Massenhafter Prozessabsturz, Arbeitsspeicherfraß, Verlinkungen falsch
Hallo zusammen,
seit ich gestern den Veoh Web Player installiert habe (benutzerdefiniert, natürlich auf Toolbars und Zusatzprogramme verzichtet) geht es mit meinem PC (Vista) den Bach hinunter. Am abend ist es dann zum ersten Mal passiert: Während ich mit Firefox im Internet gesurft habe, entdeckte Antivir 3 Malware-Dateien. Ich habe den Befehl zum Entfernen gegeben, daraufhin stürzte mein PC ab, da massenhaft Prozesse auf einmal geschlossen wurden. Seitdem habe ich mit 3 Symptomen zu kämpfen, die die Bedienung des PCs fast unmöglich machen.
1. Ungewünschte Verlinkungen: z.B über Google lande ich oft willkürlich auf merkwürdigen Seiten (z.B kostenpflichtige Wetterdienste)
2. erhöhter Verbrauch von Arbeitsspeicher: Viele Anwendungen fressen plötzlich Arbeitsspeicher ohne Ende (Editor z.B bis zu 400.000 K). Wenn ich Prozesse schließe, benötigen die andere Prozesse einfach mehr als zuvor, und der PC ist wieder ausgelastet
3. massenhafter Prozessabsturz: Nach dem Start des PCs und beim daraffolgenden Betrieb stürzen tonnenweise Prozesse einfach ab (bis zu 30 auf einmal, u.A Antivirencenter und wichtige Windows-Prozesse). Scans etc. lassen sich nicht mehr öffnen, da sie nach dem Start ganz einfach abstürzen. Der massenhafte Prozessabsturz tritt in 50% der Fälle einfach nach dem Hochfahren auf.
Bemerkt habe ich ausserdem reihenweise Prozesse, die nicht auf meinen PC gehören, wie reihenweise "Monitor" Prozesse, oder einen Windows-Mediaplayer Netzwerkfreigabedienst, der mit englischer Beschreibung parallel zu dem normalen Dienst läuft, aber das 20-fache verbraucht.
Was ich bisher getan habe. MalwareBytes, OTL, AntiVir und Windows-Scans durchlaufen lassen, dabei wurden keine explizit schädlichen Programme gefunden... (als ob). Ich füge meinem Post mal den OTL-Log bei, vielleicht kann mir hier jemand weiterhelfen. Diese Nachricht zu schreiben ohne dass der PC abschmiert, war schon reichlich schwierig ^^
Danke im Vorraus, Casmiel
PS: Scans lassen sich wenn überhaupt nur noch im abgesichterten Modus durchführen, ansonsten sind sie dazu verdammt dass ihnen irgendwann der Arbeitsspeicher ausgeht (Verbrauch steigt pro 1-2 Sekunden teilweise um 1.000 K, und das bei mehreren Prozessen). Wo werden die MalwareBytes Logs gespeichert? Dann würde ich die auch noch posten Code:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 6283
Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 7.0.6002.18005
06.04.2011 12:53:34
mbam-log-2011-04-06 (12-53-34).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 235733
Laufzeit: 54 Minute(n), 38 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Code:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 6283
Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005
06.04.2011 11:10:29
mbam-log-2011-04-06 (11-10-28).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 2988
Laufzeit: 13 Minute(n), 6 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Mehr als ein Quick-Scan war ausserhalb des Safe-Modes nicht drin, da zu wenig Speicher vorhanden.
Hab jetzt noch eine Aktualisierung gesaugt und versuche mich mal an nem vollständigen Scan. Mal gucken ob ich die Prozesse schnell genug zu bekomme bevor sie zu viel Speicher verbrauchen :D Code:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 6286
Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005
06.04.2011 15:48:24
mbam-log-2011-04-06 (15-48-24).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 159988
Laufzeit: 48 Minute(n), 58 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
Vollständiger Scan hat jetzt hingehauen.
(Konnte den vorherigen Beitrag leider nicht mehr editieren)
OTL.Txt Code:
OTL logfile created on: 06.04.2011 15:52:57 - Run 3
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Golachab\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
12,00 Gb Paging File | 10,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287,90 Gb Total Space | 124,07 Gb Free Space | 43,10% Space Free | Partition Type: NTFS
Computer Name: MS-NOTE | User Name: Golachab | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.04.06 10:40:24 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Golachab\Downloads\OTL.exe
PRC - [2011.03.24 09:08:03 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.03.17 14:43:01 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.11.23 12:42:21 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2010.11.23 12:42:20 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.01.14 23:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.09.26 07:35:02 | 000,819,600 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
PRC - [2009.09.23 15:04:52 | 000,447,832 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.03.01 23:21:32 | 000,567,848 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2009.01.21 10:07:42 | 000,313,264 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2009.01.21 10:07:42 | 000,192,512 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2009.01.19 16:43:04 | 000,394,536 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
PRC - [2009.01.19 12:49:20 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Event Service\VESMgrSub.exe
PRC - [2009.01.13 11:28:46 | 001,528,608 | ---- | M] (Cisco Systems, Inc.) -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2008.12.21 21:55:06 | 000,303,104 | ---- | M] (Sony Corporation) -- C:\Programme\sony\Network Utility\NSUService.exe
PRC - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Programme\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2008.08.20 16:38:30 | 000,860,160 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe
PRC - [2008.08.20 16:08:02 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
========== Modules (SafeList) ==========
MOD - [2011.04.06 10:40:24 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Golachab\Downloads\OTL.exe
MOD - [2010.08.31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2009.04.11 08:28:25 | 000,368,640 | ---- | M] () -- C:\Users\Golachab\AppData\Local\evufufufufufu.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.03.17 14:43:01 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.11.23 12:42:21 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.12.08 22:04:34 | 000,673,136 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\sony\VAIO Update 5\VUAgent.exe -- (VUAgent)
SRV - [2009.09.23 15:04:56 | 000,203,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009.09.23 15:04:52 | 000,447,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009.07.13 16:22:32 | 000,434,176 | ---- | M] (Hauppauge Computer Works) [Auto | Stopped] -- C:\Programme\WinTV\TVServer\HauppaugeTVServer.exe -- (HauppaugeTVServer)
