Trojaner-Board - Trojan:Win32/FakeSysdef

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Trojan:Win32/FakeSysdef - wie entferne ich ihn? (https://www.trojaner-board.de/98635-trojan-win32-fakesysdef-entferne-ihn.html)

Trojan:Win32/FakeSysdef - wie entferne ich ihn?

Hallo zusammen,

ich habe mir ebenfalls den Trojaner Trojan:Win32/FakeSysdef eingefangen.

Was ich bereits getan habe:

mit Microsoft Security Essentials und Malwarebytes gescannt
und beide zeigen den Trojaner als bereinigtes Problem an
eigene Daten habe ich wieder mit unhide sichtbar gemacht

Sämtliche für den Trojaner typische Fehlermeldungen bleiben bisher aus.

Was ist noch zu tun, um sicher zu gehen, dass der Trojaner entfernt wurde?

Der Trojan:Win32/FakeSysdef scheint definitv noch da zu sein, da immer mehr Internet-Scripte Zugriff
haben möchten und geblockt werden. Auch läuft automatisch irgendwo eine Video- oder Sprachaufzeichnung ab,
die sich nicht stopen lässt.

Hallo und Herzlich Willkommen! :)

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:

Zitat:

"Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
- da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
- also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
Charakteristische Merkmale/Profilinformationen:
- aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du herauslöschen oder durch [X] ersetzen
Die Systemprüfung und Bereinigung:
- kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
Innerhalb der Betreuungszeit:
- ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
Die Reihenfolge:
- genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
Ansonsten unsere Forumsregeln:
- Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen:)

Zitat:

Wenn ein System kompromittiert wurde, ist das System nicht mehr vertrauenswürdig
Eine Neuinstallation garantiert die rückstandsfreie Entfernung der Infektion - Lesestoff: "Hilfe: Ich wurde das Opfer eines Hackerangriffs. Was soll ich tun?" - Säubern eines gefährdeten Systems

Falls du doch für die Systemreinigung entscheidest - Ein System zu bereinigen kann ein paar Tage dauern (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst::

Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
Hast du den Rechner bereits auf Viren überprüft? Folgende Ergebnisse möchte ich noch sehen:

Code:

Malwarebytes

Microsoft Security Essentials <- falls gespeicherte Protokolldateien vorhanden

2.
Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles in Code-Tags hier in den Thread.

3.
→ Lade Dir HJTscanlist.zip herunter
→ entpacke die Datei auf deinem Desktop
→ Bei WindowsXP Home musst vor dem Scan zusätzlich tasklist.zip installieren
→ per Doppelklick starten
→ Wähle dein Betriebsystem aus - bei Win7 wähle Vista
→ Wenn Du gefragt wirst, die Option "Einstellung" (1) - scanlist" wählen
→ Nach kurzer Zeit sollte sich Dein Editor öffnen und die Datei hjtscanlist.txt präsentieren
→ Bitte kopiere den Inhalt hier in Deinen Thread.
** Falls es klappt auf einmal nicht, kannst den Text in mehrere Teile teilen und so posten

4.
Ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool Ccleaner herunter
→ Download
installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ falls nötig - unter Options settings-> "german" einstellen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

Zitat:

Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein - z.B hjtsanlist o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]

** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw

gruß
Coverflow

Ok, danke dir ersteinmal für das Feedback.
Ich setze mich heute Abend dran und arbeite alles ab.

Gestern wurden von dem betroffenen Laptop Überweisungen getätigt.
Sollen deshalb irgendwelche Schritte unternommen werden?

Ja, solltest auf jeden Fall rasch Kontakt mit dem Kundenberater Deiner Bank aufnehmen.

Hi, ich habe es noch nicht geschafft die Liste abzuarbeiten.
Werd mich heute und Morgen dran setzen.

1. So hier ist das Logfile zu Malwarebytes. Eine Aktualisierung von Malwarebytes war vorab nicht möglich. Die Datenbank ist vom 20.12.2010.

Code:

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org
 

Datenbank Version: 5363
 

Windows 6.0.6000

Internet Explorer 7.0.6000.17037
 

09.05.2011 15:11:08

mbam-log-2011-05-09 (15-11-08).txt
 

Art des Suchlaufs: Quick-Scan

Durchsuchte Objekte: 127785

Laufzeit: 7 Minute(n), 17 Sekunde(n)
 

Infizierte Speicherprozesse: 0

Infizierte Speichermodule: 0

Infizierte Registrierungsschlüssel: 0

Infizierte Registrierungswerte: 0

Infizierte Dateiobjekte der Registrierung: 0

Infizierte Verzeichnisse: 0

Infizierte Dateien: 0
 

Infizierte Speicherprozesse:

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule:

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel:

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte:

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung:

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse:

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien:

(Keine bösartigen Objekte gefunden)

2. Systemscan mit OTL
1. Logfile

Code:

OTL Extras logfile created on: 09.05.2011 15:18:07 - Run 2

OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\xxx\Pictures\Desktop

Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6000.17037)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 33,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 62,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 83,85 Gb Total Space | 24,49 Gb Free Space | 29,21% Space Free | Partition Type: NTFS

 

Computer Name: xxxx | User Name: xxxxx | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"UacDisableNotify" = 0

"InternetSettingsDisableNotify" = 0

"AutoUpdateDisableNotify" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 
 ========== Authorized Applications List ==========

 

 
 ========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{17F65C06-1552-4FA5-9178-023E8B65A414}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

"{27792C71-D76E-4AF2-A628-A15D06953DDE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 

"{54EF25DF-3568-48FC-BA3D-E782496EAC7F}" = lport=137 | protocol=17 | dir=in | app=system | 

"{61B5E588-B324-4FCE-96E1-C60DB30A4AB9}" = lport=445 | protocol=6 | dir=in | app=system | 

"{81C667DF-772E-44BE-B74D-2CF1B3DB136A}" = lport=138 | protocol=17 | dir=in | app=system | 

"{828CDA2C-C9A4-4C85-971F-F12A086C54F0}" = rport=138 | protocol=17 | dir=out | app=system | 

"{89B76941-B281-48DC-967D-534D37AE22D5}" = lport=139 | protocol=6 | dir=in | app=system | 

"{90C7C86B-83D9-4D7C-9C84-0C0D10ADD712}" = rport=137 | protocol=17 | dir=out | app=system | 

"{B1A168AE-BB7F-434E-9909-DA53594AA722}" = rport=139 | protocol=6 | dir=out | app=system | 

"{F5C808E3-F389-4736-AF77-4C072924D3B7}" = rport=445 | protocol=6 | dir=out | app=system | 

 
 ========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0C5F9899-C9FE-4B0A-AE05-8008059D7E99}" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe | 

"{156EDB3A-7098-4B9F-ACBA-99F028DA3F90}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 

"{160C88EF-0A2B-4285-A6CF-6FF3023AAFAE}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | 

"{19BE2D54-D2BD-4598-B489-FE7A2EB2E362}" = protocol=6 | dir=in | app=c:\users\morena\appdata\roaming\dropbox\bin\dropbox.exe | 

"{224E12A1-E16A-4957-B162-5CFE0B605359}" = protocol=17 | dir=in | app=c:\users\morena\appdata\roaming\dropbox\bin\dropbox.exe | 

"{590B8539-FBE3-422E-875C-74F8F17697DA}" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe | 

"{A7A0FE13-7955-49F6-8DA7-E5E188C7011E}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | 

"{B81DDD11-3EC3-4C63-A58B-F3FEA5317E9E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 

"{CE566FE0-5DD5-4502-83B8-03B9EF7386E9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 

"{E6C1DEE0-5DD7-4FF7-9DE5-31320EF893DA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 

"TCP Query User{115F0A07-C2E1-46E9-9B3D-B3ECC0AC7176}C:\users\morena\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\morena\appdata\roaming\dropbox\bin\dropbox.exe | 

"TCP Query User{93E883BE-A50F-4148-A119-395CA16871A1}C:\program files\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | 

"TCP Query User{D1E9D6B9-E72F-433C-91C0-A160F99FF58C}C:\program files\zattoo\zattood.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattood.exe | 

"TCP Query User{FB32A0BA-A01E-4431-A643-CF1984FF2F5E}C:\program files\zattoo\zattoo.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattoo.exe | 

"UDP Query User{65850458-F5C9-4D11-8941-140D3513A6D2}C:\program files\zattoo\zattood.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattood.exe | 

"UDP Query User{7F5960DA-192F-4A50-B31B-D697C2DD9173}C:\program files\zattoo\zattoo.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattoo.exe | 

"UDP Query User{BD6104E2-AD55-4D39-9FAE-B9716429390F}C:\usersxxxx\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\xxxxx\appdata\roaming\dropbox\bin\dropbox.exe | 

"UDP Query User{FACAE5D1-1D84-42F1-867D-10E2920E115D}C:\program files\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library

"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (VAIO_VEDB)

"{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}" = ElsterFormular 2008/2009

"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)

"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics

"{0D25F7CC-B99C-44ee-9945-B14532B2BB7B}" = Canon MP830

"{17C7703E-0B2A-4593-9CB7-E2FE14B6F8EA}" = Sony Snymsico for Vista

"{1BCEA516-B4C5-4B2D-BFA0-AB7910BAD862}" = Adobe ExtendScript Toolkit 2

"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO

"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0

"{24960AC2-C413-4A86-B1C1-E4CCADCA44D3}" = VAIO Information FLOW

"{2A2FF7F5-6F0E-4A5D-A881-39365E718BD6}" = VAIO Cozy Orange Wallpaper

"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6

"{3D79DB6E-73DA-46C9-B8FA-DAE52108246F}" = OpenMG Secure Module 4.6.01

"{3EBD3749-304E-4A4C-9575-C00E5F015217}" = Apple Mobile Device Support

"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector

"{48820099-ED7D-424B-890C-9A82EF00656D}" = VAIO Update 3

"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works

"{500162A0-4DD5-460A-BAFD-895AAE48C532}" = VAIO Media Content Collection 6.0

"{500C3FDC-5E5F-485F-BDF5-2C445839CBE0}" = 

"{55B781F0-060E-11D4-99D7-00C04FCCB775}" = 

"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 6.0

"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool

"{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media Redistribution 6.0

"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series

"{5BBFB0E4-2250-49C3-A8A3-65BE2197D13B}" = MP3 Player Utilities 1.40

"{5E343EF6-D27C-4CFC-9FAE-9AAFB541BCEE}" = VAIO Photo 2007

"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup

"{685BCC47-B8EC-45EC-BBCE-77DF2451502C}" = DVgate Plus

"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform

"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware

"{7782916E-3D46-4F1F-AC4B-3FB9D17049F4}" = Microsoft Antimalware Service DE-DE Language Pack

"{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client

"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 6.0

"{7FB12670-0F93-4E1E-B2F5-4F339199A03A}" = Microsoft SQL Server Native Client

"{849A32C3-E75A-4791-9B11-E568BA3525A4}" = Microsoft SQL Server VSS Writer

"{859B9BCA-5376-4566-9F88-C6C9DAA7A925}" = Microsoft Security Client DE-DE Language Pack

"{934A3213-1CB6-4264-84A2-EE080C017BCA}" = VAIO Tender Green Wallpaper

"{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}" = QuickTime

"{97260AE9-A1EE-492E-8DCC-FD0AFF785720}" = 

"{97BCD719-6ECB-458F-97D6-F38D2E07375E}" = VAIO Aqua Breeze Wallpaper

"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 3.81

"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management

"{9E407618-D9CD-4F39-9490-9ED45294073D}" = Click to DVD 2.0.05 Menu Data

"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO

"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 4.2

"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable

"{A947C2B3-7445-42C4-9063-EE704CACCB22}" = VAIO Hardware Diagnostics

"{AC76BA86-7AD7-1031-7B44-A81000000003}" = Adobe Reader 8.1.0 - Deutsch

"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 6.0

"{B045B608-4A47-4C77-9EAD-06C394503306}" = iTunes

"{B480BD2A-F1BA-4FE6-8C8E-34C6111B72C9}" = ElsterFormular 2007/2008

"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update

"{C183A21C-395A-490F-99D4-CCAB35E32859}" = 

"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}" = Presto! PageManager 7.15.14

"{D504303A-717D-414C-BA9F-FE01093E2EF8}" = Adobe Setup

"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)

"{E2B38044-AEF2-40AF-BDD8-FEDE799A8633}" = 

"{E4C7B3EF-B3DB-4BB6-A812-E8FAE47534D3}" = OpenOffice.org 2.2

"{E809063C-51A3-4269-8984-D1EB742F2151}" = Click to DVD 2.6.00

"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL

"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F40C006E-7A31-45D8-A50B-683181F0DDC8}" = X-Stitch Studio

"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager

"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" = 

"{FC37C108-821D-4EDE-8F40-D5B497586805}" = VAIO Control Center

"{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}" = LAN-Express AS IEEE 802.11 Wireless LAN

"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe InDesign 2.0" = Adobe InDesign 2.0

"Adobe PageMaker 7.0" = Adobe PageMaker 7.0

"Adobe Photoshop 7.0" = Adobe Photoshop 7.0

"Adobe SVG Viewer" = Adobe SVG Viewer 3.0

"Adobe_5bc0f8414ec36c555a3e7e5ec2e225e" = Adobe ExtendScript Toolkit 2

"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings

"Browser Defender_is1" = Browser Defender 3.0

"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP

"CutePDF Writer Installation" = CutePDF Writer 2.7

"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint

"Eazel-DE Toolbar" = Eazel-DE Toolbar

"ElsterFormular 11.4.1.4323" = ElsterFormular

"FeedReader_is1" = FeedReader

"Google Chrome" = Google Chrome

"HDMI" = Intel(R) Graphics Media Accelerator Driver

"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO

"InstallShield_{3D79DB6E-73DA-46C9-B8FA-DAE52108246F}" = OpenMG Secure Module 4.6.01

"LastFM_is1" = Last.fm 1.5.1.30182

"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"MediaNavigation.CDLabelPrint" = CD-LabelPrint

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft Security Client" = Microsoft Security Essentials

"Microsoft SQL Server 2005" = Microsoft SQL Server 2005

"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)

"Mozilla Thunderbird (2.0.0.6)" = Mozilla Thunderbird (2.0.0.6)

"MP Navigator 2.2" = Canon MP Navigator 2.2

"RegistryBooster 2_is1" = Uniblue RegistryBooster 2

"Revolver Office" = Revolver Office 6.6 r9 

"ShockwaveFlash" = Adobe Flash Player 9 ActiveX

"Skype_is1" = Skype 2.5

"Spyware Doctor" = Spyware Doctor 8.0

"VB Runtime" = VB Runtime

"Win2PDF_is1" = Win2PDF 3.30

"Yahoo! Widget Engine" = Yahoo! Widgets

"YInstHelper" = Yahoo! Install Manager

"Zattoo" = Zattoo 3.3.4 Beta

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 03.05.2011 12:32:11 | Computer Name = xxxxx | Source = Application Error | ID = 1000

Description = Fehlerhafte Anwendung firefox.exe, Version 1.9.0.3725, Zeitstempel

 0x4b9de18e, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,

 Ausnahmecode 0xc0000005, Fehleroffset 0x00060e6b,  Prozess-ID 0x7d0, Anwendungsstartzeit

 01cc09afa6c78bfa.

