Bundespolizei - National Cyber Crimes Unit: Trojaner eingefangen!

baskos · 06.02.2012, 21:07

Hallo zusammen,

am vergangenen Samstag den 04.02.2012 gegen 21:15 Uhr habe ich mir den im Betreff genannten Trojaner eingefangen.
Als ich auf der Internetadresse myp2p.pe einen Link angeklickt habe, um mir einen Online-Stream anzuschauen, öffnete sich ein Fester, welches meinen gesamten Bildschirm eingenommen hat, eben mit dem oben genannten Trojaner.
Nachdem ich meinen Laptop nicht mehr bedienen konnteh habe ich ihn im abgesicherten Modus hochgefahren und die Datei, welche aus mehrerer Zahlen bestand, gelöscht.
Seit dem funktioniert augenscheinlich mein Laptop wieder einwandfrei, doch habe ich große Bedenken, dass auch wirklich der komplette Trojaner durch die von mir ausgeführte Maßnahme gelöscht wurde und ich keine Bedenken mehr haben muss.
Ich hoffe Ihr könnt mir weiterhelfen und bedanke mich bereits im Vorraus recht herzlich für die Hilfe und aufgebrachte Mühe.

Beste Grüße, BasKos

LogFile Defogger:

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:57 on 06/02/2012 (Bastian)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...

-=E.O.F=-

LogFile DDS:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_24
Run by Bastian at 20:00:08 on 2012-02-06
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3068.1458 [GMT 1:00]
.
AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: avast! Internet Security *Enabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\RtkAudioService.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\Alwil Software\Avast5\afwServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\System32\svchost.exe -k Akamai
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Sony\Network Utility\NSUService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\alg.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\Marketing Tools\MarketingTools.exe
C:\Users\Bastian\Programme\Virtual Clone Drive\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Users\Bastian\Programme\napster.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Sony\Network Utility\LANUtil.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\ehome\ehtray.exe
C:\Users\Bastian\AppData\Local\Akamai\netsession_win.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\Bastian\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uStart Page = hxxp://www.google.de/
uDefault_Page_URL = hxxp://www.club-vaio.com
uSearch Bar = hxxp://www.google.com/ie
mDefault_Page_URL = hxxp://www.club-vaio.com
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;
uURLSearchHooks: H - No File
BHO: vShare Plugin: {043c5167-00bb-4324-af7e-62013faedacf} - c:\program files\vshare\vshare_toolbar.dll
BHO: Adobe PDF Reader: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\progra~1\google~1\BAE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
TB: vShare Plugin: {043c5167-00bb-4324-af7e-62013faedacf} - c:\program files\vshare\vshare_toolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {56CF4856-ECB4-4E46-A897-A378821F97B9} - No File
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
TB: {C424171E-592A-415A-9EB1-DFD6D95D3530} - No File
uRun: [NSUFloatingUI] "c:\program files\sony\network utility\LANUtil.exe"
uRun: [AdobeBridge]
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [ICQ] "c:\progra~1\icq6.5\ICQ.exe" silent
uRun: [Facebook Update] "c:\users\bastian\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Akamai NetSession Interface] "c:\users\bastian\appdata\local\akamai\netsession_win.exe"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [iCloudServices] c:\program files\common files\apple\internet services\iCloudServices.exe
uRun: [ApplePhotoStreams] c:\program files\common files\apple\internet services\ApplePhotoStreams.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [ISBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe"
mRun: [MarketingTools] c:\program files\sony\marketing tools\MarketingTools.exe
mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [VirtualCloneDrive] "c:\users\bastian\programme\virtual clone drive\virtualclonedrive\VCDDaemon.exe" /s
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [NapsterShell] c:\users\bastian\programme\napster.exe /systray
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: An vorhandene PDF-Datei anfügen - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft &Excel exportieren - c:\users\bastian\progra~1\micros~1\office11\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\users\bastian\progra~1\micros~1\office11\REFIEBAR.DLL
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{1FF9E66F-9D0A-408E-8B29-31348A9B2ED0} : DhcpNameServer = 192.168.1.1
Handler: fluxhttp - {8E2D00A0-82C6-4821-90BC-07F290841BB6} - c:\program files\common files\fluxdvd\lib\xeb\xebnavigation.ax
Handler: fluxhttp\0x00000007 - {8E2D00A0-82C6-4821-90BC-07F290841BB6} - c:\program files\common files\fluxdvd\lib\xeb\xebnavigation.ax
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - c:\program files\vshare\vshare_toolbar.dll
Notify: igfxcui - igfxdev.dll
Notify: VESWinlogon - VESWinlogon.dll
AppInit_DLLs: acaptuser32.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\bastian\appdata\roaming\mozilla\firefox\profiles\3b9tu8ju.default\
FF - prefs.js: browser.search.selectedEngine - eBay
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=
FF - plugin: c:\program files\common files\mpdrm\NPMPDRM.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npstrlnk.dll
FF - plugin: c:\users\bastian\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll
FF - plugin: c:\users\bastian\appdata\roaming\mozilla\firefox\profiles\3b9tu8ju.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: c:\users\bastian\programme\veetle\player\npvlc.dll
FF - plugin: c:\users\bastian\programme\veetle\plugins\npVeetle.dll
FF - plugin: c:\users\bastian\programme\veetle\vlcbroadcast\npvbp.dll
FF - plugin: c:\windows\system32\tvuax\npTVUAx.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\divx\divx plus web player\firefox\DivXHTML5
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: FoxyProxy Standard: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung
FF - Ext: FoxyProxy Basic: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung
FF - Ext: TVU Web Player: firefox@tvunetworks.com - %profile%\extensions\firefox@tvunetworks.com
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
.
============= SERVICES / DRIVERS ===============
.
R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [2010-12-15 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [2010-12-15 195416]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [2010-12-15 111320]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2010-12-15 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2008-11-5 314456]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2008-1-21 21504]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-11-5 20568]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2008-11-5 55128]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-12-15 44768]
R2 avast! Firewall;avast! Firewall;c:\program files\alwil software\avast5\afwServ.exe [2010-12-15 127192]
R2 FontCache;Windows-Dienst für Schriftartencache;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 NSUService;NSUService;c:\program files\sony\network utility\NSUService.exe [2008-8-12 299008]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
R2 RtkAudioService;Realtek Audio Service;c:\windows\RTKAUDIOSERVICE.EXE [2008-7-10 104992]
R2 VAIO Power Management;VAIO Power Management;c:\program files\sony\vaio power management\SPMService.exe [2008-7-10 411488]
R2 VCFw;VAIO Content Folder Watcher;c:\program files\common files\sony shared\vaio content folder watcher\VCFw.exe [2009-3-5 5189992]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2009-5-28 4233728]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2008-7-10 9344]
R3 VUAgent;VUAgent;c:\program files\sony\vaio update common\VUAgent.exe [2011-10-27 1086568]
S3 AVerAF35;AVerMedia A835 USB DVB-T;c:\windows\system32\drivers\AVerAF35.sys [2010-6-14 474880]
S3 HDJMidi;Hercules DJ Console MIDI;c:\windows\system32\drivers\HDJMidi.sys [2009-7-3 41984]
S3 ScratchAmp;ScratchAmp Driver (ScratchAmp.sys);c:\windows\system32\drivers\ScratchAmp.sys [2008-11-6 22912]
S3 SOHCImp;VAIO Media plus Content Importer;c:\program files\sony\vaio media plus\SOHCImp.exe [2008-8-12 103712]
S3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\sony\vaio media plus\SOHDms.exe [2008-8-12 353568]
S3 SOHDs;VAIO Media plus Device Searcher;c:\program files\sony\vaio media plus\SOHDs.exe [2008-8-12 62752]
S3 SwitchBoard;SwitchBoard;"c:\program files\common files\adobe\switchboard\switchboard.exe" --> c:\program files\common files\adobe\switchboard\SwitchBoard.exe [?]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\vcm intelligent analyzing manager\VcmIAlzMgr.exe [2011-12-26 480624]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\common files\sony shared\vcmxml\VcmXmlIfHelper.exe [2011-12-26 83312]
.
=============== Created Last 30 ================
.
2012-02-04 18:56:44 -------- d-----w- c:\windows\pss
2012-02-03 19:54:39 6557240 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{d1d57b2d-b22f-4368-be50-8635d53bb73a}\mpengine.dll
2012-01-25 18:51:52 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2012-01-25 18:50:54 9728 ----a-w- c:\windows\system32\lsass.exe
2012-01-25 18:50:54 72704 ----a-w- c:\windows\system32\secur32.dll
2012-01-25 18:50:54 440192 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-01-25 18:50:54 377344 ----a-w- c:\windows\system32\winhttp.dll
2012-01-25 18:50:54 278528 ----a-w- c:\windows\system32\schannel.dll
2012-01-25 18:50:54 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2012-01-23 19:56:08 -------- d-----w- c:\users\bastian\appdata\roaming\Haufe Mediengruppe
2012-01-23 19:56:08 -------- d-----w- c:\users\bastian\appdata\local\Haufe Mediengruppe
2012-01-23 19:40:01 -------- d-----w- c:\users\bastian\appdata\roaming\Lexware
2012-01-23 19:29:24 -------- d-----w- c:\program files\Microsoft WSE
2012-01-23 19:27:38 -------- d-----w- c:\programdata\Adaptive Server Anywhere 9
2012-01-23 19:18:36 -------- d-----w- c:\program files\Lexware
2012-01-23 19:16:39 -------- d-----w- c:\programdata\lexware
2012-01-23 19:16:13 1929216 ----a-w- c:\windows\system32\cdintf250.dll
2012-01-23 19:15:14 -------- d-----w- c:\program files\Haufe
2012-01-23 19:15:12 -------- d-----w- c:\programdata\Haufe
2012-01-23 19:10:19 -------- d-----w- c:\program files\common files\Lexware
2012-01-23 19:10:18 -------- d-----w- c:\users\bastian\appdata\local\Lexware
2012-01-21 18:21:58 -------- d-----w- c:\program files\iPod
2012-01-21 18:21:55 -------- d-----w- c:\program files\iTunes
2012-01-11 17:12:52 66560 ----a-w- c:\windows\system32\packager.dll
2012-01-11 17:12:50 23552 ----a-w- c:\windows\system32\mciseq.dll
2012-01-11 17:12:50 189952 ----a-w- c:\windows\system32\winmm.dll
2012-01-11 17:12:49 1205064 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 17:12:47 376320 ----a-w- c:\windows\system32\winsrv.dll
2012-01-11 17:12:46 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2012-01-11 17:12:21 497152 ----a-w- c:\windows\system32\qdvd.dll
2012-01-11 17:12:21 1314816 ----a-w- c:\windows\system32\quartz.dll
.
==================== Find3M ====================
.
2012-01-26 23:21:24 237072 ------w- c:\windows\system32\MpSigStub.exe
2011-12-26 16:56:45 106496 ----a-w- c:\windows\system32\ATL71.DLL
2011-11-28 18:01:25 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 17:54:38 111320 ----a-w- c:\windows\system32\drivers\aswFW.sys
2011-11-28 17:53:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53:22 195416 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2011-11-28 17:52:07 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-11-23 13:37:27 2043904 ----a-w- c:\windows\system32\win32k.sys
2011-11-19 20:13:26 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH: 20:04:10,51 ===============

LogFile Attach:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 05.11.2008 11:11:15
System Uptime: 06.02.2012 18:56:28 (2 hours ago)
.
Motherboard: Sony Corporation | | VAIO
Processor: Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz | N/A | 800/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 225 GiB total, 3,001 GiB free.
D: is Removable
E: is Removable
F: is CDROM ()
H: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP995: 28.01.2012 12:21:53 - Removed Lexware buchhalter 2012.
RP996: 28.01.2012 12:49:43 - Removed Lexware Admintools Plus.
RP997: 28.01.2012 12:58:43 - Removed Haufe iDesk-Browser.
RP998: 28.01.2012 13:38:17 - Haufe iDesk-Service wird entfernt
RP999: 01.02.2012 17:25:09 - Windows Update
RP1000: 03.02.2012 20:52:40 - Windows Update
RP1001: 06.02.2012 19:44:42 - Geplanter Prüfpunkt
.
==== Installed Programs ======================
.
.
7-Zip 9.20
Adobe AIR
Adobe Anchor Service CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Community Help
Adobe CS4 American English Speech Analysis Models
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Dreamweaver CS4
Adobe Dynamiclink Support
Adobe Encore CS4
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Fonts All
Adobe Media Encoder CS4
Adobe Media Encoder CS4 Additional Exporter
Adobe Media Encoder CS4 Dolby
Adobe Media Player
Adobe OnLocation CS4
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Premiere Pro CS4
Adobe Premiere Pro CS4 Functional Content
Adobe Reader 8.1.3 - Deutsch
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe XMP Panels CS4
AdobeColorCommonSetRGB
Akamai NetSession Interface
Akamai NetSession Interface Service
Any DWG DXF Converter 2010
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft WebCam Companion 2
ATI Catalyst Install Manager
Audials
avast! Internet Security
Bonjour
BroadGun pdfMachine
Browser Address Error Redirector
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Click to Disc
Click to Disc Editor
Connect
DivX-Setup
Facebook Video Calling 1.1.1.1
ffdshow v1.1.3562 [2010-09-07]
FreeMind
Google SketchUp 7
Google Toolbar for Internet Explorer
HDAUDIO SoftV92 Data Fax Modem with SmartCP
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
Intel PROSet Wireless
Intel(R) PROSet/Wireless WiFi-Software
iTunes
Java(TM) 6 Update 24
Java(TM) 6 Update 6
JDownloader 0.9
kuler
Live 8.1.4
Microsoft .NET Framework 3.5 Language Pack SP1 - deu
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2003 Web Components
Microsoft Office Professional Edition 2003
Microsoft Office Small Business Connectivity Components
Microsoft Office Visio Professional 2003
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server Native Client
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729
Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729
Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729
Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
Microsoft Visual Studio Tools for Applications 2.0 Runtime
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU
Microsoft WSE 3.0 Runtime
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
MKV Player 1.0
MobileMe Control Panel
MonochromiX 1.41
Mozilla Firefox (3.6.8)
MPK mini Editor
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Music Transfer
Napster
Napster Burn Engine
Nikon Movie Editor
OpenMG Secure Module 5.4.00
PDF Settings CS5
PDFCreator
Photoshop Camera Raw
Pixie 1.4.1
Primo
QuickTime
Realtek High Definition Audio Driver
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio Easy Media Creator 10 LJ
Roxio Easy Media Creator Home
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Setting Utility Series
SketchUp DWG Importer
Skins
Skype™ 3.8
Sony Picture Utility
Sony Video Shared Library
SopCast 3.2.4
Spelling Dictionaries Support For Adobe Reader 8
Suite Shared Configuration CS4
Synaptics Pointing Device Driver
Unterstützung für VAIO-Präsentation
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Utherverse VWW Client
VAIO Content Folder Setting
VAIO Content Metadata Intelligent Analyzing Manager
VAIO Content Metadata Manager Settings
VAIO Content Metadata XML Interface Library
VAIO Control Center
VAIO Data Restore Tool
VAIO DVD Menu Data Basic
VAIO Energie Verwaltung
VAIO Entertainment Platform
VAIO Event Service
VAIO Guide
VAIO Launcher
VAIO Marketing Tools
VAIO Media plus
VAIO Movie Story
VAIO Movie Story 1.5 Upgrade
VAIO Movie Story Template Data
VAIO MusicBox
VAIO MusicBox Sample Music
VAIO Original Function Settings
VAIO Original Funktion Einstellungen
VAIO Smart Network
VAIO Update
VAIO Update Merge Module x86
VAIO Wallpaper Contents
VC80CRTRedist - 8.0.50727.6195
Veetle TV 0.9.18
VirtualCloneDrive
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177
vShare Plugin
WinDVD for VAIO
WinRAR
Yahoo! Detect
.
==== End Of File ===========================

LogFile Scan:

Hier ist es mir leider nicht gelungen, den Scan vollständig auszuführen, da nach kurzer Zeit das Programm aufgrund eines Fehlers abgebrochen wurde und beendet werden musste. Um vielleicht den Fehler zu finden, der dieses Problem auslöst, habe ich einen Screenshot gemacht, welcher sich im Anhang befindet.

kira · 07.02.2012, 08:48

Hallo und Herzlich Willkommen!

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:

Zitat:

"Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
- da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
- also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
Charakteristische Merkmale/Profilinformationen:
- aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du herauslöschen oder durch [X] ersetzen
Die Systemprüfung und Bereinigung:
- kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
Innerhalb der Betreuungszeit:
- ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
Die Reihenfolge:
- genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
Ansonsten unsere Forumsregeln:
- Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen

► Erster Teil des 3-teiligen Verfahren, werden wir dein System auf Viren untersuchen, bzw nach einem anderen Verursacher suchen:
Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
Lade Dir Malwarebytes Anti-Malware von→ malwarebytes.org

Installieren und per Doppelklick starten.
Deutsch einstellen und gleich mal die Datenbanken zu aktualisieren - online updaten
"Komplett Scan durchführen" wählen (überall Haken setzen)
wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
Alle Funde - falls MBAM meldet in C:\System Volume Information - den Haken bitte entfernen - markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"

eine bebilderte Anleitung findest Du hier: Anleitung

2.
Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt - OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

3.
Um festzustellen, ob veraltete oder schädliche Software unter Programme installiert sind, ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool CCleaner herunter
→ Download
installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ Sprache → Deutsch auswählen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

Zitat:

Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles, die Du posten möchtest)[code]
hier kommt dein Logfile rein - z.B OTL-Logfile o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]

gruß
kira

baskos · 07.02.2012, 22:56

Hallo Kira,

zunächst schonmal tausend Dank für Deine Hilfe. Ich hoffe wir bekommen das wieder mit meinem PC gemeinsam hin.

Nachfolgend die Logfiles der Punkte 1 bis 3:

1. Malwarebytes

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.02.07.04

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Bastian :: BASTIAN-PC [Administrator]

Schutz: Aktiviert

07.02.2012 18:37:38
mbam-log-2012-02-07 (18-37-38).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 431330
Laufzeit: 3 Stunde(n), 30 Minute(n), 46 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 1
C:\Program Files\RelevantKnowledge (Spyware.MarketScore) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 3
C:\Users\Bastian\AppData\Local\Temp\0.30108404442594316.exe (Trojan.Inject) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Bastian\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\1165f45d-310ae77f (Trojan.Inject) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Bastian\Crack\xf-a2011-32bits.exe (RiskWare.Tool.CK) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

2.1 OTL-Systemscan: OTL.txt

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 07.02.2012 22:22:21 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Bastian\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,62 Gb Available Physical Memory | 53,94% Memory free
3,89 Gb Paging File | 2,32 Gb Available in Paging File | 59,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 224,77 Gb Total Space | 3,33 Gb Free Space | 1,48% Space Free | Partition Type: NTFS
 
Computer Name: BASTIAN-PC | User Name: Bastian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Bastian\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Users\Bastian\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Programme\Alwil Software\Avast5\afwServ.exe (AVAST Software)
PRC - C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Programme\Sony\VAIO Update 5\VAIOUpdt.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Update Common\VUAgent.exe (Sony Corporation)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Users\Bastian\Programme\napster.exe (Napster)
PRC - C:\Users\Bastian\Programme\Virtual Clone Drive\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
PRC - C:\Programme\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Windows\RTKAUDIOSERVICE.EXE (Realtek Semiconductor)
PRC - C:\Programme\Sony\Network Utility\NSUService.exe (Sony Corporation)
PRC - C:\Programme\Sony\Network Utility\LANUtil.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
PRC - C:\Programme\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3421.42257__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3421.42239__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3421.42258__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3421.42313__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3421.42253__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3421.42282__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3421.42247__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3421.42331__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3421.42332__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3421.42247__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3421.42295__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3421.42300__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3421.42300__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3421.42299__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3421.42284__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3421.42248__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3421.42308__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3421.42259__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3421.42293__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3421.42284__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3421.42292__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3421.42259__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3421.42283__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3421.42294__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3421.42263__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3421.42283__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3421.42263__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3421.42284__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3421.42294__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3294.18728__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3294.18709__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3294.18751__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3294.18787__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3294.18795__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3294.18747__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3294.18794__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3294.18699__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3294.18701__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3294.18753__90ba9c70f846762e\DEM.OS.I0602.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3294.18745__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3294.18787__90ba9c70f846762e\DEM.OS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3294.18708__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3294.18735__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3294.18832__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3294.18737__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3294.18731__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3294.18717__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3294.18755__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3294.18727__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3294.18758__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3294.18771__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3294.18785__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3294.18755__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3294.18767__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3294.18760__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3294.18769__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3294.18757__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3294.18772__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3294.18766__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3294.18765__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3294.18771__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3294.18742__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3294.18756__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3294.18748__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3294.18746__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3294.18728__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3421.42357__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3421.42340__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3421.42326__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3294.18725__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3294.18720__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll ()
MOD - C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3421.42234__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3421.42321__90ba9c70f846762e\CLI.Component.Systemtray.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3421.42252__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3421.42236__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3421.42325__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3421.42238__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3294.18750__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3294.18714__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3294.18748__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3294.18745__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3421.42243__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3294.18740__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3294.18744__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3294.18774__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3421.42237__90ba9c70f846762e\ATIDEMOS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3421.42236__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3421.42235__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3421.42326__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Diagnostics.ServiceModelSink\3.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Diagnostics.ServiceModelSink.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMDiagnostics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll ()
MOD - C:\Windows\System32\atitmmxx.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Configuration.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Configuration.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\SPMCommon\3.1.0.6020__e3c7096ba83f9295\SPMCommon.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\SPMDam\3.1.0.6020__1b3c579b6925895f\SPMDam.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (SwitchBoard) --  File not found
SRV - (SPTISRV) --  File not found
SRV - (RegSrvc) Intel(R) --  File not found
SRV - (MSCSPTISRV) --  File not found
SRV - (Akamai) -- c:\program files\common files\akamai/netsession_win_e286960.dll ()
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (avast! Firewall) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe (AVAST Software)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (VUAgent) -- C:\Program Files\Sony\VAIO Update Common\VUAgent.exe (Sony Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VCFw) -- C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (VAIO Event Service) -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (RtkAudioService) -- C:\Windows\RTKAUDIOSERVICE.EXE (Realtek Semiconductor)
SRV - (NSUService) -- C:\Program Files\Sony\Network Utility\NSUService.exe (Sony Corporation)
SRV - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Program Files\Sony\VAIO Media plus\SOHDms.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files\Sony\VAIO Media plus\SOHDs.exe (Sony Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (IviRegMgr) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (aswFW) -- C:\Windows\System32\drivers\aswFW.sys (AVAST Software)
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswNdis2) -- C:\Windows\System32\drivers\aswNdis2.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (tbhsd) -- C:\Windows\System32\drivers\tbhsd.sys (RapidSolution Software AG)
DRV - (aswNdis) -- C:\Windows\system32\DRIVERS\aswNdis.sys (ALWIL Software)
DRV - (AVerAF35) -- C:\Windows\System32\drivers\AVerAF35.sys (AVerMedia TECHNOLOGIES, Inc.)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation)
DRV - (risdptsk) -- C:\Windows\System32\drivers\risdptsk.sys (REDC)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (SFEP) -- C:\Windows\System32\drivers\SFEP.sys (Sony Corporation)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (regi) -- C:\Windows\System32\drivers\regi.sys (InterVideo)
DRV - (HDJMidi) -- C:\Windows\System32\drivers\HDJMidi.sys (Hercules Technologies)
DRV - (ScratchAmp) ScratchAmp Driver (ScratchAmp.sys) -- C:\Windows\System32\drivers\ScratchAmp.sys (Thesycon GmbH, Germany)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;
 
========== FireFox ==========
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Program Files\Common Files\mpDRM\NPMPDRM.dll ( )
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Users\Bastian\Programme\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Users\Bastian\Programme\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Users\Bastian\Programme\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Bastian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.29 17:36:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.21 22:27:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.11.21 22:27:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.21 22:27:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.11.21 22:27:28 | 000,000,000 | ---D | M]
 
[2012.01.23 20:56:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bastian\AppData\Roaming\mozilla\Extensions
[2012.01.23 20:56:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bastian\AppData\Roaming\mozilla\Extensions\ideskbrowser@haufe.de
[2012.02.04 20:05:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bastian\AppData\Roaming\mozilla\Firefox\Profiles\3b9tu8ju.default\extensions
[2010.08.22 11:14:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Bastian\AppData\Roaming\mozilla\Firefox\Profiles\3b9tu8ju.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.04.07 20:21:18 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Bastian\AppData\Roaming\mozilla\Firefox\Profiles\3b9tu8ju.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.09.25 15:10:09 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Bastian\AppData\Roaming\mozilla\Firefox\Profiles\3b9tu8ju.default\extensions\firefox@tvunetworks.com
[2010.08.26 17:41:00 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Bastian\AppData\Roaming\mozilla\Firefox\Profiles\3b9tu8ju.default\extensions\foxyproxy@eric.h.jung
[2011.05.23 08:55:34 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.05.16 18:28:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011.05.23 08:55:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.02.02 20:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.07.20 16:21:40 | 000,106,192 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npstrlnk.dll
[2010.08.21 13:17:07 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.08.21 13:17:07 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010.08.21 13:17:07 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.08.21 13:17:07 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.08.21 13:17:07 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programme\vShare\vshare_toolbar.dll ()
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Google BAE\BAE.dll (Your Company Name)
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programme\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programme\vShare\vshare_toolbar.dll ()
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" File not found
O4 - HKLM..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MarketingTools] C:\Programme\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation)
O4 - HKLM..\Run: [NapsterShell] C:\Users\Bastian\Programme\napster.exe (Napster)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe File not found
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Users\Bastian\Programme\Virtual Clone Drive\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Bastian\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe File not found
O4 - HKCU..\Run: [Facebook Update] C:\Users\Bastian\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe File not found
O4 - HKCU..\Run: [ICQ] "C:\PROGRA~1\ICQ6.5\ICQ.exe" silent File not found
O4 - HKCU..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\Users\Bastian\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Users\Bastian\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1FF9E66F-9D0A-408E-8B29-31348A9B2ED0}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\fluxhttp {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Programme\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax ()
O18 - Protocol\Handler\fluxhttp\0x00000007 {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Programme\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax ()
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Programme\vShare\vshare_toolbar.dll ()
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (acaptuser32.dll) -C:\Windows\System32\acaptuser32.dll (Adobe Systems, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) -  File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\Bastian\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Bastian\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{01bc9f80-8187-11de-9821-0016ea88e0fc}\Shell - "" = AutoRun
O33 - MountPoints2\{01bc9f80-8187-11de-9821-0016ea88e0fc}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{01bc9f85-8187-11de-9821-0016ea88e0fc}\Shell - "" = AutoRun
O33 - MountPoints2\{01bc9f85-8187-11de-9821-0016ea88e0fc}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{10cf1921-7a2a-11de-bd08-0016ea88e0fc}\Shell - "" = AutoRun
O33 - MountPoints2\{10cf1921-7a2a-11de-bd08-0016ea88e0fc}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{3b02915e-7ce5-11de-9ce6-001dba20e3f6}\Shell - "" = AutoRun
O33 - MountPoints2\{3b02915e-7ce5-11de-9ce6-001dba20e3f6}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{3b029173-7ce5-11de-9ce6-001dba20e3f6}\Shell - "" = AutoRun
O33 - MountPoints2\{3b029173-7ce5-11de-9ce6-001dba20e3f6}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{3b029175-7ce5-11de-9ce6-001dba20e3f6}\Shell - "" = AutoRun
O33 - MountPoints2\{3b029175-7ce5-11de-9ce6-001dba20e3f6}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{61974329-7a29-11de-bdcd-0016ea88e0fc}\Shell - "" = AutoRun
O33 - MountPoints2\{61974329-7a29-11de-bdcd-0016ea88e0fc}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{fa36a04d-7947-11de-b909-0016ea88e0fc}\Shell - "" = AutoRun
O33 - MountPoints2\{fa36a04d-7947-11de-b909-0016ea88e0fc}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{fa36a074-7947-11de-b909-0016ea88e0fc}\Shell - "" = AutoRun
O33 - MountPoints2\{fa36a074-7947-11de-b909-0016ea88e0fc}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.02.07 22:20:17 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Bastian\Desktop\OTL.exe
[2012.02.07 18:34:42 | 000,000,000 | ---D | C] -- C:\Users\Bastian\AppData\Roaming\Malwarebytes
[2012.02.07 18:34:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.02.07 18:34:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.02.07 18:34:03 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.02.07 18:34:03 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.02.06 23:18:00 | 000,000,000 | ---D | C] -- C:\Users\Bastian\P5JavaClientSettings
[2012.02.06 19:59:05 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Bastian\Desktop\dds.com
[2012.02.04 19:56:44 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012.01.25 19:51:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2012.01.23 20:56:08 | 000,000,000 | ---D | C] -- C:\Users\Bastian\AppData\Roaming\Haufe Mediengruppe
[2012.01.23 20:56:08 | 000,000,000 | ---D | C] -- C:\Users\Bastian\AppData\Local\Haufe Mediengruppe
[2012.01.23 20:40:01 | 000,000,000 | ---D | C] -- C:\Users\Bastian\AppData\Roaming\Lexware
[2012.01.23 20:29:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft WSE
[2012.01.23 20:27:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Adaptive Server Anywhere 9
[2012.01.23 20:18:36 | 000,000,000 | ---D | C] -- C:\Program Files\Lexware
[2012.01.23 20:16:39 | 000,000,000 | ---D | C] -- C:\ProgramData\lexware
[2012.01.23 20:16:13 | 001,929,216 | ---- | C] (Amyuni Technologies
hxxp://www.amyuni.com) -- C:\Windows\System32\cdintf250.dll
[2012.01.23 20:15:14 | 000,000,000 | ---D | C] -- C:\Program Files\Haufe
[2012.01.23 20:15:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Haufe
[2012.01.23 20:10:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lexware
[2012.01.23 20:10:18 | 000,000,000 | ---D | C] -- C:\Users\Bastian\AppData\Local\Lexware
[2012.01.21 19:23:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.01.21 19:21:58 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.01.21 19:21:55 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.01.11 18:12:52 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012.01.11 18:12:50 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll
[2012.01.11 18:12:47 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012.01.11 18:12:21 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012.01.11 18:12:21 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
 
========== Files - Modified Within 30 Days ==========
 
[2012.02.07 22:20:20 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Bastian\Desktop\OTL.exe
[2012.02.07 22:14:12 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.07 22:14:12 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.07 22:14:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.07 20:25:06 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-785008340-4188271884-3774010068-1003UA.job
[2012.02.07 18:34:05 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.02.06 23:25:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-785008340-4188271884-3774010068-1003Core.job
[2012.02.06 22:05:19 | 000,002,032 | ---- | M] () -- C:\Users\Bastian\AppData\Local\d3d9caps.dat
[2012.02.06 20:37:01 | 000,244,401 | ---- | M] () -- C:\Users\Bastian\Desktop\Scan_Fehlermeldung.jpg
[2012.02.06 20:24:34 | 369,228,584 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.02.06 20:16:27 | 000,302,592 | ---- | M] () -- C:\Users\Bastian\Desktop\0ns9q3h7.exe
[2012.02.06 19:59:07 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Bastian\Desktop\dds.com
[2012.02.06 19:57:22 | 000,000,000 | ---- | M] () -- C:\Users\Bastian\defogger_reenable
[2012.02.06 19:56:38 | 000,050,477 | ---- | M] () -- C:\Users\Bastian\Desktop\Defogger.exe
[2012.02.05 16:22:58 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.02.04 19:53:03 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012.02.04 19:53:03 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012.01.27 00:21:24 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012.01.25 18:26:48 | 002,334,360 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.01.23 20:35:13 | 000,000,867 | ---- | M] () -- C:\Windows\ODBC.INI
[2012.01.23 20:06:38 | 000,680,250 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.01.23 20:06:38 | 000,638,028 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.01.23 20:06:38 | 000,148,904 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.01.23 20:06:38 | 000,120,716 | ---- | M] () -- C:\Windows\System32\perfc009.dat
 
========== Files Created - No Company Name ==========
 
[2012.02.07 18:34:05 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.02.06 20:37:01 | 000,244,401 | ---- | C] () -- C:\Users\Bastian\Desktop\Scan_Fehlermeldung.jpg
[2012.02.06 20:16:26 | 000,302,592 | ---- | C] () -- C:\Users\Bastian\Desktop\0ns9q3h7.exe
[2012.02.06 19:57:22 | 000,000,000 | ---- | C] () -- C:\Users\Bastian\defogger_reenable
[2012.02.06 19:56:38 | 000,050,477 | ---- | C] () -- C:\Users\Bastian\Desktop\Defogger.exe
[2012.02.04 19:53:03 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012.02.04 19:53:03 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012.01.25 20:07:22 | 000,027,136 | ---- | C] () -- C:\Users\Bastian\Desktop\Gerätebestandsverzeichnis.xlt
[2011.12.26 18:19:56 | 000,000,000 | ---- | C] () -- C:\ProgramData\Tremolo
[2011.12.26 18:19:56 | 000,000,000 | ---- | C] () -- C:\ProgramData\Synth Pads
[2011.12.26 17:58:49 | 000,000,268 | RH-- | C] () -- C:\ProgramData\User Pictures
[2011.12.26 17:58:49 | 000,000,268 | RH-- | C] () -- C:\Users\Bastian\AppData\Roaming\Trumpet Section
[2011.12.26 17:58:49 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2011.12.26 17:58:49 | 000,000,012 | RH-- | C] () -- C:\ProgramData\filter
[2011.12.26 17:57:25 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2011.12.26 17:57:25 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2011.12.26 17:57:25 | 000,000,000 | ---- | C] () -- C:\Users\Bastian\AppData\Roaming\Tribal Masks
[2011.09.27 11:16:20 | 000,304,128 | ---- | C] () -- C:\Windows\System32\LxDNT100.dll
[2011.09.27 11:14:14 | 000,133,120 | ---- | C] () -- C:\Windows\System32\LxDNTvmc100.dll
[2011.09.27 11:13:58 | 000,069,120 | ---- | C] () -- C:\Windows\System32\LxDNTvm100.dll
[2011.07.29 18:28:04 | 000,000,475 | ---- | C] () -- C:\Users\Bastian\AppData\Roaming\Poladroid prefs.plist
[2010.11.19 12:35:35 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010.10.21 14:18:46 | 000,303,104 | ---- | C] () -- C:\Windows\System32\dnt27VC8.dll
[2010.10.21 14:16:58 | 000,143,360 | ---- | C] () -- C:\Windows\System32\dntvmc27VC8.dll
[2010.10.21 14:16:34 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dntvm27VC8.dll
[2010.01.09 17:07:21 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009.12.15 11:54:28 | 000,000,571 | ---- | C] () -- C:\Windows\System32\FeMakro.ini
[2009.12.15 11:54:28 | 000,000,497 | ---- | C] () -- C:\Windows\System32\FeAnim.ini
[2009.11.21 18:41:45 | 000,000,867 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.11.18 12:11:26 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2009.10.20 18:41:41 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.10.20 18:41:40 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.05.14 22:22:08 | 000,011,264 | ---- | C] () -- C:\Windows\System32\atimuixx.dll
[2008.11.05 22:42:23 | 000,044,032 | ---- | C] () -- C:\Users\Bastian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.11.05 13:01:12 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.11.05 12:24:41 | 000,002,032 | ---- | C] () -- C:\Users\Bastian\AppData\Local\d3d9caps.dat
[2008.10.29 17:13:34 | 000,180,720 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008.08.12 04:04:26 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2008.07.10 20:07:09 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1511.dll
[2008.07.10 20:07:08 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008.07.10 20:07:08 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008.07.10 20:07:08 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2008.07.10 20:04:31 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.07.10 10:22:18 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008.01.21 08:15:58 | 000,680,250 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 08:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 08:15:58 | 000,148,904 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 08:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 002,334,360 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,638,028 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,120,716 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 193 bytes -> C:\ProgramData\TEMP:A5B56640

< End of report >

--- --- ---

baskos · 07.02.2012, 23:03

... und hier Part II ...