SRV - [2009.06.15 11:55:14 | 000,431,384 | ---- | M] (Acronis) [Auto | Stopped] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2009.03.01 23:21:32 | 000,567,848 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009.02.10 22:02:20 | 000,282,624 | ---- | M] (Marvell) [Auto | Running] -- C:\Windows\System32\ykx32mpcoinst.dll -- (yksvc)
SRV - [2009.02.05 12:41:46 | 000,091,432 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe -- (SOHPlMgr)
SRV - [2009.02.05 12:41:44 | 000,390,440 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2009.02.05 12:41:44 | 000,120,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2009.02.05 12:41:44 | 000,075,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2009.02.05 12:41:44 | 000,070,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe -- (SOHDBSvr)
SRV - [2009.01.21 10:07:44 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2009.01.21 10:07:42 | 000,313,264 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2009.01.21 10:07:42 | 000,192,512 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2009.01.19 16:43:04 | 000,394,536 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2009.01.19 12:49:20 | 000,203,624 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files\sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2009.01.16 21:59:08 | 000,083,240 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2009.01.14 13:38:38 | 005,184,872 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2009.01.13 11:28:46 | 001,528,608 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2009.01.08 00:10:32 | 000,114,688 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2009.01.06 04:04:54 | 000,109,088 | ---- | M] (Realtek Semiconductor) [Auto | Stopped] -- C:\Programme\Realtek\Audio\HDA\RtkAudioService.exe -- (RtkAudioService)
SRV - [2008.12.21 21:55:06 | 000,303,104 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\sony\Network Utility\NSUService.exe -- (NSUService)
SRV - [2008.12.19 14:02:08 | 000,415,592 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Programme\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2008.08.20 16:38:30 | 000,860,160 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008.08.20 16:08:02 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.21 04:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008.01.21 04:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007.01.04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Stopped] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
========== Driver Services (SafeList) ==========
DRV - [2011.03.17 14:43:01 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.01.02 09:27:14 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.12.24 05:29:02 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2010.12.24 05:29:02 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\System32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2010.12.24 05:28:51 | 000,132,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2010.12.24 05:28:42 | 000,368,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tdrpman.sys -- (tdrpman)
DRV - [2010.11.23 12:42:21 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.12.15 14:41:30 | 000,268,912 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SRS_SSCFilter_i386.sys -- (SRS_SSCFilter) SRS Labs Audio Sandbox (WDM)
DRV - [2009.11.23 00:16:01 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.11.23 00:15:48 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.09.23 15:04:56 | 000,021,848 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2009.09.23 15:04:56 | 000,014,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Programme\Microsoft Application Virtualization Client\drivers\SftVollh.sys -- (sftvol)
DRV - [2009.09.23 15:04:54 | 000,190,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Programme\Microsoft Application Virtualization Client\drivers\sftplaylh.sys -- (sftplay)
DRV - [2009.09.23 15:04:50 | 000,543,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Programme\Microsoft Application Virtualization Client\drivers\SftFSlh.sys -- (sftfs)
DRV - [2009.06.29 17:04:52 | 000,049,152 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hcw17bda.sys -- (hcw17bda)
DRV - [2009.05.11 11:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.04.13 22:16:29 | 000,173,616 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2009.04.11 06:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2009.04.09 13:38:30 | 000,110,592 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnet.sys -- (ZTEusbnet)
DRV - [2009.04.09 13:38:30 | 000,105,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zteusbvoice.sys -- (ZTEusbvoice)
DRV - [2009.04.09 13:38:30 | 000,105,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2009.04.09 13:38:30 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2009.04.09 13:38:30 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2009.04.09 13:38:30 | 000,007,680 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2009.03.02 22:16:40 | 004,303,872 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.02.23 22:07:18 | 000,155,808 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2009.02.13 12:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.01.13 11:27:38 | 000,306,811 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2008.11.24 23:41:52 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2008.11.19 02:08:46 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2008.10.23 02:02:29 | 000,937,984 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008.10.23 02:02:23 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\risdptsk.sys -- (risdptsk)
DRV - [2008.10.23 02:02:02 | 000,068,608 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008.10.01 15:24:24 | 000,079,104 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt ) [Driver] [Kernel | System | Running] -- C:\Windows\System32\drivers\sleen16.sys -- (SLEE_16_DRIVER)
DRV - [2008.08.28 23:48:46 | 003,664,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008.08.28 17:17:38 | 000,131,856 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dne2000.sys -- (DNE)
DRV - [2008.06.07 02:02:55 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2008.04.24 14:06:40 | 000,017,920 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2008.01.25 04:14:25 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.11.08 22:45:04 | 001,315,840 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CM106.sys -- (USBMULCD)
