ee196d103bb8} --------- 0 26.11.2009 21:09 C:\Users\RAINER~1\AppData\Local\Temp\FXSTIFFDebugLogFile.txt --------- 0 26.11.2009 20:57 C:\Users\RAINER~1\AppData\Local\Temp\MS4BCAA.LOG --------- 3272 26.11.2009 07:59 C:\Users\RAINER~1\AppData\Local\Temp\History --------- 0 26.11.2009 07:59 C:\Users\RAINER~1\AppData\Local\Temp\Cookies --------- 0 26.11.2009 07:59 C:\Users\RAINER~1\AppData\Local\Temp\Temporary Internet Files --------- 0 24.11.2009 08:00 C:\Users\RAINER~1\AppData\Local\Temp\Silverlight0.log --------- 1886 24.11.2009 08:00 C:\Users\RAINER~1\AppData\Local\Temp\SilverlightMSI.log --------- 540482 23.11.2009 20:23 C:\Users\RAINER~1\AppData\Local\Temp\PCW56A7.tmp --------- 0 23.11.2009 20:23 C:\Users\RAINER~1\AppData\Local\Temp\PCW56A7.xml --------- 718 23.11.2009 08:05 C:\Users\RAINER~1\AppData\Local\Temp\setup~4 --------- 0 23.11.2009 08:05 C:\Users\RAINER~1\AppData\Local\Temp\PCW2CF9.xml --------- 762 23.11.2009 08:05 C:\Users\RAINER~1\AppData\Local\Temp\PCW2CF9.tmp --------- 0 23.11.2009 08:05 C:\Users\RAINER~1\AppData\Local\Temp\{cd7ab060-3ed0-40ff-a90b-634ece42806a} --------- 0 23.11.2009 08:05 C:\Users\RAINER~1\AppData\Local\Temp\setup~3 --------- 0 23.11.2009 08:04 C:\Users\RAINER~1\AppData\Local\Temp\setup~2 --------- 0 23.11.2009 08:04 C:\Users\RAINER~1\AppData\Local\Temp\setup~1 --------- 0 21.11.2009 15:29 C:\Users\RAINER~1\AppData\Local\Temp\PCW3774.xml --------- 718 21.11.2009 15:29 C:\Users\RAINER~1\AppData\Local\Temp\PCW3774.tmp --------- 0 20.11.2009 09:18 C:\Users\RAINER~1\AppData\Local\Temp\DMI3BF6.tmp --------- 0 20.11.2009 09:15 C:\Users\RAINER~1\AppData\Local\Temp\{1d8dfbe9-d55d-4587-ab64-b9341623c484} --------- 0 19.11.2009 23:00 C:\Users\RAINER~1\AppData\Local\Temp\Twunk002.MTX --------- 0 19.11.2009 22:59 C:\Users\RAINER~1\AppData\Local\Temp\Adobe --------- 0 19.11.2009 20:28 C:\Users\RAINER~1\AppData\Local\Temp\DMI9D29.tmp --------- 0 19.11.2009 20:26 C:\Users\RAINER~1\AppData\Local\Temp\{588F052F-DD24-4F95-A298-7E431DB69812} --------- 0 19.11.2009 20:26 C:\Users\RAINER~1\AppData\Local\Temp\{449115DC-CA69-4C89-ADF9-30DD1885FDCB} --------- 0 19.11.2009 20:22 C:\Users\RAINER~1\AppData\Local\Temp\hr_temp --------- 0 19.11.2009 20:21 C:\Users\RAINER~1\AppData\Local\Temp\isAA14.tmp --------- 0 19.11.2009 20:21 C:\Users\RAINER~1\AppData\Local\Temp\{D4ED49D3-317C-455C-97CF-EE90255AADB4} --------- 0 19.11.2009 20:21 C:\Users\RAINER~1\AppData\Local\Temp\{1392FB91-EC71-48E9-BD88-0902FFB07D9C} --------- 0 19.11.2009 20:18 C:\Users\RAINER~1\AppData\Local\Temp\{e9513610-f218-4dda-b954-2c7e6ba7cabb} --------- 0 18.11.2009 23:00 C:\Users\RAINER~1\AppData\Local\Temp\isAF25.tmp --------- 0 18.11.2009 22:59 C:\Users\RAINER~1\AppData\Local\Temp\OAAdr.log --------- 1301 18.11.2009 07:48 C:\Users\RAINER~1\AppData\Local\Temp\SetupExe(2009111807454014E0).log --------- 16330 17.11.2009 22:10 C:\Users\RAINER~1\AppData\Local\Temp\java_install.log --------- 59034 17.11.2009 22:09 C:\Users\RAINER~1\AppData\Local\Temp\java_install_sp.log --------- 1143 17.11.2009 22:08 C:\Users\RAINER~1\AppData\Local\Temp\jinstall.cfg --------- 945 17.11.2009 22:07 C:\Users\RAINER~1\AppData\Local\Temp\boost_interprocess --------- 0 17.11.2009 21:17 C:\Users\RAINER~1\AppData\Local\Temp\VBE --------- 0 17.11.2009 08:08 C:\Users\RAINER~1\AppData\Local\Temp\NclRegPermissions(7).log --------- 14026 17.11.2009 08:08 C:\Users\RAINER~1\AppData\Local\Temp\NclRegPermissions(6).log --------- 14026 17.11.2009 08:07 C:\Users\RAINER~1\AppData\Local\Temp\NclRegPermissions(5).log --------- 7978 17.11.2009 08:07 C:\Users\RAINER~1\AppData\Local\Temp\NclRegPermissions(4).log --------- 1518 17.11.2009 08:06 C:\Users\RAINER~1\AppData\Local\Temp\NGLATempNokia --------- 0 17.11.2009 08:05 C:\Users\RAINER~1\AppData\Local\Temp\Nokia_PC_Suite_7_1_40_1_ger.exe --------- 33681080 17.11.2009 07:41 C:\Users\RAINER~1\AppData\Local\Temp\nCommsTempNokia --------- 0 17.11.2009 07:40 C:\Users\RAINER~1\AppData\Local\Temp\NclRegPermissions(3).log --------- 19933 17.11.2009 07:40 C:\Users\RAINER~1\AppData\Local\Temp\NclRegPermissions(2).log --------- 7978 17.11.2009 07:40 C:\Users\RAINER~1\AppData\Local\Temp\NclRegPermissions(1).log --------- 1720 16.11.2009 22:47 C:\Users\RAINER~1\AppData\Local\Temp\BTN%Copy%1 --------- 0 16.11.2009 21:12 C:\Users\RAINER~1\AppData\Local\Temp\MSIc12a6.LOG --------- 244 16.11.2009 20:20 C:\Users\RAINER~1\AppData\Local\Temp\Google Toolbar --------- 0 16.11.2009 20:17 C:\Users\RAINER~1\AppData\Local\Temp\{DC366115-AE8F-46B3-A1FF-AA75604CCF93} --------- 0 16.11.2009 20:17 C:\Users\RAINER~1\AppData\Local\Temp\{97967718-B85D-4F90-947B-831DA2EBD7A1} --------- 0 16.11.2009 19:50 C:\Users\RAINER~1\AppData\Local\Temp\FXSAPIDebugLogFile.txt --------- 0 18.03.2009 12:35 C:\Users\RAINER~1\AppData\Local\Temp\MSETUP4.EXE --------- 775504 04.07.2008 18:00 C:\Users\RAINER~1\AppData\Local\Temp\SiteUploadInfo.xml --------- 872 22.01.2008 17:04 C:\Users\RAINER~1\AppData\Local\Temp\_is1554.exe --------- 455976 20.01.2007 12:46 C:\Users\RAINER~1\AppData\Local\Temp\_is3FEC.exe --------- 455600 ---------------------------------------- C:\Program Files 27.02.2010 17:47 C:\Program Files\7-Zip --------- 4096 20.02.2010 13:42 C:\Program Files\Microsoft Office --------- 0 29.01.2010 07:22 C:\Program Files\Internet Explorer --------- 4096 05.01.2010 11:37 C:\Program Files\Common Files --------- 4096 14.12.2009 20:57 C:\Program Files\Intel --------- 0 14.12.2009 20:22 C:\Program Files\Sony --------- 4096 26.11.2009 20:47 C:\Program Files\Canon --------- 0 26.11.2009 20:46 C:\Program Files\CanonBJ --------- 0 18.11.2009 22:57 C:\Program Files\DIFX --------- 0 17.11.2009 22:03 C:\Program Files\Java --------- 0 17.11.2009 07:26 C:\Program Files\SuuntoUSBDrivers --------- 0 16.11.2009 20:15 C:\Program Files\Logitech --------- 0 16.11.2009 20:06 C:\Program Files\Windows Media Player --------- 4096 16.11.2009 19:47 C:\Program Files\Windows NT --------- 4096 16.11.2009 19:47 C:\Program Files\Gemeinsame Dateien --------- 0 06.09.2009 10:16 C:\Program Files\Roxio --------- 0 06.09.2009 10:15 C:\Program Files\Microsoft SQL Server Compact Edition --------- 0 06.09.2009 10:15 C:\Program Files\Microsoft Synchronization Services --------- 0 06.09.2009 10:06 C:\Program Files\Google --------- 0 17.08.2009 18:26 C:\Program Files\Synaptics --------- 0 17.08.2009 18:24 C:\Program Files\Protector Suite --------- 0 17.08.2009 18:23 C:\Program Files\WIDCOMM --------- 0 17.08.2009 18:23 C:\Program Files\Dolby --------- 0 17.08.2009 18:23 C:\Program Files\Realtek --------- 0 14.07.2009 19:18 C:\Program Files\DVD Maker --------- 4096 14.07.2009 19:18 C:\Program Files\Windows Journal --------- 4096 14.07.2009 19:18 C:\Program Files\Microsoft Games --------- 4096 14.07.2009 18:58 C:\Program Files\Windows Sidebar --------- 4096 14.07.2009 18:58 C:\Program Files\Windows Mail --------- 0 14.07.2009 18:58 C:\Program Files\Windows Photo Viewer --------- 0 14.07.2009 18:58 C:\Program Files\Windows Defender --------- 4096 14.07.2009 06:32 C:\Program Files\Windows Portable Devices --------- 0 14.07.2009 06:32 C:\Program Files\MSBuild --------- 0 14.07.2009 06:32 C:\Program Files\Reference Assemblies --------- 0 14.07.2009 06:09 C:\Program Files\Uninstall Information --------- 0 14.07.2009 05:54 C:\Program Files\desktop.ini --------- 174 ---------------------------------------- C:\ProgramData\.. Rainer Dangel Sabine Dangel Nina Public Default All Users Default User desktop.ini ---------------------------------------- C:\Windows\system32\drivers\etc\hosts ---------------------------------------- Abbildname PID Sitzungsname Sitz.-Nr. Speichernutzung ========================= ======== ================ =========== =============== System Idle Process 0 Services 0 24 K System 4 Services 0 10.248 K smss.exe 308 Services 0 1.020 K csrss.exe 508 Services 0 4.820 K wininit.exe 568 Services 0 4.336 K csrss.exe 592 Console 1 7.140 K services.exe 624 Services 0 10.104 K lsass.exe 640 Services 0 12.180 K lsm.exe 652 Services 0 4.124 K svchost.exe 760 Services 0 9.360 K nvvsvc.exe 852 Services 0 3.776 K winlogon.exe 892 Console 1 7.104 K svchost.exe 900 Services 0 10.124 K svchost.exe 988 Services 0 23.552 K svchost.exe 112 Services 0 166.380 K svchost.exe 456 Services 0 49.584 K svchost.exe 1048 Services 0 18.496 K svchost.exe 1140 Services 0 5.348 K svchost.exe 1168 Services 0 32.512 K wlanext.exe 1264 Services 0 13.696 K conhost.exe 1272 Services 0 2.368 K nvvsvc.exe 1428 Console 1 7.568 K spoolsv.exe 1540 Services 0 15.772 K sched.exe 1584 Services 0 24.048 K svchost.exe 1604 Services 0 15.132 K PhotoshopElementsFileAgen 1724 Services 0 42.604 K avguard.exe 1796 Services 0 12.568 K btwdins.exe 1844 Services 0 5.652 K EvtEng.exe 1900 Services 0 17.428 K svchost.exe 1956 Services 0 22.204 K ijplmsvc.exe 1068 Services 0 20.368 K RegSrvc.exe 1624 Services 0 5.288 K GoogleUpdate.exe 1372 Services 0 25.916 K SOHDBSvr.exe 1764 Services 0 36.548 K svchost.exe 2088 Services 0 5.200 K TuneUpUtilitiesService64. 2128 Services 0 13.800 K uCamMonitor.exe 2260 Services 0 12.744 K VESMgr.exe 2284 Services 0 37.880 K SPMService.exe 2324 Services 0 41.668 K dllhost.exe 2372 Services 0 27.960 K VESMgrSub.exe 2440 Console 1 38.476 K VCFw.exe 2516 Services 0 100.680 K VcmIAlzMgr.exe 2556 Services 0 43.404 K VSNService.exe 2576 Services 0 10.084 K VzCdbSvc.exe 2836 Services 0 63.596 K svchost.exe 2908 Services 0 42.896 K SOHDms.exe 2948 Services 0 45.832 K SOHDs.exe 3056 Services 0 33.120 K SOHPlMgr.exe 2296 Services 0 10.648 K IAANTmon.exe 2996 Services 0 27.188 K SOHCImp.exe 3156 Services 0 30.176 K unsecapp.exe 3424 Services 0 4.684 K VCSW.exe 3532 Services 0 28.960 K WmiPrvSE.exe 3600 Services 0 10.636 K svchost.exe 3924 Services 0 4.284 K taskhost.exe 4044 Console 1 12.604 K WUDFHost.exe 3168 Services 0 5.736 K dwm.exe 3196 Console 1 34.548 K TuneUpUtilitiesApp64.exe 3208 Console 1 13.060 K explorer.exe 3264 Console 1 90.672 K SPMgr.exe 4260 Console 1 4.564 K taskeng.exe 4500 Console 1 5.460 K VAIOUpdt.exe 4596 Console 1 1.148 K VSNClient.exe 4604 Console 1 13.648 K SynTPEnh.exe 4760 Console 1 12.508 K IAAnotif.exe 4768 Console 1 28.920 K taskeng.exe 5092 Console 1 6.092 K wmdc.exe 3548 Console 1 7.296 K GoogleToolbarNotifier.exe 4480 Console 1 2.960 K VAIO Gate.exe 2416 Console 1 8.240 K BTTray.exe 1280 Console 1 11.148 K SetPoint.exe 4620 Console 1 17.416 K svchost.exe 4876 Services 0 7.496 K SynTPHelper.exe 4748 Console 1 3.104 K CNMNSUT.exe 1592 Console 1 26.348 K avgnt.exe 4540 Console 1 2.640 K SearchIndexer.exe 4640 Services 0 70.324 K SetPoint32.exe 2720 Console 1 8.024 K KHALMNPR.exe 4300 Console 1 10.016 K SearchProtocolHost.exe 3232 Services 0 8.744 K wmpnetwk.exe 5632 Services 0 28.064 K svchost.exe 1984 Services 0 14.344 K VUAgent.exe 6804 Services 0 12.732 K ielowutil.exe 6900 Console 1 14.460 K SystemExplorer.exe 3828 Console 1 62.256 K AAWService.exe 6328 Services 0 68.460 K unsecapp.exe 6264 Services 0 4.536 K AAWTray.exe 5116 Console 1 27.544 K iexplore.exe 7080 Console 1 32.692 K iexplore.exe 1260 Console 1 74.728 K splwow64.exe 6504 Console 1 5.224 K GoogleToolbarUser_32.exe 5516 Console 1 41.796 K FlashUtil10e.exe 6120 Console 1 29.872 K audiodg.exe 4612 Services 0 16.232 K MpCmdRun.exe 3052 Services 0 8.520 K SearchFilterHost.exe 6344 Services 0 7.556 K cmd.exe 2484 Console 1 3.580 K conhost.exe 5192 Console 1 6.832 K dllhost.exe 5904 Console 1 6.248 K tasklist.exe 5328 Console 1 5.168 K WmiPrvSE.exe 6340 Services 0 5.876 K ***** Ende des Scans 05.03.2010 um 21:21:40,71 ***
Code:OTL Extras logfile created on: 02.03.2010 07:53:59 - Run 1 OTL by OldTimer - Version 3.1.32.0 Folder = C:\Users\Rainer Dangel\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 49,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 73,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 454,83 Gb Total Space | 384,04 Gb Free Space | 84,44% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DANGELVAIO Current User Name: Rainer Dangel Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series" = Canon MP560 series MP Drivers "{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition) "{26A24AE4-039D-4CA4-87B4-2F86416017FF}" = Java(TM) 6 Update 17 (64-bit) "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2 "{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter "{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64 "{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64) "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{CCAFF072-4DDB-4846-963D-15F02A8E9472}" = Intel(R) PROSet/Wireless WiFi-Software "{D035FBF6-FDEF-487D-89CA-6F9DD07B783F}" = Dolby Control Center "{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 "{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper "{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English "49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) "FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) "NVIDIA Drivers" = NVIDIA Drivers "ProInst" = Intel PROSet Wireless "SuuntoUSBFTDIVista_is1" = Suunto USB Driver "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{03ED6584-5A5A-4CA3-B61D-741618E510DF}" = Steuer 2008 "{07A8ED9E-B98E-437F-B750-241B412BE924}" = Garmin USB Drivers "{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network "{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data "{0A5F02E5-1A52-4F85-892C-A35227641C75}" = VAIO Content Metadata Intelligent Analyzing Manager "{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools "{2018C019-30D9-4240-8C01-0865C10DCF5A}" = Unterstützung für VAIO-Präsentation "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{236135FC-78F2-44e7-883D-1D5671C8F4C7}" = JMicron JMB368 CF Host Controller Driver "{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = Einstellungen für VAIO-Inhaltsüberwachung "{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0 "{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17 "{26A87AFB-B337-42C2-BEDF-D4A51F1A5F10}" = Falk Navi-Manager "{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie "{2BE51320-174A-44EC-8041-50E35E091283}" = VAIO Content Metadata Intelligent Analyzing Manager "{3222B0CE-59C5-4CA0-B545-2B88F200756B}" = Falk Navi-Manager "{328019A7-0012-401D-96A2-4CDDD02675A8}" = Garmin POI Loader "{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook "{3B1168DE-1F8C-471C-AC49-0CA52F096170}" = VAIO Content Metadata Intelligent Network Service Manager "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT "{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker "{410AB9BC-B057-4D39-9260-660EE1B4BED2}" = Steuer 2009 "{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger "{48E91AD2-2A80-4E70-98E6-450A189F6048}" = VAIO Movie Story "{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor "{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers "{51BEF30C-58E4-490F-BA40-A2F12AB8B5F9}" = VAIO Content Metadata Manager Settings "{51CFD8DC-5C66-42ec-9598-72E28FD62ED5}" = MusicStation "{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ "{5511C07D-A83C-45AD-92B6-42DF99729A3C}" = Adobe Photoshop Elements 7.0 "{57AABF73-E17F-4212-A103-13A9794F0869}" = VAIO Content Metadata XML Interface Library "{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool "{59624372-3B85-47f4-9B04-4911E551DF1E}" = Lexware Info Service "{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic "{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update 5 "{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen "{5F2D882B-A663-4EB5-9851-48CC6C75FD2D}" = VAIO Content Metadata Intelligent Network Service Manager "{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Energie Verwaltung "{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call "{6181E138-C21C-471C-9238-F2F59C314C6C}" = Steuer 2008 "{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works "{67DABCB4-239C-4E02-805E-DEA0DDCB1926}" = Steuer Hilfesammlung "{6869591A-7DD8-46D2-837F-57CBF7358955}" = Nokia Connectivity Cable Driver "{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc "{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution "{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data "{70991E0A-1108-437E-BA7D-085702C670C0}" = "{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7395DD51-0D1A-47A7-9993-742073ECF4CE}" = VAIO Content Metadata Manager Settings "{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio "{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7A512C74-7780-43A1-93DA-29C23D0DF374}" = VAIO Content Metadata XML Interface Library "{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2 "{7E8DE539-B044-48B3-BC76-4F0A089ABE2F}" = VAIO Content Metadata Intelligent Analyzing Manager "{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE) "{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus "{8F47B673-8D71-49E3-98B6-BCF547C82F57}" = Click to Disc "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISER_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISER_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISER_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISER_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie "{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite "{949419DF-F4AF-4693-B60A-522B24F233C6}" = VAIO Content Metadata XML Interface Library "{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German) "{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" = "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9D912275-85FD-45F6-9AF3-388A0F8AADB2}" = VAIO Content Metadata Intelligent Network Service Manager "{9E39EA0D-38CD-4739-9E28-DEA4A1155522}" = Sony Home Network Library "{A568DFBD-4A04-484E-86BB-165AA6C53E2B}" = VAIO Content Monitoring Settings "{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Funktion Einstellungen "{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate "{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.1 - Deutsch "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9 "{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story "{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy "{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail "{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service "{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0 "{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer "{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}" = Sony Home Network Library "{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities "{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility "{D564B5E2-CCB5-4A5C-B35E-2FC30BBC9336}" = Adobe Premiere Elements 7.0 "{D5C8E140-6E6F-11DD-9AA9-0050560400B1}" = Haufe iDesk-Service "{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents "{D8AE7D4E-BA8B-4F7B-BF50-8D2F090034F0}" = VAIO Content Metadata Intelligent Analyzing Manager "{DABF43D9-1104-4764-927B-5BED1274A3B0}" = Runtime "{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3 "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{E0783143-EAE2-4047-A8D6-E155523C594C}" = Garmin WebUpdater "{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English "{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1432614-6183-49E6-98E8-674485463CFE}" = VAIO Original Function Settings "{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F48AAE0F-52F4-11DD-B1F7-0050560400B1}" = Haufe iDesk-Browser "{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials "{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" = "{FBBF5D9C-1989-4933-AE4E-19EE368385B4}" = VAIO Entertainment Platform "{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home "Ad-Aware" = Ad-Aware "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "Canon MP560 series Benutzerregistrierung" = Canon MP560 series Benutzerregistrierung "Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility "Canon_IJ_Network_UTILITY" = Canon IJ Network Tool "CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program "CanonMyPrinter" = Canon Utilities My Printer "CanonSolutionMenu" = Canon Utilities Solution Menu "DataTrak" = DataTrak "Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX "Easy-WebPrint EX" = Canon Easy-WebPrint EX "ENTERPRISER" = Microsoft Office Enterprise 2007 "FRITZ! 2.0" = AVM FRITZ!fax für FRITZ!Box "Google Chrome" = Google Chrome "HijackThis" = HijackThis 2.0.2 "InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "MarketingTools" = VAIO Marketing Tools "Mediaport" = Mediaport "MFU Module" = "Mozilla Thunderbird (3.0.1)" = Mozilla Thunderbird (3.0.1) "MP Navigator EX 3.0" = Canon MP Navigator EX 3.0 "Nokia PC Suite" = Nokia PC Suite "PremElem70" = Adobe Premiere Elements 7.0 "Security Task Manager" = Security Task Manager 1.7h "Suunto Dive Manager_is1" = Suunto Dive Manager 3.0.0 "System Explorer_is1" = System Explorer 2.0.10 "TuneUp Utilities" = TuneUp Utilities "VAIO AW screensaver" = VAIO AW screensaver "VAIO Help and Support" = "VAIO Premium Partners 1.00" = VAIO Premium Partners 1.00 "WinLiveSuite_Wave3" = Windows Live Essentials "Yahoo! Companion" = Yahoo! Toolbar ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 20.02.2010 10:39:52 | Computer Name = DangelVaio | Source = VzCdbSvc | ID = 7 Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019) Error - 20.02.2010 11:17:44 | Computer Name = DangelVaio | Source = VzCdbSvc | ID = 7 Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019) Error - 20.02.2010 12:02:10 | Computer Name = DangelVaio | Source = Application Hang | ID = 1002 Description = Programm PhotoshopElementsOrganizer.exe, Version 7.0.1.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1ba0 Startzeit: 01cab24562ab622a Endzeit: 16 Anwendungspfad: C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsOrganizer.exe Berichts-ID: 37fc9a7e-1e39-11df-b5fd-0026433fc779 Error - 21.02.2010 05:25:22 | Computer Name = DangelVaio | Source = VzCdbSvc | ID = 7 Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019) Error - 22.02.2010 14:41:06 | Computer Name = DangelVaio | Source = VzCdbSvc | ID = 7 Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019) Error - 23.02.2010 02:00:08 | Computer Name = DangelVaio | Source = VzCdbSvc | ID = 7 Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019) Error - 24.02.2010 08:52:35 | Computer Name = DangelVaio | Source = VzCdbSvc | ID = 7 Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019) Error - 24.02.2010 09:39:43 | Computer Name = DangelVaio | Source = EventSystem | ID = 4621 Description = Error - 24.02.2010 14:06:28 | Computer Name = DangelVaio | Source = VzCdbSvc | ID = 7 Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019) Error - 24.02.2010 14:42:04 | Computer Name = DangelVaio | Source = VzCdbSvc | ID = 7 Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019) [ System Events ] Error - 25.02.2010 16:36:14 | Computer Name = DangelVaio | Source = NetBT | ID = 4321 Description = Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.21 registriert werden. Der Computer mit IP-Adresse 192.168.178.22 hat nicht zugelassen, dass dieser Computer diesen Namen verwendet. Error - 25.02.2010 16:36:55 | Computer Name = DangelVaio | Source = NetBT | ID = 4321 Description = Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.21 registriert werden. Der Computer mit IP-Adresse 192.168.178.22 hat nicht zugelassen, dass dieser Computer diesen Namen verwendet. Error - 25.02.2010 16:37:34 | Computer Name = DangelVaio | Source = NetBT | ID = 4321 Description = Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.21 registriert werden. Der Computer mit IP-Adresse 192.168.178.22 hat nicht zugelassen, dass dieser Computer diesen Namen verwendet. Error - 25.02.2010 16:38:15 | Computer Name = DangelVaio | Source = NetBT | ID = 4321 Description = Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.21 registriert werden. Der Computer mit IP-Adresse 192.168.178.22 hat nicht zugelassen, dass dieser Computer diesen Namen verwendet. Error - 25.02.2010 16:38:55 | Computer Name = DangelVaio | Source = NetBT | ID = 4321 Description = Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.21 registriert werden. Der Computer mit IP-Adresse 192.168.178.22 hat nicht zugelassen, dass dieser Computer diesen Namen verwendet. Error - 25.02.2010 16:39:34 | Computer Name = DangelVaio | Source = NetBT | ID = 4321 Description = Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.21 registriert werden. Der Computer mit IP-Adresse 192.168.178.22 hat nicht zugelassen, dass dieser Computer diesen Namen verwendet. Error - 25.02.2010 16:40:14 | Computer Name = DangelVaio | Source = NetBT | ID = 4321 Description = Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.21 registriert werden. Der Computer mit IP-Adresse 192.168.178.22 hat nicht zugelassen, dass dieser Computer diesen Namen verwendet. Error - 25.02.2010 16:40:55 | Computer Name = DangelVaio | Source = NetBT | ID = 4321 Description = Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.21 registriert werden. Der Computer mit IP-Adresse 192.168.178.22 hat nicht zugelassen, dass dieser Computer diesen Namen verwendet. Error - 25.02.2010 18:04:50 | Computer Name = DangelVaio | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Roxio Upnp Server 10 erreicht. Error - 26.02.2010 07:29:05 | Computer Name = DangelVaio | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Roxio Upnp Server 10 erreicht. < End of report >Code:OTL logfile created on: 02.03.2010 07:53:59 - Run 1 OTL by OldTimer - Version 3.1.32.0 Folder = C:\Users\Rainer Dangel\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 49,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 73,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 454,83 Gb Total Space | 384,04 Gb Free Space | 84,44% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DANGELVAIO Current User Name: Rainer Dangel Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\Rainer Dangel\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft) PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) PRC - C:\Program Files (x86)\System Explorer\SystemExplorer.exe (Mister Group) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10e.exe (Adobe Systems, Inc.) PRC - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.) PRC - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe () PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation) PRC - C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE () PRC - C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) ========== Modules (SafeList) ========== MOD - C:\Users\Rainer Dangel\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software) SRV:64bit: - (VSNService) -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation) SRV:64bit: - (VUAgent) -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe (Sony Corporation) SRV:64bit: - (yksvc) -- C:\Windows\SysNative\yk62x64.dll (Marvell) SRV:64bit: - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) SRV:64bit: - (WwanSvc) -- C:\Windows\SysNative\wwansvc.dll (Microsoft Corporation) SRV:64bit: - (WbioSrvc) -- C:\Windows\SysNative\wbiosrvc.dll (Microsoft Corporation) SRV:64bit: - (Power) -- C:\Windows\SysNative\umpo.dll (Microsoft Corporation) SRV:64bit: - (Themes) -- C:\Windows\SysNative\themeservice.dll (Microsoft Corporation) SRV:64bit: - (sppuinotify) -- C:\Windows\SysNative\sppuinotify.dll (Microsoft Corporation) SRV:64bit: - (SensrSvc) -- C:\Windows\SysNative\sensrsvc.dll (Microsoft Corporation) SRV:64bit: - (PNRPsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation) SRV:64bit: - (p2pimsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation) SRV:64bit: - (HomeGroupProvider) -- C:\Windows\SysNative\provsvc.dll (Microsoft Corporation) SRV:64bit: - (RpcEptMapper) -- C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation) SRV:64bit: - (PNRPAutoReg) -- C:\Windows\SysNative\pnrpauto.dll (Microsoft Corporation) SRV:64bit: - (HomeGroupListener) -- C:\Windows\SysNative\ListSvc.dll (Microsoft Corporation) SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation) SRV:64bit: - (Dhcp) -- C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation) SRV:64bit: - (defragsvc) -- C:\Windows\SysNative\defragsvc.dll (Microsoft Corporation) SRV:64bit: - (bthserv) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation) SRV:64bit: - (BDESVC) -- C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation) SRV:64bit: - (AxInstSV) -- C:\Windows\SysNative\AxInstSv.dll (Microsoft Corporation) SRV:64bit: - (AppIDSvc) -- C:\Windows\SysNative\appidsvc.dll (Microsoft Corporation) SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation) SRV:64bit: - (sppsvc) -- C:\Windows\SysNative\sppsvc.exe (Microsoft Corporation) SRV:64bit: - (Fax) -- C:\Windows\SysNative\FXSSVC.exe (Microsoft Corporation) SRV:64bit: - (VcmINSMgr) -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation) SRV:64bit: - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) SRV:64bit: - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation) SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SRV - (TuneUp.Defrag) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software) SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe (TuneUp Software) SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software) SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (EvtEng) Intel(R) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (RegSrvc) Intel(R) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (SOHPlMgr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation) SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation) SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation) SRV - (SOHDBSvr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation) SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation) SRV - (Vcsw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation) SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation) SRV - (VzCdbSvc) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.) SRV - (VSS) -- C:\Windows\Vss [2009.07.14 04:20:14 | 000,000,000 | ---D | M] SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2009.07.14 04:20:14 | 000,000,000 | ---D | M] SRV - (HomeGroupProvider) -- C:\Windows\SysWOW64\provsvc.dll (Microsoft Corporation) SRV - (Dhcp) -- C:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation) SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof () SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) SRV - (Roxio Upnp Server 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe (Sonic Solutions) SRV - (Roxio UPnP Renderer 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe (Sonic Solutions) SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE () SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (AdobeActiveFileMonitor7.0) -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated) SRV - (Microsoft Office Groove Audit Service) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation) SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (Lbd) -- C:\Windows\SysNative\drivers\Lbd.sys (Lavasoft AB) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (FTDIBUS) -- C:\Windows\SysNative\drivers\ftdibus.sys (FTDI Ltd.) DRV:64bit: - (FTSER2K) -- C:\Windows\SysNative\drivers\ftser2k.sys (FTDI Ltd.) DRV:64bit: - (NETw5s64) Intel(R) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation) DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.) DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.) DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.) DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (JMCR_CFS) -- C:\Windows\SysNative\drivers\jmcr_cfs.sys (JMicron Technology Corporation) DRV:64bit: - (risdptsk) -- C:\Windows\SysNative\drivers\risdsn64.sys (REDC) DRV:64bit: - (rimsptsk) -- C:\Windows\SysNative\drivers\rimssn64.sys (REDC) DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (KSecPkg) -- C:\Windows\SysNative\drivers\ksecpkg.sys (Microsoft Corporation) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (hwpolicy) -- C:\Windows\SysNative\drivers\hwpolicy.sys (Microsoft Corporation) DRV:64bit: - (FsDepends) -- C:\Windows\SysNative\drivers\fsdepends.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (WIMMount) -- C:\Windows\SysNative\drivers\wimmount.sys (Microsoft Corporation) DRV:64bit: - (vhdmp) -- C:\Windows\SysNative\drivers\vhdmp.sys (Microsoft Corporation) DRV:64bit: - (vdrvroot) -- C:\Windows\SysNative\drivers\vdrvroot.sys (Microsoft Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (rdyboost) -- C:\Windows\SysNative\drivers\rdyboost.sys (Microsoft Corporation) DRV:64bit: - (pcw) -- C:\Windows\SysNative\drivers\pcw.sys (Microsoft Corporation) DRV:64bit: - (CNG) -- C:\Windows\SysNative\drivers\cng.sys (Microsoft Corporation) DRV:64bit: - (fvevol) -- C:\Windows\SysNative\drivers\fvevol.sys (Microsoft Corporation) DRV:64bit: - (rdpbus) -- C:\Windows\SysNative\drivers\rdpbus.sys (Microsoft Corporation) DRV:64bit: - (RDPREFMP) -- C:\Windows\SysNative\drivers\RDPREFMP.sys (Microsoft Corporation) DRV:64bit: - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\SysNative\drivers\agilevpn.sys (Microsoft Corporation) DRV:64bit: - (WfpLwf) -- C:\Windows\SysNative\drivers\wfplwf.sys (Microsoft Corporation) DRV:64bit: - (NdisCap) -- C:\Windows\SysNative\drivers\ndiscap.sys (Microsoft Corporation) DRV:64bit: - (vwififlt) -- C:\Windows\SysNative\drivers\vwififlt.sys (Microsoft Corporation) DRV:64bit: - (vwifibus) -- C:\Windows\SysNative\drivers\vwifibus.sys (Microsoft Corporation) DRV:64bit: - (1394ohci) -- C:\Windows\SysNative\drivers\1394ohci.sys (Microsoft Corporation) DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation) DRV:64bit: - (usbvideo) USB-Videogerät (WDM) -- C:\Windows\SysNative\drivers\usbvideo.sys (Microsoft Corporation) DRV:64bit: - (BthPan) Bluetooth-Gerät (PAN) -- C:\Windows\SysNative\drivers\bthpan.sys (Microsoft Corporation) DRV:64bit: - (BTHPORT) -- C:\Windows\SysNative\drivers\bthport.sys (Microsoft Corporation) DRV:64bit: - (RFCOMM) Bluetooth-Gerät (RFCOMM-Protokoll-TDI) -- C:\Windows\SysNative\drivers\rfcomm.sys (Microsoft Corporation) DRV:64bit: - (BthEnum) -- C:\Windows\SysNative\drivers\bthenum.sys (Microsoft Corporation) DRV:64bit: - (BTHUSB) -- C:\Windows\SysNative\drivers\BTHUSB.SYS (Microsoft Corporation) DRV:64bit: - (UmPass) -- C:\Windows\SysNative\drivers\umpass.sys (Microsoft Corporation) DRV:64bit: - (WinUsb) -- C:\Windows\SysNative\drivers\winusb.sys (Microsoft Corporation) DRV:64bit: - (mshidkmdf) -- C:\Windows\SysNative\drivers\mshidkmdf.sys (Microsoft Corporation) DRV:64bit: - (WudfPf) -- C:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation) DRV:64bit: - (MTConfig) -- C:\Windows\SysNative\drivers\MTConfig.sys (Microsoft Corporation) DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\drivers\CompositeBus.sys (Microsoft Corporation) DRV:64bit: - (Beep) -- C:\Windows\SysNative\drivers\beep.sys (Microsoft Corporation) DRV:64bit: - (AppID) -- C:\Windows\SysNative\drivers\appid.sys (Microsoft Corporation) DRV:64bit: - (scfilter) -- C:\Windows\SysNative\drivers\scfilter.sys (Microsoft Corporation) DRV:64bit: - (discache) -- C:\Windows\SysNative\drivers\discache.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (HidBatt) -- C:\Windows\SysNative\drivers\hidbatt.sys (Microsoft Corporation) DRV:64bit: - (CmBatt) -- C:\Windows\SysNative\drivers\CmBatt.sys (Microsoft Corporation) DRV:64bit: - (AcpiPmi) -- C:\Windows\SysNative\drivers\acpipmi.sys (Microsoft Corporation) DRV:64bit: - (AmdPPM) -- C:\Windows\SysNative\drivers\amdppm.sys (Microsoft Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.) DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.) DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation) DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\NETw5v64.sys (Intel Corporation) DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia) DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys (TuneUp Software) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\SysWOW64\winusb.dll (Microsoft Corporation) DRV - (NetBIOS) -- C:\Windows\SysWOW64\netbios.dll (Microsoft Corporation) DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof () DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=SVEA&bmod=EU01 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=SVEA&bmod=EU01 IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.01.23 11:08:23 | 000,000,000 | ---D | M] [2010.01.20 07:37:20 | 000,000,000 | ---D | M] -- C:\Users\Rainer Dangel\AppData\Roaming\mozilla\Extensions [2010.01.20 07:37:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rainer Dangel\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg64.dll (Google Inc.) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.) O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKCU..\Run: [SystemExplorerAutoStart] C:\Program Files (x86)\System Explorer\SystemExplorer.exe (Mister Group) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.) O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.) O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\haufereader - No CLSID value found O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\haufereader - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - File not found 64bit: O35 - comfile [open] -- "%1" %* File not found 64bit: O35 - exefile [open] -- "%1" %* File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.02.28 15:36:55 | 000,069,152 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys [2010.02.28 15:36:50 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys [2010.02.28 15:35:28 | 000,000,000 | -H-D | C] -- C:\ProgramData\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6} [2010.02.28 15:35:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft [2010.02.28 15:35:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft [2010.02.28 15:13:43 | 000,000,000 | ---D | C] -- C:\Users\Rainer Dangel\AppData\Local\Threat Expert [2010.02.27 17:47:33 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip [2010.02.27 17:20:11 | 001,640,400 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll.old [2010.02.27 17:18:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Doctor [2010.02.27 16:56:31 | 000,000,000 | ---D | C] -- C:\ProgramData\SystemExplorer [2010.02.27 16:56:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\System Explorer [2010.02.27 13:11:03 | 000,034,632 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe [2010.02.27 13:11:00 | 000,036,168 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll [2010.02.27 13:11:00 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll [2010.02.27 13:11:00 | 000,025,928 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll [2010.02.27 13:10:59 | 000,021,320 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll [2010.02.27 13:10:34 | 000,000,000 | ---D | C] -- C:\Users\Rainer Dangel\AppData\Roaming\TuneUp Software [2010.02.27 13:10:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2010 [2010.02.27 13:09:42 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2010.02.27 13:09:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} [2010.02.26 07:19:39 | 000,000,000 | ---D | C] -- C:\Users\Rainer Dangel\AppData\Roaming\Malwarebytes [2010.02.26 07:19:33 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.02.26 07:19:31 | 000,022,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010.02.26 07:19:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010.02.26 07:19:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.02.24 20:29:16 | 000,000,000 | ---D | C] -- C:\Users\Rainer Dangel\AppData\Roaming\Smart PC Solutions [2010.02.24 20:29:15 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2010.02.24 20:29:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smart PC Solutions [2010.02.24 20:21:15 | 000,000,000 | ---D | C] -- C:\Users\Rainer Dangel\AppData\Roaming\Uniblue [2010.02.24 20:17:52 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan [2010.02.24 20:17:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Task Manager [2010.02.24 19:23:30 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2010.02.24 19:23:29 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2010.02.24 19:23:17 | 000,960,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll [2010.02.24 19:23:16 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll [2010.02.24 19:23:16 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax [2010.02.24 19:23:15 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll [2010.02.24 19:23:15 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll [2010.02.24 19:23:15 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax [2010.02.24 19:23:14 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll [2010.02.24 19:20:57 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2010.02.24 19:20:56 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2010.02.24 19:20:56 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2010.02.24 19:20:56 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2010.02.24 19:20:56 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2010.02.24 19:20:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2010.02.20 13:44:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio [2010.02.20 13:44:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2010.02.20 13:44:05 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2010.02.20 13:44:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2010.02.20 13:42:28 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office [2010.02.20 13:42:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2010.02.20 13:41:51 | 000,000,000 | ---D | C] -- C:\Users\Rainer Dangel\AppData\Local\Microsoft Help [2010.02.20 13:40:52 | 000,000,000 | RH-D | C] -- C:\MSOCache [2010.02.19 20:29:07 | 000,000,000 | ---D | C] -- C:\Users\Rainer Dangel\AppData\Local\Falk Navi-Manager [2010.02.19 20:15:16 | 000,000,000 | ---D | C] -- C:\Windows\WindowsMobile [2010.02.19 20:10:38 | 000,000,000 | ---D | C] -- C:\Users\Rainer Dangel\Documents\FalkData [2010.02.19 20:09:41 | 001,089,536 | ---- | C] (eHelp Corporation.) -- C:\Windows\SysWow64\ROBOEX32.DLL [2010.02.19 20:09:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Falk [2010.02.11 07:42:08 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll [2010.02.11 07:42:08 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll [2010.02.11 07:42:08 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll [2010.02.11 07:42:08 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll [2010.02.11 07:42:08 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe [2010.02.11 07:42:07 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe [2010.02.11 07:42:06 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe [2010.02.11 07:42:06 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe [2010.02.11 07:42:06 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe [2010.02.11 07:42:06 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe [2010.02.11 07:42:06 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll [2010.02.11 07:42:06 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll [2010.02.11 07:42:05 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe [2010.02.11 07:42:05 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe [2010.02.11 07:42:05 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll [2010.02.11 07:42:05 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll [2010.02.11 07:42:04 | 001,572,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2010.02.11 07:42:04 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2010.02.11 07:42:04 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iyuv_32.dll [2010.02.11 07:42:04 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvidc32.dll [2010.02.11 07:42:04 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msyuv.dll [2010.02.11 07:42:03 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll [2010.02.11 07:42:03 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll [2010.02.11 07:42:03 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrle32.dll [2010.02.11 07:42:03 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsbyuv.dll [2010.02.01 19:53:48 | 000,000,000 | ---D | C] -- C:\Users\Rainer Dangel\Videos und Leitfaden Beratungsprotokoll [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.03.02 07:55:25 | 002,097,152 | -HS- | M] () -- C:\Users\Rainer Dangel\NTUSER.DAT [2010.03.02 07:18:14 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.03.02 07:18:14 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.03.02 07:11:03 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.03.02 07:10:39 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.03.02 07:10:19 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.03.02 07:10:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.03.02 07:10:03 | 3195,318,272 | -HS- | M] () -- C:\hiberfil.sys [2010.03.01 22:04:50 | 005,746,578 | -H-- | M] () -- C:\Users\Rainer Dangel\AppData\Local\IconCache.db [2010.03.01 19:38:40 | 000,000,017 | ---- | M] () -- C:\Users\Rainer Dangel\AppData\Local\resmon.resmoncfg [2010.02.28 15:36:48 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys [2010.02.28 15:36:45 | 000,015,880 | ---- | M] () -- C:\Windows\SysNative\lsdelete.exe [2010.02.28 15:35:26 | 000,001,150 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk [2010.02.27 17:05:01 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.02.27 17:05:01 | 000,643,866 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2010.02.27 17:05:01 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.02.27 17:05:01 | 000,126,394 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2010.02.27 17:05:01 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.02.27 16:56:31 | 000,001,012 | ---- | M] () -- C:\Users\Public\Desktop\System Explorer.lnk [2010.02.27 13:12:29 | 000,002,211 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2010.02.27 13:12:29 | 000,002,169 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk [2010.02.27 12:59:36 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010.02.26 07:19:36 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.02.25 10:05:50 | 000,034,632 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe [2010.02.25 09:59:54 | 000,025,928 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll [2010.02.25 09:59:50 | 000,021,320 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll [2010.02.25 09:59:46 | 000,036,168 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll [2010.02.25 09:59:38 | 000,030,024 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll [2010.02.20 17:51:15 | 000,000,510 | ---- | M] () -- C:\Windows\win.ini [2010.02.20 15:39:45 | 000,124,472 | ---- | M] () -- C:\Users\Rainer Dangel\AppData\Local\GDIPFONTCACHEV1.DAT [2010.02.20 15:39:00 | 000,467,376 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010.02.19 20:22:20 | 000,002,070 | ---- | M] () -- C:\Users\Public\Desktop\Falk Navi-Manager.lnk [2010.02.19 20:17:16 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdRapi2_01_00_00.Wdf [2010.02.04 16:53:02 | 000,069,152 | ---- | M] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.03.01 19:38:40 | 000,000,017 | ---- | C] () -- C:\Users\Rainer Dangel\AppData\Local\resmon.resmoncfg [2010.02.28 16:16:30 | 000,015,880 | ---- | C] () -- C:\Windows\SysNative\lsdelete.exe [2010.02.28 15:35:26 | 000,001,150 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk [2010.02.27 17:20:11 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll.old [2010.02.27 16:56:31 | 000,001,012 | ---- | C] () -- C:\Users\Public\Desktop\System Explorer.lnk [2010.02.27 13:10:53 | 000,002,211 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2010.02.27 13:10:53 | 000,002,169 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk [2010.02.26 07:19:36 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.02.19 20:17:16 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdRapi2_01_00_00.Wdf [2010.02.19 20:10:10 | 000,001,340 | ---- | C] () -- C:\Windows\SysWow64\KMLImportPlugin.tlb [2010.02.19 20:09:42 | 001,456,640 | ---- | C] () -- C:\Program Files (x86)\Common Files\Falk Navi-Manager.msi [2010.02.19 20:09:41 | 000,003,600 | ---- | C] () -- C:\Windows\SysWow64\FNMPlugin.tlb [2010.02.19 20:09:38 | 000,002,070 | ---- | C] () -- C:\Users\Public\Desktop\Falk Navi-Manager.lnk [2009.11.16 20:18:03 | 000,000,760 | ---- | C] () -- C:\Users\Rainer Dangel\AppData\Roaming\setup_ldm.iss [2009.09.06 10:23:26 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2006.04.21 10:08:22 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\HtmlHelp.dll ========== LOP Check ========== [2009.12.04 14:08:17 | 000,000,000 | ---D | M] -- C:\Users\Rainer Dangel\AppData\Roaming\Canon [2009.11.18 22:22:40 | 000,000,000 | ---D | M] -- C:\Users\Rainer Dangel\AppData\Roaming\FRITZ! [2009.11.17 21:03:17 | 000,000,000 | ---D | M] -- C:\Users\Rainer Dangel\AppData\Roaming\FRITZ!fax für FRITZ!Box [2009.11.16 20:18:08 | 000,000,000 | ---D | M] -- C:\Users\Rainer Dangel\AppData\Roaming\Leadertech [2009.11.19 20:23:37 | 000,000,000 | ---D | M] -- C:\Users\Rainer Dangel\AppData\Roaming\Lexware [2009.11.17 08:12:06 | 000,000,000 | ---D | M] -- C:\Users\Rainer Dangel\AppData\Roaming\Nokia [2009.11.18 07:51:54 | 000,000,000 | ---D | M] -- C:\Users\Rainer Dangel\AppData\Roaming\OpenOffice.org [2009.11.17 07:48:10 | 000,000,000 | ---D | M] -- C:\Users\Rainer Dangel\AppData\Roaming\PC Suite [2010.02.26 07:16:29 | 000,000,000 | ---D | M] -- C:\Users\Rainer Dangel\AppData\Roaming\Smart PC Solutions [2010.01.20 07:37:19 | 000,000,000 | ---D | M] -- C:\Users\Rainer Dangel\AppData\Roaming\Thunderbird [2010.02.27 13:10:34 | 000,000,000 | ---D | M] -- C:\Users\Rainer Dangel\AppData\Roaming\TuneUp Software [2010.02.24 20:21:15 | 000,000,000 | ---D | M] -- C:\Users\Rainer Dangel\AppData\Roaming\Uniblue [2009.11.17 08:02:28 | 000,000,000 | ---D | M] -- C:\Users\Rainer Dangel\AppData\Roaming\Uwatec [2010.01.18 19:57:41 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:22FA7A05 @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2 @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8 < End of report >Ich hoffe, daß ich alles in Eirem Sinne geamcht habe. Und natürlich, daß Ihr mir helffen könnt.Code:Sophos Anti-Rootkit Version 1.5.0 (c) 2009 Sophos Plc Started logging on 05.03.2010 at 20:12:26 User "Rainer Dangel" on computer "DANGELVAIO" Windows version 6.1 SP 0.0 build 7600 SM=0x300 PT=0x1 WOW64 Info: Starting registry scan. Info: Starting disk scan of C: (NTFS). Hidden: file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\tmp.edb Hidden: file C:\Windows\Temp\TMP000000F7BB4B04E35787A611 Hidden: file C:\Windows\Temp\TMP0000009241E640705558827D Hidden: file C:\Users\Rainer Dangel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9U9EV3GC\_MetaViewWatchSearch_131090;seg=GL_MetaViewWatchSearch_625;sz=728x90;ord=1267554059324;dcopt=ist;tile=1;um=5;us=11;eb_trk=133252;pr=22;xp=37;np=22[1].htm Hidden: file C:\Users\Rainer Dangel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9TH2TSPU\_MetaViewWatchSearch_131090;seg=GL_MetaViewWatchSearch_625;sz=728x90;ord=1267372812067;dcopt=ist;tile=1;um=5;us=11;eb_trk=133252;pr=22;xp=37;np=22[1].htm Hidden: file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS07912.log Hidden: file C:\Users\Sabine Dangel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G1PB8N5U\e;kw=einfach;kw=Europa;kw=Fingerfood;kw=Gem%FCse;kw=Italien;kw=kalt;kw=marinieren;kw=Schnell;kw=Snack;kw=Vegetarisch;kw=Vorspeise;ord=5008180046419264[1] Hidden: file C:\Users\Sabine Dangel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0MVP9OW\e;kw=einfach;kw=Europa;kw=Fingerfood;kw=Gem%FCse;kw=Italien;kw=kalt;kw=marinieren;kw=Schnell;kw=Snack;kw=Vegetarisch;kw=Vorspeise;ord=5008180046419264[1] Hidden: file C:\Users\Sabine Dangel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NBTUG1SS\e;kw=einfach;kw=Europa;kw=Fingerfood;kw=Gem%FCse;kw=Italien;kw=kalt;kw=marinieren;kw=Schnell;kw=Snack;kw=Vegetarisch;kw=Vorspeise;ord=5008180046419264[1] Hidden: file C:\Users\Sabine Dangel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G1PB8N5U\e;kw=einfach;kw=Europa;kw=Fingerfood;kw=Gem%FCse;kw=Italien;kw=kalt;kw=marinieren;kw=Schnell;kw=Snack;kw=Vegetarisch;kw=Vorspeise;ord=5008180046419264[2] Hidden: file C:\Users\Sabine Dangel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0MVP9OW\e;kw=einfach;kw=Europa;kw=Fingerfood;kw=Gem%FCse;kw=Italien;kw=kalt;kw=marinieren;kw=Schnell;kw=Snack;kw=Vegetarisch;kw=Vorspeise;ord=9072688133800338[1] Hidden: file C:\Users\Sabine Dangel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NBTUG1SS\e;kw=einfach;kw=Europa;kw=Fingerfood;kw=Gem%FCse;kw=Italien;kw=kalt;kw=marinieren;kw=Schnell;kw=Snack;kw=Vegetarisch;kw=Vorspeise;ord=9072688133800338[1] Hidden: file C:\Users\Sabine Dangel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PWCS6HRI\e;kw=einfach;kw=Europa;kw=Fingerfood;kw=Gem%FCse;kw=Italien;kw=kalt;kw=marinieren;kw=Schnell;kw=Snack;kw=Vegetarisch;kw=Vorspeise;ord=9072688133800338[1] Hidden: file C:\Users\Sabine Dangel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\P3TTNBAY\e;kw=einfach;kw=Europa;kw=Fingerfood;kw=Gem%FCse;kw=Italien;kw=kalt;kw=marinieren;kw=Schnell;kw=Snack;kw=Vegetarisch;kw=Vorspeise;ord=9072688133800338[1] Hidden: file C:\Users\Rainer Dangel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FUF8RGQI\AAAAAAAAAAAAAAAAABAsgIAAAAAAAIAAgAAAAAAbLhjFScBAAAAAAAAAAAAANc-YAAAAAAAAAIAAAAAAADgVqgAAAAAAAAAAAAAAAAAfAM5FDIAAAA=,,http%3A%2F%2Fde.answers.yahoo[1].htm Hidden: file C:\Users\Rainer Dangel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9TH2TSPU\tchSearch_131090;seg=GL_MetaViewWatchSearch_625;seg=GL_AllBid_Mar05;sz=300x100;ord=1267554039116;tile=2;um=5;us=11;eb_trk=132973;pr=22;xp=37;np=22[1].htm Hidden: file C:\Users\Rainer Dangel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AW1GIDQ8\090;seg=GL_MetaViewWatchSearch_625;seg=GL_AllSucBuy_Mar05;sz=300x250;ord=1267554039116;dcopt=ist;tile=1;um=5;us=11;eb_trk=132974;pr=22;xp=37;np=22[1].htm Hidden: file C:\Users\Nina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q3DJL6I8\300x250&adsize=310x170&adsize=300x120&pageview=ng_outer&pageview=vi_first_time&tile=38477641025987397012345678910a&transactionID=38477641025987397012345678910a[1] Hidden: file C:\Users\Rainer Dangel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9U9EV3GC\_MetaViewWatchSearch_131090;seg=GL_MetaViewWatchSearch_625;sz=728x90;ord=1267554097733;dcopt=ist;tile=1;um=5;us=11;eb_trk=133252;pr=22;xp=37;np=22[1].htm Hidden: file C:\Users\Rainer Dangel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\J08YNXH9\&adsize=310x170&adsize=300x120&pageview=ng_outer&pageview=vi_repeated&tile=5605515765541953012345678910ab&transactionID=5605515765541953012345678910ab[1] Hidden: file C:\Users\Rainer Dangel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NYFRKECB\ecial=rectangle&adsize=310x250&pageview=ng_outer&pageview=vi_repeated&tile=5605515765541953012345678910ab&transactionID=5605515765541953012345678910ab[1] Hidden: file C:\Users\Rainer Dangel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9TH2TSPU\ategory=homepage&special=popup&pageview=ng_outer&pageview=vi_repeated&tile=5605515765541953012345678910ab&transactionID=5605515765541953012345678910ab[1] Hidden: file C:\Users\Rainer Dangel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NYFRKECB\l=rectangle&adsize=310x120¶ms[1].styles=hp_promobox_html%2Chp_promobox_img&pageview=ng_outer&pageview=vi_repeated&tile=5307290916203902012345678910ab Hidden: file C:\Users\Rainer Dangel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NYFRKECB\=468x60&content=webde&pageview=ng_outer&adsize=728x90&pageview=loggedin&pageview=no_tprof&pg=m&pa=40&pp=D__73779&pn=3B&bd=0&si=Y9KNtu0qNI9RpoCTOQQ_019[1] Hidden: file C:\Users\Rainer Dangel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\J08YNXH9\&adsize=310x170&adsize=300x120&pageview=ng_outer&pageview=vi_repeated&tile=7783095729486744012345678910ab&transactionID=7783095729486744012345678910ab[1] Hidden: file C:\Users\Rainer Dangel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9U9EV3GC\ecial=rectangle&adsize=310x250&pageview=ng_outer&pageview=vi_repeated&tile=7783095729486744012345678910ab&transactionID=7783095729486744012345678910ab[1] Hidden: file C:\Users\Rainer Dangel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NYFRKECB\ategory=homepage&special=popup&pageview=ng_outer&pageview=vi_repeated&tile=7783095729486744012345678910ab&transactionID=7783095729486744012345678910ab[1] Stopped logging on 05.03.2010 at 20:58:40
Herzliche Grüße
Rainer
Hallo el_gato_negro, Herzlich Willkommen im HijackThis Support Board.