2.2 OTL-Systemscan: Extras.txt

OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 07.02.2012 22:22:21 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Bastian\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,62 Gb Available Physical Memory | 53,94% Memory free
3,89 Gb Paging File | 2,32 Gb Available in Paging File | 59,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 224,77 Gb Total Space | 3,33 Gb Free Space | 1,48% Space Free | Partition Type: NTFS
 
Computer Name: BASTIAN-PC | User Name: Bastian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Users\Bastian\Programme\Microsoft Office 2003\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Users\Bastian\Programme\Microsoft Office 2003\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Users\Bastian\Programme\Adobe Flash CS5\Adobe Bridge CS5\Bridge.exe "%L"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03C112F9-A491-45B8-9F1F-21A552804F0A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{04D33225-3FE2-4882-BCF2-9E9A1FFC31BC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{0718F758-7E06-4F62-9284-62FEEA485E9D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{0B575A4A-87C6-4416-B6B3-F1718FFCB9C6}" = rport=137 | protocol=17 | dir=out | app=system | 
"{11A81C67-F885-49C9-B55D-6731FF046FD8}" = lport=445 | protocol=6 | dir=in | app=system | 
"{1E906378-BC49-4092-A600-1DF6F25A3C21}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{200EEAB9-FB7B-47DE-9097-C6176F0B7271}" = lport=138 | protocol=17 | dir=in | app=system | 
"{20F04697-D052-4353-9F53-50597956D9DB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{229870DF-B0A2-4A76-A5AF-5140BE4D9571}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{23580D7F-AE79-4E3B-BA76-ABBEBD4B550C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{27C62C85-0054-426E-8A95-8AEAC2DCDDEE}" = lport=10244 | protocol=6 | dir=in | app=system | 
"{343EAE63-7223-4667-A1EA-180C66015DFC}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{394D7F36-FF00-4912-BB92-2AD09174D641}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{43D20E45-0128-45B1-B869-844351DA797C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{52DB79A9-ED1A-473C-BC4F-FDF2B7E065F3}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{539A75D9-89E5-4DB9-B2B9-A43C771AB8CE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{55231671-1BE7-4D7F-B842-D58B1691EE42}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | 
"{5C8F1A01-12B4-4024-874A-640E429A3738}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{5E4CFF6F-6854-41B0-B3C8-D6203D4514E0}" = lport=3390 | protocol=6 | dir=in | app=system | 
"{5F53D89E-8D62-4A85-91F8-576FC9459F95}" = lport=3390 | protocol=6 | dir=in | app=system | 
"{6662BE47-F631-4074-A2AD-49B8A6B4D2EF}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{6A654DBC-B660-4018-AD47-B0DA7A3EB4E5}" = lport=137 | protocol=17 | dir=in | app=system | 
"{6AC03AF5-73C6-432D-9A93-0C3A93305D06}" = rport=139 | protocol=6 | dir=out | app=system | 
"{7333248C-BC18-46F5-AE01-8E69AF4352E8}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{803CEEE7-E385-427F-84F4-16ED5A37546A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{87709004-51F8-437D-92DD-6839C880945B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{8BB3CF04-1439-4F8D-9752-C1FDE0CC68D8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{8D3EB430-E409-412B-BCE6-93735E2D8D7F}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{9107B1FA-57B1-4AC3-AF54-0F63A02A1E5A}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{9FBFCE04-6D0C-4173-BFEF-815FE8D8EA66}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{A0A5B1BD-F055-4932-B931-3F9D143027F4}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{A559E4C8-CF0B-44B3-8F10-9BEFD9B783E8}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | 
"{A7AF8EAD-671D-484C-986F-ECA314B29028}" = rport=10244 | protocol=6 | dir=out | app=system | 
"{AE4A09B1-9044-4AD0-97F0-9563AFF9416B}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{AF95483A-283B-43CC-B79B-87098804D6D0}" = rport=10244 | protocol=6 | dir=out | app=system | 
"{B7F844D0-572A-47EC-BC50-C81FC5298A8D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{BA2C244D-8A5A-4EE3-88F4-FC5A4533226F}" = lport=139 | protocol=6 | dir=in | app=system | 
"{BBE6AB09-7FE0-45C6-9350-4899B6D725A6}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{BE62309A-3703-4F46-8046-9FACDB2FCFC4}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{C1326EF7-C6F5-495D-9E43-87F81CA07FAA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{C86F8C84-6A85-481D-AB7C-E274C3845466}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{D5064BEE-BFE4-4C75-8492-F179F226C33A}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{D9A50334-1933-4114-8880-33A84C73460C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{DDBE4554-1CFD-48F6-A6C4-6F0CA38C9F17}" = rport=445 | protocol=6 | dir=out | app=system | 
"{DDE7BD70-A1BC-4B5A-B473-ECCD19543102}" = rport=138 | protocol=17 | dir=out | app=system | 
"{E3D28DEA-BE5C-4799-8913-0AE894EEB527}" = lport=49162 | protocol=6 | dir=in | name=akamai netsession interface | 
"{E4B3937D-1210-47A1-BBD9-344C6EBD2A99}" = lport=10244 | protocol=6 | dir=in | app=system | 
"{E5F2AE4D-D538-4FE4-B60A-1B869F6B075D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{EAAC9E5F-4CDC-44C7-A196-EAAE4A6C720B}" = rport=2869 | protocol=6 | dir=out | app=system | 
"{F3632969-183C-4693-B800-1B2B5F467A51}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{F4C37D47-A3DC-4D7C-8B89-1ABB68C809F7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{FA4B2700-9FCE-47B3-8050-AF03F5D36DF2}" = lport=54010 | protocol=6 | dir=in | name=samsung allshare slideshow service | 
"{FC213EB0-69CF-47CA-B25B-8CACC6B29CF1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04794231-8C9D-45D7-9082-DEABB842D42A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{0662CF2D-EEEC-4117-ABAA-FAEFC6F1F841}" = dir=in | app=c:\users\bastian\programme\samsung allshare\allshare\allshareagent.exe | 
"{07BCE2B9-0192-4893-83B8-4AAB44AD850C}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{090788C0-7CC6-4DAC-B9DF-FC20915C83BE}" = protocol=17 | dir=in | app=c:\program files\sybase\sql anywhere 9\win32\dbsrv9.exe | 
"{16AAC398-9D3A-43EB-9F9E-9125B7DE49BD}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{171BCE79-8989-4350-BF34-F8E5D3D752F6}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{1C46FF40-C81B-483F-8604-F051F869EA06}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
"{1DD59665-5F83-4ACE-A06D-83A20BD66AA9}" = dir=in | app=c:\users\bastian\programme\samsung allshare\allshare\allsharedms\allsharedms.exe | 
"{1F0B0422-6423-485D-AE08-DFBF818EBA84}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{1FEC4419-3380-4B4E-AD36-ADF79E1F8F79}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
"{22AE0673-5D05-411D-AF7A-BAADB0C1FE20}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{255F2FF5-3398-4E7C-A85A-AACE30918846}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{37FA9B75-34F8-48F4-8B72-BF07A292454C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{3C9C864C-0E95-49C9-805F-24445924F847}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{4B5ED71D-E45D-4AFE-B723-6555FAD6CE5C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{4BC607D3-995D-4455-A46D-265ADBE6D8B1}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe | 
"{4CB5A8CD-81E7-461F-8CE0-965C36C741B2}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe | 
"{4F14A5B6-0C73-4FD7-B141-B8C64025D08F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{58E45D54-ADC2-44E0-BACA-E2E2377ACEBC}" = protocol=17 | dir=in | app=f:\alicesetup.exe | 
"{5EFAC3E5-351F-469B-BA70-67CC18DCE821}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{60DC75CC-B0C7-406F-8F31-B11D8FF757DB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{64E9E53E-0172-45A0-BD52-3881960CF86C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{68417DAE-EA98-4946-B3F5-1B7E028A98FC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{81314383-BDBA-4CFD-AAE8-FF483AE57117}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{8335A59D-9D6F-4BC5-A0CC-33FDD57BE185}" = protocol=6 | dir=in | app=c:\program files\sybase\sql anywhere 9\win32\dbsrv9.exe | 
"{8940F01B-664A-43A6-869E-1FE9958435B8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{8AE5FACB-1D45-4DDC-BBBF-7F40ACAF55D3}" = dir=in | app=c:\users\bastian\programme\samsung allshare\allshare\allshare.exe | 
"{8CDA1223-0531-4AD8-967A-10E9067E8596}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8FD8D8E1-FD99-440A-8AC4-16FC7048D177}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{95434E62-083F-4C70-BCEE-4EFB224FD78F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9F3A9F73-E2D9-4982-91C6-EDAD65261BD1}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{A2668847-DD69-4B8D-81ED-8C4089353437}" = protocol=6 | dir=out | app=system | 
"{AA766579-D9AD-44B5-BD9C-D0CCBA351387}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe | 
"{AD72E4B3-3B1E-4C32-B945-82C704E1A1C5}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{B27F08AA-BB2C-44A1-BAFE-F9F2102ED84A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{BA0CCA4F-65AE-4448-8558-2F45D2DC42A3}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe | 
"{BF943BE6-CE9B-4838-AF29-0795776B1D28}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{C8CC931B-0A7F-41CF-8CB5-678571486167}" = protocol=6 | dir=in | app=c:\users\bastian\appdata\local\temp\~osfb40.tmp\rlvknlg.exe | 
"{D227107A-4776-4219-9DF9-DAABF3B4F7AB}" = protocol=17 | dir=in | app=c:\users\bastian\appdata\local\akamai\netsession_win.exe | 
"{D28C27C8-954D-4260-A15F-E2E63B33C3E7}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{D3977386-ACA8-4733-94EC-340ECD763C11}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe | 
"{D7788D23-B9DD-4DA0-BC0D-F550FE6C8B22}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{E09D92BE-AE5E-46CD-8D4B-FDF19189C787}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{E2B237D5-044D-4C72-898A-0A78ABC6466F}" = protocol=6 | dir=in | app=f:\alicesetup.exe | 
"{F27EE3E3-F4E3-4FF1-BB9A-4B6234FE9629}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe | 
"{F3845688-9F29-4A2E-8210-600B8D6F06A4}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 | 
"{FA2D3644-9FC7-40BC-A717-32039143729C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{FB223D8A-A4D2-4A68-86C8-668670C1579A}" = protocol=6 | dir=in | app=c:\users\bastian\appdata\local\akamai\netsession_win.exe | 
"{FEABD6E6-A361-437C-A6A2-4CE956006A6A}" = dir=in | app=c:\users\bastian\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"TCP Query User{05046075-78B0-40FE-8C4C-AE8E79F77C89}C:\program files\torrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\torrent\utorrent.exe | 
"TCP Query User{0BF81A11-99DA-4077-8B9C-1DAC0E8E1DBA}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"TCP Query User{27B482AC-A3A8-4E44-89B5-EED29CBD3834}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"TCP Query User{2F6CF75C-15EE-48DF-BEDF-41215D9435FF}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe | 
"TCP Query User{39A0E49E-18BF-42B4-996D-F59EFF1E1F4C}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe | 
"TCP Query User{3B0F49FD-F2EF-472C-9199-98E1E79BA3E5}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"TCP Query User{3C69360F-64BE-401D-AF55-2CA2F7F55793}C:\program files\icq7.4\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"TCP Query User{4D8432BA-3D55-40E5-8107-E273AC3D1261}C:\users\bastian\games\neuer ordner\vww\utherverse vww client\utherverse.exe" = protocol=6 | dir=in | app=c:\users\bastian\games\neuer ordner\vww\utherverse vww client\utherverse.exe | 
"TCP Query User{569D5EF2-39E4-42AC-9EC8-3A05F6766C1B}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{706F108D-C336-4129-9032-DCFE17ADC7AD}C:\users\bastian\programme\napster.exe" = protocol=6 | dir=in | app=c:\users\bastian\programme\napster.exe | 
"TCP Query User{70A0BEDC-6632-4540-BD08-79BC09A6047F}C:\users\bastian\games\utherverse vww client\utherverse.exe" = protocol=6 | dir=in | app=c:\users\bastian\games\utherverse vww client\utherverse.exe | 
"TCP Query User{8135116D-DB00-42C7-BA77-125FBCC144FE}C:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe" = protocol=6 | dir=in | app=c:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe | 
"TCP Query User{96F2050E-76D3-42EC-A449-D0939BD8A008}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{99B4D563-AE23-4E0C-8E87-42174E34C4F5}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{A48682C0-EC1B-4A3F-831E-CDBB51840E87}C:\users\bastian\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\bastian\appdata\local\akamai\netsession_win.exe | 
"TCP Query User{AA4E226A-39F9-4218-9B91-7C32F04056AC}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"TCP Query User{AF0769DB-FC3B-4CEA-BCBB-D2558A984870}C:\users\bastian\appdata\roaming\u3\1101211130819585\0de4f643-c398-46ec-9339-2362f2311932\exec\skype.exe" = protocol=6 | dir=in | app=c:\users\bastian\appdata\roaming\u3\1101211130819585\0de4f643-c398-46ec-9339-2362f2311932\exec\skype.exe | 
"TCP Query User{BABDEE80-6723-4F4F-B22C-22DA6FA638F5}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{C404CEFA-CC40-4D01-8E51-FB90B0803CFB}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"TCP Query User{D28C6848-AF51-478F-B6DC-E39865D3381C}C:\users\bastian\programme\napster.exe" = protocol=6 | dir=in | app=c:\users\bastian\programme\napster.exe | 
"TCP Query User{DC988CDA-545B-4CC1-B7EC-CAE058C3E47E}C:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe" = protocol=6 | dir=in | app=c:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe | 
"TCP Query User{DD2499E6-A59A-46A5-A01F-93AF8B68E6BC}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"TCP Query User{EA098D97-DF9D-46E0-A204-F4CFE8BFB39E}C:\users\bastian\laufwerk d\games\second life\secondlife\slvoice.exe" = protocol=6 | dir=in | app=c:\users\bastian\laufwerk d\games\second life\secondlife\slvoice.exe | 
"TCP Query User{F3C290ED-B9D2-4C44-B7AF-6162C2EC3C6D}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"UDP Query User{0287051C-D1AB-4B57-919A-48F1AC0BEFC0}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"UDP Query User{065AB38E-C166-48A2-B238-037A97F6B69F}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe | 
"UDP Query User{1350EAC6-0248-487E-9CAA-6DE567145EC6}C:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe" = protocol=17 | dir=in | app=c:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe | 
"UDP Query User{16DAAEFD-4D95-40A7-B6D7-ECDF4EC536B7}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{19DF5B3F-E4AD-4F91-9D52-11E53A5D6196}C:\users\bastian\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\bastian\appdata\local\akamai\netsession_win.exe | 
"UDP Query User{1CE2624F-261A-4EAD-8C35-19CDEA217CCB}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{1E5F6F77-0A7D-4267-B0AA-E6A9B1F2C5A9}C:\users\bastian\laufwerk d\games\second life\secondlife\slvoice.exe" = protocol=17 | dir=in | app=c:\users\bastian\laufwerk d\games\second life\secondlife\slvoice.exe | 
"UDP Query User{43E4C203-6DAD-4B1D-8F72-431A3BC3983A}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{53C76217-5B2F-4FF0-9900-6E210D215AF6}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{7E1DD749-37F5-40B1-8124-93FD4362F6B2}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{87146C51-3D04-40B4-B80E-ED5ABBB1D991}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe | 
"UDP Query User{9008E24A-47B8-4C9A-AEDF-6E4F3EBC37F8}C:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe" = protocol=17 | dir=in | app=c:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe | 
"UDP Query User{9B237D55-D209-4ACD-AFDA-5817409B5913}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{A64D988B-9CAA-4D8D-BB70-A98A80778E21}C:\users\bastian\appdata\roaming\u3\1101211130819585\0de4f643-c398-46ec-9339-2362f2311932\exec\skype.exe" = protocol=17 | dir=in | app=c:\users\bastian\appdata\roaming\u3\1101211130819585\0de4f643-c398-46ec-9339-2362f2311932\exec\skype.exe | 
"UDP Query User{B1BAB209-8454-4812-8846-7909C1C4381F}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"UDP Query User{B6838499-BF06-4593-9813-5671BC444F44}C:\users\bastian\programme\napster.exe" = protocol=17 | dir=in | app=c:\users\bastian\programme\napster.exe | 
"UDP Query User{CAB114B0-446F-4DEE-AF29-7F4B41FDCE7C}C:\users\bastian\games\neuer ordner\vww\utherverse vww client\utherverse.exe" = protocol=17 | dir=in | app=c:\users\bastian\games\neuer ordner\vww\utherverse vww client\utherverse.exe | 
"UDP Query User{DED8C393-1B9B-4D54-BB47-FD3F01DD87A1}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"UDP Query User{E0F1ADDE-9FF3-45EE-9870-BC8D0F61132B}C:\users\bastian\games\utherverse vww client\utherverse.exe" = protocol=17 | dir=in | app=c:\users\bastian\games\utherverse vww client\utherverse.exe | 
"UDP Query User{E3FF8BFF-3422-4E1F-B2B0-CFDE8528A164}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"UDP Query User{E7694FFF-7D1C-4E84-A80F-7FA2F7316E00}C:\program files\icq7.4\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"UDP Query User{EE46AD3E-4B3D-4923-8DC8-E7AE1420D061}C:\users\bastian\programme\napster.exe" = protocol=17 | dir=in | app=c:\users\bastian\programme\napster.exe | 
"UDP Query User{EF1D2F7C-D8C2-453E-B68E-56FEF123B849}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"UDP Query User{F2D270D2-1F70-4241-A24D-D7FB3F59D97C}C:\program files\torrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\torrent\utorrent.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}" = Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0B9B76C9-4967-59FC-C994-191AEA152F04}" = ATI Catalyst Install Manager
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{12D0BE8D-538C-4AB1-86DE-C540308F50DA}" = VAIO Content Metadata Manager Settings
"{1316AEF2-E086-46C7-B1FB-8C9A39A2ABF9}" = VAIO Media plus
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{14866AAD-1F23-39AC-A62B-7091ED1ADE64}" = Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729
"{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18510937-0146-417B-95D8-14706649C384}" = VAIO Content Metadata Manager Settings
"{1B47F7BA-7CF9-4F00-9340-099E3A004059}" = VAIO Update Merge Module x86
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{2018C019-30D9-4240-8C01-0865C10DCF5A}" = Unterstützung für VAIO-Präsentation
"{202F2838-156B-FC76-013F-9241B9673F39}" = CCC Help Thai
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{26921B2E-3E62-47F9-A514-1FC4A83BD738}" = Intel(R) PROSet/Wireless WiFi-Software
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 24
"{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}" = VAIO Content Metadata XML Interface Library
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2EEC4A52-7705-4BB4-BF45-64008EB5D0F1}" = Audials
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{325ED81A-EC15-7CE8-729B-0392A1DD3854}" = CCC Help Czech
"{326DC400-1FC4-4D7D-946D-06D1EAB93200}" = VAIO Guide
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3B659FAD-E772-44A3-B7E7-560FF084669F}" = VAIO Smart Network
"{3CCA23DD-CEDA-CC7F-C74C-4D1EDAE919AA}" = Catalyst Control Center Graphics Full New
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{42DD2173-B7CA-8AB3-8AC2-40DFE2CA6FBC}" = CCC Help German
"{430DD2C5-65FD-9781-F9F2-693CAF05CD10}" = Catalyst Control Center InstallProxy
"{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{49B8916D-1DEA-F18A-731F-BF0FE209C63B}" = CCC Help Chinese Standard
"{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}" = Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox
"{4EEAF8D8-CB79-06CA-A566-EAC1726DAABB}" = CCC Help Finnish
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{540DB82A-EE11-BBC1-8BD8-BB7D937A53A4}" = CCC Help Hungarian
"{566BB41D-F006-4956-A5D3-94D8DFFA7F51}" = Adobe Setup
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5882396B-9FB3-37AC-1AE1-5EA344BD7705}" = Catalyst Control Center Graphics Previews Vista
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5BA149D9-D5FA-5AB3-400B-9F1BF424B7CE}" = CCC Help Chinese Traditional
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}" = 
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}" = Nikon Movie Editor
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Energie Verwaltung
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{624E54D0-E4F4-434F-9EF6-D4D066EE4348}" = Facebook Video Calling 1.1.1.1
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{642F96CC-1D3B-20DE-8673-44EE15B3DC2F}" = CCC Help Portuguese
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D26ACF9-4919-0744-C509-28EAF53112D4}" = CCC Help Dutch
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{710BF966-43C8-4216-A8EC-BC4E169FF7C1}" = MobileMe Control Panel
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71256374-2053-CF0F-BD54-20082980B95C}" = Catalyst Control Center Graphics Full Existing
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{737D8F4D-24D4-D626-DEC0-9E39A6166890}" = CCC Help Danish
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{74B705C2-173A-FFD1-98BC-AD5FB647AB38}" = CCC Help Polish
"{76DAEC83-AF7B-333C-8A53-83D7C7D39199}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU
"{784BDC03-2D22-BCAE-5CAC-84AFA799FBDE}" = CCC Help Turkish
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BD0D8F8-A13C-48D2-B201-4AD29A48AF34}" = Google SketchUp 7
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C404084-C5A6-42FF-B731-0BAC79A6E134}" = VAIO Original Funktion Einstellungen
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8572CE7D-46B0-70B3-96CD-534F07B35F5D}" = CCC Help Italian
"{87544F2E-CCA5-01BC-AEBC-D8C1D759EE61}" = CCC Help English
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BD60AEF-3F9D-47AE-B80A-FB7FFCE335A0}" = VAIO Movie Story
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{8E87B944-4815-3C5E-947F-5035C9F64362}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{90B38901-52C8-85A7-D6C8-9A5592C9FCAA}" = CCC Help Greek
"{91510409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95229EF6-F4A1-413A-BA50-668311FAFE19}" = VAIO Original Function Settings
"{9648D00F-0589-619B-6114-BF2A0620168B}" = CCC Help Korean
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" = 
"{9805E4EE-9B66-CABD-AF6B-4B84F2A8EF46}" = Skins
"{989ED050-E296-4FDC-9E4E-C48B4AF76E32}" = VAIO Content Metadata Intelligent Analyzing Manager
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AC34FA1-BCDE-1D09-5DB7-EB6A064FDEA9}" = CCC Help Spanish
"{9B973FC0-E71F-6F89-10D6-1BFD063D1707}" = CCC Help Swedish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9EAC0E21-510E-4259-A9C6-F5D5B8969036}" = Catalyst Control Center - Branding
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3563827-B0DB-44DC-B037-15CC4E5E692F}" = VAIO Content Metadata XML Interface Library
"{A3979A05-6834-D0A7-75CD-71B5A9E5F4C0}" = Catalyst Control Center Localization All
"{A62F50D4-EED7-4417-A382-E89ABCF11BAC}" = SketchUp DWG Importer
"{A6F21795-E629-35B2-9487-00A8363B28AA}" = Catalyst Control Center Graphics Light
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.3 - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AEA6A4C2-7C4E-48F9-A770-879DE2EDEE1B}" = OpenMG Secure Module 5.4.00
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B1991F22-4F93-4D11-9866-A7DFE551DF9E}" = VAIO Content Metadata Intelligent Analyzing Manager
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3668C08-EBB1-40F4-B4F9-4F8E13501A7D}" = VAIO Entertainment Platform
"{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}" = Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{BACD22AE-5B6B-4F23-B506-3FCFF13AC137}" = VAIO Media plus
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}" = Adobe Flash Player 10 Plugin
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C0482AA0-9CDF-49B4-9B39-551FD1A7A7E6}" = VAIO Movie Story 1.5 Upgrade
"{C0AD2831-3398-A078-CBEB-39A6B381BB56}" = CCC Help Japanese
"{C18A02EC-966B-E7A7-9AC9-082F770ABF9B}" = CCC Help Russian
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C9C390CC-F9B9-EFE8-27DF-6EB7FF8F8760}" = CCC Help Norwegian
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CD431A7B-88D8-0823-E66F-CCFAEA6DA7B4}" = ccc-core-static
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF0F8D1B-5FB9-468D-BD88-E6239906D2B7}" = Click to Disc
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D47E6B9C-F5A5-23B7-AB6A-3806AD4C9529}" = ccc-utility
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D6DA6836-77C2-5338-10E3-D7A6CD65681D}" = Catalyst Control Center Core Implementation
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA8F979E-43B9-3EEC-721C-F297D9509992}" = Catalyst Control Center Graphics Previews Common
"{DE3BB35E-C0CE-4CA1-9CB4-CD9E69364BD9}" = Adobe Premiere Pro CS4
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" = 
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer
"{FE0782BC-7AB0-CF6A-6E38-D3040462C7EC}" = CCC Help French
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"5513-1208-7298-9440" = JDownloader 0.9
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Akamai" = Akamai NetSession Interface Service
"Any DWG DXF Converter_is1" = Any DWG DXF Converter 2010
"avast" = avast! Internet Security
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"BroadGun pdfMachine" = BroadGun pdfMachine
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DivX Setup" = DivX-Setup
"dt icon module" = 
"ffdshow_is1" = ffdshow v1.1.3562 [2010-09-07]
"gtfirstboot Setting Request" = 
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{AEA6A4C2-7C4E-48F9-A770-879DE2EDEE1B}" = OpenMG Secure Module 5.4.00
"Live 8.1.4" = Live 8.1.4
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"MarketingTools" = VAIO Marketing Tools
"MFU Module" = 
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MKV Player_is1" = MKV Player 1.0
"MonochromiX_is1" = MonochromiX 1.41
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MPKminiEditor" = MPK mini Editor
"Pixie_is1" = Pixie 1.4.1
"ProInst" = Intel PROSet Wireless
"SopCast" = SopCast 3.2.4
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Utherverse VWW Client" = Utherverse VWW Client
"VAIO Help and Support" = 
"Veetle TV" = Veetle TV 0.9.18
"VirtualCloneDrive" = VirtualCloneDrive
"vShare" = vShare Plugin
"WinRAR archiver" = WinRAR
"YTdetect" = Yahoo! Detect
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
 
========== Last 10 Event Log Errors ==========
 
[ Antivirus Events ]
Error - 18.11.2009 08:05:03 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 23.11.2009 13:01:06 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 06.05.2010 17:22:17 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 17.07.2010 16:56:18 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 25.07.2010 06:45:04 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 26.07.2010 15:35:11 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 14.08.2010 06:38:27 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 14.09.2010 16:39:58 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 14.10.2010 11:55:56 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 20.11.2010 10:31:38 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
[ Application Events ]
Error - 07.02.2012 15:25:57 | Computer Name = Bastian-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 07.02.2012 15:25:58 | Computer Name = Bastian-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 07.02.2012 15:25:58 | Computer Name = Bastian-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 07.02.2012 15:25:58 | Computer Name = Bastian-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 07.02.2012 15:25:58 | Computer Name = Bastian-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 07.02.2012 15:25:58 | Computer Name = Bastian-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 07.02.2012 15:25:58 | Computer Name = Bastian-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 07.02.2012 15:25:58 | Computer Name = Bastian-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 07.02.2012 17:15:01 | Computer Name = Bastian-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 07.02.2012 17:15:41 | Computer Name = Bastian-PC | Source = WinMgmt | ID = 10
Description = 
 
[ Media Center Events ]
Error - 14.02.2011 15:22:58 | Computer Name = Bastian-PC | Source = Mcx2Dvcs | ID = 401
Description = 
 
[ System Events ]
Error - 07.02.2012 13:13:37 | Computer Name = Bastian-PC | Source = ipnathlp | ID = 34001
Description = ICS_IPV6 konnte den IPv6-Stapel nicht konfigurieren.
 
Error - 07.02.2012 13:13:37 | Computer Name = Bastian-PC | Source = ipnathlp | ID = 30013
Description = Die DHCP-Zuweisung wurde für IP-Adresse 192.168.1.53 deaktiviert, 
da die IP-Adresse außerhalb des Bereichs 192.168.0.0/255.255.255.0 liegt, von der
 die Adressen DHCP-Clients zu gewiesen werden. Ändern Sie den Bereich, sodass die
 IP-Adresse mit einbezogen wird, oder ändern Sie die IP-Adresse, sodass sie innerhalb
 dieses Bereichs liegt, um die DHCP-Zuweisung zu aktivieren.
 
Error - 07.02.2012 13:13:57 | Computer Name = Bastian-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 07.02.2012 13:13:57 | Computer Name = Bastian-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 07.02.2012 17:13:57 | Computer Name = Bastian-PC | Source = volmgr | ID = 262193
Description = Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist
 fehlgeschlagen. Stellen  Sie sicher, dass eine Auslagerungsdatei auf der Startpartition
 vorhanden ist und dass diese  groß genug ist, um den gesamten physikalischen Speicher
 abbilden zu können.
 
Error - 07.02.2012 17:14:22 | Computer Name = Bastian-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = 
 
Error - 07.02.2012 17:15:04 | Computer Name = Bastian-PC | Source = ipnathlp | ID = 34001
Description = ICS_IPV6 konnte den IPv6-Stapel nicht konfigurieren.
 
Error - 07.02.2012 17:15:04 | Computer Name = Bastian-PC | Source = ipnathlp | ID = 30013
Description = Die DHCP-Zuweisung wurde für IP-Adresse 192.168.1.53 deaktiviert, 
da die IP-Adresse außerhalb des Bereichs 192.168.0.0/255.255.255.0 liegt, von der
 die Adressen DHCP-Clients zu gewiesen werden. Ändern Sie den Bereich, sodass die
 IP-Adresse mit einbezogen wird, oder ändern Sie die IP-Adresse, sodass sie innerhalb
 dieses Bereichs liegt, um die DHCP-Zuweisung zu aktivieren.
 
Error - 07.02.2012 17:15:42 | Computer Name = Bastian-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 07.02.2012 17:15:42 | Computer Name = Bastian-PC | Source = Service Control Manager | ID = 7000
Description = 
 
 
< End of report >

--- --- ---

3. Ccleaner

Code:

ATTFilter

7-Zip 9.20		17.11.2010	3,54MB	
Adobe AIR	Adobe Systems Inc.	18.09.2010		1.5.3.9120
Adobe Community Help	Adobe Systems Incorporated	18.09.2010	2,52MB	3.0.0.400
Adobe Flash Player 10 Plugin	Adobe Systems, Inc.	18.09.2010	2,39MB	10.1.52.14
Adobe Flash Player 10 Plugin	Adobe Systems Incorporated	20.08.2010		10.1.82.76
Adobe Flash Player 11 ActiveX	Adobe Systems Incorporated	18.11.2011		11.1.102.55
Adobe Media Player	Adobe Systems Incorporated	22.11.2009	2,95MB	1.1
Adobe Reader 8.1.3 - Deutsch	Adobe Systems Incorporated	09.06.2009	99,8MB	8.1.3
Akamai NetSession Interface		19.12.2011	5,98MB	
Akamai NetSession Interface Service		08.11.2011	5,98MB	
Any DWG DXF Converter 2010	AnyDWG Software, Inc.	10.05.2010	9,91MB	
Apple Application Support	Apple Inc.	12.12.2011	61,1MB	2.1.6
Apple Mobile Device Support	Apple Inc.	20.11.2011	24,1MB	4.0.0.97
Apple Software Update	Apple Inc.	05.08.2011	2,38MB	2.1.3.127
ArcSoft WebCam Companion 2	ArcSoft	04.11.2008	22,6MB	
ATI Catalyst Install Manager	ATI Technologies, Inc.	25.12.2011	13,7MB	3.0.710.0
Audials	RapidSolution Software AG	14.05.2011	292MB	8.0.46302.200
avast! Internet Security	AVAST Software	02.12.2011	365MB	6.0.1367.0
Bonjour	Apple Inc.	13.10.2011	0,73MB	3.0.0.10
BroadGun pdfMachine		14.12.2009		
Browser Address Error Redirector		04.11.2008		
CCleaner	Piriform	06.02.2012	4,24MB	3.15
Click to Disc	Sony Corporation	25.12.2011	68,1MB	1.2.73.04270
Click to Disc Editor	Sony Corporation	25.12.2011	185,6MB	2.0.03.04150
DivX-Setup	DivX, LLC	28.12.2011	3,41MB	2.6.1.3
Facebook Video Calling 1.1.1.1	Skype Limited	25.01.2012	3,93MB	1.1.1
ffdshow v1.1.3562 [2010-09-07]		18.11.2010	17,0MB	1.1.3562.0
FreeMind		01.02.2011	16,3MB	0.9.0_RC_14
Google SketchUp 7	Google, Inc.	09.05.2010	67,5MB	2.1.6863
Google Toolbar for Internet Explorer	Google Inc.	17.01.2012	48,1MB	
HDAUDIO SoftV92 Data Fax Modem with SmartCP		09.07.2008	1,02MB	
Intel(R) PROSet/Wireless WiFi-Software	Intel(R) Corporation	11.08.2008	78,3MB	12.00.0004
iTunes	Apple Inc.	20.01.2012	171,0MB	10.5.3.3
Java(TM) 6 Update 24	Sun Microsystems, Inc.	08.03.2009	94,4MB	6.0.240
Java(TM) 6 Update 6	Sun Microsystems, Inc.	09.07.2008	171,1MB	1.6.0.60
JDownloader 0.9	AppWork GmbH	31.12.2011	62,3MB	0.9
Live 8.1.4		06.12.2010	4.390MB	
Malwarebytes Anti-Malware Version 1.60.1.1000	Malwarebytes Corporation	06.02.2012	11,5MB	1.60.1.1000
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU	Microsoft Corporation	22.10.2009	37,0MB	
Microsoft .NET Framework 3.5 SP1	Microsoft Corporation	18.07.2009	37,0MB	
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	25.06.2010	120,3MB	4.0.30319
Microsoft Office 2003 Web Components	Microsoft Corporation	30.10.2011	21,7MB	11.0.8003.0
Microsoft Office Professional Edition 2003	Microsoft Corporation	10.01.2012	306MB	11.0.8173.0
Microsoft Office Small Business Connectivity Components	Microsoft Corporation	11.08.2008	0,15MB	2.0.7024.0
Microsoft Office Visio Professional 2003	Microsoft Corporation	31.10.2011	157,7MB	11.0.8173.0
Microsoft Silverlight	Microsoft Corporation	29.10.2011	20,4MB	4.0.60831.0
Microsoft SQL Server 2005	Microsoft Corporation	30.10.2011	42,7MB	
Microsoft SQL Server Native Client	Microsoft Corporation	30.10.2011	2,63MB	9.00.5000.00
Microsoft SQL Server VSS Writer	Microsoft Corporation	30.10.2011	0,68MB	9.00.5000.00
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	30.10.2011	0,29MB	8.0.56336
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729	Microsoft Corporation	25.09.2011	0,23MB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	07.05.2010	0,58MB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	14.12.2010	0,58MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	30.10.2011	0,58MB	9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219	Microsoft Corporation	26.12.2011	11,1MB	10.0.40219
Microsoft Visual Studio Tools for Applications 2.0 - ENU	Microsoft Corporation	30.10.2011	215MB	9.0.30729
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU	Microsoft Corporation	10.01.2011	96,1MB	9.0.30729
Microsoft Visual Studio Tools for Applications 2.0 Runtime	Microsoft Corporation	10.01.2011	0,15MB	9.0.30729
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU	Microsoft Corporation	10.01.2011	0,22MB	9.0.30729
Microsoft WSE 3.0 Runtime	Microsoft Corp.	22.01.2012	0,92MB	3.0.5305.0
MKV Player 1.0	vsevensoft.com	18.11.2010	13,5MB	
MobileMe Control Panel	Apple Inc.	16.12.2011	12,9MB	3.1.8.0
MonochromiX 1.41	Joachim Koopmann Software	24.07.2011	43,3MB	
Mozilla Firefox (3.6.8)	Mozilla	20.08.2010	29,7MB	3.6.8 (de)
MPK mini Editor		22.11.2010	10,9MB	
MSXML 4.0 SP2 (KB936181)	Microsoft Corporation	04.11.2008	1,27MB	4.20.9848.0
MSXML 4.0 SP2 (KB941833)	Microsoft Corporation	06.11.2008	1,27MB	4.20.9849.0
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	11.11.2008	1,28MB	4.20.9870.0
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	25.11.2009	1,34MB	4.20.9876.0
Music Transfer	Sony Corporation	11.08.2008	40,7MB	1.2.00.17290
Napster	Napster	13.05.2011	28.691MB	4.6.4.0
Nikon Movie Editor	Nikon	25.12.2011	27,0MB	2.2.4
OpenMG Secure Module 5.4.00	Sony Corporation	25.12.2011		5.4.00.04020
PDFCreator	Frank Heindörfer, Philip Chinery	17.11.2009	20,8MB	0.9.8
Pixie 1.4.1	Pixie Developers	14.12.2009	11,4MB	1.4.1
QuickTime	Apple Inc.	20.11.2011	73,3MB	7.71.80.42
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	09.07.2008	22,0MB	6.0.1.5653
Roxio Easy Media Creator 10 LJ	Roxio	04.11.2008	5,25MB	10.1
Setting Utility Series	Sony Corporation	09.07.2008	10,5MB	4.1.00.07030
Skype™ 3.8	Skype Technologies S.A.	11.08.2008	28,0MB	3.8.115
Sony Picture Utility	Sony Corporation	11.08.2008	229MB	3.2.02.06170
Sony Video Shared Library	Sony Corporation	11.08.2008	4,06MB	3.4.00
SopCast 3.2.4	SopCast.com	02.11.2009	8,69MB	3.2.4
Spelling Dictionaries Support For Adobe Reader 8	Adobe Systems	09.06.2009	32,5MB	8.0.0
Synaptics Pointing Device Driver	Synaptics	09.07.2008	12,9MB	9.1.13.0
Unterstützung für VAIO-Präsentation	Sony Corporation	11.08.2008	3,55MB	1.0.00.04240
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)	Microsoft Corporation	30.10.2011	23,2MB	9.00.5000.00
Utherverse VWW Client	Utherverse Digital Inc	25.05.2010	418MB	1.9.2361
VAIO Content Folder Setting	Sony Corporation	11.08.2008	6,77MB	2.0.00.17290
VAIO Content Metadata Intelligent Analyzing Manager	Sony Corporation	25.12.2011	29,4MB	3.6.1.12010
VAIO Content Metadata Manager Settings	Sony Corporation	25.12.2011	5,27MB	3.6.0.09240
VAIO Content Metadata XML Interface Library	Sony Corporation	25.12.2011	2,70MB	3.6.0.09080
VAIO Control Center	Sony Corporation	09.07.2008	4,65MB	3.1.00.07040
VAIO Data Restore Tool	Sony Corporation	11.08.2008	6,50MB	1.0.04.01170
VAIO DVD Menu Data Basic	Sony Corporation	11.08.2008	543MB	1.0.00.08130
VAIO Energie Verwaltung	Sony Corporation	09.07.2008	6,46MB	3.1.00.06190
VAIO Entertainment Platform	Sony Corporation	25.12.2011	4,66MB	3.4.1.15040
VAIO Event Service	Sony Corporation	09.07.2008	6,18MB	4.1.00.07070
VAIO Guide	Sony Corporation	11.08.2008	10,3MB	2.4.00.06190
VAIO Launcher	Sony Corporation	11.08.2008	7,50MB	2.1.00.06130
VAIO Marketing Tools	Sony Corporation	04.11.2008	0,53MB	
VAIO Media plus	Sony Corporation	11.08.2008	61,8MB	1.1.00.05240
VAIO Movie Story	Sony Corporation	11.08.2008	57,3MB	1.5.01.05120
VAIO Movie Story Template Data	Sony Corporation	11.08.2008	399MB	1.5.01.05120
VAIO MusicBox	Sony Corporation	11.08.2008	64,5MB	2.1.00.06110
VAIO MusicBox Sample Music	Sony Corporation	11.08.2008	90,2MB	1.1.00.14140
VAIO Original Funktion Einstellungen	Sony Corporation	25.12.2011	1,77MB	2.0.2.02240
VAIO Smart Network	Sony Corporation	11.08.2008	24,5MB	2.1.00.06270
VAIO Update	Sony Corporation	25.12.2011	26,6MB	5.5.3.10280
VAIO Wallpaper Contents	Sony Corporation	09.07.2008	118,6MB	1.2.00.05200
Veetle TV 0.9.18	Veetle, Inc	11.04.2011	36,3MB	0.9.18
VirtualCloneDrive	Elaborate Bytes	10.12.2009	2,23MB	
vShare Plugin		24.09.2010	1,13MB	
WinDVD for VAIO	InterVideo Inc.	11.08.2008	100,5MB	8.0-B9.513
WinRAR		04.11.2008	3,73MB

Ich hoffe das sind die richtigen Daten, die Du benötigst.