DRV - [2007.07.12 12:58:54 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2007.04.17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2007.01.18 19:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2005.05.26 10:01:18 | 000,021,344 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2004.10.05 11:40:18 | 000,015,872 | ---- | M] (Interlex Inc.) [Kernel | Auto | Running] -- C:\Programme\VMLaunch\BuddyVM.sys -- ({09BB444F-B2E2-4009-BAF2-7B727681223E})
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNYT&bmod=EU01
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=SNYT&bmod=SNYT
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNYT&bmod=EU01
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=SNYT&bmod=EU01
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {980F5737-8331-4F75-8517-3522106C6998}:1.9.1
FF - prefs.js..extensions.enabledItems: {184AA5E6-741D-464a-820E-94B3ABC2F3B4}:1.0
FF - HKLM\software\mozilla\Firefox\Extensions\\{980F5737-8331-4F75-8517-3522106C6998}: C:\Users\Golachab\AppData\Local\{980F5737-8331-4F75-8517-3522106C6998} [2011.03.28 07:57:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\Golachab\AppData\Roaming\5015 [2011.04.06 02:40:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.04.05 13:59:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.30 09:22:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.10.05 12:07:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011.03.30 09:22:07 | 000,000,000 | ---D | M]
[2010.08.30 00:18:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Golachab\AppData\Roaming\mozilla\Extensions
[2011.04.06 14:38:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Golachab\AppData\Roaming\mozilla\Firefox\Profiles\bt8gqyij.default\extensions
[2010.08.31 13:08:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Golachab\AppData\Roaming\mozilla\Firefox\Profiles\bt8gqyij.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.04.06 14:38:09 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.02.02 15:24:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.02.02 15:24:13 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.03.28 07:57:11 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\GOLACHAB\APPDATA\LOCAL\{980F5737-8331-4F75-8517-3522106C6998}
[2011.04.06 02:40:00 | 000,000,000 | ---D | M] (Java String Helper) -- C:\USERS\GOLACHAB\APPDATA\ROAMING\5015
[2011.02.02 15:24:03 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2011.03.24 09:08:08 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2011.03.24 09:08:08 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2011.03.24 09:08:08 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2011.03.24 09:08:08 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2011.03.24 09:08:08 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (@msdxmLC.dll,-1@1031,&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Programme\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Cm106Sound] File not found
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Gbehen] C:\Users\Golachab\AppData\Local\evufufufufufu.dll ()
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [MarketingTools] C:\Programme\sony\Marketing Tools\MarketingTools.exe (Sony Corporation)
O4 - HKLM..\Run: [SAFEOEM HotKeys] C:\Program Files\Steganos Safe OEM\SteganosHotKeyService.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation)
O4 - HKCU..\Run: [Phoenix Backup] C:\Programme\SYDATEC\Phoenix Backup Professional\pbtray.exe (SYDATEC)
O4 - Startup: C:\Users\Golachab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - File not found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Users\Golachab\AppData\Roaming\appconf32.exe) - C:\Users\Golachab\AppData\Roaming\appconf32.exe ()
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\Golachab\Desktop\Bilder\ascensionconsulamentum.jpg
O24 - Desktop BackupWallPaper: C:\Users\Golachab\Desktop\Bilder\ascensionconsulamentum.jpg
O30 - LSA: Authentication Packages - (relog_ap) - C:\Windows\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{d3cc3c73-ae82-11de-8768-00a0c6000000}\Shell - "" = AutoRun
O33 - MountPoints2\{d3cc3c73-ae82-11de-8768-00a0c6000000}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.04.06 11:49:50 | 000,000,000 | -HSD | C] -- C:\found.001
[2011.04.06 11:05:19 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2011.04.06 10:56:51 | 000,000,000 | ---D | C] -- C:\Users\Golachab\AppData\Roaming\Malwarebytes
[2011.04.06 10:56:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.04.06 10:56:37 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.04.06 10:56:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.04.06 10:56:28 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.04.06 10:56:27 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.04.06 02:40:01 | 000,236,496 | ---- | C] (Adobe Systems, Incorporated) -- C:\Users\Golachab\AppData\Roaming\AcroIEHelpe.dll
[2011.04.06 02:40:00 | 000,000,000 | ---D | C] -- C:\Users\Golachab\AppData\Roaming\5015
[2011.04.06 02:39:50 | 000,000,000 | ---D | C] -- C:\Users\Golachab\AppData\Roaming\xmldm
[2011.04.06 02:39:46 | 000,000,000 | ---D | C] -- C:\Users\Golachab\AppData\Roaming\kock
[2011.03.30 21:37:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2011.03.30 21:24:35 | 000,000,000 | ---D | C] -- C:\Users\Golachab\Desktop\dp
[2011.03.30 09:21:59 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[2011.03.30 09:21:40 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.03.28 08:49:17 | 000,000,000 | ---D | C] -- C:\Users\Golachab\AppData\Roaming\Avira
[2011.03.28 07:57:11 | 000,000,000 | ---D | C] -- C:\Users\Golachab\AppData\Local\{980F5737-8331-4F75-8517-3522106C6998}
[2011.03.23 11:16:20 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011.03.23 11:16:20 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011.03.21 18:46:24 | 000,000,000 | ---D | C] -- C:\Users\Golachab\Desktop\ditvb
[2011.03.09 19:48:26 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011.03.09 19:48:25 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011.03.09 19:48:25 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011.03.09 19:48:25 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[1 C:\Users\Golachab\AppData\Roaming\*.tmp files -> C:\Users\Golachab\AppData\Roaming\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.04.06 15:38:13 | 000,623,724 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.04.06 15:38:13 | 000,591,764 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.04.06 15:38:13 | 000,125,564 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.04.06 15:38:13 | 000,103,380 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.04.06 15:37:01 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.04.06 15:32:17 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.04.06 14:05:57 | 000,000,120 | ---- | M] () -- C:\Users\Golachab\AppData\Local\Pfeniq.dat