 

Error - 03.05.2011 12:34:08 | Computer Name = xxxxx | Source = Application Error | ID = 1000

Description = Fehlerhafte Anwendung firefox.exe, Version 1.9.0.3725, Zeitstempel

 0x4b9de18e, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,

 Ausnahmecode 0xc0000005, Fehleroffset 0x00060e6b,  Prozess-ID 0x1744, Anwendungsstartzeit

 01cc09afecd88efa.

 

Error - 03.05.2011 12:34:25 | Computer Name = xxxxx | Source = Application Error | ID = 1000

Description = Fehlerhafte Anwendung iexplore.exe, Version 7.0.6000.17037, Zeitstempel

 0x4b9658a0, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,

 Ausnahmecode 0xc0000005, Fehleroffset 0x00060e6b,  Prozess-ID 0x117c, Anwendungsstartzeit

 01cc09aff67cf90a.

 

Error - 03.05.2011 12:34:55 | Computer Name = xxxxx | Source = Application Error | ID = 1000

Description = Fehlerhafte Anwendung firefox.exe, Version 1.9.0.3725, Zeitstempel

 0x4b9de18e, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,

 Ausnahmecode 0xc0000005, Fehleroffset 0x00060e6b,  Prozess-ID 0x1334, Anwendungsstartzeit

 01cc09b0087690da.

 

Error - 03.05.2011 12:35:21 | Computer Name = xxxxx| Source = Application Error | ID = 1000

Description = Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6000.16771, Zeitstempel

 0x4907deda, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,

 Ausnahmecode 0xc0000005, Fehleroffset 0x00060e6b,  Prozess-ID 0xb18, Anwendungsstartzeit

 01cc09b017b6adfa.

 

Error - 03.05.2011 12:37:32 | Computer Name = xxxxx | Source = Application Error | ID = 1000

Description = Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6000.16771, Zeitstempel

 0x4907deda, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,

 Ausnahmecode 0xc0000005, Fehleroffset 0x00060e6b,  Prozess-ID 0xc34, Anwendungsstartzeit

 01cc09b065d8349a.

 

Error - 09.05.2011 08:47:07 | Computer Name = xxxxx | Source = Application Error | ID = 1000

Description = Fehlerhafte Anwendung iexplore.exe, Version 7.0.6000.17037, Zeitstempel

 0x4b9658a0, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,

 Ausnahmecode 0xc0000005, Fehleroffset 0x00060e6b,  Prozess-ID 0x16e8, Anwendungsstartzeit

 01cc0e472d7ac0a5.

 

Error - 09.05.2011 08:47:25 | Computer Name = xxxxx | Source = Application Error | ID = 1000

Description = Fehlerhafte Anwendung iexplore.exe, Version 7.0.6000.17037, Zeitstempel

 0x4b9658a0, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,

 Ausnahmecode 0xc0000005, Fehleroffset 0x00060e6b,  Prozess-ID 0x16e8, Anwendungsstartzeit

 01cc0e472d7ac0a5.

 

Error - 09.05.2011 08:48:05 | Computer Name = xxxxx| Source = Application Error | ID = 1000

Description = Fehlerhafte Anwendung firefox.exe, Version 1.9.0.3725, Zeitstempel

 0x4b9de18e, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,

 Ausnahmecode 0xc0000005, Fehleroffset 0x00060e6b,  Prozess-ID 0x1694, Anwendungsstartzeit

 01cc0e4741f229b5.

 

Error - 09.05.2011 08:49:22 | Computer Name = xxxxxx | Source = Application Error | ID = 1000

Description = Fehlerhafte Anwendung chrome.exe, Version 0.0.0.0, Zeitstempel 0x4db90fe3,

 fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9, Ausnahmecode

 0xc0000005, Fehleroffset 0x00060e6b,  Prozess-ID 0x9b4, Anwendungsstartzeit 01cc0e47838b6035.

 

[ System Events ]

Error - 03.05.2011 09:29:10 | Computer Name = xxxxx| Source = DCOM | ID = 10005

Description = 

 

Error - 03.05.2011 09:29:16 | Computer Name = xxxxx | Source = DCOM | ID = 10005

Description = 

 

Error - 03.05.2011 09:29:20 | Computer Name = xxxxxx | Source = DCOM | ID = 10005

Description = 

 

Error - 03.05.2011 09:30:00 | Computer Name = xxxxx | Source = Service Control Manager | ID = 7001

Description = 

 

Error - 03.05.2011 09:30:00 | Computer Name = xxxxx | Source = Service Control Manager | ID = 7001

Description = 

 

Error - 03.05.2011 09:30:00 | Computer Name = xxxxx | Source = Service Control Manager | ID = 7026

Description = 

 

Error - 03.05.2011 09:31:00 | Computer Name = xxxxx | Source = DCOM | ID = 10005

Description = 

 

Error - 03.05.2011 09:33:01 | Computer Name = xxxxx | Source = DCOM | ID = 10005

Description = 

 

Error - 03.05.2011 09:46:06 | Computer Name = xxxxx | Source = DCOM | ID = 10005

Description = 

 

Error - 03.05.2011 09:52:36 | Computer Name = xxxxx | Source = Microsoft Antimalware | ID = 3002

Description = Fehler in %%860-Echtzeitschutzfunktion.     Funktion: %%835     Fehlercode: 

0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%842

 

 

< End of report >

2. Logfile

Code:

OTL logfile created on: 09.05.2011 15:18:07 - Run 2

OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\xxxx\Pictures\Desktop

Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6000.17037)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 33,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 62,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 83,85 Gb Total Space | 24,49 Gb Free Space | 29,21% Space Free | Partition Type: NTFS

 

Computer Name: xxxx | User Name: xxxxx | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Users\Morena\Pictures\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools)

PRC - C:\Program Files\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)

PRC - C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.)

PRC - C:\Program Files\PC Tools Security\pctsSvc.exe (PC Tools)

PRC - C:\Program Files\PC Tools Security\pctsAuxs.exe (PC Tools)

PRC - C:\Users\Morena\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

PRC - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Last.fm\LastFM.exe (Last.fm)

PRC - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)

PRC - C:\Windows\System32\Macromed\Flash\FlashUtil9e.exe (Adobe Systems, Inc.)

PRC - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)

PRC - C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe (Sony Corporation)

PRC - C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)

PRC - C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)

PRC - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)

PRC - C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)

PRC - C:\Program Files\Common Files\Protexis\License Service\PSIService.exe ()

PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)

PRC - C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe (ScanSoft, Inc.)

PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)

PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)

PRC - C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe ()

PRC - C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe ()

PRC - C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)

PRC - C:\Program Files\Apoint\Apntex.exe (Alps Electric Co., Ltd.)

PRC - C:\Program Files\Apoint\ApMsgFwd.exe (Alps Electric Co., Ltd.)

PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)

 

 
 ========== Modules (SafeList) ==========

 

MOD - C:\Users\xxxx\Pictures\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\Program Files\PC Tools Security\pctgmhk.dll (PC Tools)

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation)

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - (LiveUpdate Notice Ex) --  File not found

SRV - (CLTNetCnService) --  File not found

SRV - (Browser Defender Update Service) -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.)

SRV - (sdCoreService) -- C:\Program Files\PC Tools Security\pctsSvc.exe (PC Tools)

SRV - (sdAuxService) -- C:\Program Files\PC Tools Security\pctsAuxs.exe (PC Tools)

SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)

SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)

SRV - (LiveUpdate) -- C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (Symantec Corporation)

SRV - (Automatisches LiveUpdate - Scheduler) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SRV - (SSScsiSV) -- C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe (Sony Corporation)

SRV - (VAIO Event Service) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)

SRV - (ProtexisLicensing) -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe ()

SRV - (VAIOMediaPlatform-IntegratedServer-AppServer) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-UCLS-AppServer) -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-UCLS-UPnP) VAIO Media Content Collection (UPnP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-UCLS-HTTP) VAIO Media Content Collection (HTTP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)

SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe (Sony Corporation)

SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe (Sony Corporation)

SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe (Sony Corporation)

SRV - (VzCdbSvc) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)

SRV - (VzFw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)

SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-Mobile-Gateway) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation)

SRV - (Vcsw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (MpKslf9e7d7d6) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AA6D40DD-CE7C-4A9B-9944-1B7708EFC04A}\MpKslf9e7d7d6.sys (Microsoft Corporation)

DRV - (PCTCore) -- C:\Windows\system32\drivers\PCTCore.sys (PC Tools)

DRV - (PCTSD) -- C:\Windows\System32\drivers\PCTSD.sys (PC Tools)

DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation)

DRV - (pctDS) -- C:\Windows\system32\drivers\pctDS.sys (PC Tools)

DRV - (Spyder3) -- C:\Windows\System32\drivers\Spyder3.sys ()

DRV - (LEX_AS_NIC_SERVICE_YNOS) -- C:\Windows\System32\drivers\ExpasAG.sys (Atheros Communications, Inc.)

DRV - (ti21sony) -- C:\Windows\System32\drivers\ti21sony.sys (Texas Instruments)

DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)

DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation)

DRV - (SNC) -- C:\Windows\System32\drivers\SonyNC.sys (Sony Corporation)

DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)

DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yahoo.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com

IE - HKLM\..\URLSearchHook: {69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5} - C:\Program Files\Eazel-DE\tbEaze.dll (Conduit Ltd.)

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2096149

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

IE - HKCU\..\URLSearchHook: {69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5} - C:\Program Files\Eazel-DE\tbEaze.dll (Conduit Ltd.)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "hxxp://www.aka-aki.com/index.php|hxxp://www.twotickets.de/rubriken/.bin/lastminute.php|https://banking.postbank.de/app/logout.do;jsessionid=9C4697FC3941EB2596A8B4A08BBB3102.C21|hxxp://www.lastfm.de/user/xxxx/|hxxp://forum.designmadeingermany.de/2945/|hxxp://www.supertopic.de/"

 

FF - HKLM\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\Firefox\ [2011.05.03 15:34:53 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.04.28 22:03:41 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.28 22:03:41 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2007.10.12 19:04:53 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.6\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

 

[2010.06.17 11:08:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxxxxx\AppData\Roaming\mozilla\Extensions

[2010.08.06 12:32:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxxxxx\AppData\Roaming\mozilla\Firefox\Profiles\xib5qyfx.default\extensions

[2010.06.17 11:08:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxxxxx\AppData\Roaming\mozilla\Firefox\Profiles\xib5qyfx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010.08.06 12:32:08 | 000,000,000 | ---D | M] (Eazel-DE Toolbar) -- C:\Users\xxxxxxx\AppData\Roaming\mozilla\Firefox\Profiles\xib5qyfx.default\extensions\{69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5}

[2007.10.11 20:37:09 | 000,000,000 | ---D | M] ("Foxmarks Bookmark Synchronizer") -- C:\Users\xxxxx\AppData\Roaming\mozilla\Firefox\Profiles\xib5qyfx.default\extensions\foxmarks@kei.com

[2010.06.17 11:08:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxxxxx\AppData\Roaming\mozilla\Firefox\Profiles\xib5qyfx.default\extensions\staged-xpis

[2007.07.22 16:06:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

[2009.05.26 19:54:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions\talkback@mozilla.org

[2007.03.10 01:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll

[2011.04.28 22:03:34 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml

[2011.04.28 22:03:34 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml

[2011.04.28 22:03:34 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml

[2011.04.28 22:03:34 | 000,000,986 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml

[2011.04.28 22:03:34 | 000,000,801 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: ::1             localhost

O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

O2 - BHO: (Eazel-DE Toolbar) - {69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5} - C:\Program Files\Eazel-DE\tbEaze.dll (Conduit Ltd.)

O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll (Your Company Name)

O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

O3 - HKLM\..\Toolbar: (Eazel-DE Toolbar) - {69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5} - C:\Program Files\Eazel-DE\tbEaze.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (Eazel-DE Toolbar) - {69B6939F-C70D-45C5-9BBD-E2E2CC3DD8E5} - C:\Program Files\Eazel-DE\tbEaze.dll (Conduit Ltd.)

O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)

O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)

O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools)

O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)

O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)

O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKLM..\Run: [WrtMon.exe] C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe ()

O4 - HKCU..\Run: [ISUSPM Startup]  File not found

O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil9e.exe (Adobe Systems, Inc.)