Beste Grüße
Bastian

kira · 08.02.2012, 09:56

1.
Windows Defender:
Parallel zu ein AV-Programm nicht Empfehlenswert aktiv laufen lassen, weil dadurch können sich in die Quere kommen. Bitte dich ihn so zu deaktivieren: -> Aktivieren und Deaktivieren von Windows Defender
Windows Defender komplett deaktivieren

Start => Systemsteuerung => Klassische Ansicht => Windows Defender oder
Windows Defender starten (C:\Programme\Windows Defender\MSASCui.exe)

Extras => Optionen => Automatische Überprüfung => Haken bei "Computer automatisch überprüfen" entfernen.
Extras => Optionen => Echtzeitschutz => Haken bei "Echtzeitschutz aktivieren" entfernen.
Extras => Optionen => Administrator => Haken bei "Dieses Programm verwenden" entfernen.

Start => services.msc ins Suchfeld eingeben.
Es öffnet sich das Fenster der Dienste
Doppelklick auf den Dienst "Windows Defender"
Starttyp auf "Manuell" umstellen.
Dienststatus beenden, falls der Dienst noch gestartet ist.
► Nach einem Neustart (falls noch existirt) unter "Start-> ausführen-> "msconfig" (reinschreiben ohne ""-> OK -> Systemstart kontrolliere, ob mitläuft?! - ggf Häckhen rausnehmen
► Unter Dienste:
Start -> Ausführen -> "Services.msc" -> (reinschreiben ohne ""-> OK" - "Eigenschaften"-> "Stop" -> Starttyp "Deaktiviert" auswählen

2.
unter Systemsteuerung-> Systemsteuereung/Software/Programme ...
und wenn ohne deine Erlaubnis installiert wurde und nicht benötigst, kannst deinstallieren:

Code:

ATTFilter

vShare.tv plugin

- Manche Erweiterungen wollen sich doch nur wichtig machen

3.
Hast Du absichtlich die IP so als Proxy eingestellt?

Code:

ATTFilter

"ProxyOverride" = *.local;127.0.0.1:9421;

Wenn ja, warum? Wenn nein:
wenn du keinen Proxyserver lokal installiert hast, nimm die Proxyeinstellungen aus den Interneteinstellungen raus
im Internet Explorer:
Extras => Internetoptionen => Verbindungen => Lan-Einstellungen
Haken bei Proxyserver für LAN verwenden und Proxyserver für lokale Adressen umgehen entfernen.

4.

Zitat:

Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)

Fixen mit OTL

Starte die OTL.exe.
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Kopiere folgendes Skript:

Code:

ATTFilter

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
IE - HKCU\..\URLSearchHook:  - No CLSID value found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O4 - HKCU..\Run: [AdobeBridge]  File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{01bc9f80-8187-11de-9821-0016ea88e0fc}\Shell - "" = AutoRun
O33 - MountPoints2\{01bc9f80-8187-11de-9821-0016ea88e0fc}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{01bc9f85-8187-11de-9821-0016ea88e0fc}\Shell - "" = AutoRun
O33 - MountPoints2\{01bc9f85-8187-11de-9821-0016ea88e0fc}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{10cf1921-7a2a-11de-bd08-0016ea88e0fc}\Shell - "" = AutoRun
O33 - MountPoints2\{10cf1921-7a2a-11de-bd08-0016ea88e0fc}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{3b02915e-7ce5-11de-9ce6-001dba20e3f6}\Shell - "" = AutoRun
O33 - MountPoints2\{3b02915e-7ce5-11de-9ce6-001dba20e3f6}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{3b029173-7ce5-11de-9ce6-001dba20e3f6}\Shell - "" = AutoRun
O33 - MountPoints2\{3b029173-7ce5-11de-9ce6-001dba20e3f6}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{3b029175-7ce5-11de-9ce6-001dba20e3f6}\Shell - "" = AutoRun
O33 - MountPoints2\{3b029175-7ce5-11de-9ce6-001dba20e3f6}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{61974329-7a29-11de-bdcd-0016ea88e0fc}\Shell - "" = AutoRun
O33 - MountPoints2\{61974329-7a29-11de-bdcd-0016ea88e0fc}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{fa36a04d-7947-11de-b909-0016ea88e0fc}\Shell - "" = AutoRun
O33 - MountPoints2\{fa36a04d-7947-11de-b909-0016ea88e0fc}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{fa36a074-7947-11de-b909-0016ea88e0fc}\Shell - "" = AutoRun
O33 - MountPoints2\{fa36a074-7947-11de-b909-0016ea88e0fc}\Shell\AutoRun\command - "" = G:\AutoRun.exe
[2012.02.07 20:25:06 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-785008340-4188271884-3774010068-1003UA.job
[2012.02.06 23:25:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-785008340-4188271884-3774010068-1003Core.job
@Alternate Data Stream - 193 bytes -> C:\ProgramData\TEMP:A5B56640
:Commands
[purity]
[emptytemp]

und füge es hier ein:
Schließe alle Programme.
Klicke auf den Fix Button.
Klick auf .
OTL verlangt einen Neustart. Bitte zulassen.
Nach dem Neustart findest Du ein Textdokument.
Kopiere den Inhalt hier in Deinen Thread.

5.
Aktualisieren:

Zitat:

Mozilla Firefox (3.6.8)

6.
Deine Javaversion ist nicht aktuell!
Da aufgrund alter Sicherheitslücken ist Java sehr anfällig, deinstalliere zunächst alle vorhandenen Java-Versionen:
→ Systemsteuerung → Software → deinstallieren...
→ Rechner neu aufstarten
→ Downloade nun die Offline-Version von Java Version 6 Update 30 von Oracle herunter
Achte darauf, eventuell angebotene Toolbars abwählen (den Haken bei der Toolbar entfernen)!

7.
Adobe Reader aktualisieren :
- Bei Installation aufpassen/mitlesen!: Wenn irgendeine Software, Toolbar etc angeboten wird, bitte abwählen! - (z.B "McAfee Security Scan Plus")
Adobe Reader
Oder: Adobe starten-> gehe auf "Hilfe"-> "Nach Update suchen..."

8.
reinige dein System mit CCleaner:

"Cleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
"Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
Starte dein System neu auf

9.
lade Dir HijackThis 2.0.4 von *von hier* herunter

10.
► Empfehlungen/Vorschläge:
An deiner Stelle würde ich aus dem Autostart folgende Programme rausnehmen:
Beim Hochfahren von Windows werden einige Programme mit gestartet, die sich (mit oder ohne Zustimmung des Users) im Autostart eingetragen haben
Je mehr Programme hier aufgeführt sind, umso langsamer startet Windows. Deshalb kann es sinnvoll sein, Software die man nicht unbedingt immer benötigt, aus dem Autostart zu entfernen.- Bei allem Häkchen weg was nicht starten soll.
Die Programme bleiben dabei erhalten, falls man braucht, kann jederzeit manuell gestartet werden!

Code:

ATTFilter

Du solltest nie deaktivieren :
Grafiktreibers
Firewall
Antivirenprogramm
Sound

Es ist immer Benutzerspezifisch (ein allgemein gültiges Rezept gibt es nicht), Tipps kann ich Dir geben

[U]um den Autostart von Windows 7 zu verwalten:
► "Start -> Alle Programme-> Zubehör-> Ausführen" .. und gibst Du "msconfig" (ohne "") ein ->OK

(Autostart-Einträge, die Du nicht findest, einfach mit HijackThis fixen:
Alle Programme, Browser etc schließen→ HijackTis starten→ "Do a system scan only" anklicken→ Eintrag auswählen→ "Fix checked"klicken→ PC neu aufstarten
HijackThis erstellt ein Backup, Falls bei "Fixen" etwas schief geht, kann man unter "View the list of backups"- die Objekte wiederherstellen [/size]

Code:

ATTFilter

O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" File not found
O4 - HKLM..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MarketingTools] C:\Programme\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe File not found
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Users\Bastian\Programme\Virtual Clone Drive\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Bastian\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Bastian\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe File not found
O4 - HKCU..\Run: [ICQ] "C:\PROGRA~1\ICQ6.5\ICQ.exe" silent File not found
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)

Achtung!:
Für die aufgelisteten Programme gelten zusätzlich, dass man nach Aktualisierung (AfterUpdate) erneut unter Start und Dienste nachkontrollieren muss!

11.

lade Dir SUPERAntiSpyware FREE Edition herunter.
installiere das Programm und update online.
starte SUPERAntiSpyware und klicke auf "Ihren Computer durchsuchen"
setze ein Häkchen bei "Kompletter Scan" und klicke auf "Weiter"
anschließend alle gefundenen Schadprogramme werden aufgelistet, bei alle Funde Häkchen setzen und mit "OK" bestätigen
auf "Weiter" klicken dann "OK" und auf "Fertig stellen"
um die Ergebnisse anzuzeigen: auf "Präferenzen" dann auf den "Statistiken und Protokolle" klicken
drücke auf "Protokoll anzeigen" - anschließend diesen Bericht bitte speichern und hier posten

12.
Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen.
Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung

13.
-> Führe dann einen Komplett-Systemcheck mit Eset Online Scanner (NOD32)Kostenlose Online Scanner durch
Achtung!: >>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<<

14.
erneut einen Scan mit OTL:

Doppelklick auf die OTL.exe
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Oben findest Du ein Kästchen mit Ausgabe.
Wähle bitte Standard-Ausgabe
Unter Extra-Registrierung wähle bitte Benutze SafeList.
Mache Häckchen bei LOP- und Purity-Prüfung.
Klicke nun auf Scan links oben.
Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

15.
poste erneut - nach der vorgenommenen Reinigungsaktion:
TrendMicro™ HijackThis™ -Logfile - Keine offenen Fenster, solang bis HijackThis läuft!!

► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?

baskos · 10.02.2012, 18:26

Hat arbeitsbedingt leider etwas länger gedauert wie gewünscht, aber nachfolgend nun die Infos und Logs zu den jeweiligen Punkten.

1) Windows Defender deaktivieren: erledigt!

2) vShare.tv deinstallieren: erledigt!

3) IP als Proxy: Dies habe ich nicht extra eingestellt. Jedoch waren die Häkchen unter LAN-Einstellung, die ich entfernen sollte, bereits entfernt!?

4) Fixen mit OTL: erledigt!

Code:

ATTFilter

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0BF43445-2F28-4351-9252-17FE6E806AA0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0BF43445-2F28-4351-9252-17FE6E806AA0}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{01bc9f80-8187-11de-9821-0016ea88e0fc}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01bc9f80-8187-11de-9821-0016ea88e0fc}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{01bc9f80-8187-11de-9821-0016ea88e0fc}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01bc9f80-8187-11de-9821-0016ea88e0fc}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{01bc9f85-8187-11de-9821-0016ea88e0fc}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01bc9f85-8187-11de-9821-0016ea88e0fc}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{01bc9f85-8187-11de-9821-0016ea88e0fc}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01bc9f85-8187-11de-9821-0016ea88e0fc}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{10cf1921-7a2a-11de-bd08-0016ea88e0fc}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10cf1921-7a2a-11de-bd08-0016ea88e0fc}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{10cf1921-7a2a-11de-bd08-0016ea88e0fc}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10cf1921-7a2a-11de-bd08-0016ea88e0fc}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3b02915e-7ce5-11de-9ce6-001dba20e3f6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3b02915e-7ce5-11de-9ce6-001dba20e3f6}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3b02915e-7ce5-11de-9ce6-001dba20e3f6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3b02915e-7ce5-11de-9ce6-001dba20e3f6}\ not found.
File G:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3b029173-7ce5-11de-9ce6-001dba20e3f6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3b029173-7ce5-11de-9ce6-001dba20e3f6}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3b029173-7ce5-11de-9ce6-001dba20e3f6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3b029173-7ce5-11de-9ce6-001dba20e3f6}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3b029175-7ce5-11de-9ce6-001dba20e3f6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3b029175-7ce5-11de-9ce6-001dba20e3f6}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3b029175-7ce5-11de-9ce6-001dba20e3f6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3b029175-7ce5-11de-9ce6-001dba20e3f6}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{61974329-7a29-11de-bdcd-0016ea88e0fc}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{61974329-7a29-11de-bdcd-0016ea88e0fc}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{61974329-7a29-11de-bdcd-0016ea88e0fc}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{61974329-7a29-11de-bdcd-0016ea88e0fc}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fa36a04d-7947-11de-b909-0016ea88e0fc}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fa36a04d-7947-11de-b909-0016ea88e0fc}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fa36a04d-7947-11de-b909-0016ea88e0fc}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fa36a04d-7947-11de-b909-0016ea88e0fc}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fa36a074-7947-11de-b909-0016ea88e0fc}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fa36a074-7947-11de-b909-0016ea88e0fc}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fa36a074-7947-11de-b909-0016ea88e0fc}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fa36a074-7947-11de-b909-0016ea88e0fc}\ not found.
File G:\AutoRun.exe not found.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-785008340-4188271884-3774010068-1003UA.job moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-785008340-4188271884-3774010068-1003Core.job moved successfully.
ADS C:\ProgramData\TEMP:A5B56640 deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Bastian
->Temp folder emptied: 177945620 bytes
->Temporary Internet Files folder emptied: 1264699885 bytes
->Java cache emptied: 97373894 bytes
->FireFox cache emptied: 45080009 bytes
->Flash cache emptied: 470 bytes
 
User: Default
->Temp folder emptied: 16384 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41818 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Mcx1
->Temp folder emptied: 16384 bytes
->Temporary Internet Files folder emptied: 819507 bytes
->Flash cache emptied: 41818 bytes
 
User: Public
 
User: Volumes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 183217340 bytes
RecycleBin emptied: 9700656 bytes
 
Total Files Cleaned = 1.697,00 mb
 
 
OTL by OldTimer - Version 3.2.31.0 log created on 02082012_205643

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

5) Mozilla Firefox aktualisieren: erledigt!

6) Java aktualisieren: erledigt!

7) Adobe Reader aktualisieren: erledigt!

8) CCleaner - System reinigen: erledigt!

9) Hijack downloaden: erledigt!

10) Autostart bereinigen: teilweise erledigt! Einige Programme, die Du in der Liste genannt hattest, konnte ich weder unter msconfig noch mit HijackThis finden. Glaube ich bin zu doof dafür ;-)

11) SuperAntiSpyware - System scannen: erledigt!

Code:

ATTFilter

SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 02/09/2012 at 00:29 AM

Application Version : 5.0.1144

Core Rules Database Version : 8217
Trace Rules Database Version: 6029

Scan type       : Complete Scan
Total Scan Time : 01:28:22

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)

Memory items scanned      : 982
Memory threats detected   : 0
Registry items scanned    : 36561
Registry threats detected : 0
File items scanned        : 51746
File threats detected     : 2

Adware.Tracking Cookie
	C:\Users\Bastian\AppData\Roaming\Microsoft\Windows\Cookies\T1B27AAJ.txt [ /doubleclick.net ]
	C:\USERS\BASTIAN\Cookies\T1B27AAJ.txt [ Cookie:bastian@doubleclick.net/ ]

12) Externe Speichermedien anschließen: erledigt!

13) ESET ONLINESCAN Systemcheck: erledigt!

Code:

ATTFilter

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=07374eca7795734e92a0b687b27bf8d9
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-02-09 09:30:32
# local_time=2012-02-09 10:30:32 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=768 16777215 100 0 36368731 36368731 0 0
# compatibility_mode=5892 16776638 100 100 84587 166339987 0 0
# compatibility_mode=8192 67108863 100 0 3843 3843 0 0
# scanned=251977
# found=0
# cleaned=0
# scan_time=15773

14) Erneuter OTL Scan: erledigt!
OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 10.02.2012 17:34:19 - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Bastian\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,85 Gb Available Physical Memory | 61,74% Memory free
6,19 Gb Paging File | 4,90 Gb Available in Paging File | 79,18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 224,77 Gb Total Space | 16,56 Gb Free Space | 7,37% Space Free | Partition Type: NTFS
 
Computer Name: BASTIAN-PC | User Name: Bastian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.02.07 22:20:20 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Bastian\Desktop\OTL.exe
PRC - [2012.01.18 22:36:04 | 000,277,104 | ---- | M] (Google Inc.) -- C:\Programme\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.11.28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastUI.exe
PRC - [2011.11.28 19:01:23 | 000,127,192 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\afwServ.exe
PRC - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011.11.07 12:29:44 | 002,761,832 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Update 5\VAIOUpdt.exe
PRC - [2011.10.27 17:10:56 | 001,086,568 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Update Common\VUAgent.exe
PRC - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programme\SUPERAntiSpyware\SASCore.exe
PRC - [2011.05.23 08:51:44 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe
PRC - [2010.12.10 18:30:50 | 000,086,880 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2010.12.10 18:29:30 | 029,293,408 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2010.12.10 18:29:30 | 000,238,944 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2010.07.20 16:21:40 | 000,323,280 | ---- | M] (Napster) -- C:\Users\Bastian\Programme\napster.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.03.05 18:47:40 | 000,313,264 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2009.03.05 18:47:40 | 000,192,512 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2009.03.05 18:41:58 | 005,189,992 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2008.07.07 11:28:04 | 000,182,112 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe
PRC - [2008.07.07 11:28:04 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2008.07.03 07:06:17 | 000,104,992 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RTKAUDIOSERVICE.EXE
PRC - [2008.06.27 20:01:36 | 000,299,008 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\Network Utility\NSUService.exe
PRC - [2008.06.27 20:01:34 | 000,262,144 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\Network Utility\LANUtil.exe
PRC - [2008.06.19 18:53:20 | 001,771,360 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Power Management\SPMgr.exe
PRC - [2008.06.19 18:53:20 | 000,411,488 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe
PRC - [2008.04.03 19:03:38 | 000,317,280 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\ISB Utility\ISBMgr.exe
PRC - [2008.01.21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2007.01.04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.12.27 03:51:23 | 005,251,072 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2011.12.26 19:48:18 | 001,691,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3421.42257__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2011.12.26 19:48:18 | 000,290,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3421.42239__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:18 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3421.42258__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2011.12.26 19:48:18 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3421.42313__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:18 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3421.42253__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2011.12.26 19:48:18 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3421.42282__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:18 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3421.42247__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:17 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3421.42331__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2011.12.26 19:48:17 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3421.42332__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2011.12.26 19:48:17 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3421.42247__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2011.12.26 19:48:17 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3421.42295__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:16 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3421.42300__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2011.12.26 19:48:16 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3421.42300__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2011.12.26 19:48:16 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3421.42299__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:13 | 000,811,008 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3421.42284__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2011.12.26 19:48:13 | 000,712,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3421.42248__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2011.12.26 19:48:13 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3421.42308__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2011.12.26 19:48:13 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3421.42259__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2011.12.26 19:48:13 | 000,126,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3421.42293__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2011.12.26 19:48:13 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3421.42284__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:13 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3421.42292__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:12 | 000,589,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3421.42259__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2011.12.26 19:48:12 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3421.42283__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2011.12.26 19:48:12 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3421.42294__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2011.12.26 19:48:12 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3421.42263__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2011.12.26 19:48:12 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3421.42283__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:12 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3421.42263__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:12 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3421.42284__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:12 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3421.42294__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3294.18728__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2011.12.26 19:48:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3294.18709__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2011.12.26 19:48:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3294.18751__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2011.12.26 19:48:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3294.18787__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2011.12.26 19:48:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3294.18795__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2011.12.26 19:48:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3294.18747__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2011.12.26 19:48:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3294.18794__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2011.12.26 19:48:10 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2011.12.26 19:48:09 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3294.18699__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2011.12.26 19:48:09 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3294.18701__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2011.12.26 19:48:09 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3294.18753__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2011.12.26 19:48:09 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3294.18745__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2011.12.26 19:48:09 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3294.18787__90ba9c70f846762e\DEM.OS.dll
MOD - [2011.12.26 19:48:09 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2011.12.26 19:48:08 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3294.18708__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2011.12.26 19:48:08 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3294.18735__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2011.12.26 19:48:08 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2011.12.26 19:48:08 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3294.18832__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2011.12.26 19:48:08 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3294.18737__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2011.12.26 19:48:08 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3294.18731__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2011.12.26 19:48:08 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3294.18717__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2011.12.26 19:48:08 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3294.18755__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2011.12.26 19:48:08 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2011.12.26 19:48:08 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3294.18727__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2011.12.26 19:48:08 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3294.18758__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2011.12.26 19:48:07 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3294.18771__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2011.12.26 19:48:07 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3294.18785__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2011.12.26 19:48:07 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3294.18755__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2011.12.26 19:48:06 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3294.18767__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2011.12.26 19:48:06 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3294.18760__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2011.12.26 19:48:06 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3294.18769__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2011.12.26 19:48:06 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3294.18757__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2011.12.26 19:48:05 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3294.18772__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2011.12.26 19:48:05 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3294.18766__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2011.12.26 19:48:05 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3294.18765__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2011.12.26 19:48:05 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3294.18771__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2011.12.26 19:48:05 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3294.18742__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2011.12.26 19:48:05 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3294.18756__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2011.12.26 19:48:05 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3294.18748__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2011.12.26 19:48:05 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2011.12.26 19:48:05 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3294.18746__90ba9c70f846762e\APM.Foundation.dll
MOD - [2011.12.26 19:48:05 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3294.18728__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2011.12.26 19:48:04 | 000,503,808 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3421.42357__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2011.12.26 19:48:04 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3421.42340__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2011.12.26 19:48:03 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3421.42326__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2011.12.26 19:48:03 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3294.18725__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2011.12.26 19:48:03 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3294.18720__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2011.12.26 19:48:03 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2011.12.26 19:48:03 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2011.12.26 19:48:03 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3421.42234__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2011.12.26 19:48:02 | 000,540,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3421.42321__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2011.12.26 19:48:02 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3421.42252__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2011.12.26 19:48:02 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3421.42236__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2011.12.26 19:48:02 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3421.42325__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2011.12.26 19:48:02 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3421.42238__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2011.12.26 19:48:02 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3294.18750__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2011.12.26 19:48:02 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3294.18714__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2011.12.26 19:48:02 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3294.18748__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2011.12.26 19:48:02 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3294.18745__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2011.12.26 19:48:01 | 001,142,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3421.42243__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2011.12.26 19:48:01 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3294.18740__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2011.12.26 19:48:01 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3294.18744__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2011.12.26 19:48:01 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3294.18774__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2011.12.26 19:48:00 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3421.42237__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2011.12.26 19:48:00 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3421.42236__90ba9c70f846762e\APM.Server.dll
MOD - [2011.12.26 19:48:00 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3421.42235__90ba9c70f846762e\AEM.Server.dll
MOD - [2011.12.26 19:48:00 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2011.12.26 19:48:00 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3421.42326__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2011.07.08 12:53:06 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
MOD - [2011.06.24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.05.04 12:53:15 | 003,182,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2011.03.29 11:53:25 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2011.01.11 20:34:55 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Diagnostics.ServiceModelSink\3.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Diagnostics.ServiceModelSink.dll
MOD - [2010.04.12 13:21:14 | 000,110,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMDiagnostics.dll
MOD - [2010.04.12 13:21:06 | 005,967,872 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
MOD - [2010.04.12 13:21:01 | 000,970,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
MOD - [2010.04.12 13:20:59 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
MOD - [2009.12.09 07:54:50 | 000,495,616 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll
MOD - [2009.07.19 17:00:54 | 000,507,904 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll
MOD - [2009.07.19 17:00:53 | 000,569,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
MOD - [2009.05.14 22:22:46 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2009.03.30 05:42:20 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2009.03.30 05:42:19 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2009.03.30 05:42:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009.03.30 05:42:18 | 000,626,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2009.03.30 05:42:17 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2009.03.30 05:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.03.30 05:42:12 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2009.03.30 05:42:12 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Configuration.resources.dll
MOD - [2009.03.30 05:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.03.30 05:42:10 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
MOD - [2009.02.18 19:38:39 | 000,126,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
MOD - [2008.09.16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2008.08.26 11:41:42 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2008.07.10 13:42:47 | 000,086,016 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SPMCommon\3.1.0.6020__e3c7096ba83f9295\SPMCommon.dll
MOD - [2008.07.10 13:42:47 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SPMDam\3.1.0.6020__1b3c579b6925895f\SPMDam.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.11.28 19:01:23 | 000,127,192 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\afwServ.exe -- (avast! Firewall)
SRV - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.10.27 17:10:56 | 001,086,568 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent)
SRV - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011.01.11 20:44:17 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.09.16 13:27:12 | 000,480,624 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2009.09.08 18:09:14 | 000,083,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2009.04.02 00:15:30 | 000,114,688 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2009.03.05 18:47:40 | 000,313,264 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2009.03.05 18:47:40 | 000,192,512 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2009.03.05 18:47:40 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2009.03.05 18:41:58 | 005,189,992 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2008.07.07 11:28:04 | 000,182,112 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2008.07.03 07:06:17 | 000,104,992 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Windows\RTKAUDIOSERVICE.EXE -- (RtkAudioService)
SRV - [2008.06.27 20:01:36 | 000,299,008 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\Network Utility\NSUService.exe -- (NSUService)
SRV - [2008.06.19 18:53:20 | 000,411,488 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV - [2008.05.20 18:05:40 | 000,353,568 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHDms.exe -- (SOHDms)
SRV - [2008.05.20 18:05:40 | 000,103,712 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe -- (SOHCImp)
SRV - [2008.05.20 18:05:40 | 000,062,752 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHDs.exe -- (SOHDs)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.01.04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.11.28 18:54:38 | 000,111,320 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2011.11.28 18:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.11.28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.11.28 18:53:22 | 000,195,416 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2011.11.28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.11.28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.11.28 18:52:07 | 000,055,128 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011.11.28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.07.22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011.04.01 09:23:02 | 000,037,920 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2010.09.07 16:24:46 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\aswNdis.sys -- (aswNdis)
DRV - [2009.10.19 04:26:06 | 000,474,880 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVerAF35.sys -- (AVerAF35)
DRV - [2009.05.28 22:41:28 | 004,233,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2009.05.15 01:58:02 | 004,304,384 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.06.28 01:33:45 | 000,068,608 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008.06.27 17:37:42 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2008.06.21 01:03:04 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\risdptsk.sys -- (risdptsk)
DRV - [2008.06.10 01:04:47 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008.06.07 01:02:55 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2008.03.10 12:01:26 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2008.01.25 03:14:25 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.04.17 19:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2007.02.08 18:31:02 | 000,041,984 | ---- | M] (Hercules Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HDJMidi.sys -- (HDJMidi)
DRV - [2004.04.06 18:20:34 | 000,022,912 | ---- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ScratchAmp.sys -- (ScratchAmp) ScratchAmp Driver (ScratchAmp.sys)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421
 
========== FireFox ==========
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Program Files\Common Files\mpDRM\NPMPDRM.dll ( )
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Users\Bastian\Programme\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Users\Bastian\Programme\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Users\Bastian\Programme\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Bastian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.29 17:36:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.08 21:24:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.08 21:54:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.08 21:24:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.08 21:54:29 | 000,000,000 | ---D | M]
 
[2012.01.23 20:56:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bastian\AppData\Roaming\mozilla\Extensions
[2012.01.23 20:56:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bastian\AppData\Roaming\mozilla\Extensions\ideskbrowser@haufe.de
[2012.02.08 21:30:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bastian\AppData\Roaming\mozilla\Firefox\Profiles\3b9tu8ju.default\extensions
[2010.08.22 11:14:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Bastian\AppData\Roaming\mozilla\Firefox\Profiles\3b9tu8ju.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.02.08 21:30:26 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Bastian\AppData\Roaming\mozilla\Firefox\Profiles\3b9tu8ju.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.09.25 15:10:09 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Bastian\AppData\Roaming\mozilla\Firefox\Profiles\3b9tu8ju.default\extensions\firefox@tvunetworks.com
[2012.02.08 21:26:13 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Bastian\AppData\Roaming\mozilla\Firefox\Profiles\3b9tu8ju.default\extensions\foxyproxy@eric.h.jung
[2012.02.08 21:42:42 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.02.08 21:42:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2012.01.29 17:12:48 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.02.08 21:41:49 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.07.20 16:21:40 | 000,106,192 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npstrlnk.dll
[2012.01.29 15:02:49 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.01.29 14:50:55 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.01.29 15:02:49 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.29 15:02:49 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.01.29 15:02:49 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.01.29 15:02:49 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Google BAE\BAE.dll (Your Company Name)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {56CF4856-ECB4-4E46-A897-A378821F97B9} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [NapsterShell] C:\Users\Bastian\Programme\napster.exe (Napster)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\Users\Bastian\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Users\Bastian\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1FF9E66F-9D0A-408E-8B29-31348A9B2ED0}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\fluxhttp {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Programme\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax ()
O18 - Protocol\Handler\fluxhttp\0x00000007 {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Programme\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax ()
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (acaptuser32.dll) -C:\Windows\System32\acaptuser32.dll (Adobe Systems, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) -  File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\Bastian\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Bastian\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.02.09 20:33:24 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012.02.08 22:54:09 | 000,000,000 | ---D | C] -- C:\Users\Bastian\AppData\Roaming\SUPERAntiSpyware.com
[2012.02.08 22:53:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012.02.08 22:53:31 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012.02.08 22:53:31 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012.02.08 22:18:41 | 000,000,000 | ---D | C] -- C:\Users\Bastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012.02.08 22:18:40 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012.02.08 21:53:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012.02.08 21:43:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.02.08 21:42:09 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012.02.08 21:42:09 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012.02.08 21:42:09 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012.02.08 20:56:43 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.02.07 22:40:22 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.02.07 22:38:18 | 003,587,688 | ---- | C] (Piriform Ltd) -- C:\Users\Bastian\Desktop\ccsetup315.exe
[2012.02.07 22:20:17 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Bastian\Desktop\OTL.exe
[2012.02.07 18:34:42 | 000,000,000 | ---D | C] -- C:\Users\Bastian\AppData\Roaming\Malwarebytes
[2012.02.07 18:34:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.02.07 18:34:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.02.07 18:34:03 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.02.07 18:34:03 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.02.06 23:18:00 | 000,000,000 | ---D | C] -- C:\Users\Bastian\P5JavaClientSettings
[2012.02.06 19:59:05 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Bastian\Desktop\dds.com
[2012.02.04 19:56:44 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012.01.25 19:51:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2012.01.23 20:56:08 | 000,000,000 | ---D | C] -- C:\Users\Bastian\AppData\Roaming\Haufe Mediengruppe
[2012.01.23 20:56:08 | 000,000,000 | ---D | C] -- C:\Users\Bastian\AppData\Local\Haufe Mediengruppe
[2012.01.23 20:40:01 | 000,000,000 | ---D | C] -- C:\Users\Bastian\AppData\Roaming\Lexware
[2012.01.23 20:29:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft WSE
[2012.01.23 20:27:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Adaptive Server Anywhere 9
[2012.01.23 20:18:36 | 000,000,000 | ---D | C] -- C:\Program Files\Lexware
[2012.01.23 20:16:39 | 000,000,000 | ---D | C] -- C:\ProgramData\lexware
[2012.01.23 20:16:13 | 001,929,216 | ---- | C] (Amyuni Technologies
hxxp://www.amyuni.com) -- C:\Windows\System32\cdintf250.dll
[2012.01.23 20:15:14 | 000,000,000 | ---D | C] -- C:\Program Files\Haufe
[2012.01.23 20:15:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Haufe
[2012.01.23 20:10:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lexware
[2012.01.23 20:10:18 | 000,000,000 | ---D | C] -- C:\Users\Bastian\AppData\Local\Lexware
[2012.01.21 19:23:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.01.21 19:21:58 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.01.21 19:21:55 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.01.11 18:12:52 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012.01.11 18:12:50 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll
[2012.01.11 18:12:47 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012.01.11 18:12:21 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012.01.11 18:12:21 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
 