[2011.04.06 14:05:48 | 000,002,565 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
[2011.04.06 14:05:30 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.06 14:05:30 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.06 14:05:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.06 14:04:57 | 3186,651,136 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.06 10:43:22 | 000,001,076 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.04.06 02:47:15 | 000,001,356 | ---- | M] () -- C:\Users\Golachab\AppData\Local\d3d9caps.dat
[2011.04.06 02:40:43 | 000,000,000 | ---- | M] () -- C:\Users\Golachab\AppData\Local\Owacoxaziv.bin
[2011.04.06 02:40:01 | 000,236,496 | ---- | M] (Adobe Systems, Incorporated) -- C:\Users\Golachab\AppData\Roaming\AcroIEHelpe.dll
[2011.03.30 09:22:07 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011.03.30 09:09:41 | 000,000,255 | ---- | M] () -- C:\Windows\Brownie.ini
[2011.03.21 19:07:11 | 000,052,736 | ---- | M] () -- C:\Users\Golachab\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.17 14:43:01 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.03.09 00:20:14 | 122,701,126 | ---- | M] () -- C:\Users\Golachab\Desktop\Bitload.com Your Filehoster.2.flv
[1 C:\Users\Golachab\AppData\Roaming\*.tmp files -> C:\Users\Golachab\AppData\Roaming\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.04.06 14:04:57 | 3186,651,136 | -HS- | C] () -- C:\hiberfil.sys
[2011.03.30 09:22:07 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011.03.30 09:22:07 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2011.03.28 07:57:14 | 000,000,120 | ---- | C] () -- C:\Users\Golachab\AppData\Local\Pfeniq.dat
[2011.03.28 07:57:14 | 000,000,000 | ---- | C] () -- C:\Users\Golachab\AppData\Local\Owacoxaziv.bin
[2011.03.09 00:47:26 | 122,701,126 | ---- | C] () -- C:\Users\Golachab\Desktop\Bitload.com Your Filehoster.2.flv
[2010.10.30 21:40:15 | 000,002,430 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010.10.03 23:34:11 | 000,073,728 | ---- | C] () -- C:\Windows\System32\realbap1.dll
[2010.09.29 09:06:17 | 000,001,356 | ---- | C] () -- C:\Users\Golachab\AppData\Local\d3d9caps.dat
[2010.09.13 18:57:48 | 000,004,601 | ---- | C] () -- C:\Windows\Cm106.ini.cfg
[2010.09.13 18:57:48 | 000,000,827 | ---- | C] () -- C:\Windows\Cm106.ini.imi
[2010.09.13 18:56:29 | 000,065,536 | ---- | C] () -- C:\Windows\VMix.dll
[2010.09.13 18:38:10 | 000,139,264 | R--- | C] () -- C:\Windows\Vmix106.dll
[2010.09.13 18:37:55 | 000,003,224 | ---- | C] () -- C:\Windows\Cm106.ini.cfl
[2010.09.13 18:37:52 | 000,483,328 | R--- | C] () -- C:\Windows\System32\Cmeau106.exe
[2010.09.13 18:35:55 | 000,241,664 | R--- | C] () -- C:\Windows\System32\CmiInstallResAll.dll
[2010.09.06 03:40:26 | 000,268,912 | ---- | C] () -- C:\Windows\System32\drivers\SRS_SSCFilter_i386.sys
[2010.09.04 19:25:19 | 000,000,017 | ---- | C] () -- C:\Windows\System32\shortcut_ex.dat
[2010.05.08 16:18:06 | 000,354,304 | ---- | C] () -- C:\Windows\System32\pythoncom26.dll
[2010.05.08 16:18:06 | 000,110,592 | ---- | C] () -- C:\Windows\System32\pywintypes26.dll
[2009.12.23 15:11:11 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009.12.21 18:03:29 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2009.12.21 18:03:29 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2009.12.21 18:03:29 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2009.12.21 17:42:53 | 000,046,537 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2009.12.16 23:21:35 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2009.11.23 00:16:01 | 000,271,360 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2009.11.23 00:15:48 | 000,018,048 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2009.11.20 21:16:41 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2009.11.01 19:49:34 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2009.10.23 20:46:05 | 000,057,344 | ---- | C] () -- C:\Windows\System32\BntRC.dll
[2009.10.23 20:35:45 | 000,000,146 | ---- | C] () -- C:\Windows\BRVIDEO.INI
[2009.10.23 20:35:45 | 000,000,040 | ---- | C] () -- C:\Windows\BRDIAG.INI
[2009.10.23 20:35:45 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini
[2009.10.23 20:35:44 | 000,026,624 | ---- | C] () -- C:\Windows\System32\BRGSRC32.DLL
[2009.10.23 20:35:44 | 000,004,608 | ---- | C] () -- C:\Windows\System32\BRGSRC16.DLL
[2009.10.23 20:35:44 | 000,000,114 | ---- | C] () -- C:\Windows\System32\brlmw03a.ini
[2009.10.23 20:35:43 | 000,009,030 | ---- | C] () -- C:\Windows\HL-2070N.INI
[2009.10.23 20:34:40 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2009.10.23 20:34:32 | 000,000,054 | ---- | C] () -- C:\Windows\System32\bd2070n.dat
[2009.10.23 20:34:29 | 000,045,056 | ---- | C] () -- C:\Windows\System32\PTRCGER.DLL
[2009.10.23 20:33:30 | 000,000,255 | ---- | C] () -- C:\Windows\Brownie.ini
[2009.10.20 14:51:14 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.10.20 14:51:14 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.10.20 14:51:13 | 000,368,640 | ---- | C] () -- C:\Users\Golachab\AppData\Local\evufufufufufu.dll
[2009.10.09 00:30:30 | 000,052,736 | ---- | C] () -- C:\Users\Golachab\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.10.01 14:52:41 | 000,033,169 | ---- | C] () -- C:\Windows\Irremote.ini
[2009.10.01 14:52:22 | 000,000,135 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.10.01 14:52:21 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009.10.01 14:52:18 | 000,142,337 | ---- | C] () -- C:\Windows\System32\Wait.exe
[2009.10.01 14:51:45 | 000,006,082 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2009.09.30 16:06:40 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009.06.18 13:36:24 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2009.05.15 19:22:04 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2009.05.15 19:21:55 | 000,180,720 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009.05.15 19:21:55 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2009.05.15 19:21:55 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2009.05.15 19:21:55 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2009.05.15 19:21:55 | 000,011,264 | ---- | C] () -- C:\Windows\System32\atimuixx.dll
[2009.05.15 11:05:13 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.05.15 10:57:27 | 000,001,076 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009.05.15 10:04:32 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.01.13 11:29:00 | 000,197,408 | ---- | C] () -- C:\Windows\System32\vpnapi.dll
[2008.12.09 17:23:13 | 000,046,312 | RHS- | C] () -- C:\Users\Golachab\AppData\Roaming\appconf32.exe