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: RSS-Support-Site zu VAIO Information FLOW hinzufügen - C:\Program Files\Sony\VAIO Information FLOW\aiesc.html ()

O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O13 - gopher Prefix: missing

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.1.1

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)

O24 - Desktop WallPaper: C:\Users\xxxxxx\Documents\xxxxxx. xxxxx\Wallpaper\urbanpattern23.jpg

O24 - Desktop BackupWallPaper: C:\Users\xxxxx\Documents\xxxxxx. xxxxx\Wallpaper\urbanpattern23.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2011.05.03 18:41:38 | 000,000,000 | ---D | C] -- C:\Windows\SQL9_KB970892_ENU

[2011.05.03 15:46:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

[2011.05.03 15:45:18 | 000,000,000 | ---D | C] -- C:\Users\xxxxxx\AppData\Local\Google

[2011.05.03 15:45:17 | 000,000,000 | ---D | C] -- C:\Program Files\Google

[2011.05.03 15:34:51 | 002,074,576 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll

[2011.05.03 15:34:51 | 001,533,904 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll

[2011.05.03 15:34:51 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll

[2011.05.03 15:33:38 | 000,656,320 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctEFA.sys

[2011.05.03 15:33:38 | 000,338,880 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctDS.sys

[2011.05.03 15:33:36 | 000,251,560 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys

[2011.05.03 15:33:36 | 000,105,280 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys

[2011.05.03 15:33:26 | 000,263,888 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys

[2011.05.03 15:33:26 | 000,160,576 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys

[2011.05.03 15:33:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security

[2011.05.03 15:33:23 | 000,233,976 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTSD.sys

[2011.05.03 15:33:18 | 000,070,536 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys

[2011.05.03 15:32:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools

[2011.05.03 15:32:55 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP

[2011.05.03 15:32:55 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security

[2011.05.03 15:23:33 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools

[2011.05.02 19:07:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2005

[2011.05.01 19:42:39 | 000,000,000 | ---D | C] -- C:\89ca9b8a31f5556fea61

[2011.05.01 19:03:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client

[2011.05.01 18:55:15 | 000,000,000 | ---D | C] -- C:\Users\xxxxxx\AppData\Roaming\Malwarebytes

[2011.05.01 18:54:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011.05.01 18:54:33 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2011.05.01 18:54:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011.05.01 18:54:25 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2009.01.03 14:03:54 | 001,851,544 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files\install_flash_player(2).exe

[2002.03.11 11:06:30 | 001,822,520 | ---- | C] (Microsoft Corporation) -- C:\Program Files\instmsiw.exe

[2002.03.11 10:45:04 | 001,708,856 | ---- | C] (Microsoft Corporation) -- C:\Program Files\instmsia.exe

[1 C:\*.tmp files -> C:\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2011.05.09 15:19:59 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{DF1769A6-4492-43AA-A124-945DB7E58369}.job

[2011.05.09 14:44:16 | 000,003,456 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2011.05.09 14:44:16 | 000,003,456 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2011.05.09 14:44:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011.05.09 14:43:54 | 2137,186,304 | -HS- | M] () -- C:\hiberfil.sys

[2011.05.03 18:43:19 | 000,698,314 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2011.05.03 18:43:19 | 000,656,850 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011.05.03 18:43:19 | 000,140,292 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2011.05.03 18:43:19 | 000,121,506 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011.05.03 15:46:05 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2011.05.03 15:45:28 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011.05.03 15:33:25 | 000,001,772 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk

[2011.05.01 19:57:11 | 000,001,808 | ---- | M] () -- C:\Users\xxxxxxx\Desktop\Microsoft Security Essentials.lnk

[2011.05.01 19:05:10 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif

[2011.05.01 18:54:35 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.04.27 19:32:14 | 000,000,184 | ---- | M] () -- C:\ProgramData\~27189024

[2011.04.27 19:32:14 | 000,000,152 | ---- | M] () -- C:\ProgramData\~27189024r

[2011.04.27 19:31:53 | 000,000,328 | ---- | M] () -- C:\ProgramData\27189024

[2011.04.12 10:44:42 | 000,149,456 | ---- | M] (PC Tools) -- C:\Windows\SGDetectionTool.dll

[2011.04.12 10:44:40 | 002,074,576 | ---- | M] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll

[2011.04.12 10:44:40 | 001,533,904 | ---- | M] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll

[2011.04.12 10:44:34 | 000,767,952 | ---- | M] () -- C:\Windows\BDTSupport.dll

[1 C:\*.tmp files -> C:\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2011.05.03 15:48:01 | 2137,186,304 | -HS- | C] () -- C:\hiberfil.sys

[2011.05.03 15:46:05 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2011.05.03 15:45:28 | 000,001,104 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011.05.03 15:34:52 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll

[2011.05.03 15:34:51 | 000,002,125 | ---- | C] () -- C:\Windows\UDB.zip

[2011.05.03 15:34:51 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml

[2011.05.03 15:34:51 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml

[2011.05.03 15:34:51 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip

[2011.05.03 15:33:25 | 000,001,772 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk

[2011.05.01 19:57:11 | 000,001,808 | ---- | C] () -- C:\Users\xxxxxx\Desktop\Microsoft Security Essentials.lnk

[2011.05.01 19:05:10 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif

[2011.05.01 19:04:01 | 000,001,808 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk

[2011.05.01 18:54:35 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.04.27 19:32:14 | 000,000,184 | ---- | C] () -- C:\ProgramData\~27189024

[2011.04.27 19:32:14 | 000,000,152 | ---- | C] () -- C:\ProgramData\~27189024r

[2011.04.27 19:31:53 | 000,000,328 | ---- | C] () -- C:\ProgramData\27189024

[2009.03.06 18:53:08 | 000,008,922 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate

[2008.03.19 15:26:52 | 000,012,288 | ---- | C] () -- C:\Windows\System32\drivers\Spyder3.sys

[2007.12.28 13:02:51 | 000,109,056 | ---- | C] () -- C:\Windows\System32\UNINSTAL.EXE

[2007.12.01 12:42:12 | 000,087,552 | ---- | C] () -- C:\Windows\System32\cpwmon2k.dll

[2007.10.30 18:26:41 | 000,040,960 | ---- | C] () -- C:\Windows\System32\IPPCPUID.DLL

[2007.10.30 18:24:56 | 000,011,776 | ---- | C] () -- C:\Windows\System32\pmsbfn32.dll

[2007.10.30 18:19:54 | 000,000,416 | ---- | C] () -- C:\Windows\MAXLINK.INI

[2007.10.30 18:08:41 | 000,003,072 | ---- | C] () -- C:\Windows\System32\CNCFLbNL.DLL

[2007.10.17 14:17:55 | 000,002,828 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys

[2007.10.17 14:17:55 | 000,000,168 | RHS- | C] () -- C:\Windows\System32\DE1882D9FD.sys

[2007.08.24 18:50:12 | 000,021,552 | ---- | C] () -- C:\Windows\System32\WIN2PDFM.DLL

[2007.08.19 18:37:14 | 000,152,624 | ---- | C] () -- C:\Windows\System32\WIN2PDFS.DLL

[2007.08.19 18:37:13 | 000,002,333 | ---- | C] () -- C:\Windows\1way.ini

[2007.08.06 18:33:47 | 000,042,483 | ---- | C] () -- C:\Windows\ICCCODES.DAT

[2007.08.06 18:33:47 | 000,039,095 | ---- | C] () -- C:\Windows\Iccsigs.dat

[2007.08.06 18:33:47 | 000,000,156 | ---- | C] () -- C:\Windows\KPCMS.INI

[2007.08.06 18:33:38 | 000,210,944 | ---- | C] () -- C:\Windows\System32\MSVCRT10.DLL

[2007.07.22 16:06:26 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

[2007.07.13 20:52:46 | 000,016,384 | ---- | C] () -- C:\Windows\System32\FileOps.exe

[2007.05.29 18:24:40 | 003,254,694 | ---- | C] () -- C:\Program Files\openofficeorg4.cab

[2007.05.29 18:24:13 | 061,224,670 | ---- | C] () -- C:\Program Files\openofficeorg3.cab

[2007.05.29 18:19:20 | 015,292,629 | ---- | C] () -- C:\Program Files\openofficeorg2.cab

[2007.05.29 18:17:39 | 018,256,481 | ---- | C] () -- C:\Program Files\openofficeorg1.cab

[2007.05.29 18:11:32 | 000,000,217 | ---- | C] () -- C:\Program Files\setup.ini

[2007.05.29 18:11:31 | 004,855,808 | ---- | C] () -- C:\Program Files\openofficeorg22.msi

[2007.04.19 18:13:02 | 000,319,488 | ---- | C] () -- C:\Program Files\setup.exe

[2006.12.14 02:37:47 | 000,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll

[2006.12.14 02:34:10 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Sony.dll

[2006.11.27 15:07:33 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI

[2006.11.27 14:46:59 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI

[2006.11.23 20:44:19 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1114.dll

[2006.11.23 20:44:19 | 000,077,824 | ---- | C] () -- C:\Windows\System32\hccutils.dll

[2006.11.23 20:44:19 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll

[2006.11.23 20:44:19 | 000,053,248 | ---- | C] () -- C:\Windows\System32\oemdspif.dll

[2006.11.23 12:47:24 | 000,163,840 | ---- | C] () -- C:\Windows\System32\WLANDLL.DLL

[2006.11.23 12:22:50 | 000,049,152 | ---- | C] () -- C:\Windows\System32\ChCfg.exe

[2006.11.02 17:33:31 | 000,698,314 | ---- | C] () -- C:\Windows\System32\perfh007.dat

[2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat

[2006.11.02 17:33:31 | 000,140,292 | ---- | C] () -- C:\Windows\System32\perfc007.dat

[2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat

[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2006.11.02 14:47:37 | 001,729,712 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006.11.02 12:33:01 | 000,656,850 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2006.11.02 12:33:01 | 000,121,506 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

[2006.11.02 09:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin

[2006.11.02 09:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin

[2004.09.16 14:26:40 | 000,012,634 | ---- | C] () -- C:\Windows\ADFUUD.SYS

[2001.04.26 21:16:04 | 000,262,656 | ---- | C] () -- C:\Windows\System32\xse32.dll

[1997.09.12 17:41:00 | 000,063,488 | ---- | C] () -- C:\Windows\System32\EZTW32.DLL

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 161 bytes -> C:\ProgramData\TEMP:DFC5A2B2

@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
 

< End of report >

3. hjtscanlist - Teil 1

Code:

 

                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 

                        º                                    º 

                                    hjtscanlist v2.0              

                        º                                    º 

                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 
 

Microsoft Windows [Version 6.0.6000]

 

 

C:
 

  09.05.2011 14:44     C:\Windows --------- 36864   

       C:\hiberfil.sys ---------    

       C:\pagefile.sys ---------    

  03.05.2011 18:45     C:\System Volume Information --------- 24576   

  03.05.2011 15:45     C:\Program Files --------- 28672   

  03.05.2011 15:32     C:\ProgramData --------- 8192   

  01.05.2011 19:42     C:\89ca9b8a31f5556fea61 --------- 0   

  02.02.2011 20:17     C:\DFR870B.tmp --------- 0   

  11.06.2009 22:46     C:\6cdc0b8744ac71d544cf4627d2 --------- 0   

  30.10.2007 18:26     C:\IO.SYS --------- 0   

  30.10.2007 18:26     C:\MSDOS.SYS --------- 0   

  11.10.2007 20:30     C:\$Recycle.Bin --------- 4096   

  11.10.2007 20:30     C:\Users --------- 4096   

  06.08.2007 18:33     C:\Kpcms --------- 0   

  14.12.2006 02:27     C:\vcredist_x86.log --------- 390960   

  27.11.2006 16:49     C:\_wdsuef.dmp --------- 0   

  27.11.2006 14:51     C:\Documentation --------- 0   

  23.11.2006 20:44     C:\BOOTSECT.BAK --------- 8192   

  23.11.2006 20:44     C:\Boot --------- 4096   

  23.11.2006 14:33     C:\Drivers --------- 4096   

  23.11.2006 11:53     C:\Programme --------- 0   

  23.11.2006 11:53     C:\Dokumente und Einstellungen --------- 0   

  02.11.2006 15:02     C:\Documents and Settings --------- 0   

  02.11.2006 11:53     C:\bootmgr --------- 438840   

  18.09.2006 23:43     C:\config.sys --------- 10   

  18.09.2006 23:43     C:\autoexec.bat --------- 24   

----------------------------------------
 

 

C:\Windows
 

  09.05.2011 14:58     C:\Windows\WindowsUpdate.log --------- 1945787   

  09.05.2011 14:44     C:\Windows\bootstat.dat --------- 67584   

  09.05.2011 14:43     C:\Windows\PFRO.log --------- 91722   

  03.05.2011 15:34     C:\Windows\ntbtlog.txt --------- 69206   

  01.05.2011 19:05     C:\Windows\epplauncher.mif --------- 1912   

  12.04.2011 10:44     C:\Windows\SGDetectionTool.dll --------- 149456   

  12.04.2011 10:44     C:\Windows\PCTBDCore.dll --------- 2074576   

  12.04.2011 10:44     C:\Windows\PCTBDRes.dll --------- 1533904   

  12.04.2011 10:44     C:\Windows\BDTSupport.dll --------- 767952   

  06.01.2011 10:54     C:\Windows\UDB.zip --------- 2125   

  20.08.2010 09:50     C:\Windows\RegSDImport.xml --------- 882   

  12.07.2010 20:08     C:\Windows\setupact.log --------- 46447   

  22.01.2010 08:44     C:\Windows\RegISSImport.xml --------- 879   

  25.11.2009 20:02     C:\Windows\msxml4-KB973688-enu.LOG --------- 280304   

  22.08.2009 11:45     C:\Windows\ocsetup_install_NetFx3.etl --------- 51249152   

  22.08.2009 11:45     C:\Windows\ocsetup_cbs_install_NetFx3.perf --------- 720896   

  22.08.2009 11:45     C:\Windows\ocsetup_cbs_install_NetFx3.dpx --------- 65536   

  15.12.2008 12:32     C:\Windows\WindowsShell.Manifest --------- 749   

  26.11.2008 11:08     C:\Windows\IDB.zip --------- 131   

  23.11.2008 20:10     C:\Windows\msxml4-KB954430-enu.LOG --------- 289468   

  29.10.2008 08:20     C:\Windows\explorer.exe --------- 2923520   

  14.03.2008 14:59     C:\Windows\win.ini --------- 128   

  24.11.2007 15:36     C:\Windows\1way.ini --------- 2333   

  30.10.2007 18:25     C:\Windows\setup.iss --------- 264   

  30.10.2007 18:19     C:\Windows\MAXLINK.INI --------- 416   

  26.10.2007 18:22     C:\Windows\MEMORY.DMP --------- 207718569   

  14.10.2007 19:38     C:\Windows\QTFont.for --------- 1409   

  14.10.2007 19:38     C:\Windows\QTFont.qfn --------- 54156   

  11.10.2007 17:48     C:\Windows\msxml4-KB941833-enu.LOG --------- 264672   

  19.08.2007 13:10     C:\Windows\msxml4-KB936181-enu.LOG --------- 260764   

  22.07.2007 16:06     C:\Windows\nsreg.dat --------- 0   

  27.06.2007 15:39     C:\Windows\TSSysprep.log --------- 7994   

  27.06.2007 15:37     C:\Windows\DtcInstall.log --------- 5195   

  14.12.2006 02:43     C:\Windows\CSUP.TXT --------- 10   

  14.12.2006 02:27     C:\Windows\DirectX.log --------- 50168   

  27.11.2006 15:07     C:\Windows\ODBC.INI --------- 400   

  27.11.2006 14:46     C:\Windows\VAIOUpdt.INI --------- 0   

  23.11.2006 13:00     C:\Windows\DPINST.LOG --------- 15932   

  23.11.2006 12:22     C:\Windows\DIFxAPI.dll --------- 319984   

  23.11.2006 12:04     C:\Windows\ocsetup_install_OEMHelpCustomization.etl --------- 4505600   