========== Files - Modified Within 30 Days ==========
 
[2012.02.10 16:48:33 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.10 16:48:33 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.10 16:48:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.09 22:35:48 | 000,002,527 | ---- | M] () -- C:\Users\Bastian\Desktop\HiJackThis.lnk
[2012.02.09 17:58:01 | 000,002,032 | ---- | M] () -- C:\Users\Bastian\AppData\Local\d3d9caps.dat
[2012.02.09 17:56:27 | 000,680,250 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.02.09 17:56:27 | 000,638,028 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.02.09 17:56:27 | 000,148,904 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.02.09 17:56:27 | 000,120,716 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.02.08 22:53:36 | 000,001,800 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.02.08 22:06:56 | 002,334,272 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.02.08 21:41:47 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2012.02.08 21:41:47 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012.02.08 21:41:47 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012.02.08 21:41:47 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012.02.07 22:40:24 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.02.07 22:38:18 | 003,587,688 | ---- | M] (Piriform Ltd) -- C:\Users\Bastian\Desktop\ccsetup315.exe
[2012.02.07 22:20:20 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Bastian\Desktop\OTL.exe
[2012.02.07 18:34:05 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.02.06 20:37:01 | 000,244,401 | ---- | M] () -- C:\Users\Bastian\Desktop\Scan_Fehlermeldung.jpg
[2012.02.06 20:16:27 | 000,302,592 | ---- | M] () -- C:\Users\Bastian\Desktop\0ns9q3h7.exe
[2012.02.06 19:59:07 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Bastian\Desktop\dds.com
[2012.02.06 19:57:22 | 000,000,000 | ---- | M] () -- C:\Users\Bastian\defogger_reenable
[2012.02.06 19:56:38 | 000,050,477 | ---- | M] () -- C:\Users\Bastian\Desktop\Defogger.exe
[2012.02.05 16:22:58 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.02.04 19:53:03 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012.02.04 19:53:03 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012.01.27 00:21:24 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012.01.23 20:35:13 | 000,000,867 | ---- | M] () -- C:\Windows\ODBC.INI
 
========== Files Created - No Company Name ==========
 
[2012.02.08 22:53:36 | 000,001,800 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.02.08 22:18:41 | 000,002,527 | ---- | C] () -- C:\Users\Bastian\Desktop\HiJackThis.lnk
[2012.02.08 21:54:29 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.02.08 21:24:08 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.02.07 22:40:24 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.02.07 18:34:05 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.02.06 20:37:01 | 000,244,401 | ---- | C] () -- C:\Users\Bastian\Desktop\Scan_Fehlermeldung.jpg
[2012.02.06 20:16:26 | 000,302,592 | ---- | C] () -- C:\Users\Bastian\Desktop\0ns9q3h7.exe
[2012.02.06 19:57:22 | 000,000,000 | ---- | C] () -- C:\Users\Bastian\defogger_reenable
[2012.02.06 19:56:38 | 000,050,477 | ---- | C] () -- C:\Users\Bastian\Desktop\Defogger.exe
[2012.02.04 19:53:03 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012.02.04 19:53:03 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012.01.25 20:07:22 | 000,027,136 | ---- | C] () -- C:\Users\Bastian\Desktop\Gerätebestandsverzeichnis.xlt
[2011.12.26 18:19:56 | 000,000,000 | ---- | C] () -- C:\ProgramData\Tremolo
[2011.12.26 18:19:56 | 000,000,000 | ---- | C] () -- C:\ProgramData\Synth Pads
[2011.12.26 17:58:49 | 000,000,268 | RH-- | C] () -- C:\ProgramData\User Pictures
[2011.12.26 17:58:49 | 000,000,268 | RH-- | C] () -- C:\Users\Bastian\AppData\Roaming\Trumpet Section
[2011.12.26 17:58:49 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2011.12.26 17:58:49 | 000,000,012 | RH-- | C] () -- C:\ProgramData\filter
[2011.12.26 17:57:25 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2011.12.26 17:57:25 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2011.12.26 17:57:25 | 000,000,000 | ---- | C] () -- C:\Users\Bastian\AppData\Roaming\Tribal Masks
[2011.09.27 11:16:20 | 000,304,128 | ---- | C] () -- C:\Windows\System32\LxDNT100.dll
[2011.09.27 11:14:14 | 000,133,120 | ---- | C] () -- C:\Windows\System32\LxDNTvmc100.dll
[2011.09.27 11:13:58 | 000,069,120 | ---- | C] () -- C:\Windows\System32\LxDNTvm100.dll
[2011.07.29 18:28:04 | 000,000,475 | ---- | C] () -- C:\Users\Bastian\AppData\Roaming\Poladroid prefs.plist
[2010.11.19 12:35:35 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010.10.21 14:18:46 | 000,303,104 | ---- | C] () -- C:\Windows\System32\dnt27VC8.dll
[2010.10.21 14:16:58 | 000,143,360 | ---- | C] () -- C:\Windows\System32\dntvmc27VC8.dll
[2010.10.21 14:16:34 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dntvm27VC8.dll
[2010.01.09 17:07:21 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009.12.15 11:54:28 | 000,000,571 | ---- | C] () -- C:\Windows\System32\FeMakro.ini
[2009.12.15 11:54:28 | 000,000,497 | ---- | C] () -- C:\Windows\System32\FeAnim.ini
[2009.11.21 18:41:45 | 000,000,867 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.11.18 12:11:26 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2009.10.20 18:41:41 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.10.20 18:41:40 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.05.14 22:22:08 | 000,011,264 | ---- | C] () -- C:\Windows\System32\atimuixx.dll
[2008.11.05 22:42:23 | 000,044,032 | ---- | C] () -- C:\Users\Bastian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.11.05 13:01:12 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.11.05 12:24:41 | 000,002,032 | ---- | C] () -- C:\Users\Bastian\AppData\Local\d3d9caps.dat
[2008.10.29 17:13:34 | 000,180,720 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008.08.12 04:04:26 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2008.07.10 20:07:09 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1511.dll
[2008.07.10 20:07:08 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008.07.10 20:07:08 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008.07.10 20:07:08 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2008.07.10 20:04:31 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.07.10 10:22:18 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008.01.21 08:15:58 | 000,680,250 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 08:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 08:15:58 | 000,148,904 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 08:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 002,334,272 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,638,028 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,120,716 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
 
========== LOP Check ==========
 
[2011.12.20 18:36:39 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\1&1 Mail & Media GmbH
[2010.12.07 21:59:21 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Ableton
[2011.02.17 22:38:06 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Autodesk
[2010.11.23 18:39:55 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Cycling '74
[2008.11.05 23:21:50 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Engelmann Media
[2012.01.23 20:56:08 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Haufe Mediengruppe
[2008.11.05 12:49:12 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\InterVideo
[2010.11.18 17:59:18 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Leadertech
[2012.01.25 18:30:59 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Lexware
[2010.05.21 17:12:19 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Music Editor Free
[2011.12.26 18:06:43 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Nikon
[2011.12.20 19:39:33 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Samsung
[2010.01.02 12:58:53 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\SecondLife
[2009.12.20 22:00:10 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\temp
[2010.05.26 19:09:15 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Utherverse
[2011.07.31 14:05:50 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\uTorrent
[2011.04.24 16:36:28 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Valuga Software
[2012.02.09 23:17:22 | 000,032,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

--- --- ---

baskos · 10.02.2012, 18:27

OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 10.02.2012 17:34:19 - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Bastian\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,85 Gb Available Physical Memory | 61,74% Memory free
6,19 Gb Paging File | 4,90 Gb Available in Paging File | 79,18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 224,77 Gb Total Space | 16,56 Gb Free Space | 7,37% Space Free | Partition Type: NTFS
 
Computer Name: BASTIAN-PC | User Name: Bastian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Users\Bastian\Programme\Microsoft Office 2003\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Users\Bastian\Programme\Microsoft Office 2003\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03C112F9-A491-45B8-9F1F-21A552804F0A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{04D33225-3FE2-4882-BCF2-9E9A1FFC31BC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{0718F758-7E06-4F62-9284-62FEEA485E9D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{0B575A4A-87C6-4416-B6B3-F1718FFCB9C6}" = rport=137 | protocol=17 | dir=out | app=system | 
"{11A81C67-F885-49C9-B55D-6731FF046FD8}" = lport=445 | protocol=6 | dir=in | app=system | 
"{1E906378-BC49-4092-A600-1DF6F25A3C21}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{200EEAB9-FB7B-47DE-9097-C6176F0B7271}" = lport=138 | protocol=17 | dir=in | app=system | 
"{20F04697-D052-4353-9F53-50597956D9DB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{229870DF-B0A2-4A76-A5AF-5140BE4D9571}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{23580D7F-AE79-4E3B-BA76-ABBEBD4B550C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{27C62C85-0054-426E-8A95-8AEAC2DCDDEE}" = lport=10244 | protocol=6 | dir=in | app=system | 
"{343EAE63-7223-4667-A1EA-180C66015DFC}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{394D7F36-FF00-4912-BB92-2AD09174D641}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{43D20E45-0128-45B1-B869-844351DA797C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{52DB79A9-ED1A-473C-BC4F-FDF2B7E065F3}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{539A75D9-89E5-4DB9-B2B9-A43C771AB8CE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{55231671-1BE7-4D7F-B842-D58B1691EE42}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | 
"{5C8F1A01-12B4-4024-874A-640E429A3738}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{5E4CFF6F-6854-41B0-B3C8-D6203D4514E0}" = lport=3390 | protocol=6 | dir=in | app=system | 
"{5F53D89E-8D62-4A85-91F8-576FC9459F95}" = lport=3390 | protocol=6 | dir=in | app=system | 
"{6662BE47-F631-4074-A2AD-49B8A6B4D2EF}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{6A654DBC-B660-4018-AD47-B0DA7A3EB4E5}" = lport=137 | protocol=17 | dir=in | app=system | 
"{6AC03AF5-73C6-432D-9A93-0C3A93305D06}" = rport=139 | protocol=6 | dir=out | app=system | 
"{7333248C-BC18-46F5-AE01-8E69AF4352E8}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{803CEEE7-E385-427F-84F4-16ED5A37546A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{87709004-51F8-437D-92DD-6839C880945B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{8BB3CF04-1439-4F8D-9752-C1FDE0CC68D8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{8D3EB430-E409-412B-BCE6-93735E2D8D7F}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{9107B1FA-57B1-4AC3-AF54-0F63A02A1E5A}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{9FBFCE04-6D0C-4173-BFEF-815FE8D8EA66}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{A0A5B1BD-F055-4932-B931-3F9D143027F4}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{A559E4C8-CF0B-44B3-8F10-9BEFD9B783E8}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | 
"{A7AF8EAD-671D-484C-986F-ECA314B29028}" = rport=10244 | protocol=6 | dir=out | app=system | 
"{AE4A09B1-9044-4AD0-97F0-9563AFF9416B}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{AF95483A-283B-43CC-B79B-87098804D6D0}" = rport=10244 | protocol=6 | dir=out | app=system | 
"{B7F844D0-572A-47EC-BC50-C81FC5298A8D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{BA2C244D-8A5A-4EE3-88F4-FC5A4533226F}" = lport=139 | protocol=6 | dir=in | app=system | 
"{BBE6AB09-7FE0-45C6-9350-4899B6D725A6}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{BE62309A-3703-4F46-8046-9FACDB2FCFC4}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{C1326EF7-C6F5-495D-9E43-87F81CA07FAA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{C86F8C84-6A85-481D-AB7C-E274C3845466}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{D5064BEE-BFE4-4C75-8492-F179F226C33A}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{D9A50334-1933-4114-8880-33A84C73460C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{DDBE4554-1CFD-48F6-A6C4-6F0CA38C9F17}" = rport=445 | protocol=6 | dir=out | app=system | 
"{DDE7BD70-A1BC-4B5A-B473-ECCD19543102}" = rport=138 | protocol=17 | dir=out | app=system | 
"{E3D28DEA-BE5C-4799-8913-0AE894EEB527}" = lport=49162 | protocol=6 | dir=in | name=akamai netsession interface | 
"{E4B3937D-1210-47A1-BBD9-344C6EBD2A99}" = lport=10244 | protocol=6 | dir=in | app=system | 
"{E5F2AE4D-D538-4FE4-B60A-1B869F6B075D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{EAAC9E5F-4CDC-44C7-A196-EAAE4A6C720B}" = rport=2869 | protocol=6 | dir=out | app=system | 
"{F3632969-183C-4693-B800-1B2B5F467A51}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{F4C37D47-A3DC-4D7C-8B89-1ABB68C809F7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{FA4B2700-9FCE-47B3-8050-AF03F5D36DF2}" = lport=54010 | protocol=6 | dir=in | name=samsung allshare slideshow service | 
"{FC213EB0-69CF-47CA-B25B-8CACC6B29CF1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04794231-8C9D-45D7-9082-DEABB842D42A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{07BCE2B9-0192-4893-83B8-4AAB44AD850C}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{16AAC398-9D3A-43EB-9F9E-9125B7DE49BD}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{171BCE79-8989-4350-BF34-F8E5D3D752F6}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{1F0B0422-6423-485D-AE08-DFBF818EBA84}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{22AE0673-5D05-411D-AF7A-BAADB0C1FE20}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{255F2FF5-3398-4E7C-A85A-AACE30918846}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{37FA9B75-34F8-48F4-8B72-BF07A292454C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{3C9C864C-0E95-49C9-805F-24445924F847}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{4B5ED71D-E45D-4AFE-B723-6555FAD6CE5C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{4BC607D3-995D-4455-A46D-265ADBE6D8B1}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe | 
"{4CB5A8CD-81E7-461F-8CE0-965C36C741B2}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe | 
"{4F14A5B6-0C73-4FD7-B141-B8C64025D08F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{58E45D54-ADC2-44E0-BACA-E2E2377ACEBC}" = protocol=17 | dir=in | app=f:\alicesetup.exe | 
"{5EFAC3E5-351F-469B-BA70-67CC18DCE821}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{60DC75CC-B0C7-406F-8F31-B11D8FF757DB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{64E9E53E-0172-45A0-BD52-3881960CF86C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{68417DAE-EA98-4946-B3F5-1B7E028A98FC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{81314383-BDBA-4CFD-AAE8-FF483AE57117}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{8940F01B-664A-43A6-869E-1FE9958435B8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{8CDA1223-0531-4AD8-967A-10E9067E8596}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8FD8D8E1-FD99-440A-8AC4-16FC7048D177}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{95434E62-083F-4C70-BCEE-4EFB224FD78F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9F3A9F73-E2D9-4982-91C6-EDAD65261BD1}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{A2668847-DD69-4B8D-81ED-8C4089353437}" = protocol=6 | dir=out | app=system | 
"{AA766579-D9AD-44B5-BD9C-D0CCBA351387}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe | 
"{AD72E4B3-3B1E-4C32-B945-82C704E1A1C5}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{B27F08AA-BB2C-44A1-BAFE-F9F2102ED84A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{BA0CCA4F-65AE-4448-8558-2F45D2DC42A3}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe | 
"{BF943BE6-CE9B-4838-AF29-0795776B1D28}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{D227107A-4776-4219-9DF9-DAABF3B4F7AB}" = protocol=17 | dir=in | app=c:\users\bastian\appdata\local\akamai\netsession_win.exe | 
"{D28C27C8-954D-4260-A15F-E2E63B33C3E7}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{D7788D23-B9DD-4DA0-BC0D-F550FE6C8B22}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{E09D92BE-AE5E-46CD-8D4B-FDF19189C787}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{E2B237D5-044D-4C72-898A-0A78ABC6466F}" = protocol=6 | dir=in | app=f:\alicesetup.exe | 
"{F3845688-9F29-4A2E-8210-600B8D6F06A4}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 | 
"{FA2D3644-9FC7-40BC-A717-32039143729C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{FB223D8A-A4D2-4A68-86C8-668670C1579A}" = protocol=6 | dir=in | app=c:\users\bastian\appdata\local\akamai\netsession_win.exe | 
"{FEABD6E6-A361-437C-A6A2-4CE956006A6A}" = dir=in | app=c:\users\bastian\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"TCP Query User{27B482AC-A3A8-4E44-89B5-EED29CBD3834}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"TCP Query User{569D5EF2-39E4-42AC-9EC8-3A05F6766C1B}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{706F108D-C336-4129-9032-DCFE17ADC7AD}C:\users\bastian\programme\napster.exe" = protocol=6 | dir=in | app=c:\users\bastian\programme\napster.exe | 
"TCP Query User{8135116D-DB00-42C7-BA77-125FBCC144FE}C:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe" = protocol=6 | dir=in | app=c:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe | 
"TCP Query User{96F2050E-76D3-42EC-A449-D0939BD8A008}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{99B4D563-AE23-4E0C-8E87-42174E34C4F5}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{A48682C0-EC1B-4A3F-831E-CDBB51840E87}C:\users\bastian\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\bastian\appdata\local\akamai\netsession_win.exe | 
"TCP Query User{AA4E226A-39F9-4218-9B91-7C32F04056AC}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"TCP Query User{BABDEE80-6723-4F4F-B22C-22DA6FA638F5}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{C404CEFA-CC40-4D01-8E51-FB90B0803CFB}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"TCP Query User{D28C6848-AF51-478F-B6DC-E39865D3381C}C:\users\bastian\programme\napster.exe" = protocol=6 | dir=in | app=c:\users\bastian\programme\napster.exe | 
"TCP Query User{DC988CDA-545B-4CC1-B7EC-CAE058C3E47E}C:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe" = protocol=6 | dir=in | app=c:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe | 
"TCP Query User{DD2499E6-A59A-46A5-A01F-93AF8B68E6BC}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"TCP Query User{F3C290ED-B9D2-4C44-B7AF-6162C2EC3C6D}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"UDP Query User{0287051C-D1AB-4B57-919A-48F1AC0BEFC0}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"UDP Query User{1350EAC6-0248-487E-9CAA-6DE567145EC6}C:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe" = protocol=17 | dir=in | app=c:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe | 
"UDP Query User{16DAAEFD-4D95-40A7-B6D7-ECDF4EC536B7}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{19DF5B3F-E4AD-4F91-9D52-11E53A5D6196}C:\users\bastian\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\bastian\appdata\local\akamai\netsession_win.exe | 
"UDP Query User{43E4C203-6DAD-4B1D-8F72-431A3BC3983A}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{53C76217-5B2F-4FF0-9900-6E210D215AF6}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{7E1DD749-37F5-40B1-8124-93FD4362F6B2}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{9008E24A-47B8-4C9A-AEDF-6E4F3EBC37F8}C:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe" = protocol=17 | dir=in | app=c:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe | 
"UDP Query User{B1BAB209-8454-4812-8846-7909C1C4381F}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"UDP Query User{B6838499-BF06-4593-9813-5671BC444F44}C:\users\bastian\programme\napster.exe" = protocol=17 | dir=in | app=c:\users\bastian\programme\napster.exe | 
"UDP Query User{DED8C393-1B9B-4D54-BB47-FD3F01DD87A1}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"UDP Query User{E3FF8BFF-3422-4E1F-B2B0-CFDE8528A164}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"UDP Query User{EE46AD3E-4B3D-4923-8DC8-E7AE1420D061}C:\users\bastian\programme\napster.exe" = protocol=17 | dir=in | app=c:\users\bastian\programme\napster.exe | 
"UDP Query User{EF1D2F7C-D8C2-453E-B68E-56FEF123B849}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}" = Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0B9B76C9-4967-59FC-C994-191AEA152F04}" = ATI Catalyst Install Manager
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{12D0BE8D-538C-4AB1-86DE-C540308F50DA}" = VAIO Content Metadata Manager Settings
"{1316AEF2-E086-46C7-B1FB-8C9A39A2ABF9}" = VAIO Media plus
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{14866AAD-1F23-39AC-A62B-7091ED1ADE64}" = Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729
"{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18510937-0146-417B-95D8-14706649C384}" = VAIO Content Metadata Manager Settings
"{1B47F7BA-7CF9-4F00-9340-099E3A004059}" = VAIO Update Merge Module x86
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{2018C019-30D9-4240-8C01-0865C10DCF5A}" = Unterstützung für VAIO-Präsentation
"{202F2838-156B-FC76-013F-9241B9673F39}" = CCC Help Thai
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{26921B2E-3E62-47F9-A514-1FC4A83BD738}" = Intel(R) PROSet/Wireless WiFi-Software
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}" = VAIO Content Metadata XML Interface Library
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2EEC4A52-7705-4BB4-BF45-64008EB5D0F1}" = Audials
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{325ED81A-EC15-7CE8-729B-0392A1DD3854}" = CCC Help Czech
"{326DC400-1FC4-4D7D-946D-06D1EAB93200}" = VAIO Guide
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3B659FAD-E772-44A3-B7E7-560FF084669F}" = VAIO Smart Network
"{3CCA23DD-CEDA-CC7F-C74C-4D1EDAE919AA}" = Catalyst Control Center Graphics Full New
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{42DD2173-B7CA-8AB3-8AC2-40DFE2CA6FBC}" = CCC Help German
"{430DD2C5-65FD-9781-F9F2-693CAF05CD10}" = Catalyst Control Center InstallProxy
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{49B8916D-1DEA-F18A-731F-BF0FE209C63B}" = CCC Help Chinese Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}" = Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox
"{4EEAF8D8-CB79-06CA-A566-EAC1726DAABB}" = CCC Help Finnish
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{540DB82A-EE11-BBC1-8BD8-BB7D937A53A4}" = CCC Help Hungarian
"{566BB41D-F006-4956-A5D3-94D8DFFA7F51}" = Adobe Setup
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5882396B-9FB3-37AC-1AE1-5EA344BD7705}" = Catalyst Control Center Graphics Previews Vista
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5BA149D9-D5FA-5AB3-400B-9F1BF424B7CE}" = CCC Help Chinese Traditional
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}" = 
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}" = Nikon Movie Editor
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Energie Verwaltung
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{624E54D0-E4F4-434F-9EF6-D4D066EE4348}" = Facebook Video Calling 1.1.1.1
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{642F96CC-1D3B-20DE-8673-44EE15B3DC2F}" = CCC Help Portuguese
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D26ACF9-4919-0744-C509-28EAF53112D4}" = CCC Help Dutch
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{710BF966-43C8-4216-A8EC-BC4E169FF7C1}" = MobileMe Control Panel
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71256374-2053-CF0F-BD54-20082980B95C}" = Catalyst Control Center Graphics Full Existing
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{737D8F4D-24D4-D626-DEC0-9E39A6166890}" = CCC Help Danish
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{74B705C2-173A-FFD1-98BC-AD5FB647AB38}" = CCC Help Polish
"{76DAEC83-AF7B-333C-8A53-83D7C7D39199}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU
"{784BDC03-2D22-BCAE-5CAC-84AFA799FBDE}" = CCC Help Turkish
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BD0D8F8-A13C-48D2-B201-4AD29A48AF34}" = Google SketchUp 7
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C404084-C5A6-42FF-B731-0BAC79A6E134}" = VAIO Original Funktion Einstellungen
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8572CE7D-46B0-70B3-96CD-534F07B35F5D}" = CCC Help Italian
"{87544F2E-CCA5-01BC-AEBC-D8C1D759EE61}" = CCC Help English
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BD60AEF-3F9D-47AE-B80A-FB7FFCE335A0}" = VAIO Movie Story
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{8E87B944-4815-3C5E-947F-5035C9F64362}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{90B38901-52C8-85A7-D6C8-9A5592C9FCAA}" = CCC Help Greek
"{91510409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95229EF6-F4A1-413A-BA50-668311FAFE19}" = VAIO Original Function Settings
"{9648D00F-0589-619B-6114-BF2A0620168B}" = CCC Help Korean
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" = 
"{9805E4EE-9B66-CABD-AF6B-4B84F2A8EF46}" = Skins
"{989ED050-E296-4FDC-9E4E-C48B4AF76E32}" = VAIO Content Metadata Intelligent Analyzing Manager
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AC34FA1-BCDE-1D09-5DB7-EB6A064FDEA9}" = CCC Help Spanish
"{9B973FC0-E71F-6F89-10D6-1BFD063D1707}" = CCC Help Swedish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9EAC0E21-510E-4259-A9C6-F5D5B8969036}" = Catalyst Control Center - Branding
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3563827-B0DB-44DC-B037-15CC4E5E692F}" = VAIO Content Metadata XML Interface Library
"{A3979A05-6834-D0A7-75CD-71B5A9E5F4C0}" = Catalyst Control Center Localization All
"{A62F50D4-EED7-4417-A382-E89ABCF11BAC}" = SketchUp DWG Importer
"{A6F21795-E629-35B2-9487-00A8363B28AA}" = Catalyst Control Center Graphics Light
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AEA6A4C2-7C4E-48F9-A770-879DE2EDEE1B}" = OpenMG Secure Module 5.4.00
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B1991F22-4F93-4D11-9866-A7DFE551DF9E}" = VAIO Content Metadata Intelligent Analyzing Manager
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3668C08-EBB1-40F4-B4F9-4F8E13501A7D}" = VAIO Entertainment Platform
"{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}" = Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{BACD22AE-5B6B-4F23-B506-3FCFF13AC137}" = VAIO Media plus
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}" = Adobe Flash Player 10 Plugin
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C0482AA0-9CDF-49B4-9B39-551FD1A7A7E6}" = VAIO Movie Story 1.5 Upgrade
"{C0AD2831-3398-A078-CBEB-39A6B381BB56}" = CCC Help Japanese
"{C18A02EC-966B-E7A7-9AC9-082F770ABF9B}" = CCC Help Russian
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C9C390CC-F9B9-EFE8-27DF-6EB7FF8F8760}" = CCC Help Norwegian
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CD431A7B-88D8-0823-E66F-CCFAEA6DA7B4}" = ccc-core-static
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF0F8D1B-5FB9-468D-BD88-E6239906D2B7}" = Click to Disc
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D47E6B9C-F5A5-23B7-AB6A-3806AD4C9529}" = ccc-utility
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D6DA6836-77C2-5338-10E3-D7A6CD65681D}" = Catalyst Control Center Core Implementation
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA8F979E-43B9-3EEC-721C-F297D9509992}" = Catalyst Control Center Graphics Previews Common
"{DE3BB35E-C0CE-4CA1-9CB4-CD9E69364BD9}" = Adobe Premiere Pro CS4
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" = 
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer
"{FE0782BC-7AB0-CF6A-6E38-D3040462C7EC}" = CCC Help French
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"5513-1208-7298-9440" = JDownloader 0.9
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Any DWG DXF Converter_is1" = Any DWG DXF Converter 2010
"avast" = avast! Internet Security
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DivX Setup" = DivX-Setup
"dt icon module" = 
"ffdshow_is1" = ffdshow v1.1.3562 [2010-09-07]
"gtfirstboot Setting Request" = 
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{AEA6A4C2-7C4E-48F9-A770-879DE2EDEE1B}" = OpenMG Secure Module 5.4.00
"Live 8.1.4" = Live 8.1.4
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"MarketingTools" = VAIO Marketing Tools
"MFU Module" = 
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MKV Player_is1" = MKV Player 1.0
"Mozilla Firefox 10.0 (x86 de)" = Mozilla Firefox 10.0 (x86 de)
"MPKminiEditor" = MPK mini Editor
"ProInst" = Intel PROSet Wireless
"SopCast" = SopCast 3.2.4
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Utherverse VWW Client" = Utherverse VWW Client
"VAIO Help and Support" = 
"Veetle TV" = Veetle TV 0.9.18
"VirtualCloneDrive" = VirtualCloneDrive
"WinRAR archiver" = WinRAR
"YTdetect" = Yahoo! Detect
 
========== Last 10 Event Log Errors ==========
 
[ Antivirus Events ]
Error - 18.11.2009 08:05:03 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 23.11.2009 13:01:06 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 06.05.2010 17:22:17 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 17.07.2010 16:56:18 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 25.07.2010 06:45:04 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 26.07.2010 15:35:11 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 14.08.2010 06:38:27 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 14.09.2010 16:39:58 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 14.10.2010 11:55:56 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 20.11.2010 10:31:38 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
[ Application Events ]
Error - 08.02.2012 17:40:34 | Computer Name = Bastian-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 08.02.2012 17:49:05 | Computer Name = Bastian-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 08.02.2012 17:49:28 | Computer Name = Bastian-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 08.02.2012 20:06:54 | Computer Name = Bastian-PC | Source = MsiInstaller | ID = 1043
Description = 
 
Error - 08.02.2012 23:50:55 | Computer Name = Bastian-PC | Source = MsiInstaller | ID = 1043
Description = 
 
Error - 08.02.2012 23:50:59 | Computer Name = Bastian-PC | Source = MsiInstaller | ID = 1043
Description = 
 
Error - 09.02.2012 12:44:54 | Computer Name = Bastian-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 09.02.2012 12:45:16 | Computer Name = Bastian-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 10.02.2012 11:49:15 | Computer Name = Bastian-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 10.02.2012 11:49:59 | Computer Name = Bastian-PC | Source = WinMgmt | ID = 10
Description = 
 
[ Media Center Events ]
Error - 14.02.2011 15:22:58 | Computer Name = Bastian-PC | Source = Mcx2Dvcs | ID = 401
Description = 
 
[ System Events ]
Error - 09.02.2012 12:45:04 | Computer Name = Bastian-PC | Source = ipnathlp | ID = 34001
Description = ICS_IPV6 konnte den IPv6-Stapel nicht konfigurieren.
 
Error - 09.02.2012 12:45:04 | Computer Name = Bastian-PC | Source = ipnathlp | ID = 30013
Description = Die DHCP-Zuweisung wurde für IP-Adresse 192.168.1.53 deaktiviert, 
da die IP-Adresse außerhalb des Bereichs 192.168.0.0/255.255.255.0 liegt, von der
 die Adressen DHCP-Clients zu gewiesen werden. Ändern Sie den Bereich, sodass die
 IP-Adresse mit einbezogen wird, oder ändern Sie die IP-Adresse, sodass sie innerhalb
 dieses Bereichs liegt, um die DHCP-Zuweisung zu aktivieren.
 
Error - 09.02.2012 12:45:17 | Computer Name = Bastian-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 09.02.2012 12:45:17 | Computer Name = Bastian-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 09.02.2012 12:45:17 | Computer Name = Bastian-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 10.02.2012 11:48:41 | Computer Name = Bastian-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = 
 
Error - 10.02.2012 11:49:21 | Computer Name = Bastian-PC | Source = ipnathlp | ID = 34001
Description = ICS_IPV6 konnte den IPv6-Stapel nicht konfigurieren.
 
Error - 10.02.2012 11:49:21 | Computer Name = Bastian-PC | Source = ipnathlp | ID = 30013
Description = Die DHCP-Zuweisung wurde für IP-Adresse 192.168.1.53 deaktiviert, 
da die IP-Adresse außerhalb des Bereichs 192.168.0.0/255.255.255.0 liegt, von der
 die Adressen DHCP-Clients zu gewiesen werden. Ändern Sie den Bereich, sodass die
 IP-Adresse mit einbezogen wird, oder ändern Sie die IP-Adresse, sodass sie innerhalb
 dieses Bereichs liegt, um die DHCP-Zuweisung zu aktivieren.
 
Error - 10.02.2012 11:50:00 | Computer Name = Bastian-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 10.02.2012 11:50:02 | Computer Name = Bastian-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner 
Fehler ist im Speicher-Manager aufgetreten.
 
 
< End of report >

--- --- ---

15) HijackThis Scan: erledigt!
[code]
HiJackthis Logfile:

Code:

ATTFilter

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:57:21, on 10.02.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Users\Bastian\Programme\napster.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Sony\Network Utility\LANUtil.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;127.0.0.1:9421
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NapsterShell] C:\Users\Bastian\Programme\napster.exe /systray
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\Users\Bastian\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Users\Bastian\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: fluxhttp - {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Program Files\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: acaptuser32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NSUService - Sony Corporation - C:\Program Files\Sony\Network Utility\NSUService.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Windows\RtkAudioService.exe
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDs.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9802 bytes

--- --- ---

So, ich hoffe ich habe die einzelnen Punkte richtig abgearbeitet und Du kannst mit den Daten etwas anfangen.
Probleme kann ich an meinem Rechner keine feststellen, wobei auch dies nie wirklich der Fall war. Auch nicht nach dem sich der Trojaner breit gemacht hat und ich im abgesicherten Modus den ersten Teil abgeschaltet habe. Allerdings bin ich noch etwas beunruhigt, da sich diese Datei (0.30108404442594316.exe) immernoch in meinem Autostart befindet. Allerdings ohne Häkchen, quasi deaktiviert. Kann das zu Problemen führen?

Schönes Wochenende wünsche ich und bereits jetzt ein großes

Grüße, Bastian

kira · 11.02.2012, 09:20

1.

Zitat:

Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)

Fixen mit OTL

Starte die OTL.exe.
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Kopiere folgendes Skript:

Code:

ATTFilter

:OTL
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {56CF4856-ECB4-4E46-A897-A378821F97B9} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - No CLSID value found.

:Commands
[purity]
[emptytemp]

und füge es hier ein:
Schließe alle Programme.
Klicke auf den Fix Button.
Klick auf .
OTL verlangt einen Neustart. Bitte zulassen.
Nach dem Neustart findest Du ein Textdokument.
Kopiere den Inhalt hier in Deinen Thread.

2.
Vor dem nächsten Schritt, also bevor wir weitermachen:
Da jederzeit etwas passieren kann, wenn du wichtige Daten hast die Du sichern möchtest, empfehle ich Dir es jetzt machen (wie Bilder, Musik usw)
►Achte darauf: Die sicherten Daten sollen keine "Ausführbare Dateien" enthalten! - ►Dateiendungen - Dies ist eine Liste von Dateiendungen, die Dateien mit ausführbarem Code bezeichnen können.
Unabhängig von einem Befall (weil ja kann eine Festplatte auch kaputt gehen, oder es gibt andere technische Probleme ), sollte man regelmäßig Sicherung machen und an einem sicheren Ort bewahren, wie CD und DVD, externe Festplatten oder/und USB-Sticks
Mache das jetzt bitte!

3.
Lade Combofix von einem der folgenden Download-Spiegel herunter:

BleepingComputer.com - ForoSpyware.com

und speichere das Programm auf den Desktop, nicht woanders hin, das ist wichtig!
Beachte die ausführliche Original-Anleitung.

Zurzeit ist Combofix auf folgenden Windows-Versionen lauffähig:

Windows XP (nur 32-bit)
Windows 2000 (nur 32-bit)
Windows Vista (32-bit/64-bit)
Windows 7 (32-bit/64-bit)

Vorbereitung und wichtige Hinweise

Bitte während des Scans mit Combofix Antiviren- sowie Antispy-Programme, die Firewall und evtl. vorhandenes Skript-Blocking (Norton) deaktivieren.
Liste der zu deaktivierenden Programme.
Bei Unklarheiten bitte vorher fragen.
Bitte während des Laufs von Combofix nicht in das Combofix-Fenster klicken.
Das könnte Dein System einfrieren oder hängen bleiben lassen.
Es kann circa eine Viertelstunde dauern, bis der Scan fertig ist.
ComboFix wird Deine Einstellungen in Bezug auf den Bildschirmschoner zurücksetzen.
Diese Einstellungen kannst Du nach Beendigung unserer Bereinigung wieder ändern.
Mache nichts anderes, wenn es Dir nicht gelungen ist, Combofix laufen zu lassen.
Teile uns das mit und warte auf unsere Anweisungen.