[2008.01.21 09:15:58 | 000,623,724 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 09:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 09:15:58 | 000,125,564 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 09:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007.11.29 11:45:10 | 000,001,004 | R--- | C] () -- C:\Windows\cm106.ini
[2007.02.20 13:59:08 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2007.02.20 13:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2007.02.20 13:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2007.02.20 13:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2007.02.20 13:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2007.02.20 13:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2007.02.20 13:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2007.02.20 13:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007.02.20 13:59:04 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2007.02.20 12:24:46 | 000,071,208 | ---- | C] () -- C:\Windows\System32\PhysXLoader.dll
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,356,576 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,591,764 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,103,380 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
========== LOP Check ==========
[2011.04.06 02:40:00 | 000,000,000 | ---D | M] -- C:\Users\Golachab\AppData\Roaming\5015
[2011.01.02 09:35:02 | 000,000,000 | ---D | M] -- C:\Users\Golachab\AppData\Roaming\DAEMON Tools Lite
[2009.10.07 18:18:59 | 000,000,000 | ---D | M] -- C:\Users\Golachab\AppData\Roaming\GetRightToGo
[2009.12.14 01:02:56 | 000,000,000 | ---D | M] -- C:\Users\Golachab\AppData\Roaming\gtk-2.0
[2011.03.13 00:21:19 | 000,000,000 | ---D | M] -- C:\Users\Golachab\AppData\Roaming\ICQ
[2010.03.27 19:39:17 | 000,000,000 | ---D | M] -- C:\Users\Golachab\AppData\Roaming\IrfanView
[2011.04.06 02:39:46 | 000,000,000 | ---D | M] -- C:\Users\Golachab\AppData\Roaming\kock
[2010.05.26 19:57:36 | 000,000,000 | ---D | M] -- C:\Users\Golachab\AppData\Roaming\Miranda Fusion
[2010.03.29 15:34:06 | 000,000,000 | ---D | M] -- C:\Users\Golachab\AppData\Roaming\NVD
[2011.02.02 15:33:35 | 000,000,000 | ---D | M] -- C:\Users\Golachab\AppData\Roaming\OpenOffice.org
[2011.02.19 22:13:24 | 000,000,000 | ---D | M] -- C:\Users\Golachab\AppData\Roaming\Opera
[2010.06.10 22:36:31 | 000,000,000 | ---D | M] -- C:\Users\Golachab\AppData\Roaming\SoftGrid Client
[2009.11.01 21:26:42 | 000,000,000 | ---D | M] -- C:\Users\Golachab\AppData\Roaming\Steganos
[2010.03.29 12:59:05 | 000,000,000 | ---D | M] -- C:\Users\Golachab\AppData\Roaming\TeamViewer
[2009.09.30 16:06:31 | 000,000,000 | ---D | M] -- C:\Users\Golachab\AppData\Roaming\Thunderbird
[2010.03.29 15:34:13 | 000,000,000 | ---D | M] -- C:\Users\Golachab\AppData\Roaming\TP
[2010.07.23 13:44:38 | 000,000,000 | ---D | M] -- C:\Users\Golachab\AppData\Roaming\uTorrent
[2009.10.01 14:09:44 | 000,000,000 | ---D | M] -- C:\Users\Golachab\AppData\Roaming\Vodafone
[2011.04.06 02:39:50 | 000,000,000 | ---D | M] -- C:\Users\Golachab\AppData\Roaming\xmldm
[2011.04.06 15:31:02 | 000,032,610 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
Extras.Txt Code:
OTL Extras logfile created on: 06.04.2011 15:52:57 - Run 3
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Golachab\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
12,00 Gb Paging File | 10,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287,90 Gb Total Space | 124,07 Gb Free Space | 43,10% Space Free | Partition Type: NTFS
Computer Name: MS-NOTE | User Name: Golachab | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-9790608-1461295977-3599502087-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-9790608-1461295977-3599502087-1001]
"EnableNotifications" = 1
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{023BCD94-3298-4F72-99A8-68540C316E70}" = rport=137 | protocol=17 | dir=out | app=system |
"{1C845969-7A47-4500-A1C9-D61ACB437F2E}" = lport=137 | protocol=17 | dir=in | app=system |
"{232D04EE-CBE2-42A7-A4E0-9AF2899C582F}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{260F04EA-2210-40C5-9BD1-A4C3FC047876}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{397E1EA6-7ED9-47DD-B11E-9DFA2DC21D78}" = lport=138 | protocol=17 | dir=in | app=system |
"{5DF027E6-02F0-4130-9978-80F8A7CAC0D7}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{62FEDBBF-D9B3-4E0B-A1E5-E2873DF3FAA2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{68EAC9D1-CD17-462D-A061-91D014E2E866}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{732A8709-A5B8-43FE-8F28-C665282703ED}" = rport=138 | protocol=17 | dir=out | app=system |
"{98525DC4-6911-427C-B862-CEB95F5A0065}" = lport=445 | protocol=6 | dir=in | app=system |
"{9AE9E8B5-6D7C-41B4-B762-20C0804C9143}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C610035D-F675-4AE6-9882-B760EFAF9843}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C674D21B-9B23-4591-9421-BC1D5DFEC1A9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D4C00FD3-B54E-463A-BD7A-DA3666AAAB1A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D9EC48ED-1678-41E4-BA41-9C234FB766A0}" = lport=18768 | protocol=6 | dir=in | name=torrentport |
"{DA239AA4-6522-4184-94B0-FD74C52286D6}" = lport=139 | protocol=6 | dir=in | app=system |
"{E8154D32-479E-44E9-9BAC-B7C3BCC53117}" = rport=445 | protocol=6 | dir=out | app=system |
"{EC3CEA3E-F0A2-4F74-BF16-9E4CF95EA99D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{EE9BCC9C-8B86-4CA4-B098-E4BBAD4338C8}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{F740EADF-000A-480C-8F9E-3AB6FF1EF972}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F8CA4FE5-30E1-4E93-BF0F-0B70FA631227}" = rport=139 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A38773-F44B-4C6D-B37B-38A8C8A0A023}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{1B82AAE8-5FD1-466F-876C-60F4C97ED1E6}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{1E06449C-7FEA-45A3-874C-5F19513E50E9}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{246B265B-7506-40C1-8FAA-041A19030FC0}" = protocol=17 | dir=in | app=c:\program files\mirandafusion\miranda32.exe |
"{304893BE-3387-4030-BE0E-79B0A9BC2BB3}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{322104CC-1440-48C1-8D09-8BD5009EDE52}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{36F15445-5868-43D6-BF67-2C525F69D6A7}" = protocol=17 | dir=in | app=c:\reality pump\two worlds\twoworlds.exe |
"{40749415-D858-4FBB-A404-2BE9B6894A7D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{42DF6ACE-AF55-43F9-AC14-A907381352FE}" = protocol=17 | dir=in | app=c:\reality pump\two worlds\twoworlds_radeon.exe |
