Pixelboy | 09.05.2011 14:34 | 2. Logfile Code:
OTL logfile created on: 09.05.2011 15:18:07 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\xxxx\Pictures\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 33,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 62,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 83,85 Gb Total Space | 24,49 Gb Free Space | 29,21% Space Free | Partition Type: NTFS
Computer Name: xxxx | User Name: xxxxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Morena\Pictures\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools)
PRC - C:\Program Files\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)
PRC - C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.)
PRC - C:\Program Files\PC Tools Security\pctsSvc.exe (PC Tools)
PRC - C:\Program Files\PC Tools Security\pctsAuxs.exe (PC Tools)
PRC - C:\Users\Morena\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Last.fm\LastFM.exe (Last.fm)
PRC - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil9e.exe (Adobe Systems, Inc.)
PRC - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
PRC - C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
PRC - C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Protexis\License Service\PSIService.exe ()
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe (ScanSoft, Inc.)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe ()
PRC - C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe ()
PRC - C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Apoint\Apntex.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Apoint\ApMsgFwd.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
========== Modules (SafeList) ==========
MOD - C:\Users\xxxx\Pictures\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\PC Tools Security\pctgmhk.dll (PC Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (LiveUpdate Notice Ex) -- File not found
SRV - (CLTNetCnService) -- File not found
SRV - (Browser Defender Update Service) -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.)
SRV - (sdCoreService) -- C:\Program Files\PC Tools Security\pctsSvc.exe (PC Tools)
SRV - (sdAuxService) -- C:\Program Files\PC Tools Security\pctsAuxs.exe (PC Tools)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
SRV - (LiveUpdate) -- C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (Symantec Corporation)
SRV - (Automatisches LiveUpdate - Scheduler) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (SSScsiSV) -- C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe (Sony Corporation)
SRV - (VAIO Event Service) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (ProtexisLicensing) -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe ()
SRV - (VAIOMediaPlatform-IntegratedServer-AppServer) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-UCLS-AppServer) -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-UCLS-UPnP) VAIO Media Content Collection (UPnP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-UCLS-HTTP) VAIO Media Content Collection (HTTP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VzFw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-Mobile-Gateway) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
========== Driver Services (SafeList) ==========
DRV - (MpKslf9e7d7d6) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AA6D40DD-CE7C-4A9B-9944-1B7708EFC04A}\MpKslf9e7d7d6.sys (Microsoft Corporation)
DRV - (PCTCore) -- C:\Windows\system32\drivers\PCTCore.sys (PC Tools)
DRV - (PCTSD) -- C:\Windows\System32\drivers\PCTSD.sys (PC Tools)
DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation)
DRV - (pctDS) -- C:\Windows\system32\drivers\pctDS.sys (PC Tools)
DRV - (Spyder3) -- C:\Windows\System32\drivers\Spyder3.sys ()
DRV - (LEX_AS_NIC_SERVICE_YNOS) -- C:\Windows\System32\drivers\ExpasAG.sys (Atheros Communications, Inc.)