Kurzanleitung zur Installation der Wiederherstellungskonsole unter XP

Doppelklicke auf die ComboFix.exe und folge den Anweisungen.
Akzeptiere die Bedingungen (Disclaimer) mit "Ja".
ComboFix wird schauen, ob die Microsoft-Windows-Wiederherstellungskonsole installiert ist.
Dies ist Teil des Prozesses. Angesichts der Art von Malware Infizierungen, die es heute gibt, wird dringend empfohlen, diese Wiederherstellungskonsole auf dem PC installiert zu haben, bevor jegliche Reinigung von Malware durchgeführt wird.
Folge den Anweisungen, um ComboFix das Herunterladen und Installieren der Wiederherstellungskonsole zu ermöglichen und stimme dem Lizenzvertrag (EULA) zu, sobald Du dazu aufgefordert wirst.

** Zur Information: Sollte die Wiederherstellungskonsole schon installiert sein, so wird ComboFix seine Malware-Entfernungsprozedur normal fortfahren.

Sobald die Wiederherstellungskonsole durch ComboFix installiert wurde, solltest Du folgende Nachricht sehen:

Klicke "Ja", um mit dem Suchlauf nach Malware fortzufahren.

Wenn ComboFix fertig ist, wird es ein Log erstellen (bitte warten, das dauert einen Moment).
Unbedingt warten, bis sich das Combofix-Fenster geschlossen hat und das Logfile im Editor erscheint.
Bitte poste die Log-Dateien C:\ComboFix.txt und C:\Qoobox\Add-Remove Programs.txt in Code-Tags hier in den Thread.

Hinweis: Combofix macht aus verschiedenen Gründen den Internet Explorer zum Standard-Browser und erstellt ein IE-Icon auf dem Desktop.
Das IE-Desktop-Icon kannst Du nach der Bereinigung wieder löschen und Deinen bevorzugten Browser wieder als Standard-Browser einstellen.

Combofix nicht auf eigene Faust einsetzen. Wenn keine entsprechende Infektion vorliegt, kann das den Rechner lahmlegen und/oder nachhaltig schädigen!

4.
erneut einen Scan mit OTL:

Doppelklick auf die OTL.exe
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Oben findest Du ein Kästchen mit Ausgabe.
Wähle bitte Standard-Ausgabe
Unter Extra-Registrierung wähle bitte Benutze SafeList.
Mache Häckchen bei LOP- und Purity-Prüfung.
Klicke nun auf Scan links oben.
Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

baskos · 12.02.2012, 12:45

Hier nun meine Logs und Anmerkungen zu den jeweiligen Punkten:

1) Fixen mit OTL: erledigt!

Code:

ATTFilter

All processes killed
========== OTL ==========
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{043C5167-00BB-4324-AF7E-62013FAEDACF} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{56CF4856-ECB4-4E46-A897-A378821F97B9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{56CF4856-ECB4-4E46-A897-A378821F97B9}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C424171E-592A-415A-9EB1-DFD6D95D3530} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C424171E-592A-415A-9EB1-DFD6D95D3530}\ not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Bastian
->Temp folder emptied: 313618 bytes
->Temporary Internet Files folder emptied: 55879688 bytes
->Java cache emptied: 7130207 bytes
->FireFox cache emptied: 11721086 bytes
->Flash cache emptied: 470 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Mcx1
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: Volumes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 72,00 mb
 
 
OTL by OldTimer - Version 3.2.31.0 log created on 02112012_222110

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

2) Daten sichern etc.: erledigt! (bzw. sind meine Daten bereits gesichert)

3) Combofix: erledigt!
Hier bin ich mir jedoch nicht ganz sicher ob ich alles richtig gemacht habe, denn nachdem ich das Programm von BleepingComputer.com heruntergeladen habe, startete das Programm automatisch, ohne das ich mit doppelklick bestätigt habe. Des Weiteren konnte ich auch nicht erkennen, ob Combofix geprüft hat, ob ich die Wiederherstellungskonsole installiert habe.
Bevor ich jedoch nochmals das Programm starte, frage ich Dich lieber vorher. Vielleicht war ja auch alles richtig.
[Code]
Combofix Logfile:

Code:

ATTFilter

ComboFix 12-02-11.03 - Bastian 11.02.2012  22:58:33.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.3068.1877 [GMT 1:00]
ausgeführt von:: c:\users\Bastian\Desktop\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\programdata\Roaming\Intel\Wireless\Settings\Settings.ini
c:\users\Volumes\Media
c:\users\Volumes\Media\iTunes\Music\._.DS_Store
c:\users\Volumes\Media\iTunes\Music\.DS_Store
c:\users\Volumes\Media\iTunes\Music\_notes\dwsync.xml
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\36grad\_notes\dwsync.xml
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\36grad\01 Besser Gehts Nicht.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\36grad\02 Mir Kann Nichts Passieren.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\36grad\03 36grad.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\36grad\04 Der Sommer Der Jetzt Nicht War.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\36grad\05 Ich Bin Der Regen.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\36grad\06 Nimm Sie.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\36grad\07 Ja.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\36grad\08 La La La.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\36grad\09 Du Bewegst Dich Richtig.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\36grad\10 Seid Eins.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\36grad\11 Eins Zwei Drei-Tschiu.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\36grad\12 Lotus.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\36grad\13 Bleib Doch Bis Es Schneit.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\Es Wird Morgen\_notes\dwsync.xml
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\Es Wird Morgen\An Einem Sonnigen Tag.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\Es Wird Morgen\Cookies Cream (Hier Ist Der So.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\Es Wird Morgen\Es Wird Sommer.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\Es Wird Morgen\Ich Denk An....mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\Es Wird Morgen\Jemand Faehrt.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\Es Wird Morgen\Machs Einfach.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\Es Wird Morgen\Oben.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\Es Wird Morgen\Sasha (Sex Secret).mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\Es Wird Morgen\Spiel Mit.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\Es Wird Morgen\Wir Sind Die Anderen (Fruehlin.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\Es Wird Morgen\Wolken Ziehen Vorbei.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\Es Wird Morgen\Zentralmassiv.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\In Wirklich\_notes\dwsync.xml
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\In Wirklich\01 Da sind Wir.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\In Wirklich\02 Ich weiÃŸ warum.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\In Wirklich\03 Ich und Elaine.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\In Wirklich\04 Wirklich sein.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\In Wirklich\05 Freie Liebe.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\In Wirklich\06 MaÌˆdchen mit Plan.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\In Wirklich\07 Weil es Liebe ist.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\In Wirklich\08 Mathematik.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\In Wirklich\09 Die Schwere.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\In Wirklich\10 Da stehst Du.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\In Wirklich\11 Wir erinnern uns nicht.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\kommt zusammen\_notes\dwsync.xml
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\kommt zusammen\2 von millionen von sternen.MP3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\kommt zusammen\bleib geschmeidig.MP3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\kommt zusammen\du und ich.MP3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\kommt zusammen\kommt zusammen.MP3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\kommt zusammen\lachen und weinen.MP3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\kommt zusammen\liebe ohne ende.MP3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\kommt zusammen\mit viel gluÌˆck.MP3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\kommt zusammen\nimm mich mit.MP3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\kommt zusammen\sexy girl.MP3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\kommt zusammen\sie kann fliegen.MP3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\kommt zusammen\wir trafen uns in einem garten mit max.MP3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\kommt zusammen\wir trafen uns in einem garten.MP3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\kommt zusammen\wir werden singen.MP3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\Melancholisch SchoÌˆn\_notes\dwsync.xml
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\Melancholisch SchoÌˆn\01 Melancholisch SchoÌˆn.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\Melancholisch SchoÌˆn\02 Sexy Girl (Latin).mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\Melancholisch SchoÌˆn\03 Morgen lass ich dich frei.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\Melancholisch SchoÌˆn\04 Nimm mich mit (Nach Caracas).mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\Melancholisch SchoÌˆn\05 Ich und Elaine (Akustik Version).mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\Melancholisch SchoÌˆn\06 Spiel mit (Akustik Version).mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\Melancholisch SchoÌˆn\07 Verlaufen.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\Melancholisch SchoÌˆn\08 Elisabeth.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\Melancholisch SchoÌˆn\09 Wir trafen uns in einem Garten (Bossa Nova).mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\Melancholisch SchoÌˆn\10 Keiner kommt hier lebend raus.mp3
c:\users\Volumes\Media\iTunes\Music\2raumwohnung\Melancholisch SchoÌˆn\11 Liebe.mp3
c:\users\Volumes\Media\iTunes\Music\4 Hero\Creating Patterns\_notes\dwsync.xml
c:\users\Volumes\Media\iTunes\Music\4 Hero\Creating Patterns\01 Conceptions.mp3
c:\users\Volumes\Media\iTunes\Music\4 Hero\Creating Patterns\02 Time (Feat. Ursula Rucker).mp3
c:\users\Volumes\Media\iTunes\Music\4 Hero\Creating Patterns\03 Golden Solitude.mp3
c:\users\Volumes\Media\iTunes\Music\4 Hero\Creating Patterns\04 Twothesme.mp3
c:\users\Volumes\Media\iTunes\Music\4 Hero\Creating Patterns\05 Another Day (Feat. Jill Scott).mp3
c:\users\Volumes\Media\iTunes\Music\4 Hero\Creating Patterns\06 Hold It Down.mp3
c:\users\Volumes\Media\iTunes\Music\4 Hero\Creating Patterns\07 Unique (Feat. Patricia Marxx).mp3
c:\users\Volumes\Media\iTunes\Music\4 Hero\Creating Patterns\08 Something Nothing.mp3
c:\users\Volumes\Media\iTunes\Music\4 Hero\Creating Patterns\09 Ways Of Thought.mp3
c:\users\Volumes\Media\iTunes\Music\4 Hero\Creating Patterns\10 Eight.mp3
c:\users\Volumes\Media\iTunes\Music\4 Hero\Creating Patterns\11 Twelve Tribes (Feat. Mark Murphy).mp3
c:\users\Volumes\Media\iTunes\Music\4 Hero\Creating Patterns\12 2-BS-74638.mp3
c:\users\Volumes\Media\iTunes\Music\4 Hero\Creating Patterns\13 Les Fleur.mp3
c:\users\Volumes\Media\iTunes\Music\4Hero\Parallel Universe\_notes\dwsync.xml
c:\users\Volumes\Media\iTunes\Music\4Hero\Parallel Universe\02. no imitation.mp3
c:\users\Volumes\Media\iTunes\Music\4Hero\Parallel Universe\03. parallel universe.mp3
c:\users\Volumes\Media\iTunes\Music\4Hero\Parallel Universe\04. talk around town.mp3
c:\users\Volumes\Media\iTunes\Music\4Hero\Parallel Universe\05. follow your heart.mp3
c:\users\Volumes\Media\iTunes\Music\4Hero\Parallel Universe\06. wrinkles in time.mp3
c:\users\Volumes\Media\iTunes\Music\4Hero\Parallel Universe\07. terraforming.mp3
c:\users\Volumes\Media\iTunes\Music\4Hero\Parallel Universe\08. people always criticis.mp3
c:\users\Volumes\Media\iTunes\Music\4Hero\Parallel Universe\09. follow your heart(2).mp3
c:\users\Volumes\Media\iTunes\Music\4Hero\Parallel Universe\10. shadow run.mp3
c:\users\Volumes\Media\iTunes\Music\4Hero\Parallel Universe\11. sunspots.mp3
c:\users\Volumes\Media\iTunes\Music\4Hero\Parallel Universe\12 Sounds From The Black Hole.mp3
c:\users\Volumes\Media\iTunes\Music\4Hero\Parallel Universe\14. solar emissions.mp3
c:\users\Volumes\Media\iTunes\Music\5.6.7.8's\Bomb The rocks\_notes\dwsync.xml
c:\users\Volumes\Media\iTunes\Music\5.6.7.8's\Bomb The rocks\03 three cool chicks.mp3
c:\users\Volumes\Media\iTunes\Music\5.6.7.8's\Bomb The rocks\04 guitar date.mp3
c:\users\Volumes\Media\iTunes\Music\5.6.7.8's\Bomb The rocks\05 woo hoo.mp3
c:\users\Volumes\Media\iTunes\Music\5.6.7.8's\Bomb The rocks\06 dream boy.mp3
c:\users\Volumes\Media\iTunes\Music\5.6.7.8's\Bomb The rocks\07 continental hop.mp3
c:\users\Volumes\Media\iTunes\Music\5.6.7.8's\Bomb The rocks\08 jump jack, jump.mp3
c:\users\Volumes\Media\iTunes\Music\5.6.7.8's\Bomb The rocks\09 smilly willy.mp3
c:\users\Volumes\Media\iTunes\Music\5.6.7.8's\Bomb The rocks\10 mr. lee.mp3
c:\users\Volumes\Media\iTunes\Music\5.6.7.8's\Bomb The rocks\11 it's rainy.mp3
c:\users\Volumes\Media\iTunes\Music\5.6.7.8's\Bomb The rocks\12 road runner.mp3
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-01-11 bis 2012-02-11  ))))))))))))))))))))))))))))))
.
.
2012-02-11 22:08 . 2012-02-11 22:08	--------	d-----w-	c:\users\Bastian\AppData\Local\temp
2012-02-09 19:33 . 2012-02-09 19:33	--------	d-----w-	c:\windows\Sun
2012-02-08 21:54 . 2012-02-08 21:54	--------	d-----w-	c:\users\Bastian\AppData\Roaming\SUPERAntiSpyware.com
2012-02-08 21:53 . 2012-02-08 21:54	--------	d-----w-	c:\program files\SUPERAntiSpyware
2012-02-08 21:53 . 2012-02-08 21:53	--------	d-----w-	c:\programdata\SUPERAntiSpyware.com
2012-02-08 21:18 . 2012-02-08 21:18	388096	----a-r-	c:\users\Bastian\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-02-08 21:18 . 2012-02-08 21:18	--------	d-----w-	c:\program files\Trend Micro
2012-02-08 20:53 . 2012-02-08 20:54	--------	d-----w-	c:\program files\Common Files\Adobe
2012-02-08 20:43 . 2012-02-08 20:43	--------	d-----w-	c:\program files\Common Files\Java
2012-02-08 20:24 . 2012-01-29 16:12	134104	----a-w-	c:\program files\Mozilla Firefox\components\browsercomps.dll
2012-02-08 20:24 . 2012-01-29 16:12	97240	----a-w-	c:\program files\Mozilla Firefox\libEGL.dll
2012-02-08 20:24 . 2012-01-29 16:12	818136	----a-w-	c:\program files\Mozilla Firefox\mozsqlite3.dll
2012-02-08 20:24 . 2012-01-29 16:12	45016	----a-w-	c:\program files\Mozilla Firefox\mozutils.dll
2012-02-08 20:24 . 2012-01-29 16:12	437208	----a-w-	c:\program files\Mozilla Firefox\libGLESv2.dll
2012-02-08 20:24 . 2012-01-29 16:12	1911768	----a-w-	c:\program files\Mozilla Firefox\mozjs.dll
2012-02-08 20:24 . 2012-01-29 16:12	15832	----a-w-	c:\program files\Mozilla Firefox\mozalloc.dll
2012-02-08 20:24 . 2012-01-29 13:35	2106216	----a-w-	c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2012-02-08 20:24 . 2012-01-29 13:35	1998168	----a-w-	c:\program files\Mozilla Firefox\d3dx9_43.dll
2012-02-08 20:24 . 2012-01-29 13:35	626688	----a-w-	c:\program files\Mozilla Firefox\msvcr80.dll
2012-02-08 20:24 . 2012-01-29 13:35	548864	----a-w-	c:\program files\Mozilla Firefox\msvcp80.dll
2012-02-08 20:24 . 2012-01-29 13:35	479232	----a-w-	c:\program files\Mozilla Firefox\msvcm80.dll
2012-02-08 19:56 . 2012-02-08 19:56	--------	d-----w-	C:\_OTL
2012-02-08 18:37 . 2012-01-06 04:19	6557240	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{8EB1CC30-4019-4A4F-BF4E-CD3A74582808}\mpengine.dll
2012-02-07 21:40 . 2012-02-07 21:40	--------	d-----w-	c:\program files\CCleaner
2012-02-07 17:34 . 2012-02-07 17:34	--------	d-----w-	c:\users\Bastian\AppData\Roaming\Malwarebytes
2012-02-07 17:34 . 2012-02-07 17:34	--------	d-----w-	c:\programdata\Malwarebytes
2012-02-07 17:34 . 2012-02-07 17:34	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2012-02-07 17:34 . 2011-12-10 14:24	20464	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-02-06 22:18 . 2012-02-06 22:21	--------	d-----w-	c:\users\Bastian\P5JavaClientSettings
2012-01-25 18:51 . 2012-01-25 18:51	--------	d-----w-	c:\program files\Microsoft CAPICOM 2.1.0.2
2012-01-25 18:50 . 2011-11-17 06:48	440192	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2012-01-25 18:50 . 2011-11-16 16:23	377344	----a-w-	c:\windows\system32\winhttp.dll
2012-01-25 18:50 . 2011-11-16 16:23	72704	----a-w-	c:\windows\system32\secur32.dll
2012-01-25 18:50 . 2011-11-16 16:23	278528	----a-w-	c:\windows\system32\schannel.dll
2012-01-25 18:50 . 2011-11-16 16:21	1259008	----a-w-	c:\windows\system32\lsasrv.dll
2012-01-25 18:50 . 2011-11-16 14:12	9728	----a-w-	c:\windows\system32\lsass.exe
2012-01-23 19:56 . 2012-01-23 19:56	--------	d-----w-	c:\users\Bastian\AppData\Roaming\Haufe Mediengruppe
2012-01-23 19:56 . 2012-01-23 19:56	--------	d-----w-	c:\users\Bastian\AppData\Local\Haufe Mediengruppe
2012-01-23 19:40 . 2012-01-25 17:30	--------	d-----w-	c:\users\Bastian\AppData\Roaming\Lexware
2012-01-23 19:29 . 2012-01-23 19:29	--------	d-----w-	c:\program files\Microsoft WSE
2012-01-23 19:27 . 2012-01-23 19:27	--------	d-----w-	c:\programdata\Adaptive Server Anywhere 9
2012-01-23 19:18 . 2012-01-28 11:29	--------	d-----w-	c:\program files\Lexware
2012-01-23 19:16 . 2012-01-28 11:27	--------	d-----w-	c:\programdata\lexware
2012-01-23 19:16 . 2006-06-26 13:58	1929216	----a-w-	c:\windows\system32\cdintf250.dll
2012-01-23 19:15 . 2012-01-23 19:15	--------	d-----w-	c:\program files\Haufe
2012-01-23 19:15 . 2012-01-23 19:15	--------	d-----w-	c:\programdata\Haufe
2012-01-23 19:10 . 2012-01-28 11:29	--------	d-----w-	c:\program files\Common Files\Lexware
2012-01-23 19:10 . 2012-01-25 17:30	--------	d-----w-	c:\users\Bastian\AppData\Local\Lexware
2012-01-21 18:21 . 2012-01-21 18:21	--------	d-----w-	c:\program files\iPod
2012-01-21 18:21 . 2012-01-21 18:23	--------	d-----w-	c:\program files\iTunes
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-08 20:41 . 2010-05-16 17:28	472808	----a-w-	c:\windows\system32\deployJava1.dll
2012-01-26 23:21 . 2009-10-20 17:27	237072	------w-	c:\windows\system32\MpSigStub.exe
2011-12-26 16:56 . 2003-03-18 17:05	106496	----a-w-	c:\windows\system32\ATL71.DLL
2011-11-28 18:01 . 2010-12-15 19:42	41184	----a-w-	c:\windows\avastSS.scr
2011-11-28 18:01 . 2008-11-05 19:30	199816	----a-w-	c:\windows\system32\aswBoot.exe
2011-11-28 17:54 . 2010-12-15 19:44	111320	----a-w-	c:\windows\system32\drivers\aswFW.sys
2011-11-28 17:53 . 2010-12-15 19:44	435032	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2008-11-05 19:31	314456	----a-w-	c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:53 . 2010-12-15 19:43	195416	----a-w-	c:\windows\system32\drivers\aswNdis2.sys
2011-11-28 17:52 . 2008-11-05 19:31	34392	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2008-11-05 19:31	52952	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2008-11-05 19:30	55128	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2011-11-28 17:51 . 2008-11-05 19:31	20568	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2011-11-25 15:59 . 2012-01-11 17:12	376320	----a-w-	c:\windows\system32\winsrv.dll
2011-11-23 13:37 . 2011-12-15 16:51	2043904	----a-w-	c:\windows\system32\win32k.sys
2011-11-19 20:13 . 2011-05-23 07:50	414368	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-18 20:23 . 2012-01-11 17:12	1205064	----a-w-	c:\windows\system32\ntdll.dll
2011-11-18 17:47 . 2012-01-11 17:12	66560	----a-w-	c:\windows\system32\packager.dll
2012-01-29 16:12 . 2012-02-08 20:24	134104	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01	122512	----a-w-	c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-06-27 262144]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-01-20 4617600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-07-03 6295552]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-10 835584]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-04-03 317280]
"NapsterShell"="c:\users\Bastian\Programme\napster.exe" [2010-07-20 323280]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-05-14 61440]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-01-16 421736]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54	551296	----a-w-	c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2008-07-07 10:28	98304	----a-w-	c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\acaptuser32.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKLM\~\startupfolder\C:^Users^Bastian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^0.30108404442594316.exe.lnk]
path=c:\users\Bastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0.30108404442594316.exe.lnk
backup=c:\windows\pss\0.30108404442594316.exe.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08	1259376	----a-w-	c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2012-01-13 13:53	460872	----a-w-	c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MarketingTools]
2008-08-12 02:55	24576	----a-w-	c:\program files\Sony\Marketing Tools\MarketingTools.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
2009-05-26 22:31	85160	----a-w-	c:\users\Bastian\Programme\Virtual Clone Drive\VirtualCloneDrive\VCDDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23	1008184	----a-w-	c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
IE: An vorhandene PDF-Datei anfügen - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft &Excel exportieren - c:\users\Bastian\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Bastian\AppData\Roaming\Mozilla\Firefox\Profiles\3b9tu8ju.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=
.
.
------- Dateityp-Verknüpfung -------
.
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-Utherverse VWW Client - c:\users\Bastian\Games\Neuer Ordner\VWW\Utherverse VWW Client\Branding\{FF92D786-2E61-4410-8E67-5BC370DB244D}\uninst.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-02-11 23:08
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
.
C:\## aswSnx private storage
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 1
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2012-02-11  23:11:46
ComboFix-quarantined-files.txt  2012-02-11 22:11
.
Vor Suchlauf: 13 Verzeichnis(se), 16.904.998.912 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 16.719.945.728 Bytes frei
.
- - End Of File - - 96820F80E3471C80BBBAF25B8CD0A943

--- --- ---

Add-Remove-Log:

Code:

ATTFilter

7-Zip 9.20
Adobe AIR
Adobe Anchor Service CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Community Help
Adobe CS4 American English Speech Analysis Models
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Dreamweaver CS4
Adobe Dynamiclink Support
Adobe Encore CS4
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Fonts All
Adobe Media Encoder CS4
Adobe Media Encoder CS4 Additional Exporter
Adobe Media Encoder CS4 Dolby
Adobe Media Player
Adobe OnLocation CS4
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Premiere Pro CS4
Adobe Premiere Pro CS4 Functional Content
Adobe Reader X (10.1.2) - Deutsch
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe XMP Panels CS4
AdobeColorCommonSetRGB
Any DWG DXF Converter 2010
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft WebCam Companion 2
ATI Catalyst Install Manager
Audials
avast! Internet Security
Bonjour
Browser Address Error Redirector
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Click to Disc
Click to Disc Editor
Connect
DivX-Setup
Facebook Video Calling 1.1.1.1
ffdshow v1.1.3562 [2010-09-07]
FreeMind
Google SketchUp 7
Google Toolbar for Internet Explorer
HDAUDIO SoftV92 Data Fax Modem with SmartCP
HiJackThis
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
Intel PROSet Wireless
Intel(R) PROSet/Wireless WiFi-Software
iTunes
Java Auto Updater
Java(TM) 6 Update 30
JDownloader 0.9
kuler
Live 8.1.4
Malwarebytes Anti-Malware Version 1.60.1.1000
Microsoft .NET Framework 3.5 Language Pack SP1 - deu
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2003 Web Components
Microsoft Office Professional Edition 2003
Microsoft Office Small Business Connectivity Components
Microsoft Office Visio Professional 2003
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server Native Client
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729
Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729
Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729
Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
Microsoft Visual Studio Tools for Applications 2.0 Runtime
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU
Microsoft WSE 3.0 Runtime
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
MKV Player 1.0
MobileMe Control Panel
Mozilla Firefox 10.0 (x86 de)
MPK mini Editor
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Music Transfer
Napster
Napster Burn Engine
Nikon Movie Editor
OpenMG Secure Module 5.4.00
PDF Settings CS5
PDFCreator
Photoshop Camera Raw
Primo
QuickTime
Realtek High Definition Audio Driver
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio Easy Media Creator 10 LJ
Roxio Easy Media Creator Home
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Setting Utility Series
SketchUp DWG Importer
Skins
Skype™ 3.8
Sony Picture Utility
Sony Video Shared Library
SopCast 3.2.4
Spelling Dictionaries Support For Adobe Reader 8
Suite Shared Configuration CS4
SUPERAntiSpyware
Synaptics Pointing Device Driver
Unterstützung für VAIO-Präsentation
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Utherverse VWW Client
VAIO Content Folder Setting
VAIO Content Metadata Intelligent Analyzing Manager
VAIO Content Metadata Manager Settings
VAIO Content Metadata XML Interface Library
VAIO Control Center
VAIO Data Restore Tool
VAIO DVD Menu Data Basic
VAIO Energie Verwaltung
VAIO Entertainment Platform
VAIO Event Service
VAIO Guide
VAIO Launcher
VAIO Marketing Tools
VAIO Media plus
VAIO Movie Story
VAIO Movie Story 1.5 Upgrade
VAIO Movie Story Template Data
VAIO MusicBox
VAIO MusicBox Sample Music
VAIO Original Function Settings
VAIO Original Funktion Einstellungen
VAIO Smart Network
VAIO Update
VAIO Update Merge Module x86
VAIO Wallpaper Contents
VC80CRTRedist - 8.0.50727.6195
Veetle TV 0.9.18
VirtualCloneDrive
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177
WinDVD for VAIO
WinRAR
Yahoo! Detect

ComboFix-Quarantined-Files:

Code:

ATTFilter

2012-02-11 22:11:05 . 2012-02-11 22:11:05            1,300 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\AddRemove-Utherverse VWW Client.reg.dat
2012-02-11 22:04:18 . 2012-02-11 22:04:18            5,702 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2012-02-11 21:55:29 . 2012-02-11 21:58:33               62 ----a-w-  C:\Qoobox\Quarantine\catchme.log
2010-01-12 20:53:21 . 2010-01-12 20:53:21              272 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\_notes\dwsync.xml.vir
2010-01-12 20:53:21 . 2010-01-12 20:53:21            1,204 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\5.6.7.8's\Bomb The rocks\_notes\dwsync.xml.vir
2010-01-12 20:53:16 . 2010-01-12 20:53:16            1,498 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\4Hero\Parallel Universe\_notes\dwsync.xml.vir
2010-01-12 20:53:09 . 2010-01-12 20:53:09            1,620 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\4 Hero\Creating Patterns\_notes\dwsync.xml.vir
2010-01-12 20:53:02 . 2010-01-12 20:53:02            1,601 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\kommt zusammen\_notes\dwsync.xml.vir
2010-01-12 20:52:52 . 2010-01-12 20:52:52            1,440 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\Melancholisch Schön\_notes\dwsync.xml.vir
2010-01-12 20:52:44 . 2010-01-12 20:52:44            1,351 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\In Wirklich\_notes\dwsync.xml.vir
2010-01-12 20:52:37 . 2010-01-12 20:52:37            1,459 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\Es Wird Morgen\_notes\dwsync.xml.vir
2010-01-12 20:52:31 . 2010-01-12 20:52:31            1,596 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\36grad\_notes\dwsync.xml.vir
2010-01-04 19:01:00 . 2010-01-04 19:01:00           15,364 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\.DS_Store.vir
2010-01-04 02:25:00 . 2010-01-04 02:25:00        5,601,211 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\4 Hero\Creating Patterns\10 Eight.mp3.vir
2010-01-04 02:25:00 . 2010-01-04 02:25:00        6,015,738 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\4 Hero\Creating Patterns\11 Twelve Tribes (Feat. Mark Murphy).mp3.vir
2010-01-04 02:25:00 . 2010-01-04 02:25:00        3,986,607 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\4 Hero\Creating Patterns\12 2-BS-74638.mp3.vir
2010-01-04 02:25:00 . 2010-01-04 02:25:00        6,005,710 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\4 Hero\Creating Patterns\13 Les Fleur.mp3.vir
2010-01-04 02:25:00 . 2010-01-04 02:25:00        6,166,488 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\4Hero\Parallel Universe\02. no imitation.mp3.vir
2010-01-04 02:25:00 . 2010-01-04 02:25:00        6,266,803 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\4Hero\Parallel Universe\03. parallel universe.mp3.vir
2010-01-04 02:25:00 . 2010-01-04 02:25:00        6,426,673 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\4Hero\Parallel Universe\04. talk around town.mp3.vir
2010-01-04 02:25:00 . 2010-01-04 02:25:00        7,646,591 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\4Hero\Parallel Universe\05. follow your heart.mp3.vir
2010-01-04 02:25:00 . 2010-01-04 02:25:00        7,306,477 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\4Hero\Parallel Universe\06. wrinkles in time.mp3.vir
2010-01-04 02:25:00 . 2010-01-04 02:25:00        6,026,473 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\4Hero\Parallel Universe\07. terraforming.mp3.vir
2010-01-04 02:25:00 . 2010-01-04 02:25:00        3,105,899 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\4Hero\Parallel Universe\08. people always criticis.mp3.vir
2010-01-04 02:25:00 . 2010-01-04 02:25:00        8,406,757 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\4Hero\Parallel Universe\09. follow your heart(2).mp3.vir
2010-01-04 02:25:00 . 2010-01-04 02:25:00        3,046,422 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\4Hero\Parallel Universe\10. shadow run.mp3.vir
2010-01-04 02:25:00 . 2010-01-04 02:25:00        7,846,680 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\4Hero\Parallel Universe\11. sunspots.mp3.vir
2010-01-04 02:25:00 . 2010-01-04 02:25:00        7,646,610 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\4Hero\Parallel Universe\12 Sounds From The Black Hole.mp3.vir
2010-01-04 02:25:00 . 2010-01-04 02:25:00        5,987,194 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\4Hero\Parallel Universe\14. solar emissions.mp3.vir
2010-01-04 02:25:00 . 2010-01-04 02:25:00        5,400,866 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\5.6.7.8's\Bomb The rocks\03 three cool chicks.mp3.vir
2010-01-04 02:25:00 . 2010-01-04 02:25:00        5,958,442 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\5.6.7.8's\Bomb The rocks\04 guitar date.mp3.vir
2010-01-04 02:25:00 . 2010-01-04 02:25:00        4,248,517 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\5.6.7.8's\Bomb The rocks\05 woo hoo.mp3.vir
2010-01-04 02:25:00 . 2010-01-04 02:25:00        6,734,805 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\5.6.7.8's\Bomb The rocks\06 dream boy.mp3.vir
2010-01-04 02:25:00 . 2010-01-04 02:25:00        4,696,362 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\5.6.7.8's\Bomb The rocks\07 continental hop.mp3.vir
2010-01-04 02:25:00 . 2010-01-04 02:25:00        4,647,955 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\5.6.7.8's\Bomb The rocks\08 jump jack, jump.mp3.vir
2010-01-04 02:25:00 . 2010-01-04 02:25:00        4,234,576 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\5.6.7.8's\Bomb The rocks\09 smilly willy.mp3.vir
2010-01-04 02:25:00 . 2010-01-04 02:25:00        4,667,844 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\5.6.7.8's\Bomb The rocks\10 mr. lee.mp3.vir
2010-01-04 02:25:00 . 2010-01-04 02:25:00        4,069,947 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\5.6.7.8's\Bomb The rocks\11 it's rainy.mp3.vir
2010-01-04 02:25:00 . 2010-01-04 02:25:00        5,039,815 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\5.6.7.8's\Bomb The rocks\12 road runner.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        4,807,336 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\36grad\01 Besser Gehts Nicht.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        5,616,768 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\36grad\02 Mir Kann Nichts Passieren.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        5,415,246 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\36grad\03 36grad.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        5,776,302 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\36grad\04 Der Sommer Der Jetzt Nicht War.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        4,593,049 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\36grad\05 Ich Bin Der Regen.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        5,107,286 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\36grad\06 Nimm Sie.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        6,854,646 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\36grad\07 Ja.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        5,595,275 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\36grad\08 La La La.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        6,112,082 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\36grad\09 Du Bewegst Dich Richtig.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        6,025,635 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\36grad\10 Seid Eins.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        5,228,677 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\36grad\11 Eins Zwei Drei-Tschiu.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        5,722,447 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\36grad\12 Lotus.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        6,407,154 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\36grad\13 Bleib Doch Bis Es Schneit.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        6,540,567 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\Es Wird Morgen\An Einem Sonnigen Tag.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        6,088,111 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\Es Wird Morgen\Cookies Cream (Hier Ist Der So.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        5,904,580 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\Es Wird Morgen\Es Wird Sommer.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        5,069,242 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\Es Wird Morgen\Ich Denk An....mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        6,175,790 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\Es Wird Morgen\Jemand Faehrt.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        5,258,155 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\Es Wird Morgen\Machs Einfach.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        7,389,171 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\Es Wird Morgen\Oben.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        5,305,344 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\Es Wird Morgen\Sasha (Sex Secret).mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        5,199,822 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\Es Wird Morgen\Spiel Mit.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        5,161,830 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\Es Wird Morgen\Wir Sind Die Anderen (Fruehlin.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        6,233,701 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\Es Wird Morgen\Wolken Ziehen Vorbei.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        5,936,113 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\Es Wird Morgen\Zentralmassiv.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        8,341,486 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\In Wirklich\01 Da sind Wir.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        5,611,133 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\In Wirklich\02 Ich weiß warum.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        5,377,095 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\In Wirklich\03 Ich und Elaine.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        7,080,050 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\In Wirklich\04 Wirklich sein.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        6,644,199 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\In Wirklich\05 Freie Liebe.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        6,679,439 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\In Wirklich\06 Mädchen mit Plan.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        7,041,810 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\In Wirklich\07 Weil es Liebe ist.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        6,540,252 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\In Wirklich\08 Mathematik.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        6,211,659 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\In Wirklich\09 Die Schwere.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        8,420,303 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\In Wirklich\10 Da stehst Du.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        7,967,177 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\In Wirklich\11 Wir erinnern uns nicht.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        9,227,883 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\kommt zusammen\2 von millionen von sternen.MP3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        9,480,917 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\kommt zusammen\bleib geschmeidig.MP3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        6,504,750 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\kommt zusammen\du und ich.MP3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        7,510,472 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\kommt zusammen\kommt zusammen.MP3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00       10,765,849 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\kommt zusammen\lachen und weinen.MP3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        7,535,543 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\kommt zusammen\liebe ohne ende.MP3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        7,333,247 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\kommt zusammen\mit viel glück.MP3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        6,939,929 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\kommt zusammen\nimm mich mit.MP3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        9,208,399 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\kommt zusammen\sexy girl.MP3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        9,571,204 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\kommt zusammen\sie kann fliegen.MP3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00       11,108,630 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\kommt zusammen\wir trafen uns in einem garten mit max.MP3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        7,166,046 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\kommt zusammen\wir trafen uns in einem garten.MP3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        9,224,265 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\kommt zusammen\wir werden singen.MP3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        5,642,375 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\Melancholisch Schön\01 Melancholisch Schön.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        7,015,895 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\Melancholisch Schön\02 Sexy Girl (Latin).mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        5,376,284 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\Melancholisch Schön\03 Morgen lass ich dich frei.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        5,766,251 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\Melancholisch Schön\04 Nimm mich mit (Nach Caracas).mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        5,862,087 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\Melancholisch Schön\05 Ich und Elaine (Akustik Version).mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        7,690,935 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\Melancholisch Schön\06 Spiel mit (Akustik Version).mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        7,197,811 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\Melancholisch Schön\07 Verlaufen.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        7,931,952 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\Melancholisch Schön\08 Elisabeth.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        8,572,034 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\Melancholisch Schön\09 Wir trafen uns in einem Garten (Bossa Nova).mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        6,050,197 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\Melancholisch Schön\10 Keiner kommt hier lebend raus.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        6,611,700 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\2raumwohnung\Melancholisch Schön\11 Liebe.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        5,580,786 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\4 Hero\Creating Patterns\01 Conceptions.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        4,621,287 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\4 Hero\Creating Patterns\02 Time (Feat. Ursula Rucker).mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        6,798,422 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\4 Hero\Creating Patterns\03 Golden Solitude.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        5,947,321 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\4 Hero\Creating Patterns\04 Twothesme.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        4,919,455 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\4 Hero\Creating Patterns\05 Another Day (Feat. Jill Scott).mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        5,147,526 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\4 Hero\Creating Patterns\06 Hold It Down.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        4,687,601 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\4 Hero\Creating Patterns\07 Unique (Feat. Patricia Marxx).mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        2,679,297 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\4 Hero\Creating Patterns\08 Something Nothing.mp3.vir
2010-01-04 02:24:00 . 2010-01-04 02:24:00        4,464,485 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\4 Hero\Creating Patterns\09 Ways Of Thought.mp3.vir
2009-12-07 03:06:00 . 2009-12-07 03:06:00               82 ----a-w-  C:\Qoobox\Quarantine\C\Users\Volumes\Media\iTunes\Music\._.DS_Store.vir
2008-08-12 03:09:55 . 2008-08-12 03:09:55              143 ----a-w-  C:\Qoobox\Quarantine\C\ProgramData\Roaming\Intel\Wireless\Settings\Settings.ini.vir

baskos · 12.02.2012, 12:48

4) Erneuter OTL scan: erledigt!
OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 11.02.2012 23:23:41 - Run 3
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Bastian\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,02 Gb Available Physical Memory | 67,51% Memory free
6,19 Gb Paging File | 5,28 Gb Available in Paging File | 85,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 224,77 Gb Total Space | 15,63 Gb Free Space | 6,95% Space Free | Partition Type: NTFS
 