  23.11.2006 12:04     C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.perf --------- 49152   

  23.11.2006 12:04     C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.dpx --------- 16384   

  09.11.2006 03:57     C:\Windows\RtHDVCpl.exe --------- 3784704   

  02.11.2006 14:52     C:\Windows\setuperr.log --------- 0   

  02.11.2006 14:47     C:\Windows\SETUPAPI.LOG --------- 94   

  02.11.2006 14:35     C:\Windows\WMSysPr9.prx --------- 316640   

  02.11.2006 14:34     C:\Windows\twunk_16.exe --------- 49680   

  02.11.2006 14:34     C:\Windows\twain_32.dll --------- 50688   

  02.11.2006 14:34     C:\Windows\twunk_32.exe --------- 31232   

  02.11.2006 14:34     C:\Windows\twain.dll --------- 94784   

  02.11.2006 14:34     C:\Windows\notepad.exe --------- 151040   

  02.11.2006 11:45     C:\Windows\winhlp32.exe --------- 9216   

  02.11.2006 11:45     C:\Windows\regedit.exe --------- 134656   

  02.11.2006 11:45     C:\Windows\hh.exe --------- 14848   

  02.11.2006 11:45     C:\Windows\HelpPane.exe --------- 497152   

  02.11.2006 11:45     C:\Windows\fveupdate.exe --------- 13312   

  02.11.2006 11:44     C:\Windows\bfsvc.exe --------- 50176   

  02.11.2006 09:46     C:\Windows\mib.bin --------- 43131   

  29.09.2006 18:08     C:\Windows\shcn.exe --------- 23552   

  28.09.2006 15:59     C:\Windows\snymsico.dll --------- 626688   

  28.09.2006 07:00     C:\Windows\RtlUpd.exe --------- 1183744   

  19.09.2006 13:41     C:\Windows\HomePremium.xml --------- 8328   

  18.09.2006 23:46     C:\Windows\system.ini --------- 219   

  18.09.2006 23:43     C:\Windows\_default.pif --------- 707   

  18.09.2006 23:43     C:\Windows\winhelp.exe --------- 256192   

  18.09.2006 23:30     C:\Windows\msdfmap.ini --------- 1405   

  12.09.2006 07:34     C:\Windows\RtlExUpd.dll --------- 499712   

  10.10.2005 17:27     C:\Windows\AdfuUpdate.inf --------- 1562   

  16.09.2004 14:26     C:\Windows\ADFUUD.SYS --------- 12634   

  29.03.2004 16:23     C:\Windows\unvise32.exe --------- 90112   

  06.05.2002 13:44     C:\Windows\SPWHPT.DLL --------- 32792   

  06.05.2002 13:44     C:\Windows\pfpick.dll --------- 58368   

  06.05.2002 13:44     C:\Windows\sprof32.dll --------- 156672   

  06.05.2002 13:44     C:\Windows\KPSHARP.DLL --------- 31744   

  06.05.2002 13:44     C:\Windows\KPSYS32.DLL --------- 48128   

  06.05.2002 13:44     C:\Windows\PTPICK32.DLL --------- 53760   

  06.05.2002 13:44     C:\Windows\KPSCALE.DLL --------- 31232   

  06.05.2002 13:44     C:\Windows\PCDLIB32.DLL --------- 212480   

  06.05.2002 13:44     C:\Windows\KPFP32.DLL --------- 70144   

  06.05.2002 13:44     C:\Windows\ICCCODES.DAT --------- 42483   

  06.05.2002 13:44     C:\Windows\icccodes.dll --------- 20992   

  06.05.2002 13:44     C:\Windows\Iccsigs.dat --------- 39095   

  06.05.2002 13:44     C:\Windows\KPCMS.INI --------- 156   

  06.05.2002 13:44     C:\Windows\KPCP32.DLL --------- 243712   

  29.10.1998 16:45     C:\Windows\IsUninst.exe --------- 306688   

  21.10.1998 18:43     C:\Windows\IsUn0407.exe --------- 328704   

----------------------------------------
 

 

C:\Windows\System
 

 02.11.2006 14:34      C:\Windows\System\mciseq.drv --------- 25264 

 02.11.2006 14:34      C:\Windows\System\mciwave.drv --------- 28160 

 02.11.2006 14:34      C:\Windows\System\avifile.dll --------- 109456 

 02.11.2006 14:34      C:\Windows\System\avicap.dll --------- 69584 

 02.11.2006 14:34      C:\Windows\System\mciavi.drv --------- 73376 

 02.11.2006 14:34      C:\Windows\System\msvideo.dll --------- 126912 

 02.11.2006 09:10      C:\Windows\System\OLESVR.DLL --------- 24064 

 02.11.2006 09:10      C:\Windows\System\WFWNET.DRV --------- 12704 

 02.11.2006 09:10      C:\Windows\System\COMMDLG.DLL --------- 32816 

 02.11.2006 09:10      C:\Windows\System\TIMER.DRV --------- 4048 

 02.11.2006 09:10      C:\Windows\System\MMSYSTEM.DLL --------- 68992 

 02.11.2006 09:10      C:\Windows\System\mmtask.tsk --------- 1152 

 02.11.2006 09:10      C:\Windows\System\mouse.drv --------- 2032 

 02.11.2006 09:10      C:\Windows\System\vga.drv --------- 2176 

 02.11.2006 09:10      C:\Windows\System\sound.drv --------- 1744 

 02.11.2006 09:10      C:\Windows\System\keyboard.drv --------- 2000 

 02.11.2006 09:10      C:\Windows\System\SHELL.DLL --------- 5120 

 02.11.2006 09:10      C:\Windows\System\system.drv --------- 3360 

 18.09.2006 23:43      C:\Windows\System\ver.dll --------- 9008 

 18.09.2006 23:43      C:\Windows\System\olecli.dll --------- 82944 

 18.09.2006 23:43      C:\Windows\System\lzexpand.dll --------- 9936 

 18.09.2006 23:35      C:\Windows\System\stdole.tlb --------- 5532 

----------------------------------------
 

 

C:\Windows\System32
 

 09.05.2011 14:44     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 --------- 3456  

 09.05.2011 14:44     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 --------- 3456  

 03.05.2011 18:43     C:\Windows\system32\perfh009.dat --------- 656850  

 03.05.2011 18:43     C:\Windows\system32\perfc009.dat --------- 121506  

 03.05.2011 18:43     C:\Windows\system32\perfh007.dat --------- 698314  

 03.05.2011 18:43     C:\Windows\system32\perfc007.dat --------- 140292  

 03.05.2011 18:43     C:\Windows\system32\PerfStringBackup.INI --------- 1492226  

 03.05.2011 15:33     C:\Windows\system32\drivers --------- 65536  

 01.05.2011 19:04     C:\Windows\system32\catroot --------- 0  

 22.04.2011 10:22     C:\Windows\system32\catroot2 --------- 8192  

 04.02.2011 12:55     C:\Windows\system32\FNTCACHE.DAT --------- 1729712  

 19.10.2010 22:51     C:\Windows\system32\MpSigStub.exe --------- 222080  

 17.10.2010 16:02     C:\Windows\system32\WDI --------- 4096  

 07.05.2010 19:03     C:\Windows\system32\de-DE --------- 262144  

 06.05.2010 19:42     C:\Windows\system32\Tasks --------- 4096  

 15.04.2010 19:16     C:\Windows\system32\migration --------- 4096  

 09.03.2010 18:54     C:\Windows\system32\wininet.dll --------- 832512  

 09.03.2010 18:54     C:\Windows\system32\urlmon.dll --------- 1168384  

 09.03.2010 18:54     C:\Windows\system32\pngfilt.dll --------- 44544  

 09.03.2010 18:53     C:\Windows\system32\occache.dll --------- 102912  

 09.03.2010 18:52     C:\Windows\system32\mstime.dll --------- 671232  

 09.03.2010 18:52     C:\Windows\system32\mshtmled.dll --------- 477696  

 09.03.2010 18:52     C:\Windows\system32\mshtml.dll --------- 3599872  

 09.03.2010 18:52     C:\Windows\system32\msfeeds.dll --------- 459264  

 09.03.2010 18:51     C:\Windows\system32\jsproxy.dll --------- 27648  

 09.03.2010 18:50     C:\Windows\system32\inetcpl.cpl --------- 1830912  

 09.03.2010 18:50     C:\Windows\system32\ieui.dll --------- 180736  

 09.03.2010 18:50     C:\Windows\system32\iesetup.dll --------- 56320  

 09.03.2010 18:50     C:\Windows\system32\iertutil.dll --------- 268288  

 09.03.2010 18:50     C:\Windows\system32\iernonce.dll --------- 44544  

 09.03.2010 18:50     C:\Windows\system32\iepeers.dll --------- 192512  

 09.03.2010 18:50     C:\Windows\system32\ieframe.dll --------- 6067200  

 09.03.2010 18:50     C:\Windows\system32\ieencode.dll --------- 78336  

 09.03.2010 18:50     C:\Windows\system32\iedkcs32.dll --------- 385024  

 09.03.2010 18:50     C:\Windows\system32\ieapfltr.dll --------- 380928  

 09.03.2010 18:50     C:\Windows\system32\ieakui.dll --------- 161792  

 09.03.2010 18:50     C:\Windows\system32\ieaksie.dll --------- 230400  

 09.03.2010 18:50     C:\Windows\system32\icardie.dll --------- 63488  

 09.03.2010 18:49     C:\Windows\system32\dxtrans.dll --------- 214528  

 09.03.2010 18:49     C:\Windows\system32\dxtmsft.dll --------- 347136  

 09.03.2010 18:48     C:\Windows\system32\advpack.dll --------- 124928  

 09.03.2010 18:48     C:\Windows\system32\admparse.dll --------- 72704  

 09.03.2010 16:50     C:\Windows\system32\html.iec --------- 389120  

 09.03.2010 16:17     C:\Windows\system32\ieUnatt.exe --------- 26624  

 09.03.2010 16:17     C:\Windows\system32\ie4uinit.exe --------- 70656  

 09.03.2010 14:43     C:\Windows\system32\mshtmler.dll --------- 48128  

 09.03.2010 14:37     C:\Windows\system32\mshtml.tlb --------- 1383424  

 04.03.2010 21:24     C:\Windows\system32\vbscript.dll --------- 434176  

 21.02.2010 01:54     C:\Windows\system32\nshhttp.dll --------- 24064  

 21.02.2010 01:51     C:\Windows\system32\httpapi.dll --------- 31232  

 18.02.2010 16:54     C:\Windows\system32\ntkrnlpa.exe --------- 3502480  

 18.02.2010 16:54     C:\Windows\system32\ntoskrnl.exe --------- 3468168  

 18.02.2010 16:22     C:\Windows\system32\tcpipcfg.dll --------- 167424  

 18.02.2010 16:19     C:\Windows\system32\iphlpsvc.dll --------- 179712  

 18.02.2010 14:04     C:\Windows\system32\netiougc.exe --------- 22016  

 12.02.2010 12:49     C:\Windows\system32\browserchoice.exe --------- 293376  

 25.01.2010 14:58     C:\Windows\system32\secproc_ssp_isv.dll --------- 154624  

 25.01.2010 14:58     C:\Windows\system32\secproc_ssp.dll --------- 154112  

 25.01.2010 14:58     C:\Windows\system32\secproc_isv.dll --------- 473088  

 25.01.2010 14:58     C:\Windows\system32\secproc.dll --------- 472576  

 25.01.2010 14:56     C:\Windows\system32\msdrm.dll --------- 312320  

 25.01.2010 10:36     C:\Windows\system32\RMActivate_ssp.exe --------- 435712  

 25.01.2010 10:36     C:\Windows\system32\RMActivate.exe --------- 515584  

 25.01.2010 10:36     C:\Windows\system32\RMActivate_ssp_isv.exe --------- 431104  

 25.01.2010 10:35     C:\Windows\system32\RMActivate_isv.exe --------- 523776  

 23.01.2010 10:05     C:\Windows\system32\tzres.dll --------- 2048  

 21.01.2010 18:02     C:\Windows\system32\l3codecp.acm --------- 220672  

 21.01.2010 18:02     C:\Windows\system32\l3codeca.acm --------- 62464  

 13.01.2010 20:23     C:\Windows\system32\cabview.dll --------- 97792  

 28.12.2009 14:36     C:\Windows\system32\tsbyuv.dll --------- 11776  

 28.12.2009 14:35     C:\Windows\system32\quartz.dll --------- 1327616  

 28.12.2009 14:34     C:\Windows\system32\msyuv.dll --------- 22528  

 28.12.2009 14:34     C:\Windows\system32\msvidc32.dll --------- 31232  

 28.12.2009 14:34     C:\Windows\system32\msvfw32.dll --------- 123904  

 28.12.2009 14:34     C:\Windows\system32\msrle32.dll --------- 13312  

 28.12.2009 14:33     C:\Windows\system32\mciavi32.dll --------- 82944  

 28.12.2009 14:32     C:\Windows\system32\iyuv_32.dll --------- 50176  

 28.12.2009 14:30     C:\Windows\system32\avifil32.dll --------- 88576  

 28.12.2009 14:30     C:\Windows\system32\avicap32.dll --------- 65024  

 23.12.2009 14:45     C:\Windows\system32\wintrust.dll --------- 171520  

 23.10.2009 19:54     C:\Windows\system32\timedate.cpl --------- 713728  

 19.10.2009 16:42     C:\Windows\system32\t2embed.dll --------- 156672  

 19.10.2009 16:39     C:\Windows\system32\lpk.dll --------- 24064  

 19.10.2009 16:37     C:\Windows\system32\fontsub.dll --------- 72704  

 19.10.2009 16:37     C:\Windows\system32\dciman32.dll --------- 10240  

 19.10.2009 16:36     C:\Windows\system32\atmlib.dll --------- 34304  

 19.10.2009 13:45     C:\Windows\system32\atmfd.dll --------- 289792  

 07.10.2009 14:47     C:\Windows\system32\rastls.dll --------- 232960  

 07.10.2009 14:47     C:\Windows\system32\raschap.dll --------- 274432  

 10.09.2009 19:40     C:\Windows\system32\wmp.dll --------- 10622464  

 10.09.2009 19:40     C:\Windows\system32\msdxm.ocx --------- 4096  

 10.09.2009 19:40     C:\Windows\system32\dxmasf.dll --------- 4096  

 10.09.2009 19:39     C:\Windows\system32\spwmp.dll --------- 7680  

 10.09.2009 19:38     C:\Windows\system32\msv1_0.dll --------- 216576  

 10.09.2009 17:29     C:\Windows\system32\wmploc.DLL --------- 8147968  

 10.09.2009 17:29     C:\Windows\system32\unregmp2.exe --------- 311296  

 04.09.2009 14:38     C:\Windows\system32\msasn1.dll --------- 60928  

 31.08.2009 17:21     C:\Windows\system32\psisrndr.ax --------- 217088  

 31.08.2009 17:21     C:\Windows\system32\psisdecd.dll --------- 292352  

 31.08.2009 17:19     C:\Windows\system32\MSNP.ax --------- 80896  

----------------------------------------
 

 

C:\Windows\Prefetch
 

----------------------------------------
 

 

C:\Windows\Tasks
 

 09.05.2011 15:40     C:\Windows\Tasks\User_Feed_Synchronization-{DF1769A6-4492-43AA-A124-945DB7E58369}.job --------- 420  

 09.05.2011 14:44     C:\Windows\Tasks\SA.DAT --------- 6  

 03.05.2011 18:45     C:\Windows\Tasks\SCHEDLGU.TXT --------- 32620  

 03.05.2011 15:45     C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job --------- 1104  

----------------------------------------
 

 

C:\Windows\Temp
 

----------------------------------------

3. hjtscanlist - Teil 2

Zitat:

C:\Users\xxxxx\AppData\Local\Temp

09.05.2011 14:58 C:\Users\xxxxx\AppData\Local\Temp\MpSigStub.log --------- 16444
09.05.2011 14:48 C:\Users\xxxxx\AppData\Local\Temp\Low --------- 12288
09.05.2011 14:47 C:\Users\xxxxx\AppData\Local\Temp\wmplog00.sqm --------- 1272
09.05.2011 14:47 C:\Users\xxxxx\AppData\Local\Temp\WPDNSE --------- 0
09.05.2011 14:44 C:\Users\xxxxx\AppData\Local\Temp\xxxxx.bmp --------- 31832
03.05.2011 16:06 C:\Users\xxxxx\AppData\Local\Temp\WERDD5.tmp.version.txt --------- 442
01.05.2011 20:33 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-25 --------- 0
01.05.2011 18:54 C:\Users\xxxxx\AppData\Local\Temp\~DF6AA0.tmp --------- 81920
27.04.2011 19:34 C:\Users\xxxxx\AppData\Local\Temp\hsperfdata_xxxxx --------- 0
27.04.2011 19:25 C:\Users\xxxxx\AppData\Local\Temp\smtmp --------- 0
27.04.2011 19:22 C:\Users\xxxxx\AppData\Local\Temp\AcrC88E.tmp --------- 358
18.04.2011 12:30 C:\Users\xxxxx\AppData\Local\Temp\PDFVwMask --------- 0
18.04.2011 12:30 C:\Users\xxxxx\AppData\Local\Temp\TWAIN.LOG --------- 95271
18.04.2011 12:29 C:\Users\xxxxx\AppData\Local\Temp\Twain001.Mtx --------- 4
18.04.2011 12:29 C:\Users\xxxxx\AppData\Local\Temp\Twunk001.MTX --------- 156
07.04.2011 12:16 C:\Users\xxxxx\AppData\Local\Temp\pm20.log --------- 78
07.04.2011 12:16 C:\Users\xxxxx\AppData\Local\Temp\process.log --------- 106
07.04.2011 12:16 C:\Users\xxxxx\AppData\Local\Temp\docu0001.jpg --------- 252721
07.04.2011 11:58 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-37 --------- 0
07.04.2011 08:50 C:\Users\xxxxx\AppData\Local\Temp\etilqs_hC5fOJhPziXo6AZxf6pO --------- 41000
06.04.2011 17:37 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_3268_2.ui --------- 0
03.04.2011 22:56 C:\Users\xxxxx\AppData\Local\Temp\~PIF28D.tmp --------- 12386304
03.04.2011 22:56 C:\Users\xxxxx\AppData\Local\Temp\~PIE9B6.tmp --------- 12386304
03.04.2011 22:56 C:\Users\xxxxx\AppData\Local\Temp\~PID672.tmp --------- 12386304
03.04.2011 22:56 C:\Users\xxxxx\AppData\Local\Temp\~PIBEAC.tmp --------- 12386304
03.04.2011 22:50 C:\Users\xxxxx\AppData\Local\Temp\~PI309.tmp --------- 655360
03.04.2011 22:50 C:\Users\xxxxx\AppData\Local\Temp\~PIF4C4.tmp --------- 655360
03.04.2011 17:29 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_4184_2.ui --------- 0
14.03.2011 21:07 C:\Users\xxxxx\AppData\Local\Temp\PMSBTEMP --------- 0
14.03.2011 21:07 C:\Users\xxxxx\AppData\Local\Temp\PMTEMP --------- 0
03.02.2011 15:07 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-36 --------- 0
03.02.2011 14:27 C:\Users\xxxxx\AppData\Local\Temp\50Si9awP.htm.part --------- 0
03.02.2011 14:27 C:\Users\xxxxx\AppData\Local\Temp\ARC622F --------- 0
03.02.2011 10:41 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_3064_2.ui --------- 0
27.01.2011 13:17 C:\Users\xxxxx\AppData\Local\Temp\bitrock_installer_4452.log --------- 148
23.01.2011 18:39 C:\Users\xxxxx\AppData\Local\Temp\comtypes_cache --------- 0
21.01.2011 21:22 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-35 --------- 0
21.01.2011 11:49 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_4928_2.ui --------- 0
16.01.2011 15:39 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_3476_2.ui --------- 0
16.01.2011 15:39 C:\Users\xxxxx\AppData\Local\Temp\etilqs_X4D0mR1QLYOKbPU8GUI9 --------- 41000
16.01.2011 15:39 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-34 --------- 0
05.11.2010 11:35 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-33 --------- 0
05.11.2010 10:31 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_2444_2.ui --------- 0
04.11.2010 20:43 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_4152_2.ui --------- 0
04.11.2010 15:16 C:\Users\xxxxx\AppData\Local\Temp\etilqs_tgWeNg8Xr1HGvebgKrUX --------- 12304
04.11.2010 15:16 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-32 --------- 0
16.10.2010 11:46 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_3160_2.ui --------- 0
13.10.2010 18:55 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-31 --------- 0
02.09.2010 11:12 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_2752_2.ui --------- 0
18.08.2010 13:43 C:\Users\xxxxx\AppData\Local\Temp\ARC56F --------- 0
05.08.2010 14:01 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-30 --------- 0
23.07.2010 11:20 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-29 --------- 0
23.07.2010 10:15 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_3332_2.ui --------- 0
22.07.2010 10:09 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_972_2.ui --------- 0
17.06.2010 13:31 C:\Users\xxxxx\AppData\Local\Temp\bitrock_installer_4104.log --------- 148
17.06.2010 13:31 C:\Users\xxxxx\AppData\Local\Temp\bitrock_installer_6028.log --------- 148
17.06.2010 11:08 C:\Users\xxxxx\AppData\Local\Temp\bitrock_installer_3416.log --------- 148
17.06.2010 11:06 C:\Users\xxxxx\AppData\Local\Temp\bitrock_installer_3760.log --------- 148
17.06.2010 11:06 C:\Users\xxxxx\AppData\Local\Temp\bitrock_installer_1000.log --------- 148
17.06.2010 11:03 C:\Users\xxxxx\AppData\Local\Temp\bitrock_installer.log --------- 148
17.06.2010 11:03 C:\Users\xxxxx\AppData\Local\Temp\be29e7f1-71ae-4703-50cb-1d52be512f51 --------- 0
11.06.2010 12:10 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_3352_2.ui --------- 0
26.05.2010 19:33 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-28 --------- 0
14.05.2010 17:30 C:\Users\xxxxx\AppData\Local\Temp\wmsetup.log --------- 11053
11.05.2010 20:19 C:\Users\xxxxx\AppData\Local\Temp\Cookies --------- 0
09.05.2010 21:06 C:\Users\xxxxx\AppData\Local\Temp\ARCABD5 --------- 0
09.05.2010 21:06 C:\Users\xxxxx\AppData\Local\Temp\ARC4CA5 --------- 0
09.05.2010 21:06 C:\Users\xxxxx\AppData\Local\Temp\ARC3AE8 --------- 0
09.05.2010 21:05 C:\Users\xxxxx\AppData\Local\Temp\ARCF485 --------- 0
09.05.2010 21:05 C:\Users\xxxxx\AppData\Local\Temp\ARCCB53 --------- 0
09.05.2010 21:05 C:\Users\xxxxx\AppData\Local\Temp\ARC7BDB --------- 0
09.05.2010 21:05 C:\Users\xxxxx\AppData\Local\Temp\ARC5B30 --------- 0
09.05.2010 21:04 C:\Usersxxxxx\AppData\Local\Temp\ARC149E --------- 0
09.05.2010 21:04 C:\Users\xxxxx\AppData\Local\Temp\ARCE6F9 --------- 0
09.05.2010 21:04 C:\Users\xxxxx\AppData\Local\Temp\ARC9659 --------- 0
09.05.2010 21:03 C:\Users\xxxxx\AppData\Local\Temp\ARC2E14 --------- 0
09.05.2010 21:03 C:\Users\xxxxx\AppData\Local\Temp\ARC935 --------- 0
09.05.2010 21:03 C:\Users\xxxxx\AppData\Local\Temp\ARC6E4D --------- 0
09.05.2010 21:02 C:\Users\xxxxx\AppData\Local\Temp\ARC4DA2 --------- 0
07.05.2010 14:48 C:\Users\xxxxx\AppData\Local\Temp\ARCE1BB --------- 0
07.05.2010 14:48 C:\Users\xxxxx\AppData\Local\Temp\ARC9FF9 --------- 0
07.05.2010 14:48 C:\Users\xxxxx\AppData\Local\Temp\ARC5ABE --------- 0
07.05.2010 14:47 C:\Users\xxxxx\AppData\Local\Temp\ARC1DAE --------- 0
07.05.2010 14:47 C:\Users\xxxxx\AppData\Local\Temp\ARCD94E --------- 0
07.05.2010 14:47 C:\Users\xxxxx\AppData\Local\Temp\ARC9A4A --------- 0
07.05.2010 14:47 C:\Users\xxxxx\AppData\Local\Temp\ARC7B54 --------- 0
07.05.2010 14:46 C:\Users\xxxxx\AppData\Local\Temp\ARC27B8 --------- 0
07.05.2010 14:46 C:\Users\xxxxx\AppData\Local\Temp\ARC8F8E --------- 0
07.05.2010 14:46 C:\Users\xxxxx\AppData\Local\Temp\ARC51A3 --------- 0
07.05.2010 14:45 C:\Users\xxxxx\AppData\Local\Temp\ARCFD0D --------- 0
07.05.2010 14:45 C:\Users\xxxxx\AppData\Local\Temp\ARCAA2C --------- 0
07.05.2010 14:44 C:\Users\xxxxx\AppData\Local\Temp\ARC5B41 --------- 0
07.05.2010 14:44 C:\Users\xxxxx\AppData\Local\Temp\ARC8CD --------- 0
07.05.2010 14:44 C:\Users\xxxxx\AppData\Local\Temp\ARCC5A4 --------- 0
07.05.2010 14:43 C:\Users\xxxxx\AppData\Local\Temp\ARC6C6D --------- 0
07.05.2010 14:39 C:\Users\xxxxx\AppData\Local\Temp\ARCE96B --------- 0
07.05.2010 14:38 C:\Users\xxxxx\AppData\Local\Temp\ARC97F1 --------- 0
07.05.2010 14:38 C:\Users\xxxxx\AppData\Local\Temp\ARC3E5C --------- 0
07.05.2010 14:37 C:\Users\xxxxx\AppData\Local\Temp\ARCE64C --------- 0
07.05.2010 14:37 C:\Users\xxxxx\AppData\Local\Temp\ARC9494 --------- 0
07.05.2010 14:37 C:\Users\xxxxx\AppData\Local\Temp\ARC4A5A --------- 0
07.05.2010 14:36 C:\Users\xxxxx\AppData\Local\Temp\ARCE2FF --------- 0
07.05.2010 14:36 C:\Users\xxxxx\AppData\Local\Temp\ARC958A --------- 0
07.05.2010 14:36 C:\Users\xxxxx\AppData\Local\Temp\ARC3D7B --------- 0
07.05.2010 14:35 C:\Users\xxxxx\AppData\Local\Temp\ARCB577 --------- 0
07.05.2010 14:35 C:\Users\xxxxx\AppData\Local\Temp\ARC6B1E --------- 0
07.05.2010 14:34 C:\Users\xxxxx\AppData\Local\Temp\ARC1CCE --------- 0
07.05.2010 14:34 C:\Users\xxxxx\AppData\Local\Temp\ARCCD66 --------- 0
07.05.2010 14:34 C:\Users\xxxxx\AppData\Local\Temp\ARC5D74 --------- 0
07.05.2010 14:33 C:\Users\xxxxxx\AppData\Local\Temp\ARCEB12 --------- 0
07.05.2010 14:33 C:\Users\xxxxx\AppData\Local\Temp\ARC8A6B --------- 0
07.05.2010 14:31 C:\Users\xxxxx\AppData\Local\Temp\ARC5047 --------- 0
07.05.2010 14:31 C:\Users\xxxxxx\AppData\Local\Temp\ARCA4DA --------- 0
07.05.2010 14:30 C:\Users\xxxxx\AppData\Local\Temp\der rest.zip --------- 9390981
07.05.2010 13:18 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-27 --------- 0
06.05.2010 17:47 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_2504_2.ui --------- 0
05.05.2010 20:46 C:\Users\xxxxx\AppData\Local\Temp\ARC7811 --------- 0
05.05.2010 20:46 C:\Users\xxxxx\AppData\Local\Temp\ARC5FA1 --------- 0
05.05.2010 20:46 C:\Users\xxxxx\AppData\Local\Temp\ARC4665 --------- 0
05.05.2010 20:46 C:\Users\xxxxx\AppData\Local\Temp\ARC2DF4 --------- 0
05.05.2010 20:45 C:\Users\xxxxx\AppData\Local\Temp\ARC147B --------- 0
05.05.2010 20:45 C:\Users\xxxxx\AppData\Local\Temp\ARCE82C --------- 0
19.04.2010 20:16 C:\Users\xxxxx\AppData\Local\Temp\Last.fm-1.5.4.24567.exe --------- 5287682
02.04.2010 13:52 C:\Users\xxxxx\AppData\Local\Temp\QEMnC94j.pdf.part --------- 0
01.04.2010 13:07 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-26 --------- 0
01.04.2010 13:05 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_3468_2.ui --------- 0
11.03.2010 15:32 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-24 --------- 0
11.03.2010 12:21 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_2764_2.ui --------- 0
08.03.2010 21:16 C:\Users\xxxxx\AppData\Local\Temp\ARCDC8A --------- 0
08.03.2010 21:12 C:\Users\xxxxx\AppData\Local\Temp\ARC25E7 --------- 0
05.03.2010 18:26 C:\Users\xxxxx\AppData\Local\Temp\347.pdf --------- 57821
12.02.2010 16:20 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_5368_2.ui --------- 0
23.01.2010 15:40 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_3928_2.ui --------- 0
15.01.2010 12:40 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_4992_2.ui --------- 0
09.12.2009 20:18 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-23 --------- 0
09.12.2009 18:45 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_3556_2.ui --------- 0
02.12.2009 19:43 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_2120_2.ui --------- 0
25.11.2009 20:06 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-22 --------- 0
25.11.2009 11:08 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_4132_2.ui --------- 0
23.11.2009 22:01 C:\Users\xxxx\AppData\Local\Temp\update_elsterformular --------- 0
12.11.2009 16:23 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-21 --------- 0
12.11.2009 11:47 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_2596_2.ui --------- 0
04.11.2009 19:56 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_2908_2.ui --------- 0
04.11.2009 19:55 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-20 --------- 0
16.10.2009 14:34 C:\Users\xxxxx\AppData\Local\Temp\lkPBMYic.htm.part --------- 0
24.09.2009 17:36 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-19 --------- 0
10.09.2009 11:14 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_2544_2.ui --------- 0
22.08.2009 11:33 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_3988_2.ui --------- 0
20.08.2009 13:51 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_3424_2.ui --------- 0
20.08.2009 11:37 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_1140_2.ui --------- 0
13.08.2009 15:33 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-18 --------- 0
13.08.2009 15:12 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_4996_2.ui --------- 0
29.07.2009 22:09 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-17 --------- 0
21.07.2009 21:22 C:\Users\xxxxx\AppData\Local\Temp\S+U-Bahn_aktuell.pdf --------- 119483
17.07.2009 11:17 C:\Users\xxxxx\AppData\Local\Temp\ARC146B --------- 0
17.07.2009 11:16 C:\Users\xxxxx\AppData\Local\Temp\ARC70FA --------- 0
16.07.2009 11:12 C:\Users\xxxxx\AppData\Local\Temp\ARC12 --------- 0
16.07.2009 11:10 C:\Users\xxxxx\AppData\Local\Temp\ARC1AA2 --------- 0
16.07.2009 10:46 C:\Users\xxxxx\AppData\Local\Temp\ARC34D7 --------- 0
16.07.2009 10:45 C:\Users\xxxxx\AppData\Local\Temp\ARC335F --------- 0
15.07.2009 19:41 C:\Users\xxxxx\AppData\Local\Temp\ARC761 --------- 0
15.07.2009 19:40 C:\Users\xxxxx\AppData\Local\Temp\ARC696C --------- 0
13.07.2009 20:20 C:\Users\xxxxx\AppData\Local\Temp\ARC6EFA --------- 0
13.07.2009 19:09 C:\Users\xxxxx\AppData\Local\Temp\ARC695D --------- 0
13.07.2009 18:46 C:\Users\xxxxx\AppData\Local\Temp\ARCA111 --------- 0
13.07.2009 18:45 C:\Users\xxxxx\AppData\Local\Temp\ARCD49E --------- 0
13.07.2009 18:44 C:\Users\xxxxx\AppData\Local\Temp\ARC88BF --------- 0
12.07.2009 17:13 C:\Users\xxxxx\AppData\Local\Temp\ARC44D1 --------- 0
12.07.2009 17:13 C:\Users\xxxxx\AppData\Local\Temp\ARCA92D --------- 0
12.07.2009 17:13 C:\Users\xxxxx\AppData\Local\Temp\polo-1 --------- 0
12.07.2009 17:09 C:\Users\xxxxx\AppData\Local\Temp\ARC8876 --------- 0
12.07.2009 17:09 C:\Users\xxxxx\AppData\Local\Temp\brille --------- 0
12.07.2009 17:08 C:\Users\xxxxx\AppData\Local\Temp\ARC4E13 --------- 0
12.07.2009 14:22 C:\Users\xxxxx\AppData\Local\Temp\ARC670C --------- 0
15.06.2009 18:48 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-16 --------- 0
15.06.2009 18:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_1004_2.ui --------- 0
12.06.2009 16:08 C:\Users\xxxxx\AppData\Local\Temp\PATCH.ERR --------- 125
10.06.2009 18:22 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-15 --------- 0
10.06.2009 18:21 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_3360_2.ui --------- 0
07.06.2009 20:40 C:\Users\xxxxx\AppData\Local\Temp\Zattoo-Update.exe --------- 4291440
27.05.2009 18:48 C:\Users\xxxxx\AppData\Local\Temp\lise_.pdf --------- 71450
10.05.2009 14:15 C:\Users\xxxxx\AppData\Local\Temp\ARC9F0E --------- 0
20.02.2009 21:15 C:\Users\xxxxx\AppData\Local\Temp\symlcsv1.exe --------- 31912
16.02.2009 21:14 C:\Users\xxxxx\AppData\Local\Temp\S+U_Ausschnitt_aktuell.pdf --------- 100026
16.02.2009 20:04 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-14 --------- 0
16.02.2009 19:35 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_5432_2.ui --------- 0
12.02.2009 22:21 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-13 --------- 0
12.02.2009 22:12 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_5384_2.ui --------- 0
03.02.2009 11:39 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_4800_2.ui --------- 0
03.01.2009 20:53 C:\Users\xxxxx\AppData\Local\Temp\~PI23B3.tmp --------- 30408704
03.01.2009 20:53 C:\Users\xxxxx\AppData\Local\Temp\~PI23A2.tmp --------- 655360
03.01.2009 20:50 C:\Users\xxxxx\AppData\Local\Temp\~PICE9B.tmp --------- 30408704
03.01.2009 20:50 C:\Users\xxxxx\AppData\Local\Temp\~PIAE09.tmp --------- 655360
15.12.2008 12:28 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-12 --------- 0
15.12.2008 12:21 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_5480_2.ui --------- 0
25.11.2008 22:51 C:\Users\xxxxx\AppData\Local\Temp\h2r4D80.tmp --------- 0
25.11.2008 22:51 C:\Usersxxxxx\AppData\Local\Temp\r2h4D7F.tmp --------- 109
25.11.2008 22:50 C:\Users\xxxxx\AppData\Local\Temp\h2rA128.tmp --------- 0
25.11.2008 22:50 C:\Users\xxxxx\AppData\Local\Temp\r2hA117.tmp --------- 107
25.10.2008 09:45 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-11 --------- 0
25.10.2008 09:43 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_5224_2.ui --------- 0
19.10.2008 11:54 C:\Users\xxxxx\AppData\Local\Temp\iTunesPluginWinSetup_3.0.2.0.exe --------- 652459
17.10.2008 19:01 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-10 --------- 0
17.10.2008 18:57 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_4912_2.ui --------- 0
12.09.2008 18:19 C:\Users\xxxxx\AppData\Local\Temp\{98e53859-eb54-4398-8228-b491d8886848} --------- 0
15.08.2008 19:13 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-9 --------- 0
14.08.2008 18:16 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-8 --------- 0
19.07.2008 10:29 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-7 --------- 0
18.07.2008 18:26 C:\Users\xxxxx\AppData\Local\Temp\jar_cache51548.tmp --------- 701
18.07.2008 18:26 C:\Users\xxxxx\AppData\Local\Temp\jar_cache51546.tmp --------- 701
18.07.2008 18:26 C:\Users\xxxxx\AppData\Local\Temp\jar_cache51545.tmp --------- 701
18.07.2008 18:26 C:\Users\xxxxx\AppData\Local\Temp\jar_cache51547.tmp --------- 701
18.07.2008 17:38 C:\Users\xxxxx\AppData\Local\Temp\jar_cache51541.tmp --------- 701
18.07.2008 17:38 C:\Users\xxxxx\AppData\Local\Temp\jar_cache51542.tmp --------- 701
18.07.2008 17:38 C:\Users\xxxxx\AppData\Local\Temp\jar_cache51543.tmp --------- 701
18.07.2008 17:38 C:\Users\xxxxx\AppData\Local\Temp\jar_cache51544.tmp --------- 701
18.07.2008 17:25 C:\Users\xxxxx\AppData\Local\Temp\jar_cache51535.tmp --------- 701
18.07.2008 17:25 C:\Users\xxxxx\AppData\Local\Temp\jar_cache51537.tmp --------- 701
18.07.2008 17:25 C:\Users\xxxxx\AppData\Local\Temp\jar_cache51538.tmp --------- 701
18.07.2008 17:25 C:\Users\xxxxx\AppData\Local\Temp\jar_cache51539.tmp --------- 701
18.07.2008 17:25 C:\Users\xxxxx\AppData\Local\Temp\jar_cache51540.tmp --------- 701
18.07.2008 17:18 C:\Usersxxxxx\AppData\Local\Temp\jar_cache51530.tmp --------- 701
18.07.2008 17:18 C:\Users\xxxxx\AppData\Local\Temp\jar_cache51531.tmp --------- 701
18.07.2008 17:18 C:\Users\xxxxx\AppData\Local\Temp\jar_cache51534.tmp --------- 701
18.07.2008 17:17 C:\Users\xxxxx\AppData\Local\Temp\jar_cache51533.tmp --------- 701
18.07.2008 17:15 C:\Users\xxxxx\AppData\Local\Temp\jar_cache51532.tmp --------- 701
10.07.2008 18:58 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-6 --------- 0
04.07.2008 18:59 C:\Users\xxxxx\AppData\Local\Temp\WmpPluginSetup_2.1.0.6.exe --------- 491523
04.07.2008 18:59 C:\Users\xxxxx\AppData\Local\Temp\iTunesPluginWinSetup_3.0.1.0.exe --------- 652243
04.07.2008 18:59 C:\Users\xxxxx\AppData\Local\Temp\Last.fm-1.5.1.30182.exe --------- 5406994
30.06.2008 12:59 C:\Users\xxxxx\AppData\Local\Temp\dubaikuvat.7z --------- 32783643
30.06.2008 12:58 C:\Users\xxxxx\AppData\Local\Temp\ARCDE5D --------- 0
15.06.2008 22:43 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-5 --------- 0
01.06.2008 15:27 C:\Users\xxxxx\AppData\Local\Temp\jar_cache39704.tmp --------- 0
01.06.2008 15:27 C:\Users\xxxxx\AppData\Local\Temp\jar_cache39703.tmp --------- 0
11.04.2008 13:26 C:\Usersxxxxx\AppData\Local\Temp\plugtmp-4 --------- 0
06.04.2008 21:08 C:\Users\xxxxx\AppData\Local\Temp\ARCECD2 --------- 0
06.04.2008 21:08 C:\Users\xxxxx\AppData\Local\Temp\ARC5B46 --------- 0
06.04.2008 21:08 C:\Users\xxxxx\AppData\Local\Temp\ARC4C66 --------- 0
06.04.2008 21:07 C:\Users\xxxxx\AppData\Local\Temp\ARCFC53 --------- 0
06.04.2008 21:07 C:\Users\xxxxx\AppData\Local\Temp\ARCEB23 --------- 0
06.04.2008 21:07 C:\Users\xxxxx\AppData\Local\Temp\ARCDA21 --------- 0
06.04.2008 21:07 C:\Users\xxxxx\AppData\Local\Temp\ARCA9CD --------- 0
06.04.2008 21:07 C:\Users\xxxxx\AppData\Local\Temp\ARC92C3 --------- 0
06.04.2008 21:07 C:\Users\xxxxx\AppData\Local\Temp\ARC6750 --------- 0
06.04.2008 21:07 C:\Users\xxxxx\AppData\Local\Temp\ARC4879 --------- 0
05.04.2008 12:26 C:\Users\xxxxx\AppData\Local\Temp\Last.fm-1.4.2.59470.exe --------- 5708354
05.04.2008 12:26 C:\Users\xxxxx\AppData\Local\Temp\LastFMBootstrap.gz --------- 384
05.04.2008 12:26 C:\Users\xxxxx\AppData\Local\Temp\WmpPluginSetup_2.1.0.5.exe --------- 449947
05.04.2008 12:25 C:\Users\xxxxx\AppData\Local\Temp\iTunesPluginWinSetup_2.0.13.0.exe --------- 359986
14.03.2008 13:00 C:\Users\xxxxx\AppData\Local\Temp\amt.log --------- 56267
14.03.2008 13:00 C:\Users\xxxxx\AppData\Local\Temp\alm.log --------- 31058
13.03.2008 16:53 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-3 --------- 0
26.01.2008 14:21 C:\Users\xxxxx\AppData\Local\Temp\jar_cache42995.tmp --------- 1924
26.01.2008 14:21 C:\Users\xxxxx\AppData\Local\Temp\jar_cache42991.tmp --------- 3679
26.01.2008 14:21 C:\Users\xxxxx\AppData\Local\Temp\jar_cache42993.tmp --------- 1697
26.01.2008 14:21 C:\Users\xxxxx\AppData\Local\Temp\jar_cache42994.tmp --------- 1650
26.01.2008 14:15 C:\Users\xxxxx\AppData\Local\Temp\jar_cache42976.tmp --------- 3679
06.01.2008 20:13 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-2 --------- 0
05.01.2008 01:23 C:\Users\xxxxx\AppData\Local\Temp\Kon7A1A.tmp --------- 0
05.01.2008 01:06 C:\Users\xxxxx\AppData\Local\Temp\MilesWidget --------- 0
04.01.2008 16:02 C:\Users\xxxxx\AppData\Local\Temp\OIS --------- 0
21.11.2007 16:05 C:\Users\xxxxx\AppData\Local\Temp\~DF23F6.tmp --------- 409600
21.11.2007 12:42 C:\Users\xxxxx\AppData\Local\Temp\PMDB07A.tmp --------- 16384
21.11.2007 12:41 C:\Users\xxxxx\AppData\Local\Temp\~DFB43.tmp --------- 409600
11.11.2007 19:16 C:\Users\xxxxx\AppData\Local\Temp\QTInstallCode.log --------- 958
09.11.2007 14:15 C:\Users\xxxxx\AppData\Local\Temp\{8374b6ee-0a4a-4dc9-b0e2-4b65f045f2ce} --------- 0
09.11.2007 14:13 C:\Users\xxxxx\AppData\Local\Temp\ARCD106 --------- 0
09.11.2007 13:05 C:\Users\xxxxx\AppData\Local\Temp\_ZupSfx8 --------- 0
09.11.2007 13:05 C:\Users\xxxxx\AppData\Local\Temp\_ZupSfx7 --------- 0
09.11.2007 10:59 C:\Users\xxxxx\AppData\Local\Temp\Gast.bmp --------- 49208
09.11.2007 10:55 C:\Users\xxxxx\AppData\Local\Temp\_ZupSfx6 --------- 0
09.11.2007 10:55 C:\Users\xxxxx\AppData\Local\Temp\_ZupSfx5 --------- 0
09.11.2007 10:55 C:\Users\xxxxx\AppData\Local\Temp\_ZupSfx4 --------- 0
09.11.2007 10:55 C:\Users\xxxxx\AppData\Local\Temp\_ZupSfx3 --------- 0
09.11.2007 10:54 C:\Users\xxxxx\AppData\Local\Temp\_ZupSfx2 --------- 0
09.11.2007 10:54 C:\Users\xxxxx\AppData\Local\Temp\_ZupSfx1 --------- 0
05.11.2007 11:34 C:\Users\xxxxx\AppData\Local\Temp\jar_cache14281.tmp --------- 530408
05.11.2007 11:25 C:\Users\xxxxx\AppData\Local\Temp\WERCDD.tmp.version.txt --------- 442
28.10.2007 20:40 C:\Users\xxxxx\AppData\Local\Temp\MSI9c4a9.LOG --------- 464
28.10.2007 20:37 C:\Users\xxxxx\AppData\Local\Temp\{68C652B3-1608-4DC6-A90A-C0003BD947B1} --------- 0
28.10.2007 20:37 C:\Users\xxxxx\AppData\Local\Temp\sxe868D.7z --------- 13328238
28.10.2007 20:37 C:\Users\xxxxx\AppData\Local\Temp\{45351BA6-F822-4BE6-855F-B4D9CA309577} --------- 0
28.10.2007 20:36 C:\Users\xxxxx\AppData\Local\Temp\{FACE6919-7930-4F74-AC30-FC6CA75E9915} --------- 0
28.10.2007 20:36 C:\Users\xxxxx\AppData\Local\Temp\sxe868D.tmp --------- 0
28.10.2007 20:36 C:\Users\xxxxx\AppData\Local\Temp\sxe33DC.7z --------- 13328238
28.10.2007 20:36 C:\Users\xxxxx\AppData\Local\Temp\sxe33CC.7z --------- 13328238
28.10.2007 20:36 C:\Users\xxxxx\AppData\Local\Temp\sxe32E2.7z --------- 13328238
28.10.2007 20:36 C:\Users\xxxxx\AppData\Local\Temp\sxe33DC.tmp --------- 0
28.10.2007 20:36 C:\Users\xxxxx\AppData\Local\Temp\sxe33CC.tmp --------- 0
28.10.2007 20:36 C:\Users\xxxxx\AppData\Local\Temp\sxe32E2.tmp --------- 0
28.10.2007 20:35 C:\Users\xxxx\AppData\Local\Temp\sxe66AE.7z --------- 13328238
28.10.2007 20:35 C:\Users\xxxxx\AppData\Local\Temp\sxe66AE.tmp --------- 0
26.10.2007 21:37 C:\Users\xxxxx\AppData\Local\Temp\History --------- 0
26.10.2007 21:37 C:\Users\xxxxx\AppData\Local\Temp\Temporary Internet Files --------- 0
19.10.2007 20:22 C:\Users\xxxxx\AppData\Local\Temp\Twunk002.MTX --------- 0
11.10.2007 17:44 C:\Users\xxxxx\AppData\Local\Temp\plugtmp-1 --------- 20
11.10.2007 17:44 C:\Users\xxxxx\AppData\Local\Temp\plugtmp --------- 0
07.10.2007 17:38 C:\Users\xxxxx\AppData\Local\Temp\_PASFX688 --------- 0
28.09.2007 13:15 C:\Users\xxxxx\AppData\Local\Temp\outlook logging --------- 0
28.09.2007 13:09 C:\Users\xxxxx\AppData\Local\Temp\jar_cache23931.tmp --------- 512001
13.09.2007 15:10 C:\Users\xxxxx\AppData\Local\Temp\Adobe --------- 0
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_2504_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_5480_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_2544_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_972_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_5432_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_2444_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_2120_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_2596_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_1140_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_1004_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_2752_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_5368_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_2764_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxxx\AppData\Local\Temp\ppcrlui_5224_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_2908_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxxx\AppData\Local\Temp\ppcrlui_4996_2 --------- 254216
02.11.2006 14:34 C:\Usersxxxxx\AppData\Local\Temp\ppcrlui_3064_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_4992_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_3160_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_4928_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxxx\AppData\Local\Temp\ppcrlui_4912_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_3268_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_4800_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_3332_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_4184_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_4152_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_3352_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_4132_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_3360_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_3988_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_3424_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_3928_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_5384_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxxAppData\Local\Temp\ppcrlui_3468_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_3556_2 --------- 254216
02.11.2006 14:34 C:\Users\xxxxx\AppData\Local\Temp\ppcrlui_3476_2 --------- 254216
----------------------------------------

C:\Program Files

09.05.2011 15:01 C:\Program Files\PC Tools Security --------- 45056
03.05.2011 18:42 C:\Program Files\Microsoft SQL Server --------- 0
03.05.2011 15:45 C:\Program Files\Google --------- 0
03.05.2011 15:32 C:\Program Files\Common Files --------- 4096
01.05.2011 21:04 C:\Program Files\Microsoft Works --------- 28672
01.05.2011 19:05 C:\Program Files\Microsoft Security Client --------- 4096
01.05.2011 18:54 C:\Program Files\Malwarebytes' Anti-Malware --------- 4096
28.04.2011 22:03 C:\Program Files\Mozilla Firefox --------- 32768
06.08.2010 12:32 C:\Program Files\Eazel-DE --------- 4096
06.08.2010 12:32 C:\Program Files\Conduit --------- 0
17.06.2010 13:33 C:\Program Files\ElsterFormular --------- 4096
15.04.2010 19:16 C:\Program Files\Windows Mail --------- 4096
01.04.2010 19:18 C:\Program Files\Internet Explorer --------- 4096
11.03.2010 20:19 C:\Program Files\Movie Maker --------- 4096
29.10.2009 22:06 C:\Program Files\Windows Media Player --------- 4096
12.06.2009 15:52 C:\Program Files\InstallShield Installation Information --------- 20480
22.04.2009 13:31 C:\Program Files\Corel --------- 0
22.04.2009 13:19 C:\Program Files\Datacolor --------- 4096
06.03.2009 18:55 C:\Program Files\Symantec --------- 0
03.01.2009 14:03 C:\Program Files\install_flash_player(2).exe --------- 1851544
15.12.2008 12:32 C:\Program Files\desktop.ini --------- 174
14.09.2008 11:33 C:\Program Files\Western Digital Technologies --------- 0
11.09.2008 19:52 C:\Program Files\Zattoo --------- 8192
04.07.2008 18:59 C:\Program Files\Last.fm --------- 12288
05.04.2008 12:25 C:\Program Files\iTunes --------- 4096
14.03.2008 15:00 C:\Program Files\Microsoft.NET --------- 0
14.03.2008 15:00 C:\Program Files\Microsoft Office --------- 4096
14.03.2008 14:23 C:\Program Files\Adobe --------- 4096
10.01.2008 04:12 C:\Program Files\Windows Sidebar --------- 4096
05.01.2008 01:18 C:\Program Files\Yahoo --------- 0
28.12.2007 13:03 C:\Program Files\Ursa Software --------- 0
01.12.2007 12:44 C:\Program Files\GPLGS --------- 0
01.12.2007 12:42 C:\Program Files\Acro Software --------- 0
27.11.2007 21:04 C:\Program Files\MP3 Player Utilities 1.40 --------- 0
09.11.2007 14:16 C:\Program Files\Revolver 6 --------- 4096
30.10.2007 18:23 C:\Program Files\NewSoft --------- 0
30.10.2007 18:18 C:\Program Files\ScanSoft --------- 0
30.10.2007 18:15 C:\Program Files\Canon --------- 4096
30.10.2007 18:08 C:\Program Files\CanonBJ --------- 0
17.10.2007 15:33 C:\Program Files\IZArc --------- 4096
14.10.2007 19:38 C:\Program Files\iPod --------- 0
14.10.2007 19:30 C:\Program Files\Apple Software Update --------- 4096
12.10.2007 19:04 C:\Program Files\QuickTime --------- 4096
11.10.2007 22:16 C:\Program Files\Mozilla Thunderbird --------- 8192
11.10.2007 21:38 C:\Program Files\FeedReader30 --------- 4096
30.08.2007 17:43 C:\Program Files\Windows Calendar --------- 0
03.08.2007 16:19 C:\Program Files\Uniblue --------- 0
22.07.2007 16:46 C:\Program Files\OpenOffice.org 2.2 --------- 4096
22.07.2007 16:44 C:\Program Files\readmes --------- 0
22.07.2007 16:44 C:\Program Files\licenses --------- 0
13.07.2007 20:46 C:\Program Files\InDesign --------- 0
03.07.2007 21:03 C:\Program Files\Windows Defender --------- 4096
03.07.2007 20:56 C:\Program Files\MSXML 4.0 --------- 0
29.05.2007 18:24 C:\Program Files\openofficeorg4.cab --------- 3254694
29.05.2007 18:24 C:\Program Files\openofficeorg3.cab --------- 61224670
29.05.2007 18:19 C:\Program Files\openofficeorg2.cab --------- 15292629
29.05.2007 18:17 C:\Program Files\openofficeorg1.cab --------- 18256481
29.05.2007 18:11 C:\Program Files\setup.ini --------- 217
29.05.2007 18:11 C:\Program Files\openofficeorg22.msi --------- 4855808
19.04.2007 18:13 C:\Program Files\setup.exe --------- 319488
14.12.2006 02:40 C:\Program Files\Sony --------- 8192
14.12.2006 02:33 C:\Program Files\Skype --------- 0
14.12.2006 02:28 C:\Program Files\InterVideo --------- 0
27.11.2006 15:08 C:\Program Files\Roxio --------- 0
27.11.2006 14:51 C:\Program Files\Google BAE --------- 0
27.11.2006 14:40 C:\Program Files\Java --------- 0
23.11.2006 12:47 C:\Program Files\LanExpress --------- 0
23.11.2006 12:37 C:\Program Files\Apoint --------- 4096
23.11.2006 12:22 C:\Program Files\Realtek --------- 0
23.11.2006 12:15 C:\Program Files\Intel --------- 0
23.11.2006 11:53 C:\Program Files\Gemeinsame Dateien --------- 0
23.11.2006 11:53 C:\Program Files\Windows NT --------- 4096
23.11.2006 11:49 C:\Program Files\CONEXANT --------- 0
02.11.2006 15:01 C:\Program Files\Uninstall Information --------- 0
02.11.2006 14:42 C:\Program Files\Windows Collaboration --------- 4096
02.11.2006 14:42 C:\Program Files\Windows Photo Gallery --------- 4096
02.11.2006 14:42 C:\Program Files\Windows Journal --------- 4096
02.11.2006 14:37 C:\Program Files\MSN --------- 0
02.11.2006 14:37 C:\Program Files\Microsoft Games --------- 4096
02.11.2006 14:37 C:\Program Files\Reference Assemblies --------- 0
02.11.2006 14:37 C:\Program Files\MSBuild --------- 0
11.03.2002 11:06 C:\Program Files\instmsiw.exe --------- 1822520
11.03.2002 10:45 C:\Program Files\instmsia.exe --------- 1708856
----------------------------------------

C:\ProgramData\..

xxxxx
xxxxx
Public
desktop.ini
xxxxx
Default
Default User
All Users
----------------------------------------

C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

----------------------------------------

***** Ende des Scans 09.05.2011 um 15:41:04,96 ***

4. Ccleaner

Code:



[PHP]Adobe Color Common Settings        Adobe Systems Incorporated        27.10.2007                1.0.1

Adobe ExtendScript Toolkit 2        Adobe Systems Incorporated        17.10.2007                2.0.1

Adobe Flash Player 10 Plugin        Adobe Systems Incorporated        09.05.2009                10.0.22.87

Adobe Flash Player 9 ActiveX        Adobe Systems Incorporated        04.01.2008                9.0.115.0

Adobe Flash Player ActiveX        Adobe Systems Incorporated        04.01.2008                9.0.115.0

Adobe InDesign 2.0        Adobe Systems, Inc.        12.07.2007        75,4MB        2.0

Adobe PageMaker 7.0        Adobe Systems, Inc.        05.08.2007        62,4MB        7.0.1

Adobe Photoshop 7.0        Adobe Systems, Inc.        12.07.2007        144,7MB        7.0

Adobe Reader 8.1.0 - Deutsch        Adobe Systems Incorporated        19.07.2007        99,5MB        8.1.0

Alps Pointing-device for VAIO                22.11.2006        2,74MB        

Apple Mobile Device Support        Apple Inc.        13.10.2007        31,9MB        1.1.1.1

Apple Software Update        Apple Inc.        13.10.2007        2,15MB        2.0.2.92

Browser Address Error Redirector                26.06.2007                

Browser Defender 3.0        Threat Expert Ltd.        02.05.2011        13,4MB        3.0.0.311

Canon MP Navigator 2.2                29.10.2007        22,8MB        

Canon MP830                29.10.2007                

Canon Utilities Easy-PhotoPrint                29.10.2007        30,0MB        

CCleaner        Piriform        08.05.2011        3,63MB        3.06

CD-LabelPrint                29.10.2007        11,7MB        

Click to DVD 2.0.05 Menu Data        Sony Corporation        13.12.2006        172,8MB        2.0.05

Click to DVD 2.6.00        Sony Corporation        13.12.2006        172,8MB        2.6.00

CutePDF Writer 2.7                30.11.2007        0,29MB        

DVgate Plus        Sony Corporation        13.12.2006        51,4MB        

Eazel-DE Toolbar        Eazel-DE        05.08.2010        2,82MB        5.7.2.2

ElsterFormular        Landesfinanzdirektion Thüringen        16.06.2010        414MB        11.4.1.4323

ElsterFormular 2007/2008        Steuerverwaltung des Bundes und der Länder        26.10.2008        111,5MB        9.4.0.0

ElsterFormular 2008/2009        Steuerverwaltung des Bundes und der Länder        11.06.2009        168,0MB        10.2.1.0

FeedReader        i-Systems Inc.        10.10.2007        10,3MB        

Google Chrome        Google Inc.        02.05.2011        166,1MB        11.0.696.60

HDAUDIO SoftV92 Data Fax Modem with SmartCP                22.11.2006        0,99MB        

Intel(R) Graphics Media Accelerator Driver                22.11.2006                

iTunes        Apple Inc.        13.10.2007        64,0MB        7.4.3.1

IZArc 3.81        Ivan Zahariev        16.10.2007        9,30MB        3.81 Build 1550

Java(TM) SE Runtime Environment 6        Sun Microsystems, Inc.        26.11.2006        114,6MB        1.6.0.0

LAN-Express AS IEEE 802.11 Wireless LAN        LAN-Express        22.11.2006        1,02MB        7.1.0.79

Last.fm 1.5.1.30182        Last.fm        03.07.2008        13,4MB        

LiveUpdate 3.2 (Symantec Corporation)        Symantec Corporation        21.04.2009        19,2MB        3.2.0.68

LiveUpdate Notice (Symantec Corporation)        Symantec Corporation        10.08.2008        7,59MB        1.4.5

Malwarebytes' Anti-Malware        Malwarebytes Corporation        30.04.2011        4,80MB        

Microsoft .NET Framework 3.5 SP1        Microsoft Corporation        10.06.2009        27,8MB        

Microsoft Security Essentials        Microsoft Corporation        30.04.2011        16,8MB        2.0.657.0

Microsoft SQL Server 2005        Microsoft Corporation        01.05.2011        42,7MB        

Microsoft SQL Server Native Client        Microsoft Corporation        01.05.2011        2,63MB        9.00.4035.00

Microsoft SQL Server VSS Writer        Microsoft Corporation        01.05.2011        0,68MB        9.00.4035.00

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053        Microsoft Corporation        01.05.2011        0,25MB        8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        13.12.2006        0,54MB        8.0.50727.42

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148        Microsoft Corporation        30.04.2011        0,19MB        9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729        Microsoft Corporation        16.06.2010        0,59MB        9.0.30729

Microsoft Works        Microsoft Corporation        30.04.2011        288MB        08.05.0822

Mozilla Firefox (3.0.19)        Mozilla        27.04.2011        24,4MB        3.0.19 (de)

Mozilla Thunderbird (2.0.0.6)        Mozilla        10.10.2007        23,7MB        2.0.0.6 (de)

MP3 Player Utilities 1.40                 26.11.2007        2,73MB        3.67

MSXML 4.0 SP2 (KB927978)        Microsoft Corporation        02.07.2007        1,24MB        4.20.9841.0

MSXML 4.0 SP2 (KB936181)        Microsoft Corporation        18.08.2007        1,27MB        4.20.9848.0

MSXML 4.0 SP2 (KB941833)        Microsoft Corporation        10.10.2007        1,27MB        4.20.9849.0

MSXML 4.0 SP2 (KB954430)        Microsoft Corporation        22.11.2008        1,28MB        4.20.9870.0

MSXML 4.0 SP2 (KB973688)        Microsoft Corporation        24.11.2009        1,34MB        4.20.9876.0

OpenMG Secure Module 4.6.01        Sony Corporation        13.12.2006                4.6.01.10041

OpenOffice.org 2.2        OpenOffice.org        21.07.2007        270MB        2.2.9161

Presto! PageManager 7.15.14        NewSoft        29.10.2007        160,0MB        7.15.14G

QuickTime        Apple Inc.        11.10.2007        74,0MB        7.2.0.240

Realtek High Definition Audio Driver        Realtek Semiconductor Corp.        22.11.2006        10,5MB        6.0.1.5322

Revolver Office 6.6 r9        Revolver        09.11.2007                6.6 r9

ScanSoft OmniPage SE 4.0        Nuance Communications, Inc.        29.10.2007        155,8MB        15.00.0020

Setting Utility Series        Sony Corporation        26.11.2006        5,90MB        2.0.00.11170

Skype 2.5        Skype Technologies S.A.        26.06.2007        20,7MB        2.5

SonicStage 4.2        Sony Corporation        13.12.2006        28,6MB        4.2

Sony Snymsico for Vista        Sony Corporation        22.11.2006        0,61MB        1.00.1109

Sony Utilities DLL        Sony Corporation        26.11.2006        84,00KB        7.0.00.11160

Sony Video Shared Library        Sony Corporation        26.11.2006        3,91MB        3.1.00

Spyware Doctor 8.0        PC Tools        02.05.2011        253MB        8.0

Uniblue RegistryBooster 2        Uniblue        02.08.2007        12,0MB        

Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)        Microsoft Corporation        01.05.2011        23,9MB        9.00.4035.00

VAIO Aqua Breeze Wallpaper        Sony Corporation        26.11.2006        1,34MB        1.0.11.10100

VAIO Control Center        Sony Corporation        26.11.2006        4,00MB        2.0.00.11060

VAIO Cozy Orange Wallpaper        Sony Corporation        26.11.2006        1,34MB        1.0.11.10100

VAIO Data Restore Tool                26.06.2007        2,89MB        

VAIO Entertainment Platform        Sony Corporation        26.11.2006        15,9MB        2.0.00.11021

VAIO Event Service        Sony Corporation        26.11.2006        5,04MB        3.0.00.11100

VAIO Hardware Diagnostics                26.06.2007        1,54MB        

VAIO Information FLOW        Sony Corporation        13.12.2006        36,3MB        2.0.00.11130

VAIO Media 6.0        Sony Corporation        13.12.2006        10,8MB        6.0.00

VAIO Media AC3 Decoder 1.0                26.06.2007        0,79MB        

VAIO Media Content Collection 6.0        Sony Corporation        13.12.2006        29,7MB        

VAIO Media Integrated Server 6.0        Sony Corporation        13.12.2006        29,7MB        

VAIO Media Redistribution 6.0        Sony Corporation        13.12.2006        28,6MB        6.0.00

VAIO Media Registration Tool 6.0        Sony Corporation        13.12.2006        4,26MB        6.0.00

VAIO Photo 2007        Sony Corporation        26.11.2006        1,30MB        1.0.00.10130

VAIO Power Management        Sony Corporation        26.11.2006        7,19MB        2.0.00.11130

VAIO Tender Green Wallpaper        Sony Corporation        26.11.2006        1,34MB        1.0.11.10180

VAIO Update 3        Sony Corporation        26.11.2006        3,59MB        3.0.00.11250

VB Runtime                27.12.2007                

WD Diagnostics        Western Digital Technologies        13.09.2008        0,81MB        1.09.0002

Win2PDF 3.30        Dane Prairie Systems, LLC.        23.08.2007        0,69MB        3.30

WinDVD for VAIO        InterVideo Inc.        13.12.2006        85,4MB        8.0-B6.103

X-Stitch Studio        Ursa Software        27.12.2007        33,4MB        2.8.4

Yahoo! Install Manager                04.01.2008        22,6MB        

Yahoo! Widgets        Yahoo! Inc.        04.01.2008        21,8MB        4.5.1.0

Zattoo 3.3.4 Beta        Zattoo Inc.        06.06.2009        10,8MB        3.3.4 Beta

Code:

Uniblue RegistryBooster

**Solchen "Registry-Bereinigern" gibt`s viele, die einige hundert oder sogar tausend Fehler in der Registrierung ständig finden, eine Vielzahl von Problemen, die eigentlich ganz harmlos sind (wenn überhaupt existieren;) Eventuell meldet sich regelmäßig mit einem Fenster mit der Aufforderung zur Problembehandlung, was nur beim Kauf des Programms möglich ist! Mit der Kaufversion tritt das Problem komischerweise nicht mehr auf...;)
Ich rate Dir also dringend davon ab solche Tools einzusetzen, die so tief in die Registry eingreifen,, da eine winzige Änderung in der Registry (z.B "falsch gelöschte" Einträge) kann fatale Folgen haben! Dann wundert man sich, dass Windows irgendwann lahmt oder Abstürze bringt!
- Ich kann mir nicht vorstellen, dass irgendein Programm zwischen nützlichen und unnützen unterscheiden kann, bzw was Windows benötigt und was nicht!
CCleaner verordnen wir seit Jahren...benutze ich auch selbst lange schon, bis jetzt ohne Probleme
auch reinigen..zudem er hat ein Vorteil gegenüber anderen Programmen, dass er eher nur wenig löscht
Tipp:
System mit Windows-eigenen Mitteln bereinigen

2.
verwendest Du noch von Norton irgendetwas?:

Code:

LiveUpdate 3.2 (Symantec Corporation)

LiveUpdate Notice (Symantec Corporation)

wenn nicht:
Norton Antivirus vollständig zu deinstallieren - gehe auf der Symantec-Webseite und suche nach den speziellen Deinstallations-Tools, mit denen die letzten Reste (auch) entfernt werden sollten:► Norton Removal Tool (für alle Produkte ab 2003 bis 2008) von hier herunterladen
oder hier: ►Norton Removal Tool für alle Produkte ab 2003 bis 2010 / wintotal.de

- Ich nehme an, dass Du das Antivirenprogramm von Microsoft behaltest weiterhin?

3.

Code:

Spyware Doctor

bitte komplett abstellen!
Unter Start nachsehen:
"Start -> Alle Programme-> Zubehör-> Ausführen" .. und gibst Du "msconfig" (ohne "") ein ->OK-> Häckhen rausnehmen

Dienste auf "Deaktiviert" stellen:
Start -> Alle Programme-> Zu behör-> Ausführen -> "Services.msc" -> (reinschreiben ohne ""-> OK" -> "Eigenschaften"-> "Stop" -> Starttyp "Deaktiviert" setzen

4.
** Update Malwarebytes Anti-Malware, lass es nochmal anhand der folgenden Anleitung laufen:

per Doppelklick starten.
gleich mal die Datenbanken zu aktualisieren - online updaten
Vollständiger Suchlauf wählen (überall Haken setzen)
wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
alle Funde bis auf - falls MBAM meldet in C:\System Volume Information - den Haken bitte entfernen - markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"

eine bebilderte Anleitung findest Du hier: Anleitung

Danke für deinen Support - ich habe ihn gestern weggegeben nachdem er so gut wie nicht mehr reagiert hat. Die Situation war mir einfach zu heiß.

was hast Du "weggegeben"? deinen PC verkauft?