"{498F2F76-4C22-4BD5-815E-2A337AD018F3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{553CBB44-D947-4850-B651-3850B10B1CE6}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{5FCE904C-6513-42FB-8F5C-79465BAE4BF4}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{62EBA3AC-1E35-43FF-B90E-20632671C16C}" = protocol=6 | dir=in | app=c:\reality pump\two worlds\twoworlds_radeon.exe |
"{67374780-1449-494B-985A-9A4C177701FA}" = protocol=6 | dir=in | app=c:\program files\mirandafusion\miranda32.exe |
"{782FF1F7-0302-44DC-ADD7-B93DAFCB4CA6}" = protocol=6 | dir=in | app=c:\reality pump\two worlds\twoworlds.exe |
"{8A806169-7B24-4245-BEFF-9A41315E797E}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{8E827C46-A197-4181-9AD8-493C2F27764E}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{9520E5E6-6C7C-46EA-A5E1-7084F7929C6B}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{9AA1C7B4-6FEF-4A05-8419-5B781992B6D5}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{ABD66284-E4E7-4FCB-A0A3-DE1C5E52D51E}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{ACB79FED-E5FB-44FC-882E-6BE3327A53C2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{AE3B7A5F-D83B-49D4-8491-3F0F35A6D7EB}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{B4CAEFA1-1F3B-4F58-9731-3F7069D667BA}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C3F52A09-0E1B-4FF9-ADE2-0B89E2902777}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{D078A5D4-F3AE-492E-B847-D36B45C8E972}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D603DABA-C403-443E-B26D-FE41F41D22A8}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{DC41DE89-0BB2-455A-8D24-C7F6A5EBEF81}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{EFA8929E-8F30-411F-9725-317E750B6073}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{F3BF0F75-530B-4870-A8D2-CC82F3DA0B11}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{FC407F39-4AD5-4A0B-8746-EE9DE7988DB0}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{FC5D8648-164C-4639-B212-CD0E116453F4}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"TCP Query User{00D9BD3B-3FFB-4CA3-8A54-8160202D2230}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{03541D43-084C-4DC7-948E-698007BD4082}C:\program files\microsoft games\age of empire\empiresx.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empire\empiresx.exe |
"TCP Query User{256906C8-EF6F-4999-A1D2-B52031AC321A}C:\age of empires 2\age2_x1\age2_x1.exe" = protocol=6 | dir=in | app=c:\age of empires 2\age2_x1\age2_x1.exe |
"TCP Query User{29D06BBB-B8F8-4A2D-BEF5-51163D4BAB2E}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{2A7A1DD1-9CE2-4DF0-9FE9-904B9E9199AE}C:\age of empires 2\age2_x1\age2_x1.exe" = protocol=6 | dir=in | app=c:\age of empires 2\age2_x1\age2_x1.exe |
"TCP Query User{2E07B9C9-AD2F-493E-9C67-6128144B3CA1}C:\users\golachab\desktop\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\users\golachab\desktop\warcraft iii\war3.exe |
"TCP Query User{314A89AF-D25B-4489-88C0-1059DEB44C5E}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{5617016F-39D1-49C2-BCAC-9CFD3DC97506}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{5FBD4729-0E3B-4AFB-ADA8-20980248D442}C:\program files\mirandafusion\miranda32.exe" = protocol=6 | dir=in | app=c:\program files\mirandafusion\miranda32.exe |
"TCP Query User{8CFC5B7A-CF8C-45E7-95E5-C73E5979EAD7}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{A34AAC07-6793-47B1-BF85-E29AEB95CB92}C:\program files\icq7.0\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"TCP Query User{A462CD8F-9FF4-460F-9524-D8D089DD1FAA}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{AED6AF63-CB74-4B03-9DCA-DCB08AD3092A}C:\users\golachab\desktop\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\users\golachab\desktop\warcraft iii\war3.exe |
"TCP Query User{B64F1034-5F08-4F4D-B5ED-358CB3E589DF}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{BC538223-E8C0-4CE4-9360-FBB1FCA22D71}C:\age of empires 2\empires2.exe" = protocol=6 | dir=in | app=c:\age of empires 2\empires2.exe |
"TCP Query User{C518106A-872C-481C-8034-4C0B3C363716}C:\users\golachab\appdata\local\temp\cprogrammeopera\operaupgrader.exe" = protocol=6 | dir=in | app=c:\users\golachab\appdata\local\temp\cprogrammeopera\operaupgrader.exe |
"TCP Query User{E4FFF2E4-E783-42C5-B3D7-06681B1BB19D}C:\age of empires 2\empires2.exe" = protocol=6 | dir=in | app=c:\age of empires 2\empires2.exe |
"TCP Query User{EA551732-CD0F-4D54-B71E-2C04E46A36AF}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{F462DC50-8F11-4F18-940E-E6FB022F1DB3}C:\age of empires 2\age2_x1\age2_x1nocd.exe" = protocol=6 | dir=in | app=c:\age of empires 2\age2_x1\age2_x1nocd.exe |
"UDP Query User{07F1BD5A-E069-44B6-9179-F82175E2CA26}C:\age of empires 2\age2_x1\age2_x1.exe" = protocol=17 | dir=in | app=c:\age of empires 2\age2_x1\age2_x1.exe |
"UDP Query User{21399199-188B-4AD7-A85D-A874D68FE397}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{39896011-7393-4875-80DD-A5229294FBEA}C:\program files\mirandafusion\miranda32.exe" = protocol=17 | dir=in | app=c:\program files\mirandafusion\miranda32.exe |
"UDP Query User{3D91AAAF-939E-4C6B-AE39-13D41A2025A5}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{3F5CF4B2-189D-4CE5-94DA-525BE7D2F07F}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{3F93F4B5-0CE4-491E-8633-B30797FF30B6}C:\age of empires 2\age2_x1\age2_x1.exe" = protocol=17 | dir=in | app=c:\age of empires 2\age2_x1\age2_x1.exe |
"UDP Query User{4395E6AD-6176-4633-901C-A275661ADC36}C:\age of empires 2\empires2.exe" = protocol=17 | dir=in | app=c:\age of empires 2\empires2.exe |
"UDP Query User{4FAA1A24-03AB-47C9-9072-CE4D8CBA5FE8}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{6A62CDE4-B585-4A6A-94C6-27560A28E967}C:\age of empires 2\age2_x1\age2_x1nocd.exe" = protocol=17 | dir=in | app=c:\age of empires 2\age2_x1\age2_x1nocd.exe |
"UDP Query User{7CBE3099-B943-4E6F-B1A1-FE3FE383F60D}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{9AB5AD11-572C-4E8F-A853-8098EF94CE20}C:\age of empires 2\empires2.exe" = protocol=17 | dir=in | app=c:\age of empires 2\empires2.exe |
"UDP Query User{9EB9F6A3-05C0-4568-82B7-3CCCB5DE494F}C:\users\golachab\desktop\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\users\golachab\desktop\warcraft iii\war3.exe |
"UDP Query User{A6A5BEAA-880E-4F53-ABB7-565836E60E08}C:\users\golachab\desktop\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\users\golachab\desktop\warcraft iii\war3.exe |
"UDP Query User{B33535B3-4276-44B1-AAFB-8B1C9A19EA3E}C:\users\golachab\appdata\local\temp\cprogrammeopera\operaupgrader.exe" = protocol=17 | dir=in | app=c:\users\golachab\appdata\local\temp\cprogrammeopera\operaupgrader.exe |