Computer Name: BASTIAN-PC | User Name: Bastian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.02.07 22:20:20 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Bastian\Desktop\OTL.exe
PRC - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.11.28 19:01:23 | 000,127,192 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\afwServ.exe
PRC - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011.11.07 12:29:44 | 002,761,832 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Update 5\VAIOUpdt.exe
PRC - [2011.10.27 17:10:56 | 001,086,568 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Update Common\VUAgent.exe
PRC - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programme\SUPERAntiSpyware\SASCore.exe
PRC - [2010.12.10 18:30:50 | 000,086,880 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2010.12.10 18:29:30 | 029,293,408 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2010.12.10 18:29:30 | 000,238,944 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2010.07.20 16:21:40 | 000,323,280 | ---- | M] (Napster) -- C:\Users\Bastian\Programme\napster.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.03.05 18:47:40 | 000,313,264 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2009.03.05 18:47:40 | 000,192,512 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2009.03.05 18:41:58 | 005,189,992 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2008.07.07 11:28:04 | 000,182,112 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe
PRC - [2008.07.07 11:28:04 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2008.07.03 07:06:17 | 000,104,992 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RTKAUDIOSERVICE.EXE
PRC - [2008.06.27 20:01:36 | 000,299,008 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\Network Utility\NSUService.exe
PRC - [2008.06.27 20:01:34 | 000,262,144 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\Network Utility\LANUtil.exe
PRC - [2008.06.19 18:53:20 | 000,411,488 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe
PRC - [2008.04.03 19:03:38 | 000,317,280 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\ISB Utility\ISBMgr.exe
PRC - [2008.01.21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2007.01.04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.12.27 03:51:23 | 005,251,072 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2011.12.26 19:48:18 | 001,691,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3421.42257__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2011.12.26 19:48:18 | 000,290,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3421.42239__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:18 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3421.42258__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2011.12.26 19:48:18 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3421.42313__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:18 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3421.42253__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2011.12.26 19:48:18 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3421.42282__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:18 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3421.42247__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:17 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3421.42331__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2011.12.26 19:48:17 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3421.42332__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2011.12.26 19:48:17 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3421.42247__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2011.12.26 19:48:17 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3421.42295__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:16 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3421.42300__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2011.12.26 19:48:16 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3421.42300__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2011.12.26 19:48:16 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3421.42299__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:13 | 000,811,008 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3421.42284__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2011.12.26 19:48:13 | 000,712,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3421.42248__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2011.12.26 19:48:13 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3421.42308__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2011.12.26 19:48:13 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3421.42259__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2011.12.26 19:48:13 | 000,126,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3421.42293__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2011.12.26 19:48:13 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3421.42284__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:13 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3421.42292__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:12 | 000,589,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3421.42259__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2011.12.26 19:48:12 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3421.42283__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2011.12.26 19:48:12 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3421.42294__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2011.12.26 19:48:12 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3421.42263__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2011.12.26 19:48:12 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3421.42283__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:12 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3421.42263__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:12 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3421.42284__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:12 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3421.42294__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3294.18728__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2011.12.26 19:48:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3294.18709__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2011.12.26 19:48:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3294.18751__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2011.12.26 19:48:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3294.18787__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2011.12.26 19:48:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3294.18795__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2011.12.26 19:48:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3294.18747__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2011.12.26 19:48:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3294.18794__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2011.12.26 19:48:10 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2011.12.26 19:48:09 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3294.18699__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2011.12.26 19:48:09 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3294.18701__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2011.12.26 19:48:09 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3294.18753__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2011.12.26 19:48:09 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3294.18745__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2011.12.26 19:48:09 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3294.18787__90ba9c70f846762e\DEM.OS.dll
MOD - [2011.12.26 19:48:09 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2011.12.26 19:48:08 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3294.18708__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2011.12.26 19:48:08 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3294.18735__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2011.12.26 19:48:08 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2011.12.26 19:48:08 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3294.18832__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2011.12.26 19:48:08 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3294.18737__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2011.12.26 19:48:08 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3294.18731__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2011.12.26 19:48:08 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3294.18717__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2011.12.26 19:48:08 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3294.18755__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2011.12.26 19:48:08 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2011.12.26 19:48:08 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3294.18727__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2011.12.26 19:48:08 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3294.18758__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2011.12.26 19:48:07 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3294.18771__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2011.12.26 19:48:07 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3294.18785__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2011.12.26 19:48:07 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3294.18755__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2011.12.26 19:48:06 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3294.18767__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2011.12.26 19:48:06 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3294.18760__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2011.12.26 19:48:06 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3294.18769__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2011.12.26 19:48:06 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3294.18757__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2011.12.26 19:48:05 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3294.18772__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2011.12.26 19:48:05 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3294.18766__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2011.12.26 19:48:05 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3294.18765__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2011.12.26 19:48:05 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3294.18771__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2011.12.26 19:48:05 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3294.18742__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2011.12.26 19:48:05 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3294.18756__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2011.12.26 19:48:05 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3294.18748__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2011.12.26 19:48:05 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2011.12.26 19:48:05 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3294.18746__90ba9c70f846762e\APM.Foundation.dll
MOD - [2011.12.26 19:48:05 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3294.18728__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2011.12.26 19:48:04 | 000,503,808 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3421.42357__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2011.12.26 19:48:04 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3421.42340__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2011.12.26 19:48:03 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3421.42326__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2011.12.26 19:48:03 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3294.18725__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2011.12.26 19:48:03 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3294.18720__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2011.12.26 19:48:03 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2011.12.26 19:48:03 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2011.12.26 19:48:03 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3421.42234__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2011.12.26 19:48:02 | 000,540,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3421.42321__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2011.12.26 19:48:02 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3421.42252__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2011.12.26 19:48:02 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3421.42236__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2011.12.26 19:48:02 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3421.42325__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2011.12.26 19:48:02 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3421.42238__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2011.12.26 19:48:02 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3294.18750__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2011.12.26 19:48:02 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3294.18714__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2011.12.26 19:48:02 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3294.18748__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2011.12.26 19:48:02 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3294.18745__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2011.12.26 19:48:01 | 001,142,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3421.42243__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2011.12.26 19:48:01 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3294.18740__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2011.12.26 19:48:01 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3294.18744__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2011.12.26 19:48:01 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3294.18774__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2011.12.26 19:48:00 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3421.42237__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2011.12.26 19:48:00 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3421.42236__90ba9c70f846762e\APM.Server.dll
MOD - [2011.12.26 19:48:00 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3421.42235__90ba9c70f846762e\AEM.Server.dll
MOD - [2011.12.26 19:48:00 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2011.12.26 19:48:00 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3421.42326__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2011.07.08 12:53:06 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
MOD - [2011.06.24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.05.04 12:53:15 | 003,182,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2011.03.29 11:53:25 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2009.05.14 22:22:46 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2009.03.30 05:42:20 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2009.03.30 05:42:19 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2009.03.30 05:42:18 | 000,626,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2009.03.30 05:42:17 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2009.03.30 05:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.03.30 05:42:12 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2009.03.30 05:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.03.30 05:42:10 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
MOD - [2008.09.16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2008.08.26 11:41:42 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.11.28 19:01:23 | 000,127,192 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\afwServ.exe -- (avast! Firewall)
SRV - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.10.27 17:10:56 | 001,086,568 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent)
SRV - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011.01.11 20:44:17 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.09.16 13:27:12 | 000,480,624 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2009.09.08 18:09:14 | 000,083,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2009.04.02 00:15:30 | 000,114,688 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2009.03.05 18:47:40 | 000,313,264 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2009.03.05 18:47:40 | 000,192,512 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2009.03.05 18:47:40 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2009.03.05 18:41:58 | 005,189,992 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2008.07.07 11:28:04 | 000,182,112 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2008.07.03 07:06:17 | 000,104,992 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Windows\RTKAUDIOSERVICE.EXE -- (RtkAudioService)
SRV - [2008.06.27 20:01:36 | 000,299,008 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\Network Utility\NSUService.exe -- (NSUService)
SRV - [2008.06.19 18:53:20 | 000,411,488 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV - [2008.05.20 18:05:40 | 000,353,568 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHDms.exe -- (SOHDms)
SRV - [2008.05.20 18:05:40 | 000,103,712 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe -- (SOHCImp)
SRV - [2008.05.20 18:05:40 | 000,062,752 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHDs.exe -- (SOHDs)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.01.04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.11.28 18:54:38 | 000,111,320 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2011.11.28 18:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.11.28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.11.28 18:53:22 | 000,195,416 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2011.11.28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.11.28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.11.28 18:52:07 | 000,055,128 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011.11.28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.07.22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011.04.01 09:23:02 | 000,037,920 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2010.09.07 16:24:46 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\aswNdis.sys -- (aswNdis)
DRV - [2009.10.19 04:26:06 | 000,474,880 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVerAF35.sys -- (AVerAF35)
DRV - [2009.05.28 22:41:28 | 004,233,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2009.05.15 01:58:02 | 004,304,384 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.06.28 01:33:45 | 000,068,608 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008.06.27 17:37:42 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2008.06.21 01:03:04 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\risdptsk.sys -- (risdptsk)
DRV - [2008.06.10 01:04:47 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008.06.07 01:02:55 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2008.03.10 12:01:26 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2008.01.25 03:14:25 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.04.17 19:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2007.02.08 18:31:02 | 000,041,984 | ---- | M] (Hercules Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HDJMidi.sys -- (HDJMidi)
DRV - [2004.04.06 18:20:34 | 000,022,912 | ---- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ScratchAmp.sys -- (ScratchAmp) ScratchAmp Driver (ScratchAmp.sys)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Program Files\Common Files\mpDRM\NPMPDRM.dll ( )
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Users\Bastian\Programme\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Users\Bastian\Programme\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Users\Bastian\Programme\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Bastian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.29 17:36:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.08 21:24:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.08 21:54:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.08 21:24:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.08 21:54:29 | 000,000,000 | ---D | M]
 
[2012.01.23 20:56:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bastian\AppData\Roaming\mozilla\Extensions
[2012.01.23 20:56:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bastian\AppData\Roaming\mozilla\Extensions\ideskbrowser@haufe.de
[2012.02.08 21:30:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bastian\AppData\Roaming\mozilla\Firefox\Profiles\3b9tu8ju.default\extensions
[2010.08.22 11:14:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Bastian\AppData\Roaming\mozilla\Firefox\Profiles\3b9tu8ju.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.02.08 21:30:26 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Bastian\AppData\Roaming\mozilla\Firefox\Profiles\3b9tu8ju.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.09.25 15:10:09 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Bastian\AppData\Roaming\mozilla\Firefox\Profiles\3b9tu8ju.default\extensions\firefox@tvunetworks.com
[2012.02.08 21:26:13 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Bastian\AppData\Roaming\mozilla\Firefox\Profiles\3b9tu8ju.default\extensions\foxyproxy@eric.h.jung
[2012.02.08 21:42:42 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.02.08 21:42:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2012.01.29 17:12:48 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.02.08 21:41:49 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.07.20 16:21:40 | 000,106,192 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npstrlnk.dll
[2012.01.29 15:02:49 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.01.29 14:50:55 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.01.29 15:02:49 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.29 15:02:49 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.01.29 15:02:49 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.01.29 15:02:49 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.02.11 23:08:33 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Google BAE\BAE.dll (Your Company Name)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [NapsterShell] C:\Users\Bastian\Programme\napster.exe (Napster)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\Users\Bastian\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Users\Bastian\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1FF9E66F-9D0A-408E-8B29-31348A9B2ED0}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\fluxhttp {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Programme\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax ()
O18 - Protocol\Handler\fluxhttp\0x00000007 {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Programme\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax ()
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\System32\acaptuser32.dll) -C:\Windows\System32\acaptuser32.dll (Adobe Systems, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) -  File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\Bastian\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Bastian\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.02.11 23:19:13 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012.02.11 23:11:51 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.02.11 23:11:48 | 000,000,000 | ---D | C] -- C:\Users\Bastian\AppData\Local\temp
[2012.02.11 22:55:34 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.02.11 22:55:34 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.02.11 22:55:34 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.02.11 22:55:29 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012.02.11 22:55:28 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012.02.11 22:41:22 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.02.11 22:39:12 | 004,402,217 | R--- | C] (Swearware) -- C:\Users\Bastian\Desktop\ComboFix.exe
[2012.02.09 20:33:24 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012.02.08 22:54:09 | 000,000,000 | ---D | C] -- C:\Users\Bastian\AppData\Roaming\SUPERAntiSpyware.com
[2012.02.08 22:53:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012.02.08 22:53:31 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012.02.08 22:53:31 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012.02.08 22:18:41 | 000,000,000 | ---D | C] -- C:\Users\Bastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012.02.08 22:18:40 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012.02.08 21:53:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012.02.08 21:43:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.02.08 21:42:09 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012.02.08 21:42:09 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012.02.08 21:42:09 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012.02.08 20:56:43 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.02.07 22:40:22 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.02.07 22:20:17 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Bastian\Desktop\OTL.exe
[2012.02.07 18:34:42 | 000,000,000 | ---D | C] -- C:\Users\Bastian\AppData\Roaming\Malwarebytes
[2012.02.07 18:34:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.02.07 18:34:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.02.07 18:34:03 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.02.07 18:34:03 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.02.06 23:18:00 | 000,000,000 | ---D | C] -- C:\Users\Bastian\P5JavaClientSettings
[2012.02.06 19:59:05 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Bastian\Desktop\dds.com
[2012.02.04 19:56:44 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012.01.25 19:51:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2012.01.23 20:56:08 | 000,000,000 | ---D | C] -- C:\Users\Bastian\AppData\Roaming\Haufe Mediengruppe
[2012.01.23 20:56:08 | 000,000,000 | ---D | C] -- C:\Users\Bastian\AppData\Local\Haufe Mediengruppe
[2012.01.23 20:40:01 | 000,000,000 | ---D | C] -- C:\Users\Bastian\AppData\Roaming\Lexware
[2012.01.23 20:29:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft WSE
[2012.01.23 20:27:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Adaptive Server Anywhere 9
[2012.01.23 20:18:36 | 000,000,000 | ---D | C] -- C:\Program Files\Lexware
[2012.01.23 20:16:39 | 000,000,000 | ---D | C] -- C:\ProgramData\lexware
[2012.01.23 20:16:13 | 001,929,216 | ---- | C] (Amyuni Technologies
hxxp://www.amyuni.com) -- C:\Windows\System32\cdintf250.dll
[2012.01.23 20:15:14 | 000,000,000 | ---D | C] -- C:\Program Files\Haufe
[2012.01.23 20:15:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Haufe
[2012.01.23 20:10:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lexware
[2012.01.23 20:10:18 | 000,000,000 | ---D | C] -- C:\Users\Bastian\AppData\Local\Lexware
[2012.01.21 19:23:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.01.21 19:21:58 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.01.21 19:21:55 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
 
========== Files - Modified Within 30 Days ==========
 
[2012.02.11 23:19:46 | 000,000,435 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2012.02.11 23:19:21 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.11 23:19:21 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.11 23:19:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.11 23:08:33 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.02.11 22:39:43 | 004,402,217 | R--- | M] (Swearware) -- C:\Users\Bastian\Desktop\ComboFix.exe
[2012.02.10 17:55:11 | 000,002,527 | ---- | M] () -- C:\Users\Bastian\Desktop\HiJackThis.lnk
[2012.02.09 17:58:01 | 000,002,032 | ---- | M] () -- C:\Users\Bastian\AppData\Local\d3d9caps.dat
[2012.02.09 17:56:27 | 000,680,250 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.02.09 17:56:27 | 000,638,028 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.02.09 17:56:27 | 000,148,904 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.02.09 17:56:27 | 000,120,716 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.02.08 22:53:36 | 000,001,800 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.02.08 22:06:56 | 002,334,272 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.02.08 21:41:47 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2012.02.08 21:41:47 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012.02.08 21:41:47 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012.02.08 21:41:47 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012.02.07 22:40:24 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.02.07 22:20:20 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Bastian\Desktop\OTL.exe
[2012.02.07 18:34:05 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.02.06 20:16:27 | 000,302,592 | ---- | M] () -- C:\Users\Bastian\Desktop\0ns9q3h7.exe
[2012.02.06 19:59:07 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Bastian\Desktop\dds.com
[2012.02.06 19:57:22 | 000,000,000 | ---- | M] () -- C:\Users\Bastian\defogger_reenable
[2012.02.06 19:56:38 | 000,050,477 | ---- | M] () -- C:\Users\Bastian\Desktop\Defogger.exe
[2012.02.05 16:22:58 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.02.04 19:53:03 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012.02.04 19:53:03 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012.01.27 00:21:24 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012.01.23 20:35:13 | 000,000,867 | ---- | M] () -- C:\Windows\ODBC.INI
 
========== Files Created - No Company Name ==========
 
[2012.02.11 22:55:34 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.02.11 22:55:34 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.02.11 22:55:34 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.02.11 22:55:34 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.02.11 22:55:34 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.02.08 22:53:36 | 000,001,800 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.02.08 22:18:41 | 000,002,527 | ---- | C] () -- C:\Users\Bastian\Desktop\HiJackThis.lnk
[2012.02.08 21:54:29 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.02.08 21:24:08 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.02.07 22:40:24 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.02.07 18:34:05 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.02.06 20:16:26 | 000,302,592 | ---- | C] () -- C:\Users\Bastian\Desktop\0ns9q3h7.exe
[2012.02.06 19:57:22 | 000,000,000 | ---- | C] () -- C:\Users\Bastian\defogger_reenable
[2012.02.06 19:56:38 | 000,050,477 | ---- | C] () -- C:\Users\Bastian\Desktop\Defogger.exe
[2012.02.04 19:53:03 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012.02.04 19:53:03 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012.01.25 20:07:22 | 000,027,136 | ---- | C] () -- C:\Users\Bastian\Desktop\Gerätebestandsverzeichnis.xlt
[2011.12.26 18:19:56 | 000,000,000 | ---- | C] () -- C:\ProgramData\Tremolo
[2011.12.26 18:19:56 | 000,000,000 | ---- | C] () -- C:\ProgramData\Synth Pads
[2011.12.26 17:58:49 | 000,000,268 | RH-- | C] () -- C:\ProgramData\User Pictures
[2011.12.26 17:58:49 | 000,000,268 | RH-- | C] () -- C:\Users\Bastian\AppData\Roaming\Trumpet Section
[2011.12.26 17:58:49 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2011.12.26 17:58:49 | 000,000,012 | RH-- | C] () -- C:\ProgramData\filter
[2011.12.26 17:57:25 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2011.12.26 17:57:25 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2011.12.26 17:57:25 | 000,000,000 | ---- | C] () -- C:\Users\Bastian\AppData\Roaming\Tribal Masks
[2011.09.27 11:16:20 | 000,304,128 | ---- | C] () -- C:\Windows\System32\LxDNT100.dll
[2011.09.27 11:14:14 | 000,133,120 | ---- | C] () -- C:\Windows\System32\LxDNTvmc100.dll
[2011.09.27 11:13:58 | 000,069,120 | ---- | C] () -- C:\Windows\System32\LxDNTvm100.dll
[2011.07.29 18:28:04 | 000,000,475 | ---- | C] () -- C:\Users\Bastian\AppData\Roaming\Poladroid prefs.plist
[2010.11.19 12:35:35 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010.10.21 14:18:46 | 000,303,104 | ---- | C] () -- C:\Windows\System32\dnt27VC8.dll
[2010.10.21 14:16:58 | 000,143,360 | ---- | C] () -- C:\Windows\System32\dntvmc27VC8.dll
[2010.10.21 14:16:34 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dntvm27VC8.dll
[2010.01.09 17:07:21 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009.12.15 11:54:28 | 000,000,571 | ---- | C] () -- C:\Windows\System32\FeMakro.ini
[2009.12.15 11:54:28 | 000,000,497 | ---- | C] () -- C:\Windows\System32\FeAnim.ini
[2009.11.21 18:41:45 | 000,000,867 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.11.18 12:11:26 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2009.10.20 18:41:41 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.10.20 18:41:40 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.05.14 22:22:08 | 000,011,264 | ---- | C] () -- C:\Windows\System32\atimuixx.dll
[2008.11.05 22:42:23 | 000,044,032 | ---- | C] () -- C:\Users\Bastian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.11.05 13:01:12 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.11.05 12:24:41 | 000,002,032 | ---- | C] () -- C:\Users\Bastian\AppData\Local\d3d9caps.dat
[2008.10.29 17:13:34 | 000,180,720 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008.08.12 04:04:26 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2008.07.10 20:07:09 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1511.dll
[2008.07.10 20:07:08 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008.07.10 20:07:08 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008.07.10 20:07:08 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2008.07.10 20:04:31 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.07.10 10:22:18 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008.01.21 08:15:58 | 000,680,250 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 08:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 08:15:58 | 000,148,904 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 08:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 002,334,272 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,638,028 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,120,716 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
 
========== LOP Check ==========
 
[2011.12.20 18:36:39 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\1&1 Mail & Media GmbH
[2010.12.07 21:59:21 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Ableton
[2011.02.17 22:38:06 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Autodesk
[2010.11.23 18:39:55 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Cycling '74
[2008.11.05 23:21:50 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Engelmann Media
[2012.01.23 20:56:08 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Haufe Mediengruppe
[2008.11.05 12:49:12 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\InterVideo
[2010.11.18 17:59:18 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Leadertech
[2012.01.25 18:30:59 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Lexware
[2010.05.21 17:12:19 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Music Editor Free
[2011.12.26 18:06:43 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Nikon
[2011.12.20 19:39:33 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Samsung
[2010.01.02 12:58:53 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\SecondLife
[2009.12.20 22:00:10 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\temp
[2010.05.26 19:09:15 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Utherverse
[2011.07.31 14:05:50 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\uTorrent
[2011.04.24 16:36:28 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Valuga Software
[2012.02.11 23:18:14 | 000,032,578 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

--- --- ---

baskos · 12.02.2012, 12:49

OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 11.02.2012 23:23:41 - Run 3
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Bastian\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,02 Gb Available Physical Memory | 67,51% Memory free
6,19 Gb Paging File | 5,28 Gb Available in Paging File | 85,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 224,77 Gb Total Space | 15,63 Gb Free Space | 6,95% Space Free | Partition Type: NTFS
 
Computer Name: BASTIAN-PC | User Name: Bastian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Users\Bastian\Programme\Microsoft Office 2003\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03C112F9-A491-45B8-9F1F-21A552804F0A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{04D33225-3FE2-4882-BCF2-9E9A1FFC31BC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{0718F758-7E06-4F62-9284-62FEEA485E9D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{0B575A4A-87C6-4416-B6B3-F1718FFCB9C6}" = rport=137 | protocol=17 | dir=out | app=system | 
"{11A81C67-F885-49C9-B55D-6731FF046FD8}" = lport=445 | protocol=6 | dir=in | app=system | 
"{1E906378-BC49-4092-A600-1DF6F25A3C21}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{200EEAB9-FB7B-47DE-9097-C6176F0B7271}" = lport=138 | protocol=17 | dir=in | app=system | 
"{20F04697-D052-4353-9F53-50597956D9DB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{229870DF-B0A2-4A76-A5AF-5140BE4D9571}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{23580D7F-AE79-4E3B-BA76-ABBEBD4B550C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{27C62C85-0054-426E-8A95-8AEAC2DCDDEE}" = lport=10244 | protocol=6 | dir=in | app=system | 
"{343EAE63-7223-4667-A1EA-180C66015DFC}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{394D7F36-FF00-4912-BB92-2AD09174D641}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{43D20E45-0128-45B1-B869-844351DA797C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{52DB79A9-ED1A-473C-BC4F-FDF2B7E065F3}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{539A75D9-89E5-4DB9-B2B9-A43C771AB8CE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{55231671-1BE7-4D7F-B842-D58B1691EE42}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | 
"{5C8F1A01-12B4-4024-874A-640E429A3738}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{5E4CFF6F-6854-41B0-B3C8-D6203D4514E0}" = lport=3390 | protocol=6 | dir=in | app=system | 
"{5F53D89E-8D62-4A85-91F8-576FC9459F95}" = lport=3390 | protocol=6 | dir=in | app=system | 
"{6662BE47-F631-4074-A2AD-49B8A6B4D2EF}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{6A654DBC-B660-4018-AD47-B0DA7A3EB4E5}" = lport=137 | protocol=17 | dir=in | app=system | 
"{6AC03AF5-73C6-432D-9A93-0C3A93305D06}" = rport=139 | protocol=6 | dir=out | app=system | 
"{7333248C-BC18-46F5-AE01-8E69AF4352E8}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{803CEEE7-E385-427F-84F4-16ED5A37546A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{87709004-51F8-437D-92DD-6839C880945B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{8BB3CF04-1439-4F8D-9752-C1FDE0CC68D8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{8D3EB430-E409-412B-BCE6-93735E2D8D7F}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{9107B1FA-57B1-4AC3-AF54-0F63A02A1E5A}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{9FBFCE04-6D0C-4173-BFEF-815FE8D8EA66}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{A0A5B1BD-F055-4932-B931-3F9D143027F4}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{A559E4C8-CF0B-44B3-8F10-9BEFD9B783E8}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | 
"{A7AF8EAD-671D-484C-986F-ECA314B29028}" = rport=10244 | protocol=6 | dir=out | app=system | 
"{AE4A09B1-9044-4AD0-97F0-9563AFF9416B}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{AF95483A-283B-43CC-B79B-87098804D6D0}" = rport=10244 | protocol=6 | dir=out | app=system | 
"{B7F844D0-572A-47EC-BC50-C81FC5298A8D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{BA2C244D-8A5A-4EE3-88F4-FC5A4533226F}" = lport=139 | protocol=6 | dir=in | app=system | 
"{BBE6AB09-7FE0-45C6-9350-4899B6D725A6}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{BE62309A-3703-4F46-8046-9FACDB2FCFC4}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{C1326EF7-C6F5-495D-9E43-87F81CA07FAA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{C86F8C84-6A85-481D-AB7C-E274C3845466}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{D5064BEE-BFE4-4C75-8492-F179F226C33A}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{D9A50334-1933-4114-8880-33A84C73460C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{DDBE4554-1CFD-48F6-A6C4-6F0CA38C9F17}" = rport=445 | protocol=6 | dir=out | app=system | 
"{DDE7BD70-A1BC-4B5A-B473-ECCD19543102}" = rport=138 | protocol=17 | dir=out | app=system | 
"{E3D28DEA-BE5C-4799-8913-0AE894EEB527}" = lport=49162 | protocol=6 | dir=in | name=akamai netsession interface | 
"{E4B3937D-1210-47A1-BBD9-344C6EBD2A99}" = lport=10244 | protocol=6 | dir=in | app=system | 
"{E5F2AE4D-D538-4FE4-B60A-1B869F6B075D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{EAAC9E5F-4CDC-44C7-A196-EAAE4A6C720B}" = rport=2869 | protocol=6 | dir=out | app=system | 
"{F3632969-183C-4693-B800-1B2B5F467A51}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{F4C37D47-A3DC-4D7C-8B89-1ABB68C809F7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{FA4B2700-9FCE-47B3-8050-AF03F5D36DF2}" = lport=54010 | protocol=6 | dir=in | name=samsung allshare slideshow service | 
"{FC213EB0-69CF-47CA-B25B-8CACC6B29CF1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04794231-8C9D-45D7-9082-DEABB842D42A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{07BCE2B9-0192-4893-83B8-4AAB44AD850C}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{16AAC398-9D3A-43EB-9F9E-9125B7DE49BD}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{171BCE79-8989-4350-BF34-F8E5D3D752F6}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{1F0B0422-6423-485D-AE08-DFBF818EBA84}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{22AE0673-5D05-411D-AF7A-BAADB0C1FE20}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{255F2FF5-3398-4E7C-A85A-AACE30918846}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{37FA9B75-34F8-48F4-8B72-BF07A292454C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{3C9C864C-0E95-49C9-805F-24445924F847}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{4B5ED71D-E45D-4AFE-B723-6555FAD6CE5C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{4BC607D3-995D-4455-A46D-265ADBE6D8B1}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe | 
"{4CB5A8CD-81E7-461F-8CE0-965C36C741B2}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe | 
"{4F14A5B6-0C73-4FD7-B141-B8C64025D08F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{58E45D54-ADC2-44E0-BACA-E2E2377ACEBC}" = protocol=17 | dir=in | app=f:\alicesetup.exe | 
"{5EFAC3E5-351F-469B-BA70-67CC18DCE821}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{60DC75CC-B0C7-406F-8F31-B11D8FF757DB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{64E9E53E-0172-45A0-BD52-3881960CF86C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{68417DAE-EA98-4946-B3F5-1B7E028A98FC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{81314383-BDBA-4CFD-AAE8-FF483AE57117}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{8940F01B-664A-43A6-869E-1FE9958435B8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{8CDA1223-0531-4AD8-967A-10E9067E8596}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8FD8D8E1-FD99-440A-8AC4-16FC7048D177}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{95434E62-083F-4C70-BCEE-4EFB224FD78F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9F3A9F73-E2D9-4982-91C6-EDAD65261BD1}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{A2668847-DD69-4B8D-81ED-8C4089353437}" = protocol=6 | dir=out | app=system | 
"{AA766579-D9AD-44B5-BD9C-D0CCBA351387}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe | 
"{AD72E4B3-3B1E-4C32-B945-82C704E1A1C5}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{B27F08AA-BB2C-44A1-BAFE-F9F2102ED84A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{BA0CCA4F-65AE-4448-8558-2F45D2DC42A3}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe | 
"{BF943BE6-CE9B-4838-AF29-0795776B1D28}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{D227107A-4776-4219-9DF9-DAABF3B4F7AB}" = protocol=17 | dir=in | app=c:\users\bastian\appdata\local\akamai\netsession_win.exe | 
"{D28C27C8-954D-4260-A15F-E2E63B33C3E7}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{D7788D23-B9DD-4DA0-BC0D-F550FE6C8B22}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{E09D92BE-AE5E-46CD-8D4B-FDF19189C787}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{E2B237D5-044D-4C72-898A-0A78ABC6466F}" = protocol=6 | dir=in | app=f:\alicesetup.exe | 
"{F3845688-9F29-4A2E-8210-600B8D6F06A4}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 | 
"{FA2D3644-9FC7-40BC-A717-32039143729C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{FB223D8A-A4D2-4A68-86C8-668670C1579A}" = protocol=6 | dir=in | app=c:\users\bastian\appdata\local\akamai\netsession_win.exe | 
"{FEABD6E6-A361-437C-A6A2-4CE956006A6A}" = dir=in | app=c:\users\bastian\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"TCP Query User{27B482AC-A3A8-4E44-89B5-EED29CBD3834}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"TCP Query User{569D5EF2-39E4-42AC-9EC8-3A05F6766C1B}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{706F108D-C336-4129-9032-DCFE17ADC7AD}C:\users\bastian\programme\napster.exe" = protocol=6 | dir=in | app=c:\users\bastian\programme\napster.exe | 
"TCP Query User{8135116D-DB00-42C7-BA77-125FBCC144FE}C:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe" = protocol=6 | dir=in | app=c:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe | 
"TCP Query User{96F2050E-76D3-42EC-A449-D0939BD8A008}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{99B4D563-AE23-4E0C-8E87-42174E34C4F5}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{A48682C0-EC1B-4A3F-831E-CDBB51840E87}C:\users\bastian\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\bastian\appdata\local\akamai\netsession_win.exe | 
"TCP Query User{AA4E226A-39F9-4218-9B91-7C32F04056AC}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"TCP Query User{BABDEE80-6723-4F4F-B22C-22DA6FA638F5}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{C404CEFA-CC40-4D01-8E51-FB90B0803CFB}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"TCP Query User{D28C6848-AF51-478F-B6DC-E39865D3381C}C:\users\bastian\programme\napster.exe" = protocol=6 | dir=in | app=c:\users\bastian\programme\napster.exe | 
"TCP Query User{DC988CDA-545B-4CC1-B7EC-CAE058C3E47E}C:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe" = protocol=6 | dir=in | app=c:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe | 
"TCP Query User{DD2499E6-A59A-46A5-A01F-93AF8B68E6BC}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"TCP Query User{F3C290ED-B9D2-4C44-B7AF-6162C2EC3C6D}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"UDP Query User{0287051C-D1AB-4B57-919A-48F1AC0BEFC0}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"UDP Query User{1350EAC6-0248-487E-9CAA-6DE567145EC6}C:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe" = protocol=17 | dir=in | app=c:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe | 
"UDP Query User{16DAAEFD-4D95-40A7-B6D7-ECDF4EC536B7}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{19DF5B3F-E4AD-4F91-9D52-11E53A5D6196}C:\users\bastian\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\bastian\appdata\local\akamai\netsession_win.exe | 
"UDP Query User{43E4C203-6DAD-4B1D-8F72-431A3BC3983A}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{53C76217-5B2F-4FF0-9900-6E210D215AF6}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{7E1DD749-37F5-40B1-8124-93FD4362F6B2}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{9008E24A-47B8-4C9A-AEDF-6E4F3EBC37F8}C:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe" = protocol=17 | dir=in | app=c:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe | 
"UDP Query User{B1BAB209-8454-4812-8846-7909C1C4381F}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"UDP Query User{B6838499-BF06-4593-9813-5671BC444F44}C:\users\bastian\programme\napster.exe" = protocol=17 | dir=in | app=c:\users\bastian\programme\napster.exe | 
"UDP Query User{DED8C393-1B9B-4D54-BB47-FD3F01DD87A1}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"UDP Query User{E3FF8BFF-3422-4E1F-B2B0-CFDE8528A164}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"UDP Query User{EE46AD3E-4B3D-4923-8DC8-E7AE1420D061}C:\users\bastian\programme\napster.exe" = protocol=17 | dir=in | app=c:\users\bastian\programme\napster.exe | 
"UDP Query User{EF1D2F7C-D8C2-453E-B68E-56FEF123B849}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}" = Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0B9B76C9-4967-59FC-C994-191AEA152F04}" = ATI Catalyst Install Manager
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{12D0BE8D-538C-4AB1-86DE-C540308F50DA}" = VAIO Content Metadata Manager Settings
"{1316AEF2-E086-46C7-B1FB-8C9A39A2ABF9}" = VAIO Media plus
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{14866AAD-1F23-39AC-A62B-7091ED1ADE64}" = Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729
"{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18510937-0146-417B-95D8-14706649C384}" = VAIO Content Metadata Manager Settings
"{1B47F7BA-7CF9-4F00-9340-099E3A004059}" = VAIO Update Merge Module x86
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{2018C019-30D9-4240-8C01-0865C10DCF5A}" = Unterstützung für VAIO-Präsentation
"{202F2838-156B-FC76-013F-9241B9673F39}" = CCC Help Thai
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{26921B2E-3E62-47F9-A514-1FC4A83BD738}" = Intel(R) PROSet/Wireless WiFi-Software
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}" = VAIO Content Metadata XML Interface Library
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2EEC4A52-7705-4BB4-BF45-64008EB5D0F1}" = Audials
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{325ED81A-EC15-7CE8-729B-0392A1DD3854}" = CCC Help Czech
"{326DC400-1FC4-4D7D-946D-06D1EAB93200}" = VAIO Guide
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3B659FAD-E772-44A3-B7E7-560FF084669F}" = VAIO Smart Network
"{3CCA23DD-CEDA-CC7F-C74C-4D1EDAE919AA}" = Catalyst Control Center Graphics Full New
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{42DD2173-B7CA-8AB3-8AC2-40DFE2CA6FBC}" = CCC Help German
"{430DD2C5-65FD-9781-F9F2-693CAF05CD10}" = Catalyst Control Center InstallProxy
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{49B8916D-1DEA-F18A-731F-BF0FE209C63B}" = CCC Help Chinese Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}" = Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox
"{4EEAF8D8-CB79-06CA-A566-EAC1726DAABB}" = CCC Help Finnish
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{540DB82A-EE11-BBC1-8BD8-BB7D937A53A4}" = CCC Help Hungarian
"{566BB41D-F006-4956-A5D3-94D8DFFA7F51}" = Adobe Setup
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5882396B-9FB3-37AC-1AE1-5EA344BD7705}" = Catalyst Control Center Graphics Previews Vista
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5BA149D9-D5FA-5AB3-400B-9F1BF424B7CE}" = CCC Help Chinese Traditional
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}" = 
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}" = Nikon Movie Editor
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Energie Verwaltung
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{624E54D0-E4F4-434F-9EF6-D4D066EE4348}" = Facebook Video Calling 1.1.1.1
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{642F96CC-1D3B-20DE-8673-44EE15B3DC2F}" = CCC Help Portuguese
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D26ACF9-4919-0744-C509-28EAF53112D4}" = CCC Help Dutch
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{710BF966-43C8-4216-A8EC-BC4E169FF7C1}" = MobileMe Control Panel
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71256374-2053-CF0F-BD54-20082980B95C}" = Catalyst Control Center Graphics Full Existing
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{737D8F4D-24D4-D626-DEC0-9E39A6166890}" = CCC Help Danish
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{74B705C2-173A-FFD1-98BC-AD5FB647AB38}" = CCC Help Polish
"{76DAEC83-AF7B-333C-8A53-83D7C7D39199}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU
"{784BDC03-2D22-BCAE-5CAC-84AFA799FBDE}" = CCC Help Turkish
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BD0D8F8-A13C-48D2-B201-4AD29A48AF34}" = Google SketchUp 7
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C404084-C5A6-42FF-B731-0BAC79A6E134}" = VAIO Original Funktion Einstellungen
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8572CE7D-46B0-70B3-96CD-534F07B35F5D}" = CCC Help Italian
"{87544F2E-CCA5-01BC-AEBC-D8C1D759EE61}" = CCC Help English
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BD60AEF-3F9D-47AE-B80A-FB7FFCE335A0}" = VAIO Movie Story
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{8E87B944-4815-3C5E-947F-5035C9F64362}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{90B38901-52C8-85A7-D6C8-9A5592C9FCAA}" = CCC Help Greek
"{91510409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95229EF6-F4A1-413A-BA50-668311FAFE19}" = VAIO Original Function Settings
"{9648D00F-0589-619B-6114-BF2A0620168B}" = CCC Help Korean
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" = 
"{9805E4EE-9B66-CABD-AF6B-4B84F2A8EF46}" = Skins
"{989ED050-E296-4FDC-9E4E-C48B4AF76E32}" = VAIO Content Metadata Intelligent Analyzing Manager
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AC34FA1-BCDE-1D09-5DB7-EB6A064FDEA9}" = CCC Help Spanish
"{9B973FC0-E71F-6F89-10D6-1BFD063D1707}" = CCC Help Swedish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9EAC0E21-510E-4259-A9C6-F5D5B8969036}" = Catalyst Control Center - Branding
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3563827-B0DB-44DC-B037-15CC4E5E692F}" = VAIO Content Metadata XML Interface Library
"{A3979A05-6834-D0A7-75CD-71B5A9E5F4C0}" = Catalyst Control Center Localization All
"{A62F50D4-EED7-4417-A382-E89ABCF11BAC}" = SketchUp DWG Importer
"{A6F21795-E629-35B2-9487-00A8363B28AA}" = Catalyst Control Center Graphics Light
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AEA6A4C2-7C4E-48F9-A770-879DE2EDEE1B}" = OpenMG Secure Module 5.4.00
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B1991F22-4F93-4D11-9866-A7DFE551DF9E}" = VAIO Content Metadata Intelligent Analyzing Manager
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3668C08-EBB1-40F4-B4F9-4F8E13501A7D}" = VAIO Entertainment Platform
"{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}" = Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{BACD22AE-5B6B-4F23-B506-3FCFF13AC137}" = VAIO Media plus
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}" = Adobe Flash Player 10 Plugin
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C0482AA0-9CDF-49B4-9B39-551FD1A7A7E6}" = VAIO Movie Story 1.5 Upgrade
"{C0AD2831-3398-A078-CBEB-39A6B381BB56}" = CCC Help Japanese
"{C18A02EC-966B-E7A7-9AC9-082F770ABF9B}" = CCC Help Russian
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C9C390CC-F9B9-EFE8-27DF-6EB7FF8F8760}" = CCC Help Norwegian
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CD431A7B-88D8-0823-E66F-CCFAEA6DA7B4}" = ccc-core-static
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF0F8D1B-5FB9-468D-BD88-E6239906D2B7}" = Click to Disc
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D47E6B9C-F5A5-23B7-AB6A-3806AD4C9529}" = ccc-utility
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D6DA6836-77C2-5338-10E3-D7A6CD65681D}" = Catalyst Control Center Core Implementation
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA8F979E-43B9-3EEC-721C-F297D9509992}" = Catalyst Control Center Graphics Previews Common
"{DE3BB35E-C0CE-4CA1-9CB4-CD9E69364BD9}" = Adobe Premiere Pro CS4
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" = 
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer
"{FE0782BC-7AB0-CF6A-6E38-D3040462C7EC}" = CCC Help French
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"5513-1208-7298-9440" = JDownloader 0.9
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Any DWG DXF Converter_is1" = Any DWG DXF Converter 2010
"avast" = avast! Internet Security
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DivX Setup" = DivX-Setup
"dt icon module" = 
"ffdshow_is1" = ffdshow v1.1.3562 [2010-09-07]
"gtfirstboot Setting Request" = 
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{AEA6A4C2-7C4E-48F9-A770-879DE2EDEE1B}" = OpenMG Secure Module 5.4.00
"Live 8.1.4" = Live 8.1.4
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"MarketingTools" = VAIO Marketing Tools
"MFU Module" = 
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MKV Player_is1" = MKV Player 1.0
"Mozilla Firefox 10.0 (x86 de)" = Mozilla Firefox 10.0 (x86 de)
"MPKminiEditor" = MPK mini Editor
"ProInst" = Intel PROSet Wireless
"SopCast" = SopCast 3.2.4
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VAIO Help and Support" = 
"Veetle TV" = Veetle TV 0.9.18
"VirtualCloneDrive" = VirtualCloneDrive
"WinRAR archiver" = WinRAR
"YTdetect" = Yahoo! Detect
 