DRV - (ti21sony) -- C:\Windows\System32\drivers\ti21sony.sys (Texas Instruments)
DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)
DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation)
DRV - (SNC) -- C:\Windows\System32\drivers\SonyNC.sys (Sony Corporation)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com
IE - HKLM\..\URLSearchHook: {69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5} - C:\Program Files\Eazel-DE\tbEaze.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2096149
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKCU\..\URLSearchHook: {69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5} - C:\Program Files\Eazel-DE\tbEaze.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "hxxp://www.aka-aki.com/index.php|hxxp://www.twotickets.de/rubriken/.bin/lastminute.php|https://banking.postbank.de/app/logout.do;jsessionid=9C4697FC3941EB2596A8B4A08BBB3102.C21|hxxp://www.lastfm.de/user/xxxx/|hxxp://forum.designmadeingermany.de/2945/|hxxp://www.supertopic.de/"
FF - HKLM\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\Firefox\ [2011.05.03 15:34:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.04.28 22:03:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.28 22:03:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2007.10.12 19:04:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.6\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2010.06.17 11:08:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxxxxx\AppData\Roaming\mozilla\Extensions
[2010.08.06 12:32:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxxxxx\AppData\Roaming\mozilla\Firefox\Profiles\xib5qyfx.default\extensions
[2010.06.17 11:08:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxxxxx\AppData\Roaming\mozilla\Firefox\Profiles\xib5qyfx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.08.06 12:32:08 | 000,000,000 | ---D | M] (Eazel-DE Toolbar) -- C:\Users\xxxxxxx\AppData\Roaming\mozilla\Firefox\Profiles\xib5qyfx.default\extensions\{69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5}
[2007.10.11 20:37:09 | 000,000,000 | ---D | M] ("Foxmarks Bookmark Synchronizer") -- C:\Users\xxxxx\AppData\Roaming\mozilla\Firefox\Profiles\xib5qyfx.default\extensions\foxmarks@kei.com
[2010.06.17 11:08:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxxxxx\AppData\Roaming\mozilla\Firefox\Profiles\xib5qyfx.default\extensions\staged-xpis
[2007.07.22 16:06:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2009.05.26 19:54:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions\talkback@mozilla.org
[2007.03.10 01:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
[2011.04.28 22:03:34 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.04.28 22:03:34 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.04.28 22:03:34 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.04.28 22:03:34 | 000,000,986 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.04.28 22:03:34 | 000,000,801 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (Eazel-DE Toolbar) - {69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5} - C:\Program Files\Eazel-DE\tbEaze.dll (Conduit Ltd.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll (Your Company Name)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Eazel-DE Toolbar) - {69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5} - C:\Program Files\Eazel-DE\tbEaze.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Eazel-DE Toolbar) - {69B6939F-C70D-45C5-9BBD-E2E2CC3DD8E5} - C:\Program Files\Eazel-DE\tbEaze.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WrtMon.exe] C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe ()
O4 - HKCU..\Run: [ISUSPM Startup] File not found
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil9e.exe (Adobe Systems, Inc.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: RSS-Support-Site zu VAIO Information FLOW hinzufügen - C:\Program Files\Sony\VAIO Information FLOW\aiesc.html ()
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\xxxxxx\Documents\xxxxxx. xxxxx\Wallpaper\urbanpattern23.jpg
O24 - Desktop BackupWallPaper: C:\Users\xxxxx\Documents\xxxxxx. xxxxx\Wallpaper\urbanpattern23.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.05.03 18:41:38 | 000,000,000 | ---D | C] -- C:\Windows\SQL9_KB970892_ENU
[2011.05.03 15:46:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011.05.03 15:45:18 | 000,000,000 | ---D | C] -- C:\Users\xxxxxx\AppData\Local\Google