"UDP Query User{C2723D20-C969-4FA5-9DB0-D6A8832F0C8F}C:\program files\icq7.0\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"UDP Query User{CD6DB832-E061-4298-8F77-47A72250EE29}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{DAE12898-325D-44DC-898D-56AC03FAB2BF}C:\program files\microsoft games\age of empire\empiresx.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empire\empiresx.exe |
"UDP Query User{DC994A74-3160-479E-A776-A30F53374BF0}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{DD511B02-4124-4D6E-9281-B97749C92C78}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0534F8BF-EBFD-004B-5DED-1010CBF353B8}" = CCC Help Dutch
"{068F037B-2723-48E3-85F1-4D7D93A29D2A}" = VAIO Content Metadata Intelligent Analyzing Manager
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{0A1B60E0-F250-BD91-79C9-C29B9C05A5AA}" = Catalyst Control Center InstallProxy
"{13C5C85D-3CD9-DF9C-77A9-8173781CD170}" = CCC Help Spanish
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{14C87AA7-08E6-419F-A165-998EBE5023D7}" = Oblivion - Knights of the Nine
"{16BAB4DD-34F6-EBC5-F40B-72146464CDE0}" = Catalyst Control Center Core Implementation
"{190CD8ED-D83B-EB89-9BE9-8CC04569A4CB}" = CCC Help Thai
"{19B683DF-B562-4C0B-8AAA-2A92409D190A}" = Sony Home Network Library
"{1D108D70-E7D1-4089-9A0A-99629C4D0CB8}" = Morrowind
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{20140000-006D-0407-0000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010 (Beta)
"{20140062-0062-0407-0000-0000000FF1CE}" = Microsoft Office Home and Business 2010 (Beta) - Deutsch
"{2018C019-30D9-4240-8C01-0865C10DCF5A}" = Unterstützung für VAIO-Präsentation
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{23D683DD-93C6-48E6-B84E-78B57778F126}" = Oblivion - Construction Set
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{26C05EE9-C5C7-F22C-A298-B97926F36E3E}" = CCC Help Turkish
"{2878C3C9-9D91-430F-8F50-885BB23DB001}" = VAIO Content Folder Watcher
"{2B5DDB2D-053E-F1C8-3234-DAE9FCF4B318}" = CCC Help Finnish
"{2EF15529-A351-FDFA-C393-491483B04784}" = CCC Help Italian
"{327B75F0-92AF-420A-988F-FA596A218E0B}" = VAIO Content Folder Watcher
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3B659FAD-E772-44A3-B7E7-560FF084669F}" = VAIO Smart Network
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{43112A37-7CDD-745A-6EB4-9A9BA982DB2A}" = CCC Help English
"{47A2CE5C-EA1F-4F58-8A0A-9452CBA795CD}" = Click to Disc
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DCB123A-6DD2-8436-2FBA-0244ADF65F42}" = CCC Help Russian
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{520F4B09-3A51-47A2-82B0-9FF1DC2D20FA}" = Oblivion - Vile Lair
"{52A7C6A6-6B88-47D1-922E-9F8A7E089E6A}" = Intel(R) PROSet/Wireless WiFi-Software
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{52D93C83-FDEA-D1B2-5185-D1271DC15C6C}" = Catalyst Control Center Localization All
"{52E51086-747D-AEB9-B440-14B84CC247E0}" = Catalyst Control Center Graphics Light
"{53480870-02D8-48FB-BC27-72C956885168}" = O&O MediaRecovery
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{542C6F13-6861-4010-9EBC-6F068D397AD8}" = SRS Audio Sandbox
"{54CC8FFD-0F64-07B4-EFC1-40C0449F4B85}" = ccc-utility
"{568D1DC1-4038-BF79-E58D-81311FD41F91}" = CCC Help Greek
"{56C64E81-FC93-4cb9-9EBF-953662950D3B}_is1" = Delete Virtual-Mate Launcher
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{58D68DF0-4E8B-4E9E-B425-670F9E37C1A8}" = TES Construction Set
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update 5
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Energie Verwaltung
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{621C02EA-AAFF-4026-A903-165D59529A16}" = Driver Detective
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{64DBE9FE-A07D-41A0-B81A-8D416D9647FF}" = VAIO Content Folder Watcher
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69C8B1E3-2665-4A0F-B049-67746E5C4CE3}" = Software Info for Me&My VAIO
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{76D7CCD6-8369-405C-B494-5F34FAE67249}" = Me&My VAIO
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77217D44-363B-9BF6-04F8-FE432D9AFE35}" = CCC Help Czech
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7B79CD75-F848-4B33-83E3-0EE1A1805A8C}" = VAIO Movie Story
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{82D8304F-73D7-4EE6-8472-D0684BAA2865}" = AGEIA PhysX v7.05.06
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{88E1A4BD-995D-EB00-26E5-9BEFA9E213A6}" = CCC Help Polish
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A120CC0-95C6-DEEF-F60B-8B0866660920}" = CCC Help Hungarian
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90124382-85E3-DE67-F0F7-4C37B7040BF4}" = CCC Help Chinese Standard
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{914B46A6-7C4B-3AA2-DFF7-E39EB5F7141E}" = Skins
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{931FE23C-BB40-4C7A-A594-DB35908D8E83}" = Splashtop
"{940E5FC0-CF77-4DDC-B3CA-D6A288775714}" = Brother Peer to Peer Print (NetBIOS) 1.16
"{948FD689-B34E-5A26-F926-111A1A74A43D}" = CCC Help Japanese
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2
"{99A9CE2D-DFB1-3277-D1C7-5C34C21179EF}" = ccc-core-static
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A44DC8C-13C7-6ADE-3516-C1FEDC0267F8}" = CCC Help Swedish
"{9A4F72EE-8378-49BD-8C10-301E25907B5B}" = Steganos Safe OEM
"{9A4FBD51-811D-33E9-116B-D26C662B588C}" = CCC Help Norwegian
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{9EAC0E21-510E-4259-A9C6-F5D5B8969036}" = Catalyst Control Center - Branding
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A17E786D-ACC6-8D11-8B25-D83AB85B6534}" = CCC Help German
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A78162BC-E105-4B0B-BB3C-49D0BB705663}" = Brother HL-2070N
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9D3D707-4A1A-4227-BE6E-F16448B4CB63}" = VAIO Entertainment Platform
"{AC76BA86-7AD7-1031-7B44-A92000000001}" = Adobe Reader 9.2 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B12F3362-A328-9499-949A-A95C6EF21CB6}" = Catalyst Control Center Graphics Previews Vista
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{BF34527D-7B27-43AD-9994-7B3ABCEF3625}" = Phoenix Backup Professional
"{BFD85D24-D4F3-4CCC-B518-D7C4FC29C76D}" = VAIO Content Metadata Intelligent Analyzing Manager
"{C144CB60-EE5D-B625-C672-176AC5B488D2}" = ATI Catalyst Install Manager
"{C1555BC5-88B1-466B-BC79-062B5715DF92}" = VAIO Content Metadata XML Interface Library
"{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}" = Acronis*True*Image*WD*Edition
"{C4567E61-7997-5F6A-0A4B-F667328D3ED3}" = Catalyst Control Center Graphics Previews Common
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup aktivieren
"{C62AEA0E-90B0-4049-9780-8499A18A34D7}" = VAIO Content Metadata Manager Setting
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{CD77F1C7-9A53-0883-F660-2FE859B47BAA}" = Catalyst Control Center Graphics Full Existing
"{CD7E6232-D41D-4E5B-ABE1-0264B6260309}" = VAIO Content Metadata Intelligent Analyzing Manager
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}" = Sony Home Network Library
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D613E659-6503-42A8-9617-4F599061EAD5}" = VAIO MusicBox
"{DABF43D9-1104-4764-927B-5BED1274A3B0}" = Runtime
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DEF97A70-C67D-41E1-837C-6462C97A6F65}" = OpenMG Secure Module 5.3.00
"{E303B395-E0C1-42E6-9EF9-F3BC23DEF2D7}" = Remote Printer Console
"{E3453B1B-C91B-4C48-B046-8DF635DD46F2}" = VAIO Content Metadata XML Interface Library
"{E3E86D88-6370-73DA-29F9-D09D43337688}" = CCC Help Korean
"{E412146D-4D11-3363-804E-096D51988B69}" = CCC Help Portuguese
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{e7394a0f-3f80-45b1-87fc-abcd51893246}" = Python 2.6.4
"{E9F6CD2A-CF41-6442-CB8A-34665511BFC8}" = CCC Help Chinese Traditional
"{EADE97A7-E7AA-43FD-A042-92A68E0187A6}" = VAIO Content Metadata Manager Setting
"{EBF8380D-8B72-6938-923A-5891703BCB4E}" = CCC Help Danish
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{ED0CFA85-9E9F-67B4-89C4-A07C42D51FB3}" = Catalyst Control Center Graphics Full New
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EEFE8A83-8D7E-21AF-F1C6-D617DC6D5455}" = CCC Help French
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3C1DE9E-5E16-4BA9-B854-7B53A45E3579}" = Cisco Systems VPN Client 5.0.05.0290
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"{FFFFFD17-B460-41EB-93F1-C48ABAD63828}" = Oblivion - Thieves Den
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Age of Empires Expansion 1.0" = Microsoft Age of Empires Expansion
"Age of Mythology 1.0" = Age of Mythology
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"C-Media CM106 Like Sound Driver" = Trust USB Audio
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"comtypes-py2.6" = Python 2.6 comtypes-0.6.2
"Diablo II" = Diablo II
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"dt icon module" =
"G3 Optimizer V1.2" = G3 Optimizer V1.2
"Hauppauge WinTV 7" = Hauppauge WinTV 7
"Hauppauge WinTV Infrared Remote" = Hauppauge WinTV Infrared Remote
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{621C02EA-AAFF-4026-A903-165D59529A16}" = Driver Detective
"InstallShield_{DEF97A70-C67D-41E1-837C-6462C97A6F65}" = OpenMG Secure Module 5.3.00
"IrfanView" = IrfanView (remove only)
"Ivellon_is1" = Ivellon 1.5 English
"JDownloader" = JDownloader
"LastFM_is1" = Last.fm 1.5.4.27091
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MarketingTools" = VAIO Marketing Tools
"MFU Module" =
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MirandaFusion" = Miranda Fusion 2.0.24
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"Mozilla Thunderbird (2.0.0.24)" = Mozilla Thunderbird (2.0.0.24)
"Oblivion mod manager_is1" = Oblivion mod manager 1.1.9
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010 (Beta)
"Oni" = Oni
"ProInst" = Intel PROSet Wireless
"psyco-py2.6" = Python 2.6 psyco-1.6
"pywin32-py2.6" = Python 2.6 pywin32-214
"RealPlayer 12.0" = RealPlayer
"SopCast" = SopCast 3.2.4
"splashtop" = Splashtop
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Two Worlds" = Two Worlds
"UT2003" = Unreal Tournament 2003
"VAIO Help and Support" =
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Wrye Bash" = Wrye Bash
"wxPython2.8-ansi-py26_is1" = wxPython 2.8.10.1 (ansi) for Python 2.6
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 24.03.2011 03:07:19 | Computer Name = ms-note | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 24.03.2011 03:07:22 | Computer Name = ms-note | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 24.03.2011 03:07:22 | Computer Name = ms-note | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 24.03.2011 03:07:23 | Computer Name = ms-note | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 24.03.2011 03:07:23 | Computer Name = ms-note | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 25.03.2011 18:10:28 | Computer Name = ms-note | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 1.9.2.4095 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: 874 Anfangszeit: 01cbeab09c25e20a Zeitpunkt der Beendigung:
29
Error - 25.03.2011 18:10:28 | Computer Name = ms-note | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung plugin-container.exe, Version 1.9.2.4095, Zeitstempel
0x4d852c62, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18327, Zeitstempel 0x4cb73436,
Ausnahmecode 0xc0000005, Fehleroffset 0x00048822, Prozess-ID 0x430, Anwendungsstartzeit
01cbeab0a027f9ba.
Error - 28.03.2011 02:51:57 | Computer Name = ms-note | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung svchost.exe, Version 6.0.6001.18000, Zeitstempel
0x47918b89, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18327, Zeitstempel 0x4cb73436,
Ausnahmecode 0xc0000005, Fehleroffset 0x00046e66, Prozess-ID 0x594, Anwendungsstartzeit
01cbe9f1b09ce3a6.
Error - 28.03.2011 02:57:40 | Computer Name = ms-note | Source = VSS | ID = 12289
Description =
Error - 28.03.2011 02:58:17 | Computer Name = ms-note | Source = VSS | ID = 12289
Description =
[ Media Center Events ]
Error - 28.09.2009 17:21:13 | Computer Name = ms-note | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.SqmFlushSession failed;
Win32 GetLastError returned 0D Prozess: DefaultDomain Objektname: Media Center Guide
[ System Events ]
Error - 06.04.2011 09:30:59 | Computer Name = ms-note | Source = Service Control Manager | ID = 7031
Description =
Error - 06.04.2011 09:30:59 | Computer Name = ms-note | Source = Service Control Manager | ID = 7031
Description =
Error - 06.04.2011 09:30:59 | Computer Name = ms-note | Source = Service Control Manager | ID = 7031
Description =
Error - 06.04.2011 09:30:59 | Computer Name = ms-note | Source = Service Control Manager | ID = 7034
Description =
Error - 06.04.2011 09:30:59 | Computer Name = ms-note | Source = Service Control Manager | ID = 7031
Description =
Error - 06.04.2011 09:30:59 | Computer Name = ms-note | Source = Service Control Manager | ID = 7031
Description =
Error - 06.04.2011 09:30:59 | Computer Name = ms-note | Source = Service Control Manager | ID = 7031
Description =
Error - 06.04.2011 09:33:06 | Computer Name = ms-note | Source = Service Control Manager | ID = 7032
Description =
Error - 06.04.2011 09:33:06 | Computer Name = ms-note | Source = Service Control Manager | ID = 7032
Description =
Error - 06.04.2011 09:33:06 | Computer Name = ms-note | Source = Service Control Manager | ID = 7032
Description =
< End of report >
|