========== Last 10 Event Log Errors ==========
 
[ Antivirus Events ]
Error - 18.11.2009 08:05:03 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 23.11.2009 13:01:06 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 06.05.2010 17:22:17 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 17.07.2010 16:56:18 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 25.07.2010 06:45:04 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 26.07.2010 15:35:11 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 14.08.2010 06:38:27 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 14.09.2010 16:39:58 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 14.10.2010 11:55:56 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 20.11.2010 10:31:38 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
[ Application Events ]
Error - 10.02.2012 12:54:27 | Computer Name = Bastian-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 10.02.2012 12:55:25 | Computer Name = Bastian-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16421 arbeitet nicht mehr 
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
 "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen 
über das Problem zu suchen.  Prozess-ID: 1764  Anfangszeit: 01cce814b8a9e623  Zeitpunkt
 der Beendigung: 23
 
Error - 11.02.2012 12:43:46 | Computer Name = Bastian-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 11.02.2012 12:44:40 | Computer Name = Bastian-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 11.02.2012 17:29:20 | Computer Name = Bastian-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 11.02.2012 17:30:14 | Computer Name = Bastian-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 11.02.2012 17:53:59 | Computer Name = Bastian-PC | Source = MsiInstaller | ID = 1043
Description = 
 
Error - 11.02.2012 18:19:46 | Computer Name = Bastian-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 11.02.2012 18:20:52 | Computer Name = Bastian-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 11.02.2012 18:25:29 | Computer Name = Bastian-PC | Source = Google Update | ID = 20
Description = 
 
[ Media Center Events ]
Error - 14.02.2011 15:22:58 | Computer Name = Bastian-PC | Source = Mcx2Dvcs | ID = 401
Description = 
 
[ System Events ]
Error - 11.02.2012 17:29:23 | Computer Name = Bastian-PC | Source = ipnathlp | ID = 34001
Description = ICS_IPV6 konnte den IPv6-Stapel nicht konfigurieren.
 
Error - 11.02.2012 17:29:23 | Computer Name = Bastian-PC | Source = ipnathlp | ID = 30013
Description = Die DHCP-Zuweisung wurde für IP-Adresse 192.168.1.53 deaktiviert, 
da die IP-Adresse außerhalb des Bereichs 192.168.0.0/255.255.255.0 liegt, von der
 die Adressen DHCP-Clients zu gewiesen werden. Ändern Sie den Bereich, sodass die
 IP-Adresse mit einbezogen wird, oder ändern Sie die IP-Adresse, sodass sie innerhalb
 dieses Bereichs liegt, um die DHCP-Zuweisung zu aktivieren.
 
Error - 11.02.2012 17:30:12 | Computer Name = Bastian-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner 
Fehler ist im Speicher-Manager aufgetreten.
 
Error - 11.02.2012 17:30:14 | Computer Name = Bastian-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 11.02.2012 17:57:12 | Computer Name = Bastian-PC | Source = Service Control Manager | ID = 7034
Description = 
 
Error - 11.02.2012 17:58:20 | Computer Name = Bastian-PC | Source = Service Control Manager | ID = 7030
Description = 
 
Error - 11.02.2012 18:03:04 | Computer Name = Bastian-PC | Source = Service Control Manager | ID = 7030
Description = 
 
Error - 11.02.2012 18:08:35 | Computer Name = Bastian-PC | Source = Service Control Manager | ID = 7030
Description = 
 
Error - 11.02.2012 18:19:30 | Computer Name = Bastian-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = 
 
Error - 11.02.2012 18:20:52 | Computer Name = Bastian-PC | Source = Service Control Manager | ID = 7000
Description = 
 
 
< End of report >

--- --- ---

kira · 13.02.2012, 08:27

1.

Zitat:

Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)

Fixen mit OTL

Starte die OTL.exe.
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Kopiere folgendes Skript:

Code:

ATTFilter

:OTL
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

:Commands
[purity]
[emptytemp]

und füge es hier ein:
Schließe alle Programme.
Klicke auf den Fix Button.
Klick auf .
OTL verlangt einen Neustart. Bitte zulassen.
Nach dem Neustart findest Du ein Textdokument.
Kopiere den Inhalt hier in Deinen Thread.

2.
erneut einen Scan mit OTL:

Doppelklick auf die OTL.exe
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Oben findest Du ein Kästchen mit Ausgabe.
Wähle bitte Standard-Ausgabe
Unter Extra-Registrierung wähle bitte Benutze SafeList.
Mache Häckchen bei LOP- und Purity-Prüfung.
Klicke nun auf Scan links oben.
Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

3.
läuft unter XP, Vista mit (32Bit) und Windows 7 (32Bit)
Achtung!:
WENN GMER NICHT AUSGEFÜHRT WERDEN KANN ODER PROBMLEME VERURSACHT, fahre mit dem nächsten Punkt fort!- Es ist NICHT sinnvoll einen zweiten Versuch zu starten!
Um einen tieferen Einblick in dein System, um eine mögliche Infektion mit einem Rootkit/Info v.wikipedia.org) aufzuspüren, werden wir ein Tool - Gmer - einsetzen :

- also lade Dir Gmer herunter und entpacke es auf deinen Desktop
- starte gmer.exe
- [b]schließe alle Programme, ausserdem Antiviren und andere Schutzprogramme usw müssen deaktiviert sein, keine Verbindung zum Internet, WLAN auch trennen)
- bitte nichts am Pc machen während der Scan läuft!
- klicke auf "Scan", um das Tool zu starten
- wenn der Scan fertig ist klicke auf "Copy" (das Log wird automatisch in die Zwischenablage kopiert) und mit STRG + V musst Du gleich da einfügen
- mit "Ok" wird GMER beendet.
- das Log aus der Zwischenablage hier in Deinem Thread vollständig hineinkopieren

** keine Verbindung zu einem Netzwerk und Internet - WLAN nicht vergessen
Wenn der Scan beendet ist, bitte alle Programme und Tools wieder aktivieren!
Anleitung:-> GMER - Rootkit Scanner

4.
Kontrolle mit MBR -t, ob Master Boot Record in Ordnung ist (MBR-Rootkit)

Mit dem folgenden Tool prüfen wir, ob sich etwas Schädliches im Master Boot Record eingenistet hat.

Downloade die MBR.exe von Gmer und
kopiere die Datei mbr.exe in den Ordner C:\Windows\system32.
Falls Du den Ordner nicht sehen kannst, diese Einstellungen in den Ordneroptionen vornehmen.
Start => ausführen => cmd (da reinschreiben) => OK
es öffnet sich eine Eingabeaufforderung.

Vista- und Windows 7-User: Start => Alle Programme => Zubehör => Rechtsklick auf Eingabeaufforderung und wähle Als Administrator ausführen.
Nach dem Prompt (>_) folgenden

aus der Codebox manuell eingeben oder alternativ den mit STRG + C ins Clipboard kopieren und einfügen.
Einfügen in der Eingabeaufforderung: in der Titelleiste einen Rechtsklick machen => Bearbeiten => einfügen.
Code:
ATTFilter
```
mbr.exe -t > C:\mbr.log & C:\mbr.log
         
```
(Enter drücken)
Nach kurzer Zeit wird sich Dein Editor öffnen und die Datei C:\mbr.log beinhalten.
Bitte kopiere den Inhalt hier in Deinen Thread.

► Wie ist den aktuellen Zustand des Rechners? Auffälligkeiten, Probleme?

baskos · 13.02.2012, 20:43

Auch an dieser Stelle nochmals ein Dankeschön.

1) Fixen mit OTL: erledigt!

Code:

ATTFilter

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Bastian
->Temp folder emptied: 9841 bytes
->Temporary Internet Files folder emptied: 69280568 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 470 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Mcx1
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
User: Volumes
->Temp folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 234881 bytes
 
Total Files Cleaned = 66,00 mb
 
 
OTL by OldTimer - Version 3.2.31.0 log created on 02132012_192302

Files\Folders moved on Reboot...
C:\Users\Bastian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y2LHY8NV\api[1].htm moved successfully.
C:\Users\Bastian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TT53TW5K\api[1].htm moved successfully.

Registry entries deleted on Reboot...

2) OTL - erneuter Scan: erledigt!
OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 13.02.2012 19:35:11 - Run 4
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Bastian\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,76 Gb Available Physical Memory | 58,87% Memory free
6,19 Gb Paging File | 4,97 Gb Available in Paging File | 80,23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 224,77 Gb Total Space | 15,51 Gb Free Space | 6,90% Space Free | Partition Type: NTFS
 
Computer Name: BASTIAN-PC | User Name: Bastian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.02.07 22:20:20 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Bastian\Desktop\OTL.exe
PRC - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.11.28 19:01:23 | 000,127,192 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\afwServ.exe
PRC - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011.11.07 12:29:44 | 002,761,832 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Update 5\VAIOUpdt.exe
PRC - [2011.10.27 17:10:56 | 001,086,568 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Update Common\VUAgent.exe
PRC - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programme\SUPERAntiSpyware\SASCore.exe
PRC - [2010.12.10 18:30:50 | 000,086,880 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2010.12.10 18:29:30 | 029,293,408 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2010.12.10 18:29:30 | 000,238,944 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.03.05 18:47:40 | 000,313,264 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2009.03.05 18:47:40 | 000,192,512 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2009.03.05 18:41:58 | 005,189,992 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2008.07.07 11:28:04 | 000,182,112 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe
PRC - [2008.07.07 11:28:04 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2008.07.03 07:06:17 | 000,104,992 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RTKAUDIOSERVICE.EXE
PRC - [2008.06.27 20:01:36 | 000,299,008 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\Network Utility\NSUService.exe
PRC - [2008.06.27 20:01:34 | 000,262,144 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\Network Utility\LANUtil.exe
PRC - [2008.06.19 18:53:20 | 001,771,360 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Power Management\SPMgr.exe
PRC - [2008.06.19 18:53:20 | 000,411,488 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe
PRC - [2008.04.03 19:03:38 | 000,317,280 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\ISB Utility\ISBMgr.exe
PRC - [2008.01.21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2007.01.04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.12.27 03:51:23 | 005,251,072 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2011.12.26 19:48:18 | 001,691,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3421.42257__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2011.12.26 19:48:18 | 000,290,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3421.42239__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:18 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3421.42258__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2011.12.26 19:48:18 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3421.42313__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:18 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3421.42253__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2011.12.26 19:48:18 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3421.42282__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:18 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3421.42247__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:17 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3421.42331__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2011.12.26 19:48:17 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3421.42332__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2011.12.26 19:48:17 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3421.42247__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2011.12.26 19:48:17 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3421.42295__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:16 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3421.42300__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2011.12.26 19:48:16 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3421.42300__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2011.12.26 19:48:16 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3421.42299__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:13 | 000,811,008 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3421.42284__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2011.12.26 19:48:13 | 000,712,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3421.42248__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2011.12.26 19:48:13 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3421.42308__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2011.12.26 19:48:13 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3421.42259__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2011.12.26 19:48:13 | 000,126,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3421.42293__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2011.12.26 19:48:13 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3421.42284__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:13 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3421.42292__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:12 | 000,589,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3421.42259__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2011.12.26 19:48:12 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3421.42283__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2011.12.26 19:48:12 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3421.42294__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2011.12.26 19:48:12 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3421.42263__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2011.12.26 19:48:12 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3421.42283__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:12 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3421.42263__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:12 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3421.42284__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:12 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3421.42294__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2011.12.26 19:48:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3294.18728__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2011.12.26 19:48:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3294.18709__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2011.12.26 19:48:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3294.18751__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2011.12.26 19:48:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3294.18787__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2011.12.26 19:48:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3294.18795__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2011.12.26 19:48:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3294.18747__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2011.12.26 19:48:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3294.18794__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2011.12.26 19:48:10 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2011.12.26 19:48:09 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3294.18699__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2011.12.26 19:48:09 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3294.18701__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2011.12.26 19:48:09 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3294.18753__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2011.12.26 19:48:09 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3294.18745__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2011.12.26 19:48:09 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3294.18787__90ba9c70f846762e\DEM.OS.dll
MOD - [2011.12.26 19:48:09 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2011.12.26 19:48:08 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3294.18708__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2011.12.26 19:48:08 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3294.18735__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2011.12.26 19:48:08 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2011.12.26 19:48:08 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3294.18832__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2011.12.26 19:48:08 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3294.18737__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2011.12.26 19:48:08 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3294.18731__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2011.12.26 19:48:08 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3294.18717__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2011.12.26 19:48:08 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3294.18755__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2011.12.26 19:48:08 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2011.12.26 19:48:08 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3294.18727__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2011.12.26 19:48:08 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3294.18758__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2011.12.26 19:48:07 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3294.18771__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2011.12.26 19:48:07 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3294.18785__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2011.12.26 19:48:07 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3294.18755__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2011.12.26 19:48:06 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3294.18767__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2011.12.26 19:48:06 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3294.18760__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2011.12.26 19:48:06 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3294.18769__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2011.12.26 19:48:06 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3294.18757__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2011.12.26 19:48:05 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3294.18772__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2011.12.26 19:48:05 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3294.18766__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2011.12.26 19:48:05 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3294.18765__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2011.12.26 19:48:05 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3294.18771__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2011.12.26 19:48:05 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3294.18742__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2011.12.26 19:48:05 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3294.18756__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2011.12.26 19:48:05 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3294.18748__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2011.12.26 19:48:05 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2011.12.26 19:48:05 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3294.18746__90ba9c70f846762e\APM.Foundation.dll
MOD - [2011.12.26 19:48:05 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3294.18728__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2011.12.26 19:48:04 | 000,503,808 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3421.42357__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2011.12.26 19:48:04 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3421.42340__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2011.12.26 19:48:03 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3421.42326__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2011.12.26 19:48:03 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3294.18725__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2011.12.26 19:48:03 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3294.18720__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2011.12.26 19:48:03 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2011.12.26 19:48:03 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2011.12.26 19:48:03 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3421.42234__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2011.12.26 19:48:02 | 000,540,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3421.42321__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2011.12.26 19:48:02 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3421.42252__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2011.12.26 19:48:02 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3421.42236__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2011.12.26 19:48:02 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3421.42325__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2011.12.26 19:48:02 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3421.42238__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2011.12.26 19:48:02 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3294.18750__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2011.12.26 19:48:02 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3294.18714__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2011.12.26 19:48:02 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3294.18748__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2011.12.26 19:48:02 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3294.18745__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2011.12.26 19:48:01 | 001,142,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3421.42243__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2011.12.26 19:48:01 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3294.18740__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2011.12.26 19:48:01 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3294.18744__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2011.12.26 19:48:01 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3294.18774__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2011.12.26 19:48:00 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3421.42237__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2011.12.26 19:48:00 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3421.42236__90ba9c70f846762e\APM.Server.dll
MOD - [2011.12.26 19:48:00 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3421.42235__90ba9c70f846762e\AEM.Server.dll
MOD - [2011.12.26 19:48:00 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2011.12.26 19:48:00 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3421.42326__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2011.07.08 12:53:06 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
MOD - [2011.06.24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.05.04 12:53:15 | 003,182,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2011.03.29 11:53:25 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2011.01.11 20:34:55 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Diagnostics.ServiceModelSink\3.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Diagnostics.ServiceModelSink.dll
MOD - [2010.04.12 13:21:14 | 000,110,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMDiagnostics.dll
MOD - [2010.04.12 13:21:06 | 005,967,872 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
MOD - [2010.04.12 13:21:01 | 000,970,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
MOD - [2010.04.12 13:20:59 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
MOD - [2009.12.09 07:54:50 | 000,495,616 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll
MOD - [2009.07.19 17:00:54 | 000,507,904 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll
MOD - [2009.07.19 17:00:53 | 000,569,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
MOD - [2009.05.14 22:22:46 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2009.03.30 05:42:20 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2009.03.30 05:42:19 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2009.03.30 05:42:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009.03.30 05:42:18 | 000,626,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2009.03.30 05:42:17 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2009.03.30 05:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.03.30 05:42:12 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2009.03.30 05:42:12 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Configuration.resources.dll
MOD - [2009.03.30 05:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.03.30 05:42:10 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
MOD - [2009.02.18 19:38:39 | 000,126,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
MOD - [2008.09.16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2008.08.26 11:41:42 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2008.07.10 13:42:47 | 000,086,016 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SPMCommon\3.1.0.6020__e3c7096ba83f9295\SPMCommon.dll
MOD - [2008.07.10 13:42:47 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SPMDam\3.1.0.6020__1b3c579b6925895f\SPMDam.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.11.28 19:01:23 | 000,127,192 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\afwServ.exe -- (avast! Firewall)
SRV - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.10.27 17:10:56 | 001,086,568 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent)
SRV - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011.01.11 20:44:17 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.09.16 13:27:12 | 000,480,624 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2009.09.08 18:09:14 | 000,083,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2009.04.02 00:15:30 | 000,114,688 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2009.03.05 18:47:40 | 000,313,264 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2009.03.05 18:47:40 | 000,192,512 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2009.03.05 18:47:40 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2009.03.05 18:41:58 | 005,189,992 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2008.07.07 11:28:04 | 000,182,112 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2008.07.03 07:06:17 | 000,104,992 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Windows\RTKAUDIOSERVICE.EXE -- (RtkAudioService)
SRV - [2008.06.27 20:01:36 | 000,299,008 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\Network Utility\NSUService.exe -- (NSUService)
SRV - [2008.06.19 18:53:20 | 000,411,488 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV - [2008.05.20 18:05:40 | 000,353,568 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHDms.exe -- (SOHDms)
SRV - [2008.05.20 18:05:40 | 000,103,712 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe -- (SOHCImp)
SRV - [2008.05.20 18:05:40 | 000,062,752 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHDs.exe -- (SOHDs)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.01.04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.11.28 18:54:38 | 000,111,320 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2011.11.28 18:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.11.28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.11.28 18:53:22 | 000,195,416 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2011.11.28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.11.28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.11.28 18:52:07 | 000,055,128 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011.11.28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.07.22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011.04.01 09:23:02 | 000,037,920 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2010.09.07 16:24:46 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\aswNdis.sys -- (aswNdis)
DRV - [2009.10.19 04:26:06 | 000,474,880 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVerAF35.sys -- (AVerAF35)
DRV - [2009.05.28 22:41:28 | 004,233,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2009.05.15 01:58:02 | 004,304,384 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.06.28 01:33:45 | 000,068,608 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008.06.27 17:37:42 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2008.06.21 01:03:04 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\risdptsk.sys -- (risdptsk)
DRV - [2008.06.10 01:04:47 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008.06.07 01:02:55 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2008.03.10 12:01:26 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2008.01.25 03:14:25 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.04.17 19:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2007.02.08 18:31:02 | 000,041,984 | ---- | M] (Hercules Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HDJMidi.sys -- (HDJMidi)
DRV - [2004.04.06 18:20:34 | 000,022,912 | ---- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ScratchAmp.sys -- (ScratchAmp) ScratchAmp Driver (ScratchAmp.sys)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Program Files\Common Files\mpDRM\NPMPDRM.dll ( )
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Users\Bastian\Programme\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Users\Bastian\Programme\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Users\Bastian\Programme\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Bastian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.29 17:36:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.08 21:24:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.08 21:54:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.08 21:24:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.08 21:54:29 | 000,000,000 | ---D | M]
 
[2012.01.23 20:56:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bastian\AppData\Roaming\mozilla\Extensions
[2012.01.23 20:56:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bastian\AppData\Roaming\mozilla\Extensions\ideskbrowser@haufe.de
[2012.02.08 21:30:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bastian\AppData\Roaming\mozilla\Firefox\Profiles\3b9tu8ju.default\extensions
[2010.08.22 11:14:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Bastian\AppData\Roaming\mozilla\Firefox\Profiles\3b9tu8ju.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.02.08 21:30:26 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Bastian\AppData\Roaming\mozilla\Firefox\Profiles\3b9tu8ju.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.09.25 15:10:09 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Bastian\AppData\Roaming\mozilla\Firefox\Profiles\3b9tu8ju.default\extensions\firefox@tvunetworks.com
[2012.02.08 21:26:13 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Bastian\AppData\Roaming\mozilla\Firefox\Profiles\3b9tu8ju.default\extensions\foxyproxy@eric.h.jung
[2012.02.08 21:42:42 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.02.08 21:42:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2012.01.29 17:12:48 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.02.08 21:41:49 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.07.20 16:21:40 | 000,106,192 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npstrlnk.dll
[2012.01.29 15:02:49 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.01.29 14:50:55 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.01.29 15:02:49 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.29 15:02:49 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.01.29 15:02:49 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.01.29 15:02:49 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.02.11 23:08:33 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Google BAE\BAE.dll (Your Company Name)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\Users\Bastian\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Users\Bastian\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1FF9E66F-9D0A-408E-8B29-31348A9B2ED0}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\fluxhttp {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Programme\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax ()
O18 - Protocol\Handler\fluxhttp\0x00000007 {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Programme\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax ()
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\System32\acaptuser32.dll) -C:\Windows\System32\acaptuser32.dll (Adobe Systems, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) -  File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\Bastian\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Bastian\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.02.11 23:19:13 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012.02.11 23:11:51 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.02.11 23:11:48 | 000,000,000 | ---D | C] -- C:\Users\Bastian\AppData\Local\temp
[2012.02.11 22:55:34 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.02.11 22:55:34 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.02.11 22:55:34 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.02.11 22:55:29 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012.02.11 22:55:28 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012.02.11 22:41:22 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.02.11 22:39:12 | 004,402,217 | R--- | C] (Swearware) -- C:\Users\Bastian\Desktop\ComboFix.exe
[2012.02.09 20:33:24 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012.02.08 22:54:09 | 000,000,000 | ---D | C] -- C:\Users\Bastian\AppData\Roaming\SUPERAntiSpyware.com
[2012.02.08 22:53:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012.02.08 22:53:31 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012.02.08 22:53:31 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012.02.08 22:18:41 | 000,000,000 | ---D | C] -- C:\Users\Bastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012.02.08 22:18:40 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012.02.08 21:53:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012.02.08 21:43:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.02.08 21:42:09 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012.02.08 21:42:09 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012.02.08 21:42:09 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012.02.08 20:56:43 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.02.07 22:40:22 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.02.07 22:20:17 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Bastian\Desktop\OTL.exe
[2012.02.07 18:34:42 | 000,000,000 | ---D | C] -- C:\Users\Bastian\AppData\Roaming\Malwarebytes
[2012.02.07 18:34:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.02.07 18:34:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.02.07 18:34:03 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.02.07 18:34:03 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.02.06 23:18:00 | 000,000,000 | ---D | C] -- C:\Users\Bastian\P5JavaClientSettings
[2012.02.06 19:59:05 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Bastian\Desktop\dds.com
[2012.02.04 19:56:44 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012.01.25 19:51:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2012.01.23 20:56:08 | 000,000,000 | ---D | C] -- C:\Users\Bastian\AppData\Roaming\Haufe Mediengruppe
[2012.01.23 20:56:08 | 000,000,000 | ---D | C] -- C:\Users\Bastian\AppData\Local\Haufe Mediengruppe
[2012.01.23 20:40:01 | 000,000,000 | ---D | C] -- C:\Users\Bastian\AppData\Roaming\Lexware
[2012.01.23 20:29:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft WSE
[2012.01.23 20:27:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Adaptive Server Anywhere 9
[2012.01.23 20:18:36 | 000,000,000 | ---D | C] -- C:\Program Files\Lexware
[2012.01.23 20:16:39 | 000,000,000 | ---D | C] -- C:\ProgramData\lexware
[2012.01.23 20:16:13 | 001,929,216 | ---- | C] (Amyuni Technologies
hxxp://www.amyuni.com) -- C:\Windows\System32\cdintf250.dll
[2012.01.23 20:15:14 | 000,000,000 | ---D | C] -- C:\Program Files\Haufe
[2012.01.23 20:15:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Haufe
[2012.01.23 20:10:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lexware
[2012.01.23 20:10:18 | 000,000,000 | ---D | C] -- C:\Users\Bastian\AppData\Local\Lexware
[2012.01.21 19:23:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.01.21 19:21:58 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.01.21 19:21:55 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
 
========== Files - Modified Within 30 Days ==========
 
[2012.02.13 19:30:13 | 000,000,437 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2012.02.13 19:29:40 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.13 19:29:40 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.13 19:29:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.13 19:22:36 | 000,002,032 | ---- | M] () -- C:\Users\Bastian\AppData\Local\d3d9caps.dat
[2012.02.11 23:08:33 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.02.11 22:39:43 | 004,402,217 | R--- | M] (Swearware) -- C:\Users\Bastian\Desktop\ComboFix.exe
[2012.02.10 17:55:11 | 000,002,527 | ---- | M] () -- C:\Users\Bastian\Desktop\HiJackThis.lnk
[2012.02.09 17:56:27 | 000,680,250 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.02.09 17:56:27 | 000,638,028 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.02.09 17:56:27 | 000,148,904 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.02.09 17:56:27 | 000,120,716 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.02.08 22:53:36 | 000,001,800 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.02.08 22:06:56 | 002,334,272 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.02.08 21:41:47 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2012.02.08 21:41:47 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012.02.08 21:41:47 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012.02.08 21:41:47 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012.02.07 22:40:24 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.02.07 22:20:20 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Bastian\Desktop\OTL.exe
[2012.02.07 18:34:05 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.02.06 20:16:27 | 000,302,592 | ---- | M] () -- C:\Users\Bastian\Desktop\0ns9q3h7.exe
[2012.02.06 19:59:07 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Bastian\Desktop\dds.com
[2012.02.06 19:57:22 | 000,000,000 | ---- | M] () -- C:\Users\Bastian\defogger_reenable
[2012.02.06 19:56:38 | 000,050,477 | ---- | M] () -- C:\Users\Bastian\Desktop\Defogger.exe
[2012.02.05 16:22:58 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.02.04 19:53:03 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012.02.04 19:53:03 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012.01.27 00:21:24 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012.01.23 20:35:13 | 000,000,867 | ---- | M] () -- C:\Windows\ODBC.INI
 