[2011.05.03 15:45:17 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2011.05.03 15:34:51 | 002,074,576 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2011.05.03 15:34:51 | 001,533,904 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2011.05.03 15:34:51 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2011.05.03 15:33:38 | 000,656,320 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctEFA.sys
[2011.05.03 15:33:38 | 000,338,880 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctDS.sys
[2011.05.03 15:33:36 | 000,251,560 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2011.05.03 15:33:36 | 000,105,280 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2011.05.03 15:33:26 | 000,263,888 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2011.05.03 15:33:26 | 000,160,576 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2011.05.03 15:33:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security
[2011.05.03 15:33:23 | 000,233,976 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTSD.sys
[2011.05.03 15:33:18 | 000,070,536 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2011.05.03 15:32:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2011.05.03 15:32:55 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011.05.03 15:32:55 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security
[2011.05.03 15:23:33 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011.05.02 19:07:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2005
[2011.05.01 19:42:39 | 000,000,000 | ---D | C] -- C:\89ca9b8a31f5556fea61
[2011.05.01 19:03:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011.05.01 18:55:15 | 000,000,000 | ---D | C] -- C:\Users\xxxxxx\AppData\Roaming\Malwarebytes
[2011.05.01 18:54:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.05.01 18:54:33 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.05.01 18:54:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.05.01 18:54:25 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009.01.03 14:03:54 | 001,851,544 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files\install_flash_player(2).exe
[2002.03.11 11:06:30 | 001,822,520 | ---- | C] (Microsoft Corporation) -- C:\Program Files\instmsiw.exe
[2002.03.11 10:45:04 | 001,708,856 | ---- | C] (Microsoft Corporation) -- C:\Program Files\instmsia.exe
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.05.09 15:19:59 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{DF1769A6-4492-43AA-A124-945DB7E58369}.job
[2011.05.09 14:44:16 | 000,003,456 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.09 14:44:16 | 000,003,456 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.09 14:44:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.09 14:43:54 | 2137,186,304 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.03 18:43:19 | 000,698,314 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.05.03 18:43:19 | 000,656,850 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.05.03 18:43:19 | 000,140,292 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.05.03 18:43:19 | 000,121,506 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.05.03 15:46:05 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011.05.03 15:45:28 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.05.03 15:33:25 | 000,001,772 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011.05.01 19:57:11 | 000,001,808 | ---- | M] () -- C:\Users\xxxxxxx\Desktop\Microsoft Security Essentials.lnk
[2011.05.01 19:05:10 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011.05.01 18:54:35 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.27 19:32:14 | 000,000,184 | ---- | M] () -- C:\ProgramData\~27189024
[2011.04.27 19:32:14 | 000,000,152 | ---- | M] () -- C:\ProgramData\~27189024r
[2011.04.27 19:31:53 | 000,000,328 | ---- | M] () -- C:\ProgramData\27189024
[2011.04.12 10:44:42 | 000,149,456 | ---- | M] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2011.04.12 10:44:40 | 002,074,576 | ---- | M] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2011.04.12 10:44:40 | 001,533,904 | ---- | M] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2011.04.12 10:44:34 | 000,767,952 | ---- | M] () -- C:\Windows\BDTSupport.dll
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.05.03 15:48:01 | 2137,186,304 | -HS- | C] () -- C:\hiberfil.sys
[2011.05.03 15:46:05 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011.05.03 15:45:28 | 000,001,104 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.05.03 15:34:52 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2011.05.03 15:34:51 | 000,002,125 | ---- | C] () -- C:\Windows\UDB.zip
[2011.05.03 15:34:51 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2011.05.03 15:34:51 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2011.05.03 15:34:51 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2011.05.03 15:33:25 | 000,001,772 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011.05.01 19:57:11 | 000,001,808 | ---- | C] () -- C:\Users\xxxxxx\Desktop\Microsoft Security Essentials.lnk
[2011.05.01 19:05:10 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011.05.01 19:04:01 | 000,001,808 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011.05.01 18:54:35 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.27 19:32:14 | 000,000,184 | ---- | C] () -- C:\ProgramData\~27189024
[2011.04.27 19:32:14 | 000,000,152 | ---- | C] () -- C:\ProgramData\~27189024r
[2011.04.27 19:31:53 | 000,000,328 | ---- | C] () -- C:\ProgramData\27189024
[2009.03.06 18:53:08 | 000,008,922 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2008.03.19 15:26:52 | 000,012,288 | ---- | C] () -- C:\Windows\System32\drivers\Spyder3.sys
[2007.12.28 13:02:51 | 000,109,056 | ---- | C] () -- C:\Windows\System32\UNINSTAL.EXE
[2007.12.01 12:42:12 | 000,087,552 | ---- | C] () -- C:\Windows\System32\cpwmon2k.dll
[2007.10.30 18:26:41 | 000,040,960 | ---- | C] () -- C:\Windows\System32\IPPCPUID.DLL
[2007.10.30 18:24:56 | 000,011,776 | ---- | C] () -- C:\Windows\System32\pmsbfn32.dll
[2007.10.30 18:19:54 | 000,000,416 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2007.10.30 18:08:41 | 000,003,072 | ---- | C] () -- C:\Windows\System32\CNCFLbNL.DLL
[2007.10.17 14:17:55 | 000,002,828 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2007.10.17 14:17:55 | 000,000,168 | RHS- | C] () -- C:\Windows\System32\DE1882D9FD.sys
[2007.08.24 18:50:12 | 000,021,552 | ---- | C] () -- C:\Windows\System32\WIN2PDFM.DLL
[2007.08.19 18:37:14 | 000,152,624 | ---- | C] () -- C:\Windows\System32\WIN2PDFS.DLL
[2007.08.19 18:37:13 | 000,002,333 | ---- | C] () -- C:\Windows\1way.ini
[2007.08.06 18:33:47 | 000,042,483 | ---- | C] () -- C:\Windows\ICCCODES.DAT
[2007.08.06 18:33:47 | 000,039,095 | ---- | C] () -- C:\Windows\Iccsigs.dat
[2007.08.06 18:33:47 | 000,000,156 | ---- | C] () -- C:\Windows\KPCMS.INI
[2007.08.06 18:33:38 | 000,210,944 | ---- | C] () -- C:\Windows\System32\MSVCRT10.DLL
[2007.07.22 16:06:26 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2007.07.13 20:52:46 | 000,016,384 | ---- | C] () -- C:\Windows\System32\FileOps.exe
[2007.05.29 18:24:40 | 003,254,694 | ---- | C] () -- C:\Program Files\openofficeorg4.cab
[2007.05.29 18:24:13 | 061,224,670 | ---- | C] () -- C:\Program Files\openofficeorg3.cab
[2007.05.29 18:19:20 | 015,292,629 | ---- | C] () -- C:\Program Files\openofficeorg2.cab
[2007.05.29 18:17:39 | 018,256,481 | ---- | C] () -- C:\Program Files\openofficeorg1.cab
[2007.05.29 18:11:32 | 000,000,217 | ---- | C] () -- C:\Program Files\setup.ini
[2007.05.29 18:11:31 | 004,855,808 | ---- | C] () -- C:\Program Files\openofficeorg22.msi
[2007.04.19 18:13:02 | 000,319,488 | ---- | C] () -- C:\Program Files\setup.exe
[2006.12.14 02:37:47 | 000,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll
[2006.12.14 02:34:10 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Sony.dll
[2006.11.27 15:07:33 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2006.11.27 14:46:59 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2006.11.23 20:44:19 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1114.dll
[2006.11.23 20:44:19 | 000,077,824 | ---- | C] () -- C:\Windows\System32\hccutils.dll
[2006.11.23 20:44:19 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006.11.23 20:44:19 | 000,053,248 | ---- | C] () -- C:\Windows\System32\oemdspif.dll
[2006.11.23 12:47:24 | 000,163,840 | ---- | C] () -- C:\Windows\System32\WLANDLL.DLL
[2006.11.23 12:22:50 | 000,049,152 | ---- | C] () -- C:\Windows\System32\ChCfg.exe
[2006.11.02 17:33:31 | 000,698,314 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 17:33:31 | 000,140,292 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 001,729,712 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,656,850 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,121,506 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.11.02 09:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006.11.02 09:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2004.09.16 14:26:40 | 000,012,634 | ---- | C] () -- C:\Windows\ADFUUD.SYS
[2001.04.26 21:16:04 | 000,262,656 | ---- | C] () -- C:\Windows\System32\xse32.dll
[1997.09.12 17:41:00 | 000,063,488 | ---- | C] () -- C:\Windows\System32\EZTW32.DLL
========== Alternate Data Streams ==========
@Alternate Data Stream - 161 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
< End of report > |