========== Files Created - No Company Name ==========
 
[2012.02.11 22:55:34 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.02.11 22:55:34 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.02.11 22:55:34 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.02.11 22:55:34 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.02.11 22:55:34 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.02.08 22:53:36 | 000,001,800 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.02.08 22:18:41 | 000,002,527 | ---- | C] () -- C:\Users\Bastian\Desktop\HiJackThis.lnk
[2012.02.08 21:54:29 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.02.08 21:24:08 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.02.07 22:40:24 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.02.07 18:34:05 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.02.06 20:16:26 | 000,302,592 | ---- | C] () -- C:\Users\Bastian\Desktop\0ns9q3h7.exe
[2012.02.06 19:57:22 | 000,000,000 | ---- | C] () -- C:\Users\Bastian\defogger_reenable
[2012.02.06 19:56:38 | 000,050,477 | ---- | C] () -- C:\Users\Bastian\Desktop\Defogger.exe
[2012.02.04 19:53:03 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012.02.04 19:53:03 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012.01.25 20:07:22 | 000,027,136 | ---- | C] () -- C:\Users\Bastian\Desktop\Gerätebestandsverzeichnis.xlt
[2011.12.26 18:19:56 | 000,000,000 | ---- | C] () -- C:\ProgramData\Tremolo
[2011.12.26 18:19:56 | 000,000,000 | ---- | C] () -- C:\ProgramData\Synth Pads
[2011.12.26 17:58:49 | 000,000,268 | RH-- | C] () -- C:\ProgramData\User Pictures
[2011.12.26 17:58:49 | 000,000,268 | RH-- | C] () -- C:\Users\Bastian\AppData\Roaming\Trumpet Section
[2011.12.26 17:58:49 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2011.12.26 17:58:49 | 000,000,012 | RH-- | C] () -- C:\ProgramData\filter
[2011.12.26 17:57:25 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2011.12.26 17:57:25 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2011.12.26 17:57:25 | 000,000,000 | ---- | C] () -- C:\Users\Bastian\AppData\Roaming\Tribal Masks
[2011.09.27 11:16:20 | 000,304,128 | ---- | C] () -- C:\Windows\System32\LxDNT100.dll
[2011.09.27 11:14:14 | 000,133,120 | ---- | C] () -- C:\Windows\System32\LxDNTvmc100.dll
[2011.09.27 11:13:58 | 000,069,120 | ---- | C] () -- C:\Windows\System32\LxDNTvm100.dll
[2011.07.29 18:28:04 | 000,000,475 | ---- | C] () -- C:\Users\Bastian\AppData\Roaming\Poladroid prefs.plist
[2010.11.19 12:35:35 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010.10.21 14:18:46 | 000,303,104 | ---- | C] () -- C:\Windows\System32\dnt27VC8.dll
[2010.10.21 14:16:58 | 000,143,360 | ---- | C] () -- C:\Windows\System32\dntvmc27VC8.dll
[2010.10.21 14:16:34 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dntvm27VC8.dll
[2010.01.09 17:07:21 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009.12.15 11:54:28 | 000,000,571 | ---- | C] () -- C:\Windows\System32\FeMakro.ini
[2009.12.15 11:54:28 | 000,000,497 | ---- | C] () -- C:\Windows\System32\FeAnim.ini
[2009.11.21 18:41:45 | 000,000,867 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.11.18 12:11:26 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2009.10.20 18:41:41 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.10.20 18:41:40 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.05.14 22:22:08 | 000,011,264 | ---- | C] () -- C:\Windows\System32\atimuixx.dll
[2008.11.05 22:42:23 | 000,044,032 | ---- | C] () -- C:\Users\Bastian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.11.05 13:01:12 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.11.05 12:24:41 | 000,002,032 | ---- | C] () -- C:\Users\Bastian\AppData\Local\d3d9caps.dat
[2008.10.29 17:13:34 | 000,180,720 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008.08.12 04:04:26 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2008.07.10 20:07:09 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1511.dll
[2008.07.10 20:07:08 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008.07.10 20:07:08 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008.07.10 20:07:08 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2008.07.10 20:04:31 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.07.10 10:22:18 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008.01.21 08:15:58 | 000,680,250 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 08:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 08:15:58 | 000,148,904 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 08:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 002,334,272 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,638,028 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,120,716 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
 
========== LOP Check ==========
 
[2011.12.20 18:36:39 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\1&1 Mail & Media GmbH
[2010.12.07 21:59:21 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Ableton
[2011.02.17 22:38:06 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Autodesk
[2010.11.23 18:39:55 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Cycling '74
[2008.11.05 23:21:50 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Engelmann Media
[2012.01.23 20:56:08 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Haufe Mediengruppe
[2008.11.05 12:49:12 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\InterVideo
[2010.11.18 17:59:18 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Leadertech
[2012.01.25 18:30:59 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Lexware
[2010.05.21 17:12:19 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Music Editor Free
[2011.12.26 18:06:43 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Nikon
[2011.12.20 19:39:33 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Samsung
[2010.01.02 12:58:53 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\SecondLife
[2009.12.20 22:00:10 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\temp
[2010.05.26 19:09:15 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Utherverse
[2011.07.31 14:05:50 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\uTorrent
[2011.04.24 16:36:28 | 000,000,000 | ---D | M] -- C:\Users\Bastian\AppData\Roaming\Valuga Software
[2012.02.13 19:28:26 | 000,032,578 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

--- --- ---

baskos · 13.02.2012, 20:57

OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 13.02.2012 19:35:11 - Run 4
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Bastian\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,76 Gb Available Physical Memory | 58,87% Memory free
6,19 Gb Paging File | 4,97 Gb Available in Paging File | 80,23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 224,77 Gb Total Space | 15,51 Gb Free Space | 6,90% Space Free | Partition Type: NTFS
 
Computer Name: BASTIAN-PC | User Name: Bastian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Users\Bastian\Programme\Microsoft Office 2003\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03C112F9-A491-45B8-9F1F-21A552804F0A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{04D33225-3FE2-4882-BCF2-9E9A1FFC31BC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{0718F758-7E06-4F62-9284-62FEEA485E9D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{0B575A4A-87C6-4416-B6B3-F1718FFCB9C6}" = rport=137 | protocol=17 | dir=out | app=system | 
"{11A81C67-F885-49C9-B55D-6731FF046FD8}" = lport=445 | protocol=6 | dir=in | app=system | 
"{1E906378-BC49-4092-A600-1DF6F25A3C21}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{200EEAB9-FB7B-47DE-9097-C6176F0B7271}" = lport=138 | protocol=17 | dir=in | app=system | 
"{20F04697-D052-4353-9F53-50597956D9DB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{229870DF-B0A2-4A76-A5AF-5140BE4D9571}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{23580D7F-AE79-4E3B-BA76-ABBEBD4B550C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{27C62C85-0054-426E-8A95-8AEAC2DCDDEE}" = lport=10244 | protocol=6 | dir=in | app=system | 
"{343EAE63-7223-4667-A1EA-180C66015DFC}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{394D7F36-FF00-4912-BB92-2AD09174D641}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{43D20E45-0128-45B1-B869-844351DA797C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{52DB79A9-ED1A-473C-BC4F-FDF2B7E065F3}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{539A75D9-89E5-4DB9-B2B9-A43C771AB8CE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{55231671-1BE7-4D7F-B842-D58B1691EE42}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | 
"{5C8F1A01-12B4-4024-874A-640E429A3738}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{5E4CFF6F-6854-41B0-B3C8-D6203D4514E0}" = lport=3390 | protocol=6 | dir=in | app=system | 
"{5F53D89E-8D62-4A85-91F8-576FC9459F95}" = lport=3390 | protocol=6 | dir=in | app=system | 
"{6662BE47-F631-4074-A2AD-49B8A6B4D2EF}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{6A654DBC-B660-4018-AD47-B0DA7A3EB4E5}" = lport=137 | protocol=17 | dir=in | app=system | 
"{6AC03AF5-73C6-432D-9A93-0C3A93305D06}" = rport=139 | protocol=6 | dir=out | app=system | 
"{7333248C-BC18-46F5-AE01-8E69AF4352E8}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{803CEEE7-E385-427F-84F4-16ED5A37546A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{87709004-51F8-437D-92DD-6839C880945B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{8BB3CF04-1439-4F8D-9752-C1FDE0CC68D8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{8D3EB430-E409-412B-BCE6-93735E2D8D7F}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{9107B1FA-57B1-4AC3-AF54-0F63A02A1E5A}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{9FBFCE04-6D0C-4173-BFEF-815FE8D8EA66}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{A0A5B1BD-F055-4932-B931-3F9D143027F4}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{A559E4C8-CF0B-44B3-8F10-9BEFD9B783E8}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | 
"{A7AF8EAD-671D-484C-986F-ECA314B29028}" = rport=10244 | protocol=6 | dir=out | app=system | 
"{AE4A09B1-9044-4AD0-97F0-9563AFF9416B}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{AF95483A-283B-43CC-B79B-87098804D6D0}" = rport=10244 | protocol=6 | dir=out | app=system | 
"{B7F844D0-572A-47EC-BC50-C81FC5298A8D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{BA2C244D-8A5A-4EE3-88F4-FC5A4533226F}" = lport=139 | protocol=6 | dir=in | app=system | 
"{BBE6AB09-7FE0-45C6-9350-4899B6D725A6}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{BE62309A-3703-4F46-8046-9FACDB2FCFC4}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{C1326EF7-C6F5-495D-9E43-87F81CA07FAA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{C86F8C84-6A85-481D-AB7C-E274C3845466}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{D5064BEE-BFE4-4C75-8492-F179F226C33A}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{D9A50334-1933-4114-8880-33A84C73460C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{DDBE4554-1CFD-48F6-A6C4-6F0CA38C9F17}" = rport=445 | protocol=6 | dir=out | app=system | 
"{DDE7BD70-A1BC-4B5A-B473-ECCD19543102}" = rport=138 | protocol=17 | dir=out | app=system | 
"{E3D28DEA-BE5C-4799-8913-0AE894EEB527}" = lport=49162 | protocol=6 | dir=in | name=akamai netsession interface | 
"{E4B3937D-1210-47A1-BBD9-344C6EBD2A99}" = lport=10244 | protocol=6 | dir=in | app=system | 
"{E5F2AE4D-D538-4FE4-B60A-1B869F6B075D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{EAAC9E5F-4CDC-44C7-A196-EAAE4A6C720B}" = rport=2869 | protocol=6 | dir=out | app=system | 
"{F3632969-183C-4693-B800-1B2B5F467A51}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{F4C37D47-A3DC-4D7C-8B89-1ABB68C809F7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{FA4B2700-9FCE-47B3-8050-AF03F5D36DF2}" = lport=54010 | protocol=6 | dir=in | name=samsung allshare slideshow service | 
"{FC213EB0-69CF-47CA-B25B-8CACC6B29CF1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04794231-8C9D-45D7-9082-DEABB842D42A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{07BCE2B9-0192-4893-83B8-4AAB44AD850C}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{16AAC398-9D3A-43EB-9F9E-9125B7DE49BD}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{171BCE79-8989-4350-BF34-F8E5D3D752F6}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{1F0B0422-6423-485D-AE08-DFBF818EBA84}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{22AE0673-5D05-411D-AF7A-BAADB0C1FE20}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{255F2FF5-3398-4E7C-A85A-AACE30918846}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{37FA9B75-34F8-48F4-8B72-BF07A292454C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{3C9C864C-0E95-49C9-805F-24445924F847}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{4B5ED71D-E45D-4AFE-B723-6555FAD6CE5C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{4BC607D3-995D-4455-A46D-265ADBE6D8B1}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe | 
"{4CB5A8CD-81E7-461F-8CE0-965C36C741B2}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe | 
"{4F14A5B6-0C73-4FD7-B141-B8C64025D08F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{58E45D54-ADC2-44E0-BACA-E2E2377ACEBC}" = protocol=17 | dir=in | app=f:\alicesetup.exe | 
"{5EFAC3E5-351F-469B-BA70-67CC18DCE821}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{60DC75CC-B0C7-406F-8F31-B11D8FF757DB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{64E9E53E-0172-45A0-BD52-3881960CF86C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{68417DAE-EA98-4946-B3F5-1B7E028A98FC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{81314383-BDBA-4CFD-AAE8-FF483AE57117}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{8940F01B-664A-43A6-869E-1FE9958435B8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{8CDA1223-0531-4AD8-967A-10E9067E8596}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8FD8D8E1-FD99-440A-8AC4-16FC7048D177}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{95434E62-083F-4C70-BCEE-4EFB224FD78F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9F3A9F73-E2D9-4982-91C6-EDAD65261BD1}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{A2668847-DD69-4B8D-81ED-8C4089353437}" = protocol=6 | dir=out | app=system | 
"{AA766579-D9AD-44B5-BD9C-D0CCBA351387}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe | 
"{AD72E4B3-3B1E-4C32-B945-82C704E1A1C5}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{B27F08AA-BB2C-44A1-BAFE-F9F2102ED84A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{BA0CCA4F-65AE-4448-8558-2F45D2DC42A3}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe | 
"{BF943BE6-CE9B-4838-AF29-0795776B1D28}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{D227107A-4776-4219-9DF9-DAABF3B4F7AB}" = protocol=17 | dir=in | app=c:\users\bastian\appdata\local\akamai\netsession_win.exe | 
"{D28C27C8-954D-4260-A15F-E2E63B33C3E7}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{D7788D23-B9DD-4DA0-BC0D-F550FE6C8B22}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{E09D92BE-AE5E-46CD-8D4B-FDF19189C787}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{E2B237D5-044D-4C72-898A-0A78ABC6466F}" = protocol=6 | dir=in | app=f:\alicesetup.exe | 
"{F3845688-9F29-4A2E-8210-600B8D6F06A4}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 | 
"{FA2D3644-9FC7-40BC-A717-32039143729C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{FB223D8A-A4D2-4A68-86C8-668670C1579A}" = protocol=6 | dir=in | app=c:\users\bastian\appdata\local\akamai\netsession_win.exe | 
"{FEABD6E6-A361-437C-A6A2-4CE956006A6A}" = dir=in | app=c:\users\bastian\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"TCP Query User{27B482AC-A3A8-4E44-89B5-EED29CBD3834}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"TCP Query User{569D5EF2-39E4-42AC-9EC8-3A05F6766C1B}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{706F108D-C336-4129-9032-DCFE17ADC7AD}C:\users\bastian\programme\napster.exe" = protocol=6 | dir=in | app=c:\users\bastian\programme\napster.exe | 
"TCP Query User{8135116D-DB00-42C7-BA77-125FBCC144FE}C:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe" = protocol=6 | dir=in | app=c:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe | 
"TCP Query User{96F2050E-76D3-42EC-A449-D0939BD8A008}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{99B4D563-AE23-4E0C-8E87-42174E34C4F5}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{A48682C0-EC1B-4A3F-831E-CDBB51840E87}C:\users\bastian\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\bastian\appdata\local\akamai\netsession_win.exe | 
"TCP Query User{AA4E226A-39F9-4218-9B91-7C32F04056AC}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"TCP Query User{BABDEE80-6723-4F4F-B22C-22DA6FA638F5}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{C404CEFA-CC40-4D01-8E51-FB90B0803CFB}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"TCP Query User{D28C6848-AF51-478F-B6DC-E39865D3381C}C:\users\bastian\programme\napster.exe" = protocol=6 | dir=in | app=c:\users\bastian\programme\napster.exe | 
"TCP Query User{DC988CDA-545B-4CC1-B7EC-CAE058C3E47E}C:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe" = protocol=6 | dir=in | app=c:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe | 
"TCP Query User{DD2499E6-A59A-46A5-A01F-93AF8B68E6BC}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"TCP Query User{F3C290ED-B9D2-4C44-B7AF-6162C2EC3C6D}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"UDP Query User{0287051C-D1AB-4B57-919A-48F1AC0BEFC0}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"UDP Query User{1350EAC6-0248-487E-9CAA-6DE567145EC6}C:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe" = protocol=17 | dir=in | app=c:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe | 
"UDP Query User{16DAAEFD-4D95-40A7-B6D7-ECDF4EC536B7}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{19DF5B3F-E4AD-4F91-9D52-11E53A5D6196}C:\users\bastian\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\bastian\appdata\local\akamai\netsession_win.exe | 
"UDP Query User{43E4C203-6DAD-4B1D-8F72-431A3BC3983A}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{53C76217-5B2F-4FF0-9900-6E210D215AF6}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{7E1DD749-37F5-40B1-8124-93FD4362F6B2}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{9008E24A-47B8-4C9A-AEDF-6E4F3EBC37F8}C:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe" = protocol=17 | dir=in | app=c:\users\bastian\programme\adobe dreamweaver cs3\files\dreamweaver.exe | 
"UDP Query User{B1BAB209-8454-4812-8846-7909C1C4381F}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"UDP Query User{B6838499-BF06-4593-9813-5671BC444F44}C:\users\bastian\programme\napster.exe" = protocol=17 | dir=in | app=c:\users\bastian\programme\napster.exe | 
"UDP Query User{DED8C393-1B9B-4D54-BB47-FD3F01DD87A1}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"UDP Query User{E3FF8BFF-3422-4E1F-B2B0-CFDE8528A164}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"UDP Query User{EE46AD3E-4B3D-4923-8DC8-E7AE1420D061}C:\users\bastian\programme\napster.exe" = protocol=17 | dir=in | app=c:\users\bastian\programme\napster.exe | 
"UDP Query User{EF1D2F7C-D8C2-453E-B68E-56FEF123B849}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}" = Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0B9B76C9-4967-59FC-C994-191AEA152F04}" = ATI Catalyst Install Manager
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{12D0BE8D-538C-4AB1-86DE-C540308F50DA}" = VAIO Content Metadata Manager Settings
"{1316AEF2-E086-46C7-B1FB-8C9A39A2ABF9}" = VAIO Media plus
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{14866AAD-1F23-39AC-A62B-7091ED1ADE64}" = Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729
"{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18510937-0146-417B-95D8-14706649C384}" = VAIO Content Metadata Manager Settings
"{1B47F7BA-7CF9-4F00-9340-099E3A004059}" = VAIO Update Merge Module x86
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{2018C019-30D9-4240-8C01-0865C10DCF5A}" = Unterstützung für VAIO-Präsentation
"{202F2838-156B-FC76-013F-9241B9673F39}" = CCC Help Thai
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{26921B2E-3E62-47F9-A514-1FC4A83BD738}" = Intel(R) PROSet/Wireless WiFi-Software
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}" = VAIO Content Metadata XML Interface Library
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2EEC4A52-7705-4BB4-BF45-64008EB5D0F1}" = Audials
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{325ED81A-EC15-7CE8-729B-0392A1DD3854}" = CCC Help Czech
"{326DC400-1FC4-4D7D-946D-06D1EAB93200}" = VAIO Guide
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3B659FAD-E772-44A3-B7E7-560FF084669F}" = VAIO Smart Network
"{3CCA23DD-CEDA-CC7F-C74C-4D1EDAE919AA}" = Catalyst Control Center Graphics Full New
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{42DD2173-B7CA-8AB3-8AC2-40DFE2CA6FBC}" = CCC Help German
"{430DD2C5-65FD-9781-F9F2-693CAF05CD10}" = Catalyst Control Center InstallProxy
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{49B8916D-1DEA-F18A-731F-BF0FE209C63B}" = CCC Help Chinese Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}" = Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox
"{4EEAF8D8-CB79-06CA-A566-EAC1726DAABB}" = CCC Help Finnish
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{540DB82A-EE11-BBC1-8BD8-BB7D937A53A4}" = CCC Help Hungarian
"{566BB41D-F006-4956-A5D3-94D8DFFA7F51}" = Adobe Setup
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5882396B-9FB3-37AC-1AE1-5EA344BD7705}" = Catalyst Control Center Graphics Previews Vista
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5BA149D9-D5FA-5AB3-400B-9F1BF424B7CE}" = CCC Help Chinese Traditional
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}" = 
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}" = Nikon Movie Editor
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Energie Verwaltung
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{624E54D0-E4F4-434F-9EF6-D4D066EE4348}" = Facebook Video Calling 1.1.1.1
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{642F96CC-1D3B-20DE-8673-44EE15B3DC2F}" = CCC Help Portuguese
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D26ACF9-4919-0744-C509-28EAF53112D4}" = CCC Help Dutch
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{710BF966-43C8-4216-A8EC-BC4E169FF7C1}" = MobileMe Control Panel
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71256374-2053-CF0F-BD54-20082980B95C}" = Catalyst Control Center Graphics Full Existing
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{737D8F4D-24D4-D626-DEC0-9E39A6166890}" = CCC Help Danish
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{74B705C2-173A-FFD1-98BC-AD5FB647AB38}" = CCC Help Polish
"{76DAEC83-AF7B-333C-8A53-83D7C7D39199}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU
"{784BDC03-2D22-BCAE-5CAC-84AFA799FBDE}" = CCC Help Turkish
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BD0D8F8-A13C-48D2-B201-4AD29A48AF34}" = Google SketchUp 7
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C404084-C5A6-42FF-B731-0BAC79A6E134}" = VAIO Original Funktion Einstellungen
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8572CE7D-46B0-70B3-96CD-534F07B35F5D}" = CCC Help Italian
"{87544F2E-CCA5-01BC-AEBC-D8C1D759EE61}" = CCC Help English
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BD60AEF-3F9D-47AE-B80A-FB7FFCE335A0}" = VAIO Movie Story
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{8E87B944-4815-3C5E-947F-5035C9F64362}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{90B38901-52C8-85A7-D6C8-9A5592C9FCAA}" = CCC Help Greek
"{91510409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95229EF6-F4A1-413A-BA50-668311FAFE19}" = VAIO Original Function Settings
"{9648D00F-0589-619B-6114-BF2A0620168B}" = CCC Help Korean
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" = 
"{9805E4EE-9B66-CABD-AF6B-4B84F2A8EF46}" = Skins
"{989ED050-E296-4FDC-9E4E-C48B4AF76E32}" = VAIO Content Metadata Intelligent Analyzing Manager
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AC34FA1-BCDE-1D09-5DB7-EB6A064FDEA9}" = CCC Help Spanish
"{9B973FC0-E71F-6F89-10D6-1BFD063D1707}" = CCC Help Swedish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9EAC0E21-510E-4259-A9C6-F5D5B8969036}" = Catalyst Control Center - Branding
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3563827-B0DB-44DC-B037-15CC4E5E692F}" = VAIO Content Metadata XML Interface Library
"{A3979A05-6834-D0A7-75CD-71B5A9E5F4C0}" = Catalyst Control Center Localization All
"{A62F50D4-EED7-4417-A382-E89ABCF11BAC}" = SketchUp DWG Importer
"{A6F21795-E629-35B2-9487-00A8363B28AA}" = Catalyst Control Center Graphics Light
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AEA6A4C2-7C4E-48F9-A770-879DE2EDEE1B}" = OpenMG Secure Module 5.4.00
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B1991F22-4F93-4D11-9866-A7DFE551DF9E}" = VAIO Content Metadata Intelligent Analyzing Manager
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3668C08-EBB1-40F4-B4F9-4F8E13501A7D}" = VAIO Entertainment Platform
"{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}" = Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{BACD22AE-5B6B-4F23-B506-3FCFF13AC137}" = VAIO Media plus
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}" = Adobe Flash Player 10 Plugin
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C0482AA0-9CDF-49B4-9B39-551FD1A7A7E6}" = VAIO Movie Story 1.5 Upgrade
"{C0AD2831-3398-A078-CBEB-39A6B381BB56}" = CCC Help Japanese
"{C18A02EC-966B-E7A7-9AC9-082F770ABF9B}" = CCC Help Russian
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C9C390CC-F9B9-EFE8-27DF-6EB7FF8F8760}" = CCC Help Norwegian
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CD431A7B-88D8-0823-E66F-CCFAEA6DA7B4}" = ccc-core-static
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF0F8D1B-5FB9-468D-BD88-E6239906D2B7}" = Click to Disc
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D47E6B9C-F5A5-23B7-AB6A-3806AD4C9529}" = ccc-utility
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D6DA6836-77C2-5338-10E3-D7A6CD65681D}" = Catalyst Control Center Core Implementation
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA8F979E-43B9-3EEC-721C-F297D9509992}" = Catalyst Control Center Graphics Previews Common
"{DE3BB35E-C0CE-4CA1-9CB4-CD9E69364BD9}" = Adobe Premiere Pro CS4
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" = 
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer
"{FE0782BC-7AB0-CF6A-6E38-D3040462C7EC}" = CCC Help French
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"5513-1208-7298-9440" = JDownloader 0.9
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Any DWG DXF Converter_is1" = Any DWG DXF Converter 2010
"avast" = avast! Internet Security
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DivX Setup" = DivX-Setup
"dt icon module" = 
"ffdshow_is1" = ffdshow v1.1.3562 [2010-09-07]
"gtfirstboot Setting Request" = 
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{AEA6A4C2-7C4E-48F9-A770-879DE2EDEE1B}" = OpenMG Secure Module 5.4.00
"Live 8.1.4" = Live 8.1.4
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"MarketingTools" = VAIO Marketing Tools
"MFU Module" = 
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MKV Player_is1" = MKV Player 1.0
"Mozilla Firefox 10.0 (x86 de)" = Mozilla Firefox 10.0 (x86 de)
"MPKminiEditor" = MPK mini Editor
"ProInst" = Intel PROSet Wireless
"SopCast" = SopCast 3.2.4
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VAIO Help and Support" = 
"Veetle TV" = Veetle TV 0.9.18
"VirtualCloneDrive" = VirtualCloneDrive
"WinRAR archiver" = WinRAR
"YTdetect" = Yahoo! Detect
 
========== Last 10 Event Log Errors ==========
 
[ Antivirus Events ]
Error - 18.11.2009 08:05:03 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 23.11.2009 13:01:06 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 06.05.2010 17:22:17 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 17.07.2010 16:56:18 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 25.07.2010 06:45:04 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 26.07.2010 15:35:11 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 14.08.2010 06:38:27 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 14.09.2010 16:39:58 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 14.10.2010 11:55:56 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 20.11.2010 10:31:38 | Computer Name = Bastian-PC | Source = avast! | ID = 33554522
Description = 
 
[ Application Events ]
Error - 11.02.2012 19:00:40 | Computer Name = Bastian-PC | Source = MsiInstaller | ID = 1043
Description = 
 
Error - 11.02.2012 19:00:49 | Computer Name = Bastian-PC | Source = MsiInstaller | ID = 1043
Description = 
 
Error - 12.02.2012 07:09:18 | Computer Name = Bastian-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 12.02.2012 07:10:23 | Computer Name = Bastian-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 12.02.2012 07:15:32 | Computer Name = Bastian-PC | Source = Windows Search Service | ID = 3024
Description = 
 
Error - 13.02.2012 13:54:45 | Computer Name = Bastian-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 13.02.2012 13:55:35 | Computer Name = Bastian-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 13.02.2012 13:56:26 | Computer Name = Bastian-PC | Source = Windows Search Service | ID = 3024
Description = 
 
Error - 13.02.2012 14:30:12 | Computer Name = Bastian-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 13.02.2012 14:31:10 | Computer Name = Bastian-PC | Source = WinMgmt | ID = 10
Description = 
 
[ Media Center Events ]
Error - 14.02.2011 15:22:58 | Computer Name = Bastian-PC | Source = Mcx2Dvcs | ID = 401
Description = 
 
[ System Events ]
Error - 13.02.2012 13:56:45 | Computer Name = Bastian-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner 
Fehler ist im Speicher-Manager aufgetreten.
 
Error - 13.02.2012 14:01:10 | Computer Name = Bastian-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner 
Fehler ist im Speicher-Manager aufgetreten.
 
Error - 13.02.2012 14:04:27 | Computer Name = Bastian-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner 
Fehler ist im Speicher-Manager aufgetreten.
 
Error - 13.02.2012 14:05:33 | Computer Name = Bastian-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner 
Fehler ist im Speicher-Manager aufgetreten.
 
Error - 13.02.2012 14:06:39 | Computer Name = Bastian-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner 
Fehler ist im Speicher-Manager aufgetreten.
 
Error - 13.02.2012 14:15:27 | Computer Name = Bastian-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner 
Fehler ist im Speicher-Manager aufgetreten.
 
Error - 13.02.2012 14:22:02 | Computer Name = Bastian-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner 
Fehler ist im Speicher-Manager aufgetreten.
 
Error - 13.02.2012 14:23:02 | Computer Name = Bastian-PC | Source = Service Control Manager | ID = 7034
Description = 
 
Error - 13.02.2012 14:29:48 | Computer Name = Bastian-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = 
 
Error - 13.02.2012 14:31:11 | Computer Name = Bastian-PC | Source = Service Control Manager | ID = 7000
Description = 
 
 
< End of report >

--- --- ---

3) GMER: nicht erledigt.
Leider war es nicht möglich, dass Programm komplett auszühren. Erst läuft der Scan ohne Probleme, doch irgendwann kommt eine Fehlermeldung, sodass das Programm beendet werden muss. Einen zweiten Versuch habe ich nicht vorgenommen. Ist das normal?

4) MBR kontrolle: erledigt!

Code:

ATTFilter

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, hxxp://www.gmer.net
Windows 6.0.6002 Disk: TOSHIBA_ rev.LV01 -> Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys 
C:\Windows\system32\DRIVERS\iaStor.sys Intel Corporation Intel Matrix Storage Manager driver
1 ntkrnlpa!IofCallDriver[0x83044912] -> \Device\Harddisk0\DR0[0x87089620]
3 CLASSPNP[0x8B7AC8B3] -> ntkrnlpa!IofCallDriver[0x83044912] -> [0x86529B50]
5 acpi[0x806976BC] -> ntkrnlpa!IofCallDriver[0x83044912] -> \Device\Ide\IAAStorageDevice-1[0x8655A028]
kernel: MBR read successfully
user & kernel MBR OK

Momentan läuft der PC nach wievor ohne Probleme. Was sich geändert hat ist, dass nach einem Neustart des Rechners das Symbol meines Antivirenscanners (Avast) nicht mehr in meiner Autostart-Leiste (unten rechts) angezeigt wird. Erst nachdem ich das Programm über meine Startleiste anklicke, wird das Symbol wieder angezeigt. Es macht jedoch den Anschein, als würde der Virenscanner trotzdem laufen, jedoch halt nur nicht das Symbol anzeigen.

Beste Grüße, Bastian

kira · 14.02.2012, 19:39

meinst "Schnellstartleiste"?:-> Hinzufügen oder Entfernen von Programmen auf der Schnellstartleiste

1.
Programme deinstallieren/entfernen, die wir verwendet haben und nicht brauchst, bis auf:

Code:

ATTFilter

CCleaner

- Zeitweise laufen lassen:-> Anleitung

2.
Tool-Bereinigung mit OTL

Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.

Bitte lade Dir (falls noch nicht vorhanden) OTL von OldTimer herunter.
Speichere es auf Deinem Desktop.
Doppelklick auf OTL.exe um das Programm auszuführen.
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Klicke auf den Button "Bereinigung"
OTL fragt eventuell nach einem Neustart.
Sollte es dies tun, so lasse dies bitte zu.

Anmerkung: Nach dem Neustart werden OTL und andere Helferprogramme, die Du im Laufe der Bereinigung heruntergeladen hast, nicht mehr vorhanden sein. Sie wurden entfernt. Es ist daher Ok, wenn diese Programme nicht mehr vorhanden sind. Sollten noch welche übrig geblieben sein, lösche sie manuell.

3.
Wenn alles gut verlaufen und dein System läuft stabil,mache folgendes:
Alle Systemwiederherstellungspunkte löschen, auch den Letzten

4.
Ich würde Dir vorsichtshalber raten, dein Passwort zu ändern (man sollte alle 3-4 Monate machen)
z.B. Login-, Mail- oder Website-Passwörter
Tipps:
Die sichere Passwort-Wahl - (sollte man eigentlich regelmäßigen Abständen ca. alle 3-5 Monate ändern)
auch noch hier unter: Sicheres Kennwort (Password)

5.
► für Windows Updates ziehen:-> - Microsoft Update hält Ihren Computer auf dem neuesten Stand!

Lesestoff Nr.1:

Wie erstelle ich ein eingeschränktes Benutzerkonto?
Software immer auf dem neuesten Stand halten!:
ALLE auf dem System installierten Programme und Treiber, sollten regelmäßig upgedatet werden um Sicherheitslücken zu vermeiden und um das reibungslose Arbeitsabläufe zu erreichen!
Ein sicherer Browser als IE z.B. *Ein Wechsel des Standardbrowsers zu...von SETI@home* - Firefox - FirefoxWiki/Einstellungen - Erweiterungen für Firefox - Standardbrowser
Sichere eMail Clients z.B. Thunderbird-->Erweiterungen für Mozilla Thunderbird
- Unbekannten E-Mail-Anhang NICHT öffnen!
Sichere Paswort - Die sichere Passwort-Wahl - (sollte man eigentlich regelmäßigen Abständen ca. alle 3-5 Monate ändern)
auch noch hier unter: Sicheres Kennwort (Password)
Die fünf häufigsten Passwort-Fehler[/b[

"Never accept software from strangers" - Installiere grundsätzlich immer nur Programme, die Du auch wirklich benötigst und von denen Du überzeugt bist, dass sie seriös sind.
Du hast die Wahl!, welche zusätzlichen Komponenten noch installiert werden sollen? -> Bei der Installation immer mitlesen, Sponsoren und Partnerprogramme, Toolbars oder eventuell noch andere extra angebotene Programme möglichst abwählen!
Sponsor-Programm, Toolbars möglist abwählen (so wird oft Art von Adware/Spyware mitinstalliert)

NICHT irgendwelche Programme aus dem Netz laden, wenn nicht zu 100% fest steht, dass es sich dabei um saubere Software handelt. Nette Versprechen der Hersteller garantieren noch lange keine einwandfreie Funktionsweise, also vorher blättere die Seiten bei GOOGLE, da kannst Du Dir wertvolle Informationen holen!!!

Programme und Treiber:
Nur vom Hersteller!

Onlinebanking:
Gib deine Passwörter niemals preis!
Seriöse Bankinstitute, E- Mail- Provider oder Online- Shops versenden grundsätzlich keine E- Mails, in denen Kunden aufgefordert werden, vertrauliche Daten wie Passwörter, Verfügernummer, PINs oder TANs preiszugeben. Bei dieser Art von E- Mails handelt es sich immer um Betrugsversuche, weshalb entsprechende Anfragen nicht beantwortet werden sollten. Sobald der Verdacht auf Betrug entsteht, melde deinen Verdacht der jeweiligen Bank- Hotline.

Comnputer, anderen (Gästen/Freunden) zur Nutzung überlassen überlassen - Nutze nur vertrauenswürdige Computer!
Vergewissere dich, dass nur Personen deines Vertrauens deinen Computer nutzen oder verwalten und wickel niemals Bankgeschäfte über nicht vertrauenswürdige Computer - beispielsweise aus einem Internetcafé während des Urlaubs - ab

Vorsicht bei der Nutzung fremder Computer und anschliessbare Externe Speichermedien wie Festplatte, USB Sticks, Speicherkarten usw![/color] - IT-Betrüger machen keinen Urlaub!/bsi-fuer-buerger.de - auch zeitweise anschließen und scannen lassen (sehe unter `kostenlose Online-Viren-Scanner`)
Webseiten ohne Gültiges Impressum nicht besuchen
Lizenzkosten sparen? - Vorsicht bei Dateien/Programmen aus nicht vertrauenswürdigen Quellen! - "full Keygen, Crack, Serial, Warez, keygenerators" etc.
Sind immer verseucht mit diverse Malware/Schadprogramme/Code, es gibt keine seite wo Viren frei ist. (Man sollte nicht absitlich der Teufel holen) Eine weitere höchst unsichere Quelle ist das File-Sharing der sog. (Musik-)Tauschbörsen.
► Ausserdem machst Du dich damit strafbar!
Nur eine Firewall sowie ein Antiviren Programm verwenden, welche sich immer auf dem aktuellsten Stand befinden sollten!
Das Installieren von `zuviel` Software beeinträchtigt die Systemleistung und Sicherheit, verlangsamt den Start-Vorgang enorm und belastet den Arbeitsspeicher (weil laufen ja die Programme nebeneinander gleichzeitig, die viel Performance fressen, aber wenig Qualität bringen). Im Laufe der Zeit wird der rechner durch zu viel unnötigen Ballast immer langsamer, und unsicherer. Um so mehr Programme installiert sind, um so häufiger treten Probleme auf, die dann unter Umständen nur schwer lösen können. Dazu kommt noch, das einige Programme große Sicherheitsrisiken mit sich bringen
Virenscanner
BSI für Bürger
SETI@home - [Sicherheit] Sicherheitskonzept
Entwicklung schädlicher Websites/viruslist.com
Brennpunkt: Bilder und Töne
Gefährliche Bilder, schräge Töne/BSI

** Der gesunde Menschenverstand, Windows und Internet-Software sicher konfigurieren ist der beste Weg zur Sicherheit im Webverkehr ist !!

Zitat:

Da der Bestand der Datenbank wird täglich ergänzt und erweitert bzw werden mit der aktuellen Virendefinition die Informationen über den betroffenen Virus aufgenommen, empfehle ich dir mindestens einmal pro Woche (später genügt es sicherlich einmal im Monat) dein System Online Scannen lassen (immer mit einen anderen Scanner), um eine zweite Meinung einzuholen - Die auf dem Speichermedium gesicherten Daten sollten auch mit einbezogen werden!
(benutzen meist ActiveX und/oder Java): Kostenlose Online Scanner -

Lesestoff Nr.2:
► Kann sich auf Dauer eine Menge Datenmüll ansammeln, sich Fehlermeldungen häufen, der PC ist wahrscheinlich nicht mehr so schnell, wie früher: