GVU-Trojaner eingefangen

Isin · 25.12.2012, 14:12

Habe mir ausgerechnet an Heiligabend (auf der Suche nach dem Text von Loriots Adventsgedicht

) auf einer Website den GVU-Trojaner eingefangen (Betriebssystem Vista, Browser Firefox).

Ich habe dann die Dateien soweit entfernen können, nach dieser Vorgehensweise hxxp://www.evild3ad.com/1875/reveton-c-gvu-trojaner-mit-webcam-entfernen-win7/ und die Scans von Spybot, Windows Defender haben nichts mehr ergeben und Antivir hat noch die Datei JAVA/Jogek.QK entdeckt. Sie liegt jetzt in Quarantäne.

Ich glaube jedoch nicht, dass damit alles wieder bereinigt ist...
Für euren fachmännischen Rat bin ich deshalb dankbar!

Der OTL-Scan hat nun gerade folgendes ergeben:

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 25.12.2012 13:40:03 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = c:\Users\***\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,41 Gb Available Physical Memory | 47,05% Memory free
6,19 Gb Paging File | 4,22 Gb Available in Paging File | 68,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222,73 Gb Total Space | 82,26 Gb Free Space | 36,93% Space Free | Partition Type: NTFS
 
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - c:\Users\***\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
PRC - C:\Programme\Samsung\Kies\Kies.exe (Samsung)
PRC - C:\Programme\Spybot - Search & Destroy 2\SDUpdate.exe (Safer-Networking Ltd.)
PRC - C:\Programme\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
PRC - C:\Programme\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Programme\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Ask.com\Updater\Updater.exe (Ask)
PRC - C:\Programme\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Programme\congstar\Internetmanager\Bin\mcserver.exe (ZTE)
PRC - C:\Programme\congstar\Internetmanager\Bin\db_daemon.exe ()
PRC - C:\Programme\congstar\Internetmanager\Bin\dbus-daemon.exe ()
PRC - C:\Programme\congstar\Internetmanager\Bin\gconfd-2.exe ()
PRC - C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Sony\VAIO Update 4\VAIOUpdt.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Windows\RTKAUDIOSERVICE.EXE (Realtek Semiconductor)
PRC - C:\Programme\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
PRC - C:\Programme\Sony\Network Utility\NSUService.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Media plus\SOHDs.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Media plus\SOHDms.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Media plus\SOHCImp.exe (Sony Corporation)
PRC - C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
PRC - C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\Apoint\ApntEx.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\Apoint\ApMsgFwd.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\System32\cmd.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe (ArcSoft, Inc.)
PRC - C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
PRC - C:\Windows\System32\spool\drivers\w32x86\3\HP1005MC.EXE (Software 2000 Limited)
PRC - C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\c651664b676131a29805b906e6e3a075\Kies.Theme.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\1ce87eeaf4631660db98892bced4e2d1\DevicePodcast.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\e5e647b2ca4cdc5b57ff9f1603380e0f\DeviceVideo.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\525e1d4bf4d56bba86a1658a9e0d083a\DevicePhoto.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\9abd5232b514e1c9a4b93798913bfd85\DeviceMusic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\a7f0eab462c12b64065c72c79b725a40\VideoManager.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PodcastService\ce3a6aa746e080fd43eb5a28a11be2ce\PodcastService.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\3b8828ff5f509686c1bd0bdcce093484\PhotoManager.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\97a8edf707f9633f1e37466ad1d23f7e\Podcaster.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\dd8bec8239f56ab710ed7b9974cb044b\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\15d8f6fc75d21eafbbefdbf4c63d96fa\DeviceHost.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\e34e70977504b005227147c2c204039c\Phonebook.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CPKTMusicPlugin\f82d1513ee148f2ebeaa34560a9f3c02\CPKTMusicPlugin.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\ca84c400314176136195468cebc2f0a3\MusicManager.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\ae89d48e4b003ad779dc50831fe3651d\BATPlugin.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\f5e68ac69c316c6ed3fd2d32d86b9b40\Kies.Common.StoreManager.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\f8d1638945cfb17beeef41f95122a57e\Kies.Common.MediaDB.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\16ff612e95fab71238d3098306432669\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\bb1b8bf4cff449c07958f536e76f99d6\Kies.Common.AllShare.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\006e357b8b365cc092aebeb0715e92ba\Kies.Common.DeviceServiceLib.FileService.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\d59def04f1a1362bf68d4c6290495129\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\7ed0d1663e2b2ba0364e980a31c78569\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\e67cd5af0d312ce2bc02f70086a85ab6\Kies.Common.DeviceServiceLib.Interface.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\34d865a4131eedff179516d7e4ff98ba\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\e3ae9e006b93f18934ed38169b0d53b1\Kies.Common.DeviceService.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\3bc20954017591e3a683404935a9a707\Kies.Common.Multimedia.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\3423672e3ee870ee8c5ea4dccc7908b9\Interop.PRPLAYERCORELib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\2787a3b938a879c11527af2645dce547\Kies.Common.MainUI.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\b5d9193934954f23c5b33709d029df5a\Kies.Common.DBManager.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\9ff0e3370c080afab9fb37039ccde6d3\Kies.Locale.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\21fe633b3fdc133e7a9b8d23d99ff751\Kies.Common.Util.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\c0ea119e4e74b68962a01ba3d4363846\Kies.MVVM.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\89596f42bb84a3197a871a7c3092cf06\Kies.UI.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\8c781ce4d99031ea3a3167c04a99487f\Kies.Interface.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\283e1e162d12bd85a8704a9dfa43706a\Kies.ni.exe ()
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\f8c8f34f4703169ec8ef159f4a3eff05\ASF_cSharpAPI.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\e029f4b6cd5483b6a24e612a45963b18\Interop.DevFileServiceLib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\b2991e7347afcb391a714b60ebf7fdff\Interop.MP3FileInfoCOMLib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\1ea9d4d50c7fdf418de5c801ed76701d\Interop.OGGFileInfoCOMLib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\5911766cf78c9ff4b4b89dcd0d2f3899\Interop.P3MPINTERFACECTRLLib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\0d8a6c359208a783ffc5c2209d02cd3c\ICSharpCode.SharpZipLib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\dd6c740085ff9051f0b9d7aec72f889f\CabLib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\2d61609a7f09305ef6e384741c3e863c\Interop.DeviceSearchLib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\088676cc322e339363b855b240aa1105\GongSolutions.Wpf.DragDrop.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\3ebb49cd31ae72ca680a647130a33e95\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\adaaf894878905f022f824b84fcd59a8\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\aebb94e0eea9c39ec18a7915a711f621\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\eca677743544906340bc26d89c2538e4\System.IdentityModel.Selectors.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\6be544795f68114304a2efdd502a52f0\System.IdentityModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\68c89abe0ec8381863d6bb18539504f9\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\949339bed597380b8fb6dd2dc97d8006\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\2d737eebab3321e31bf20296d04a0e1a\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ac05afefb5b28893d44ec451da0e6d4e\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2633dbf77be293b3a8693b6b062fd787\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7f15d0cb7e4f87f86e425d5ffe7e8280\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\741164a3e36f879b9f9e3ff176465127\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\22e554f2c4da53c07e4815a24e2d50e2\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2c6cd37f29fc76d6c2ed6bbed202d82c\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7c8bffb6e42a248341d7821a8464ef0b\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74fade4c3e490c62af3d60742fb078a\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\dfe6e22159d3f5bf61b5bfe1da6f2758\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\14d2241be401f66cc1898dc5dc383b80\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e10bbd79027aa4c1ca8950b78fd640d4\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\c63fe1e324904c893d2a5d02f0783658\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\379599837ade465016dd5d96798b2766\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\dbc34d53e1fbedabecd201fe4f264961\mscorlib.ni.dll ()
MOD - C:\Programme\Spybot - Search & Destroy 2\snlFileFormats150.bpl ()
MOD - C:\Programme\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Programme\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl ()
MOD - C:\Programme\Spybot - Search & Destroy 2\JSDialogPack150.bpl ()
MOD - C:\Programme\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Programme\Evernote\Evernote\libtidy.dll ()
MOD - C:\Programme\Evernote\Evernote\libxml2.dll ()
MOD - C:\Programme\congstar\Internetmanager\Bin\audio.dll ()
MOD - C:\Programme\congstar\Internetmanager\Bin\itapi.dll ()
MOD - C:\Programme\congstar\Internetmanager\Bin\coder.dll ()
MOD - C:\Programme\congstar\Internetmanager\Bin\log.dll ()
MOD - C:\Programme\congstar\Internetmanager\Bin\libctlsvr.dll ()
MOD - C:\Programme\congstar\Internetmanager\Bin\db_daemon.exe ()
MOD - C:\Programme\congstar\Internetmanager\Bin\dbus-daemon.exe ()
MOD - C:\Programme\congstar\Internetmanager\Bin\gconfd-2.exe ()
MOD - C:\Programme\congstar\Internetmanager\Bin\libgconfbackend-xml.dll ()
MOD - C:\Programme\congstar\Internetmanager\Bin\libgconf-2.dll ()
MOD - C:\Programme\congstar\Internetmanager\Bin\dbus-1.dll ()
MOD - C:\Programme\congstar\Internetmanager\Bin\sqlite3.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Programme\congstar\Internetmanager\Bin\zlib1.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2993.28442__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2993.28395__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2993.28458__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2993.28671__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2993.28626__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2993.28433__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2993.28569__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2993.28416__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2993.28713__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2993.28721__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2993.28410__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2993.28581__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2993.28660__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2993.28637__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2993.28465__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2993.28602__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2993.28644__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2993.28580__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2993.28635__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2993.28600__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2993.28473__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2993.28572__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2993.28563__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2993.28419__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2993.28618__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2993.28481__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2993.28570__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2993.28480__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2993.28579__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2993.28617__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2939.23679__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2939.23767__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2939.23710__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2939.23768__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2965.22300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2939.23668__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2939.23689__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2939.23743__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2939.23739__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2939.23740__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2939.23764__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2939.23742__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2939.23662__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2939.23708__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2939.23802__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2939.23667__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2939.23741__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2939.23717__90ba9c70f846762e\DEM.OS.I0602.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2939.23693__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2939.23687__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2939.23679__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2939.23707__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2939.23717__90ba9c70f846762e\DEM.OS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2939.23718__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2939.23688__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2939.23734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2939.23718__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2939.23711__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2939.23665__90ba9c70f846762e\AEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2939.23709__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2993.28736__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.2993.28750__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2993.28385__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2993.28689_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2993.28403__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2993.28426__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2993.28689__90ba9c70f846762e\CLI.Component.Systemtray.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2993.28700__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2993.28386__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2993.28697__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2939.23713__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2939.23678__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2939.23689__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2939.23679__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2939.23694__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2939.23712__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2939.23711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2939.23746__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2939.23677__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2993.28699__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2993.28387__90ba9c70f846762e\ATIDEMOS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2993.28383__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2993.28384__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\SPMDam\3.0.0.4140__1b3c579b6925895f\SPMDam.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\SPMCommon\3.0.0.4140__e3c7096ba83f9295\SPMCommon.dll ()
MOD - C:\Windows\System32\atitmmxx.dll ()
MOD - C:\Programme\congstar\Internetmanager\Bin\libxml2.dll ()
MOD - C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll ()
MOD - C:\Programme\congstar\Internetmanager\Bin\libexpat.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (SDWSCService) -- C:\Program Files\Spybot File not found
SRV - (SDUpdateService) -- C:\Program Files\Spybot File not found
SRV - (SDScannerService) -- C:\Program Files\Spybot File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (VAIO Event Service) -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (RtkHDMIService) -- C:\Windows\RTKAUDIOSERVICE.EXE (Realtek Semiconductor)
SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV - (NSUService) -- C:\Programme\Sony\Network Utility\NSUService.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Programme\Sony\VAIO Media plus\SOHDs.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Programme\Sony\VAIO Media plus\SOHDms.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Programme\Sony\VAIO Media plus\SOHCImp.exe (Sony Corporation)
SRV - (VcmIAlzMgr) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe (Sony Corporation)
SRV - (VzFw) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (SPTISRV) -- C:\Programme\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (MSCSPTISRV) -- C:\Programme\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Programme\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)
SRV - (uCamMonitor) -- C:\Programme\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe (ArcSoft, Inc.)
SRV - (AdobeActiveFileMonitor6.0) -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
SRV - (IviRegMgr) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (PCLEPCI) -- C:\Windows\System32\drivers\Pclepci.sys (Pinnacle Systems GmbH)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (UIUSys) -- system32\DRIVERS\UIUSYS.SYS File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (AnyDVD) -- C:\Windows\System32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (HSPADataCardusbser) -- C:\Windows\System32\drivers\HSPADataCardusbser.sys (HSPADataCard Incorporated)
DRV - (HSPADataCardusbnmea) -- C:\Windows\System32\drivers\HSPADataCardusbnmea.sys (HSPADataCard Incorporated)
DRV - (HSPADataCardusbmdm) -- C:\Windows\System32\drivers\HSPADataCardusbmdm.sys (HSPADataCard Incorporated)
DRV - (massfilter) -- C:\Windows\System32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (tcpipBM) -- C:\Windows\System32\drivers\tcpipBM.sys (Bytemobile, Inc.)
DRV - (BMLoad) -- C:\Windows\System32\drivers\BMLoad.sys (Bytemobile, Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (NETw5v32) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.)
DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (risdptsk) -- C:\Windows\System32\drivers\risdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (ArcSoftKsUFilter) -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV - (SFEP) -- C:\Windows\System32\drivers\SFEP.sys (Sony Corporation)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (regi) -- C:\Windows\System32\drivers\regi.sys (InterVideo)
DRV - (MarvinBus) -- C:\Windows\System32\drivers\MarvinBus.sys (Pinnacle Systems GmbH)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{A043A837-321C-490B-BD62-6579BBD7EBA1}: "URL" = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2449729
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://partnerpage.google.com/eu.s [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {a51a36e6-31e7-4838-9ff7-76298b527ec0} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {A043A837-321C-490B-BD62-6579BBD7EBA1}
IE - HKCU\..\SearchScopes\{4E00617F-726A-40E8-A109-B2B45FF401C7}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}
IE - HKCU\..\SearchScopes\{9A6E85CB-495D-4E32-A038-C8F7078F2B9D}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
IE - HKCU\..\SearchScopes\{A043A837-321C-490B-BD62-6579BBD7EBA1}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SNYK_de
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2449729
IE - HKCU\..\SearchScopes\{B6E718B0-3138-40B4-87E8-BA53D4295B6F}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=12CDF9F2-2AB5-477F-B917-D14FDA84A61E&apn_sauid=CE2AC73B-41BF-49C7-86E6-D604C9B761CD
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "softonic-Germany Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2449729&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.openintab: true
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.t-online.de/"
FF - prefs.js..extensions.enabledAddons: %7B0b457cAA-602d-484a-8fe7-c1d894a011ba%7D:0.98.26
FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68
FF - prefs.js..extensions.enabledAddons: %7BE0B8C461-F8FB-49b4-8373-FE32E9252800%7D:5.4
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0033-ABCDEFFEDCBA%7D:6.0.33
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0035-ABCDEFFEDCBA%7D:6.0.35
FF - prefs.js..extensions.enabledAddons: ff-bmboc%40bytemobile.com:4.2.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.50
FF - prefs.js..extensions.enabledItems: {1a0c9ebe-ddf9-4b76-b8a3-675c77874d37}:4.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: ff-bmboc@bytemobile.com:4.2.2
FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.88
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=12CDF9F2-2AB5-477F-B917-D14FDA84A61E&apn_ptnrs=9M&apn_sauid=CE2AC73B-41BF-49C7-86E6-D604C9B761CD&apn_dtid=OSJ000&&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.07.12 17:13:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\congstar\Internetmanager\Bin\addon [2010.04.01 13:29:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.11.15 12:44:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.08 15:32:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.08 15:32:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.07.12 17:13:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.08 15:32:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.08 15:32:05 | 000,000,000 | ---D | M]
 
[2011.12.08 22:24:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2011.04.14 16:17:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2011.12.08 22:24:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\uploadr@flickr.com
[2012.12.02 23:04:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4xvz1vj5.default\extensions
[2012.12.02 23:04:26 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4xvz1vj5.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2010.04.27 19:28:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4xvz1vj5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.10.02 21:43:45 | 000,000,000 | ---D | M] (Evernote Web Clipper) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4xvz1vj5.default\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
[2012.09.05 05:39:44 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4xvz1vj5.default\extensions\toolbar@ask.com
[2012.10.18 10:11:29 | 000,158,191 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\4xvz1vj5.default\extensions\{1a0c9ebe-ddf9-4b76-b8a3-675c77874d37}.xpi
[2012.11.25 09:51:10 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\4xvz1vj5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.01.22 17:01:11 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\4xvz1vj5.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2012.09.05 05:39:44 | 000,002,299 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\4xvz1vj5.default\searchplugins\askcom.xml
[2010.03.19 22:36:05 | 000,001,820 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\4xvz1vj5.default\searchplugins\bing.xml
[2011.01.08 11:23:32 | 000,000,935 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\4xvz1vj5.default\searchplugins\conduit.xml
[2012.12.08 15:32:03 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.12.08 15:32:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.12.08 15:32:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2010.04.01 13:29:34 | 000,000,000 | ---D | M] (Bytemobile Optimization Client) -- C:\PROGRAM FILES\CONGSTAR\INTERNETMANAGER\BIN\ADDON
[2012.12.08 15:32:03 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.12.08 15:32:03 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.12.08 15:32:11 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.10.20 14:41:03 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.20 14:41:03 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.10.20 14:41:03 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.20 14:41:03 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.20 14:41:03 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.20 14:41:03 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\***\AppData\Local\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\***\AppData\Local\Google\Chrome\Application\16.0.912.75\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\***\AppData\Local\Google\Chrome\Application\16.0.912.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: ActiveTouch General Plugin Container (Enabled) = C:\Users\Denise\AppData\Roaming\Mozilla\plugins\npatgpc.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AdBlock = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.14_0\
CHR - Extension: Google Mail = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.12.16 16:26:17 | 000,367,064 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.123topsearch.com
O1 - Hosts: 127.0.0.1	123topsearch.com
O1 - Hosts: 127.0.0.1	www.132.com
O1 - Hosts: 127.0.0.1	132.com
O1 - Hosts: 127.0.0.1	www.136136.net
O1 - Hosts: 127.0.0.1	136136.net
O1 - Hosts: 127.0.0.1	www.163ns.com
O1 - Hosts: 12632 more lines...
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Google BAE\BAE.dll (Your Company Name)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AML] C:\Program Files\Sony\VAIO Launcher\AML.exe (Sony)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [AnyDVD] C:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKCU..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Denise\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Programme\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: ohost.de ([www] http in Trusted sites)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (GMNRev Class)
O16 - DPF: {741747F6-83B4-4FB9-A268-8CA4010762C8} hxxp://www3.snapfish.de/SnapfishActivia2.cab (Snapfish Activia2)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://akamaicdn.webex.com/client/WBXclient-T27L10NSP30-13034/event/ieatgpc1.cab (GpcContainer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2B14BF3A-16C1-4179-A370-4A23F8F96915}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF073E29-1B3C-415F-9D76-B0371949D0DC}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\***\Desktop\Meine Bilder\broken-social-scene-feel-good-lost-wallpaper-1920x1200.jpg
O24 - Desktop BackupWallPaper: C:\Users\***\Desktop\Meine Bilder\broken-social-scene-feel-good-lost-wallpaper-1920x1200.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.03.01 22:43:30 | 000,000,121 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Data\setup.exe
O34 - HKLM BootExecute: (autocheck autochk /p \??\G:)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.12.24 17:38:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2012.12.24 17:38:18 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\Windows\System32\sdnclean.exe
[2012.12.13 17:49:41 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2012.12.08 15:32:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.11.29 10:29:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.11.29 10:29:09 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012.11.29 10:29:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
 
========== Files - Modified Within 30 Days ==========
 
[2012.12.25 13:43:04 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.25 13:21:48 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.25 13:21:48 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.25 12:53:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.25 12:28:22 | 000,002,721 | ---- | M] () -- C:\Users\***\Desktop\Outlook.lnk
[2012.12.25 11:22:41 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.25 11:22:09 | 000,000,620 | ---- | M] () -- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job
[2012.12.25 11:22:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.25 11:20:40 | 3219,169,280 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.24 19:10:32 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.12.24 18:40:33 | 000,420,336 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.12.24 18:38:57 | 000,000,616 | ---- | M] () -- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2012.12.24 18:38:57 | 000,000,446 | ---- | M] () -- C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job
[2012.12.24 12:42:02 | 000,001,356 | ---- | M] () -- C:\Users\***\AppData\Local\d3d9caps.dat
[2012.12.15 18:55:13 | 000,002,617 | ---- | M] () -- C:\Users\***\Desktop\Word.lnk
[2012.12.10 09:41:51 | 000,674,832 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.12.10 09:41:51 | 000,634,650 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.12.10 09:41:51 | 000,146,484 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.12.10 09:41:51 | 000,120,214 | ---- | M] () -- C:\Windows\System32\perfc009.dat
 
========== Files Created - No Company Name ==========
 
[2012.12.24 17:38:43 | 000,000,446 | ---- | C] () -- C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job
[2012.12.24 17:38:42 | 000,000,616 | ---- | C] () -- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2012.12.24 17:38:37 | 000,000,620 | ---- | C] () -- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job
[2012.12.24 17:38:24 | 000,001,970 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2012.12.24 14:32:40 | 3219,169,280 | -HS- | C] () -- C:\hiberfil.sys
[2012.12.12 09:15:17 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.12.12 09:15:16 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.01.12 18:31:21 | 000,000,600 | ---- | C] () -- C:\Users\***\AppData\Roaming\winscp.rnd
[2011.11.29 16:38:18 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.11.29 16:38:12 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.11.29 16:38:12 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.11.29 16:38:12 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.11.29 16:38:12 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011.07.09 13:33:09 | 000,000,016 | ---- | C] () -- C:\Users\***\persistent_state
[2011.06.19 18:30:02 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.10.30 21:31:50 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2010.09.14 16:10:49 | 000,004,096 | -H-- | C] () -- C:\Users\***\AppData\Local\keyfile3.drm
[2009.01.10 20:48:53 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2008.09.03 19:04:41 | 000,010,752 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.08.06 20:58:38 | 000,000,094 | ---- | C] () -- C:\Users\***\AppData\Local\fusioncache.dat
[2008.08.05 17:52:58 | 000,001,356 | ---- | C] () -- C:\Users\***\AppData\Local\d3d9caps.dat
 
========== ZeroAccess Check ==========
 
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2009.01.10 12:16:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ashampoo
[2010.08.09 10:23:15 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Buhl Data Service
[2012.05.28 21:20:30 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\calibre
[2011.11.17 12:45:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Canon
[2012.12.25 13:02:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Dropbox
[2011.02.05 17:12:32 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FireShot
[2011.12.08 22:24:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Flickr
[2011.03.04 20:49:10 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Internetmanager
[2009.06.01 12:23:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\InterVideo
[2010.12.16 08:51:29 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Kingston
[2009.03.01 23:50:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\proDAD
[2012.11.15 17:25:07 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SaalDesignSoftware
[2012.12.13 17:23:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Samsung
[2010.12.16 08:50:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Security_File
[2011.12.30 19:08:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Temp
[2011.04.14 16:17:35 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TomTom
[2011.10.29 16:35:29 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\webex
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 72 bytes -> C:\Windows:07656D862C93ABC0

< End of report >

--- --- ---

M-K-D-B · 26.12.2012, 12:21

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Eine Bereinigung ist mitunter mit viel Arbeit für dich verbunden. Es können mehrere Analyse- und Bereinigungsschritte erforderlich sein.
Abschließend entfernen wir wieder alle verwendeten Programme und ich gebe dir ein paar Tipps für die Zukunft mit auf den Weg.
Bei Anzeichen von illegaler Software wird der Support ohne Diskussion eingestellt.
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Führe nur Scans durch, zu denen du von mir oder einem anderen Helfer aufgefordert wirst.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software außer du wirst dazu aufgefordert.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo.
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!
Ich kann Dir niemals eine Garantie geben, dass auch ich alles finde. Eine Formatierung ist meist der schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Zitat:

Zitat von Isin

und die Scans von Spybot, Windows Defender haben nichts mehr ergeben und Antivir hat noch die Datei JAVA/Jogek.QK entdeckt. Sie liegt jetzt in Quarantäne.

Bitte alle Logdateien von Spybot, Windows Defender und Avira posten.
Bitte alle Logs mit Funden posten

Dann geht es so weiter:

Schritt 1

Starte bitte die OTL.exe.
Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Standard Ausgabe.
Setze einen Haken bei Scanne alle Benutzer.
Unter Extra Registry, wähle bitte Use SafeList.
Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:

ATTFilter

activex
netsvcs
msconfig
drivers32
safebootminimal
safebootnetwork
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
CREATERESTOREPOINT

Schließe bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Scan Button.
Am Ende des Suchlaufs werden 2 Logdateien erstellt.
Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

Schritt 2
Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop.

Starte das Tool mit Doppelklick.
Klicke nun auf den Disable Button, um die Treiber gewisser Emulatoren zu deaktivieren.
Defogger wird dich fragen "Defogger will forcefully terminate and disable all CD Emulator related drivers and processes... Continue?" bestätige diese Sicherheitsabfrage mit Ja.
Wenn der Scan beendet wurde (Finished), klicke auf OK.
Defogger fordert gegebenfalls zum Neustart auf. Bestätige dies mit OK.
Defogger erstellt auf dem Desktop eine Logdatei mit dem Namen defogger_disable.txt. Poste deren Inhalt mit deiner nächsten Antwort.

Klicke den Re-enable Button nicht ohne Anweisung!

Schritt 3
Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Vista und Win7 User mit Rechtsklick "als Admininstartor starten"
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Nein.
Klicke auf Scan
Warte bitte bis Scan finished successfully im DOS Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Schritt 4
Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen.

Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und speichere das Logfile.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ )
Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt

Poste den Inhalt bitte hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdateien von Spybot, Windows Defender und Avira,
die beiden Logdateien von OTL,
die Logdatei von DeFogger,
die Logdatei von aswMBR,
die Logdatei von TDSSKiller.

Isin · 26.12.2012, 13:22

Hallo Matthias,

vielen Dank, dass du ich meiner annimmst!

Hier das Logfile von Antivir (es war das einzige mit Fund) -

Zitat:

Exportierte Ereignisse:

24.12.2012 17:29 [System Scanner] Malware gefunden
Die Datei
'C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\69b5afc8-3e7c4
921'
enthielt einen Virus oder unerwünschtes Programm 'JAVA/Jogek.QK' [virus].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '54b521c2.qua'
verschoben!

Hier das von Log von Spybot -

Zitat:

Search results from Spybot - Search & Destroy

25.12.2012 12:25:56
Scan took 00:26:47.
59 items found.

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\***\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\86M8XT6C\a.affil.io\s\af.swf\afstorage.sol
Properties.size=52
Properties.md5=27F636F7020AF104A2406D1F4C17150F
Properties.filedate=1356431262
Properties.filedatetext=2012-12-25 11:27:41

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Firefox: *** (default)) (Browser: Cookie, nothing done)

DoubleClick: [SBI $8E73A7FB] Tracking cookie (Firefox: *** (default)) (Browser: Cookie, nothing done)

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Firefox: *** (default)) (Browser: Cookie, nothing done)

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Firefox: *** (default)) (Browser: Cookie, nothing done)

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Firefox: *** (default)) (Browser: Cookie, nothing done)

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Firefox: *** (default)) (Browser: Cookie, nothing done)

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Firefox: *** (default)) (Browser: Cookie, nothing done)

Tradedoubler: [SBI $8E73A7FB] Tracking cookie (Firefox: *** (default)) (Browser: Cookie, nothing done)

Tradedoubler: [SBI $8E73A7FB] Tracking cookie (Firefox: *** (default)) (Browser: Cookie, nothing done)

WebTrends live: [SBI $8E73A7FB] Tracking cookie (Firefox: *** (default)) (Browser: Cookie, nothing done)

Statcounter: [SBI $8E73A7FB] Tracking cookie (Firefox: *** (default)) (Browser: Cookie, nothing done)

DoubleClick: [SBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)

Log: [SBI $8E73A7FB] Activity: ntbtlog.txt (File, nothing done)
C:\Windows\ntbtlog.txt
Properties.size=451298
Properties.md5=0B0BE854F4C06CD3E2A4392812FFCE32
Properties.filedate=1356355578
Properties.filedatetext=2012-12-24 14:26:17

Log: [SBI $8E73A7FB] Install: setupact.log (File, nothing done)
C:\Windows\setupact.log
Properties.size=16194
Properties.md5=1C6053E32AC45A1F84FE36E5650D7452
Properties.filedate=1355300614
Properties.filedatetext=2012-12-12 09:23:34

Log: [SBI $8E73A7FB] Shutdown: System32\wbem\logs\wmiprov.log (File, nothing done)
C:\Windows\System32\wbem\logs\wmiprov.log
Properties.size=12086
Properties.md5=FCCC792990375DAC3A715C05648A160C
Properties.filedate=1356432674
Properties.filedatetext=2012-12-25 11:51:14

7-Zip: [SBI $12C3A52C] Folder history (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-4040590631-702980346-2514396740-1000\Software\7-ZIP\FM\FolderHistory

7-Zip: [SBI $3D5692BD] Last used folder (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-4040590631-702980346-2514396740-1000\Software\7-ZIP\FM\PanelPath0

Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4040590631-702980346-2514396740-1000\Software\Microsoft\Internet Explorer\TypedURLs

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-4040590631-702980346-2514396740-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4040590631-702980346-2514396740-1000\Software\Microsoft\Microsoft Management Console\Recent File List

MS Media Player: [SBI $E48560B4] Recent file list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4040590631-702980346-2514396740-1000\Software\Microsoft\MediaPlayer\Player\RecentFileList

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-4040590631-702980346-2514396740-1000\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS Office 11.0: [SBI $D8926923] Last typed search text (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-4040590631-702980346-2514396740-1000\Software\Microsoft\Office\11.0\Common\Search\Last Query\LastSearchText

MS Office 11.0 (Cliparts): [SBI $D2A56AFD] Last search made (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4040590631-702980346-2514396740-1000\Software\Microsoft\Office\11.0\Clip Organizer\Search\Last Query

MS Office 11.0 (Outlook): [SBI $51367364] Typed search term history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4040590631-702980346-2514396740-1000\Software\Microsoft\Office\11.0\Outlook\Office Finder

MS Office 11.0 (Picture Manager): [SBI $2379928F] Last selected folder (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-4040590631-702980346-2514396740-1000\Software\Microsoft\Office\11.0\OIS\Options\LastTreeSelection

MS Office 11.0 (PowerPoint): [SBI $81078145] Recent animation list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4040590631-702980346-2514396740-1000\Software\Microsoft\Office\11.0\PowerPoint\RecentAnimationList

MS Office 11.0 (PowerPoint): [SBI $8C3C6CBB] Recent folder list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4040590631-702980346-2514396740-1000\Software\Microsoft\Office\11.0\PowerPoint\RecentFolderList

MS Office 11.0 (Word): [SBI $4805589B] Recent template list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4040590631-702980346-2514396740-1000\Software\Microsoft\Office\11.0\Word\Recent Templates

MS Paint: [SBI $07867C39] Recent file list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4040590631-702980346-2514396740-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List

MS Wordpad: [SBI $4C02334D] Recent file list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4040590631-702980346-2514396740-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows.OpenWith: [SBI $CDE7D0A6] Open with list - .ASX extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4040590631-702980346-2514396740-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASX\OpenWithList

Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4040590631-702980346-2514396740-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList

Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4040590631-702980346-2514396740-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList

Windows Explorer: [SBI $A2C7B3CD] Recent wallpaper list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4040590631-702980346-2514396740-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Wallpaper\MRU

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4040590631-702980346-2514396740-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4040590631-702980346-2514396740-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-4040590631-702980346-2514396740-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-4040590631-702980346-2514396740-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-4040590631-702980346-2514396740-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Cookie: [SBI $49804B54] Browser: Cookie (76) (Browser: Cookie, nothing done)

Cache: [SBI $49804B54] Browser: Cache (366) (Browser: Cache, nothing done)

Verlauf: [SBI $49804B54] Browser: History (966) (Browser: History, nothing done)

Cookie: [SBI $49804B54] Browser: Cookie (2957) (Browser: Cookie, nothing done)

Cookie: [SBI $49804B54] Browser: Cookie (84) (Browser: Cookie, nothing done)

Verlauf: [SBI $49804B54] Browser: History (53667) (Browser: History, nothing done)

--- Spybot - Search & Destroy version: 2.0.12.131 DLL (build: 20121113) ---

2012-11-13 blindman.exe (2.0.12.151)
2012-11-13 explorer.exe (2.0.12.173)
2012-11-13 SDBootCD.exe (2.0.12.109)
2012-11-13 SDCleaner.exe (2.0.12.110)
2012-11-13 SDDelFile.exe (2.0.12.94)
2012-11-13 SDFiles.exe (2.0.12.135)
2012-11-13 SDFileScanHelper.exe (2.0.12.1)
2012-11-13 SDFSSvc.exe (2.0.12.205)
2012-11-13 SDImmunize.exe (2.0.12.130)
2012-11-13 SDLogReport.exe (2.0.12.107)
2012-11-13 SDPESetup.exe (2.0.12.3)
2012-11-13 SDPEStart.exe (2.0.12.86)
2012-11-13 SDPhoneScan.exe (2.0.12.27)
2012-11-13 SDPRE.exe (2.0.12.13)
2012-11-13 SDPrepPos.exe (2.0.12.10)
2012-11-13 SDQuarantine.exe (2.0.12.103)
2012-11-13 SDRootAlyzer.exe (2.0.12.116)
2012-11-13 SDSBIEdit.exe (2.0.12.39)
2012-11-13 SDScan.exe (2.0.12.173)
2012-11-13 SDScript.exe (2.0.12.53)
2012-11-13 SDSettings.exe (2.0.12.130)
2012-11-13 SDShred.exe (2.0.12.105)
2012-11-13 SDSysRepair.exe (2.0.12.101)
2012-11-13 SDTools.exe (2.0.12.150)
2012-11-13 SDTray.exe (2.0.12.127)
2012-11-13 SDUpdate.exe (2.0.12.89)
2012-11-13 SDUpdSvc.exe (2.0.12.76)
2012-11-13 SDWelcome.exe (2.0.12.126)
2012-11-13 SDWSCSvc.exe (2.0.12.2)
2012-12-24 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2012-11-13 SDAdvancedCheckLibrary.dll (2.0.12.98)
2012-11-13 SDECon32.dll (2.0.12.113)
2012-11-13 SDEvents.dll (2.0.12.2)
2012-11-13 SDFileScanLibrary.dll (2.0.12.9)
2012-11-13 SDHelper.dll (2.0.12.88)
2012-11-13 SDImmunizeLibrary.dll (2.0.12.2)
2012-11-13 SDLists.dll (2.0.12.4)
2012-11-13 SDResources.dll (2.0.12.7)
2012-11-13 SDScanLibrary.dll (2.0.12.131)
2012-11-13 SDTasks.dll (2.0.12.15)
2012-11-13 SDWinLogon.dll (2.0.12.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2012-11-13 Tools.dll (2.0.12.36)
2012-11-13 UninsSrv.dll (2.0.12.52)
2012-12-18 Includes\Adware.sbi (*)
2012-12-18 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2012-11-14 Includes\Dialer.sbi (*)
2012-11-14 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2012-11-14 Includes\Hijackers.sbi (*)
2012-11-14 Includes\HijackersC.sbi (*)
2012-11-14 Includes\iPhone.sbi (*)
2012-11-14 Includes\Keyloggers.sbi (*)
2012-12-18 Includes\KeyloggersC.sbi (*)
2012-11-21 Includes\Malware.sbi (*)
2012-12-18 Includes\MalwareC.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2012-12-19 Includes\PUPSC.sbi (*)
2012-11-14 Includes\Security.sbi (*)
2012-11-14 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2012-11-14 Includes\Spyware.sbi (*)
2012-11-14 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2012-12-11 Includes\Trojans.sbi (*)
2012-11-14 Includes\TrojansC-02.sbi (*)
2012-12-18 Includes\TrojansC-03.sbi (*)

Von Windows Defender kann ich kein Log erstellen?! - Ist wahrscheinlich auch nicht so wichtig, oder?

Ich mache dann jetzt mit Schritt 1 weiter.

M-K-D-B · 26.12.2012, 13:49

Servus,

alles klar.

Du kannst mit den Schritten weitermachen.

Isin · 26.12.2012, 14:14

Hier das OTL Log -

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 26.12.2012 13:26:17 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = c:\Users\***\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,69 Gb Available Physical Memory | 56,54% Memory free
6,19 Gb Paging File | 4,64 Gb Available in Paging File | 74,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222,73 Gb Total Space | 82,96 Gb Free Space | 37,25% Space Free | Partition Type: NTFS
 
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.12.24 14:39:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- c:\Users\***\Downloads\OTL.exe
PRC - [2012.12.20 22:58:21 | 006,750,448 | ---- | M] (SlySoft, Inc.) -- C:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe
PRC - [2012.12.03 15:35:10 | 000,967,608 | ---- | M] (Samsung) -- C:\Programme\Samsung\Kies\Kies.exe
PRC - [2012.11.13 14:08:12 | 003,487,240 | ---- | M] (Safer-Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy 2\SDUpdate.exe
PRC - [2012.11.13 14:08:08 | 003,825,176 | ---- | M] (Safer-Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2012.11.13 14:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2012.11.13 14:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2012.11.13 14:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2012.08.08 08:48:55 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.05.24 19:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.05.08 18:44:28 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.08 18:44:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.08 18:44:28 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.05.04 14:43:20 | 001,561,768 | ---- | M] (Ask) -- C:\Programme\Ask.com\Updater\Updater.exe
PRC - [2011.08.08 17:28:02 | 000,977,408 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Programme\Evernote\Evernote\EvernoteClipper.exe
PRC - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.09.13 14:56:02 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmplayer.exe
PRC - [2010.05.13 09:42:16 | 000,215,552 | ---- | M] () -- C:\Programme\congstar\Internetmanager\Bin\dbus-daemon.exe
PRC - [2010.01.09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
PRC - [2010.01.09 21:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.08.24 11:59:12 | 000,870,240 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Update 4\VAIOUpdt.exe
PRC - [2008.05.12 22:45:06 | 000,182,112 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe
PRC - [2008.05.12 22:45:06 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2008.04.30 18:41:12 | 000,815,104 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe
PRC - [2008.04.30 18:10:10 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008.04.29 05:48:08 | 000,098,304 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RTKAUDIOSERVICE.EXE
PRC - [2008.04.24 13:06:12 | 001,771,360 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Power Management\SPMgr.exe
PRC - [2008.04.24 13:06:10 | 000,411,488 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe
PRC - [2008.04.03 14:52:46 | 000,229,376 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\Network Utility\NSUService.exe
PRC - [2008.03.04 19:58:30 | 000,063,328 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Media plus\SOHDs.exe
PRC - [2008.03.04 19:56:42 | 000,350,048 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Media plus\SOHDms.exe
PRC - [2008.03.04 19:54:50 | 000,104,288 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Media plus\SOHCImp.exe
PRC - [2008.03.03 13:45:48 | 000,333,088 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
PRC - [2008.02.23 01:38:50 | 000,122,880 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\Apoint.exe
PRC - [2008.02.23 01:38:50 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\ApntEx.exe
PRC - [2008.02.15 10:56:56 | 000,147,456 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2008.02.15 10:56:54 | 000,184,320 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2008.02.15 10:56:50 | 000,274,432 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2008.01.21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2008.01.21 03:23:50 | 000,318,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
PRC - [2008.01.21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2007.11.09 16:34:28 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Programme\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
PRC - [2007.09.10 23:45:04 | 000,124,832 | ---- | M] () -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
PRC - [2007.03.26 06:00:26 | 000,069,632 | ---- | M] (Software 2000 Limited) -- C:\Windows\System32\spool\drivers\w32x86\3\HP1005MC.EXE
PRC - [2007.01.04 18:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.12.14 14:45:29 | 012,621,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\c651664b676131a29805b906e6e3a075\Kies.Theme.ni.dll
MOD - [2012.12.14 14:45:26 | 000,609,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\1ce87eeaf4631660db98892bced4e2d1\DevicePodcast.ni.dll
MOD - [2012.12.14 14:45:25 | 000,293,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\e5e647b2ca4cdc5b57ff9f1603380e0f\DeviceVideo.ni.dll
MOD - [2012.12.14 14:45:24 | 000,371,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\525e1d4bf4d56bba86a1658a9e0d083a\DevicePhoto.ni.dll
MOD - [2012.12.14 14:45:23 | 000,305,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\9abd5232b514e1c9a4b93798913bfd85\DeviceMusic.ni.dll
MOD - [2012.12.14 14:45:21 | 000,471,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\a7f0eab462c12b64065c72c79b725a40\VideoManager.ni.dll
MOD - [2012.12.14 14:45:19 | 001,493,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PodcastService\ce3a6aa746e080fd43eb5a28a11be2ce\PodcastService.ni.dll
MOD - [2012.12.14 14:45:14 | 000,623,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\3b8828ff5f509686c1bd0bdcce093484\PhotoManager.ni.dll
MOD - [2012.12.14 14:45:12 | 001,114,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\97a8edf707f9633f1e37466ad1d23f7e\Podcaster.ni.dll
MOD - [2012.12.14 14:44:57 | 000,038,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\dd8bec8239f56ab710ed7b9974cb044b\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
MOD - [2012.12.14 14:44:54 | 006,273,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\15d8f6fc75d21eafbbefdbf4c63d96fa\DeviceHost.ni.dll
MOD - [2012.12.14 14:44:31 | 001,879,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\e34e70977504b005227147c2c204039c\Phonebook.ni.dll
MOD - [2012.12.14 06:48:22 | 001,008,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CPKTMusicPlugin\f82d1513ee148f2ebeaa34560a9f3c02\CPKTMusicPlugin.ni.dll
MOD - [2012.12.14 06:48:18 | 000,941,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\ca84c400314176136195468cebc2f0a3\MusicManager.ni.dll
MOD - [2012.12.14 06:48:17 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\ae89d48e4b003ad779dc50831fe3651d\BATPlugin.ni.dll
MOD - [2012.12.14 06:48:16 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\f5e68ac69c316c6ed3fd2d32d86b9b40\Kies.Common.StoreManager.ni.dll
MOD - [2012.12.14 06:48:15 | 000,507,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\f8d1638945cfb17beeef41f95122a57e\Kies.Common.MediaDB.ni.dll
MOD - [2012.12.14 06:48:14 | 000,283,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\16ff612e95fab71238d3098306432669\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
MOD - [2012.12.14 06:48:14 | 000,064,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\bb1b8bf4cff449c07958f536e76f99d6\Kies.Common.AllShare.ni.dll
MOD - [2012.12.14 06:48:13 | 000,570,368 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\006e357b8b365cc092aebeb0715e92ba\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2012.12.14 06:48:13 | 000,189,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\d59def04f1a1362bf68d4c6290495129\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
MOD - [2012.12.14 06:48:11 | 000,622,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\7ed0d1663e2b2ba0364e980a31c78569\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
MOD - [2012.12.14 06:48:10 | 000,184,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\e67cd5af0d312ce2bc02f70086a85ab6\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2012.12.14 06:48:09 | 000,915,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\34d865a4131eedff179516d7e4ff98ba\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
MOD - [2012.12.14 06:48:07 | 001,058,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\e3ae9e006b93f18934ed38169b0d53b1\Kies.Common.DeviceService.ni.dll
MOD - [2012.12.14 06:48:05 | 002,200,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\3bc20954017591e3a683404935a9a707\Kies.Common.Multimedia.ni.dll
MOD - [2012.12.14 06:48:05 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\3423672e3ee870ee8c5ea4dccc7908b9\Interop.PRPLAYERCORELib.ni.dll
MOD - [2012.12.14 06:48:02 | 000,200,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\2787a3b938a879c11527af2645dce547\Kies.Common.MainUI.ni.dll
MOD - [2012.12.14 06:48:01 | 000,067,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\b5d9193934954f23c5b33709d029df5a\Kies.Common.DBManager.ni.dll
MOD - [2012.12.14 06:48:00 | 001,499,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\9ff0e3370c080afab9fb37039ccde6d3\Kies.Locale.ni.dll
MOD - [2012.12.14 06:48:00 | 000,274,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\21fe633b3fdc133e7a9b8d23d99ff751\Kies.Common.Util.ni.dll
MOD - [2012.12.14 06:47:57 | 000,078,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\c0ea119e4e74b68962a01ba3d4363846\Kies.MVVM.ni.dll
MOD - [2012.12.14 06:47:56 | 001,874,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\89596f42bb84a3197a871a7c3092cf06\Kies.UI.ni.dll
MOD - [2012.12.14 06:47:54 | 001,212,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\8c781ce4d99031ea3a3167c04a99487f\Kies.Interface.ni.dll
MOD - [2012.12.14 06:47:52 | 001,690,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\283e1e162d12bd85a8704a9dfa43706a\Kies.ni.exe
MOD - [2012.11.19 08:18:20 | 000,232,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\f8c8f34f4703169ec8ef159f4a3eff05\ASF_cSharpAPI.ni.dll
MOD - [2012.11.19 08:18:17 | 000,175,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\e029f4b6cd5483b6a24e612a45963b18\Interop.DevFileServiceLib.ni.dll
MOD - [2012.11.19 08:18:09 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\b2991e7347afcb391a714b60ebf7fdff\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2012.11.19 08:18:09 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\1ea9d4d50c7fdf418de5c801ed76701d\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2012.11.19 08:18:08 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\5911766cf78c9ff4b4b89dcd0d2f3899\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2012.11.19 08:17:57 | 000,743,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\0d8a6c359208a783ffc5c2209d02cd3c\ICSharpCode.SharpZipLib.ni.dll
MOD - [2012.11.19 08:17:57 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\dd6c740085ff9051f0b9d7aec72f889f\CabLib.ni.dll
MOD - [2012.11.19 08:17:55 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\2d61609a7f09305ef6e384741c3e863c\Interop.DeviceSearchLib.ni.dll
MOD - [2012.11.18 20:22:41 | 000,119,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\088676cc322e339363b855b240aa1105\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2012.11.18 20:22:21 | 000,771,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\3ebb49cd31ae72ca680a647130a33e95\System.Runtime.Remoting.ni.dll
MOD - [2012.11.17 16:26:13 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\adaaf894878905f022f824b84fcd59a8\System.ServiceProcess.ni.dll
MOD - [2012.11.17 15:57:51 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\aebb94e0eea9c39ec18a7915a711f621\System.Xaml.ni.dll
MOD - [2012.11.17 15:54:14 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\eca677743544906340bc26d89c2538e4\System.IdentityModel.Selectors.ni.dll
MOD - [2012.11.17 15:54:13 | 001,070,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\6be544795f68114304a2efdd502a52f0\System.IdentityModel.ni.dll
MOD - [2012.11.17 15:54:12 | 002,346,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\68c89abe0ec8381863d6bb18539504f9\System.Runtime.Serialization.ni.dll
MOD - [2012.11.17 15:54:09 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\949339bed597380b8fb6dd2dc97d8006\SMDiagnostics.ni.dll
MOD - [2012.11.17 15:54:08 | 017,404,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\2d737eebab3321e31bf20296d04a0e1a\System.ServiceModel.ni.dll
MOD - [2012.11.17 15:53:42 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ac05afefb5b28893d44ec451da0e6d4e\System.Web.ni.dll
MOD - [2012.11.17 15:53:34 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2633dbf77be293b3a8693b6b062fd787\System.Runtime.Remoting.ni.dll
MOD - [2012.11.17 15:53:10 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7f15d0cb7e4f87f86e425d5ffe7e8280\System.Configuration.ni.dll
MOD - [2012.11.16 06:30:56 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\741164a3e36f879b9f9e3ff176465127\System.Xml.ni.dll
MOD - [2012.11.16 06:30:17 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\22e554f2c4da53c07e4815a24e2d50e2\System.Windows.Forms.ni.dll
MOD - [2012.11.16 06:30:06 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2c6cd37f29fc76d6c2ed6bbed202d82c\System.Drawing.ni.dll
MOD - [2012.11.16 06:29:07 | 007,976,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll
MOD - [2012.11.16 06:28:46 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll
MOD - [2012.11.15 21:51:50 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7c8bffb6e42a248341d7821a8464ef0b\PresentationFramework.ni.dll
MOD - [2012.11.15 21:51:34 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74fade4c3e490c62af3d60742fb078a\PresentationCore.ni.dll
MOD - [2012.11.15 21:51:23 | 003,882,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\dfe6e22159d3f5bf61b5bfe1da6f2758\WindowsBase.ni.dll
MOD - [2012.11.15 21:46:22 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\14d2241be401f66cc1898dc5dc383b80\System.Core.ni.dll
MOD - [2012.11.15 21:46:21 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e10bbd79027aa4c1ca8950b78fd640d4\System.Xml.ni.dll
MOD - [2012.11.15 21:46:17 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\c63fe1e324904c893d2a5d02f0783658\System.Configuration.ni.dll
MOD - [2012.11.15 21:46:14 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\379599837ade465016dd5d96798b2766\System.ni.dll
MOD - [2012.11.15 21:46:05 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\dbc34d53e1fbedabecd201fe4f264961\mscorlib.ni.dll
MOD - [2012.11.13 14:06:32 | 000,158,624 | ---- | M] () -- C:\Programme\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2012.11.13 14:06:30 | 000,108,960 | ---- | M] () -- C:\Programme\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2012.11.13 14:06:28 | 000,554,400 | ---- | M] () -- C:\Programme\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
MOD - [2012.11.13 14:06:28 | 000,528,288 | ---- | M] () -- C:\Programme\Spybot - Search & Destroy 2\JSDialogPack150.bpl
MOD - [2012.11.13 14:06:28 | 000,416,160 | ---- | M] () -- C:\Programme\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2011.07.29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
MOD - [2011.04.19 11:39:46 | 000,315,392 | ---- | M] () -- C:\Programme\Evernote\Evernote\libtidy.dll
MOD - [2011.04.19 11:39:44 | 000,433,664 | ---- | M] () -- C:\Programme\Evernote\Evernote\libxml2.dll
MOD - [2010.05.13 09:42:16 | 000,215,552 | ---- | M] () -- C:\Programme\congstar\Internetmanager\Bin\dbus-daemon.exe
MOD - [2010.05.13 09:41:18 | 000,594,432 | ---- | M] () -- C:\Programme\congstar\Internetmanager\Bin\dbus-1.dll
MOD - [2009.12.09 07:54:50 | 000,495,616 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll
MOD - [2009.03.30 05:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.03.30 05:42:12 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2009.03.30 05:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.06.02 12:37:44 | 001,679,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2993.28442__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2008.06.02 12:37:44 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2993.28395__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2008.06.02 12:37:44 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2993.28458__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2008.06.02 12:37:44 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2993.28671__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2008.06.02 12:37:44 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2993.28626__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2008.06.02 12:37:44 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2993.28433__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2008.06.02 12:37:44 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2993.28569__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2008.06.02 12:37:44 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2993.28416__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2008.06.02 12:37:43 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2993.28713__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2008.06.02 12:37:29 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2993.28721__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2008.06.02 12:37:29 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2993.28410__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2008.06.02 12:37:28 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2993.28581__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2008.06.02 12:37:28 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2993.28660__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2008.06.02 12:37:28 | 000,352,256 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2993.28637__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2008.06.02 12:37:28 | 000,217,088 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2993.28465__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2008.06.02 12:37:28 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2993.28602__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2008.06.02 12:37:28 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2993.28644__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2008.06.02 12:37:28 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2993.28580__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2008.06.02 12:37:28 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2993.28635__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2008.06.02 12:37:28 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2993.28600__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2008.06.02 12:37:27 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2993.28473__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2008.06.02 12:37:27 | 000,479,232 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2993.28572__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2008.06.02 12:37:27 | 000,442,368 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2993.28563__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2008.06.02 12:37:27 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2993.28419__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2008.06.02 12:37:27 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2993.28618__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2008.06.02 12:37:27 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2993.28481__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2008.06.02 12:37:27 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2993.28570__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2008.06.02 12:37:27 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2993.28480__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2008.06.02 12:37:27 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2993.28579__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2008.06.02 12:37:27 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2993.28617__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2008.06.02 12:37:27 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2008.06.02 12:37:27 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2939.23679__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2008.06.02 12:37:27 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2939.23767__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2008.06.02 12:37:27 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2939.23710__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2008.06.02 12:37:27 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2939.23768__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2008.06.02 12:37:27 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2008.06.02 12:37:26 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2965.22300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2008.06.02 12:37:26 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2939.23668__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2008.06.02 12:37:26 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2939.23689__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2008.06.02 12:37:26 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2939.23743__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2008.06.02 12:37:26 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2939.23739__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2008.06.02 12:37:26 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2939.23740__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2008.06.02 12:37:26 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2008.06.02 12:37:26 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2008.06.02 12:37:26 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2939.23764__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2008.06.02 12:37:26 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2939.23742__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2008.06.02 12:37:26 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2939.23662__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2008.06.02 12:37:26 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2939.23708__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2008.06.02 12:37:26 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2939.23802__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2008.06.02 12:37:26 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2008.06.02 12:37:26 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2008.06.02 12:37:26 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2939.23667__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2008.06.02 12:37:26 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2939.23741__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2008.06.02 12:37:26 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2939.23717__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2008.06.02 12:37:26 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2939.23693__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2008.06.02 12:37:26 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2939.23687__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2008.06.02 12:37:26 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2939.23679__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2008.06.02 12:37:26 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2008.06.02 12:37:26 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2939.23707__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2008.06.02 12:37:26 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2939.23717__90ba9c70f846762e\DEM.OS.dll
MOD - [2008.06.02 12:37:26 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2008.06.02 12:37:26 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2939.23718__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2008.06.02 12:37:26 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2008.06.02 12:37:26 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2939.23688__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2008.06.02 12:37:26 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2939.23734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2008.06.02 12:37:26 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2939.23718__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2008.06.02 12:37:25 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2939.23711__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2008.06.02 12:37:25 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2939.23665__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2008.06.02 12:37:25 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2008.06.02 12:37:25 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2939.23709__90ba9c70f846762e\APM.Foundation.dll
MOD - [2008.06.02 12:37:25 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2008.06.02 12:37:21 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2993.28736__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2008.06.02 12:37:21 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.2993.28750__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2008.06.02 12:37:21 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2993.28385__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2008.06.02 12:37:21 | 000,005,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2993.28689_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll
MOD - [2008.06.02 12:37:20 | 001,507,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2993.28403__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2008.06.02 12:37:20 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2993.28426__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2008.06.02 12:37:20 | 000,413,696 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2993.28689__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2008.06.02 12:37:20 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2993.28700__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2008.06.02 12:37:20 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2993.28386__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2008.06.02 12:37:20 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2993.28697__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2008.06.02 12:37:20 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2939.23713__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2008.06.02 12:37:20 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2939.23678__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2008.06.02 12:37:20 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2939.23689__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2008.06.02 12:37:20 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2939.23679__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2008.06.02 12:37:20 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2939.23694__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2008.06.02 12:37:20 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2939.23712__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2008.06.02 12:37:20 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2939.23711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2008.06.02 12:37:20 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2939.23746__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2008.06.02 12:37:20 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2939.23677__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2008.06.02 12:37:19 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2993.28699__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2008.06.02 12:37:18 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2993.28387__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2008.06.02 12:37:17 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2993.28383__90ba9c70f846762e\APM.Server.dll
MOD - [2008.06.02 12:37:17 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2993.28384__90ba9c70f846762e\AEM.Server.dll
MOD - [2008.06.02 12:37:17 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2008.05.16 09:08:07 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SPMDam\3.0.0.4140__1b3c579b6925895f\SPMDam.dll
MOD - [2008.05.16 09:08:06 | 000,086,016 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SPMCommon\3.0.0.4140__e3c7096ba83f9295\SPMCommon.dll
MOD - [2008.05.13 01:05:22 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2007.12.06 14:59:56 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2007.09.09 16:07:00 | 000,151,552 | ---- | M] () -- C:\Programme\congstar\Internetmanager\Bin\libexpat.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDScannerService)
SRV - [2012.12.12 12:53:53 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.12.08 15:32:10 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.11.09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.05.08 18:44:28 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.08 18:44:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.11.16 17:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010.01.09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 21:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2008.05.16 09:06:39 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.05.12 22:45:06 | 000,182,112 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2008.04.30 18:41:12 | 000,815,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008.04.30 18:10:10 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008.04.29 05:48:08 | 000,098,304 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Windows\RTKAUDIOSERVICE.EXE -- (RtkHDMIService)
SRV - [2008.04.24 13:06:10 | 000,411,488 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV - [2008.04.03 14:52:46 | 000,229,376 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\Network Utility\NSUService.exe -- (NSUService)
SRV - [2008.03.04 19:58:30 | 000,063,328 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Media plus\SOHDs.exe -- (SOHDs)
SRV - [2008.03.04 19:56:42 | 000,350,048 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Media plus\SOHDms.exe -- (SOHDms)
SRV - [2008.03.04 19:54:50 | 000,104,288 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Media plus\SOHCImp.exe -- (SOHCImp)
SRV - [2008.03.03 13:45:48 | 000,333,088 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2008.03.03 12:27:14 | 000,087,328 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2008.02.15 10:56:56 | 000,147,456 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2008.02.15 10:56:56 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2008.02.15 10:56:54 | 000,184,320 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2008.02.15 10:56:50 | 000,274,432 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2008.01.21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.11.28 01:08:02 | 000,077,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2007.11.28 01:02:20 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2007.11.28 00:43:44 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2007.11.09 16:34:28 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Programme\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe -- (uCamMonitor)
SRV - [2007.09.10 23:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007.01.04 18:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2005.02.09 12:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Auto | Stopped] -- C:\Windows\System32\drivers\Pclepci.sys -- (PCLEPCI)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012.08.26 13:56:17 | 000,121,248 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2012.05.08 18:44:29 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.05.08 18:44:29 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.11 14:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.02.11 04:29:56 | 000,106,880 | ---- | M] (HSPADataCard Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSPADataCardusbser.sys -- (HSPADataCardusbser)
DRV - [2010.02.11 04:29:56 | 000,106,880 | ---- | M] (HSPADataCard Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSPADataCardusbnmea.sys -- (HSPADataCardusbnmea)
DRV - [2010.02.11 04:29:56 | 000,106,880 | ---- | M] (HSPADataCard Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSPADataCardusbmdm.sys -- (HSPADataCardusbmdm)
DRV - [2010.02.11 04:29:56 | 000,010,240 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2009.12.15 03:46:26 | 000,024,192 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2009.12.15 03:46:18 | 000,013,184 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BMLoad.sys -- (BMLoad)
DRV - [2008.05.13 01:05:19 | 003,537,408 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.04.28 05:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2008.04.28 02:19:55 | 000,142,624 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2008.04.22 14:43:36 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2008.04.22 01:01:11 | 000,903,680 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008.04.16 01:04:24 | 000,046,592 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\risdptsk.sys -- (risdptsk)
DRV - [2008.04.16 01:04:12 | 000,068,096 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008.02.23 01:38:50 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008.01.30 16:33:28 | 000,017,408 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2007.12.17 02:57:23 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2007.12.13 01:05:02 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.05.26 09:03:06 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007.04.17 19:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2007.01.04 10:07:00 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Sony: Community: Welcome to the Sony Community for Computing
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{A043A837-321C-490B-BD62-6579BBD7EBA1}: "URL" = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2449729
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-4040590631-702980346-2514396740-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Sony: Community: Welcome to the Sony Community for Computing
IE - HKU\S-1-5-21-4040590631-702980346-2514396740-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://partnerpage.google.com/eu.s [Binary data over 200 bytes]
IE - HKU\S-1-5-21-4040590631-702980346-2514396740-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome
IE - HKU\S-1-5-21-4040590631-702980346-2514396740-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google
IE - HKU\S-1-5-21-4040590631-702980346-2514396740-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Nachrichten - Service - Shopping bei t-online.de
IE - HKU\S-1-5-21-4040590631-702980346-2514396740-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4040590631-702980346-2514396740-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-4040590631-702980346-2514396740-1000\..\URLSearchHook: {a51a36e6-31e7-4838-9ff7-76298b527ec0} - No CLSID value found
IE - HKU\S-1-5-21-4040590631-702980346-2514396740-1000\..\SearchScopes,DefaultScope = {A043A837-321C-490B-BD62-6579BBD7EBA1}
IE - HKU\S-1-5-21-4040590631-702980346-2514396740-1000\..\SearchScopes\{4E00617F-726A-40E8-A109-B2B45FF401C7}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}
IE - HKU\S-1-5-21-4040590631-702980346-2514396740-1000\..\SearchScopes\{9A6E85CB-495D-4E32-A038-C8F7078F2B9D}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
IE - HKU\S-1-5-21-4040590631-702980346-2514396740-1000\..\SearchScopes\{A043A837-321C-490B-BD62-6579BBD7EBA1}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SNYK_de
IE - HKU\S-1-5-21-4040590631-702980346-2514396740-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2449729
IE - HKU\S-1-5-21-4040590631-702980346-2514396740-1000\..\SearchScopes\{B6E718B0-3138-40B4-87E8-BA53D4295B6F}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=12CDF9F2-2AB5-477F-B917-D14FDA84A61E&apn_sauid=CE2AC73B-41BF-49C7-86E6-D604C9B761CD
IE - HKU\S-1-5-21-4040590631-702980346-2514396740-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "softonic-Germany Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2449729&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.openintab: true
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.t-online.de/"
FF - prefs.js..extensions.enabledAddons: %7B0b457cAA-602d-484a-8fe7-c1d894a011ba%7D:0.98.26
FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68
FF - prefs.js..extensions.enabledAddons: %7BE0B8C461-F8FB-49b4-8373-FE32E9252800%7D:5.4
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0033-ABCDEFFEDCBA%7D:6.0.33
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0035-ABCDEFFEDCBA%7D:6.0.35
FF - prefs.js..extensions.enabledAddons: ff-bmboc%40bytemobile.com:4.2.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.50
FF - prefs.js..extensions.enabledItems: {1a0c9ebe-ddf9-4b76-b8a3-675c77874d37}:4.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: ff-bmboc@bytemobile.com:4.2.2
FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.88
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=12CDF9F2-2AB5-477F-B917-D14FDA84A61E&apn_ptnrs=9M&apn_sauid=CE2AC73B-41BF-49C7-86E6-D604C9B761CD&apn_dtid=OSJ000&&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.07.12 17:13:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\congstar\Internetmanager\Bin\addon [2010.04.01 13:29:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.11.15 12:44:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.25 15:01:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.25 15:01:01 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.07.12 17:13:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.25 15:01:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.25 15:01:01 | 000,000,000 | ---D | M]
 
[2011.12.08 22:24:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2011.04.14 16:17:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2011.12.08 22:24:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\uploadr@flickr.com
[2012.12.02 23:04:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4xvz1vj5.default\extensions
[2012.12.02 23:04:26 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4xvz1vj5.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2010.04.27 19:28:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4xvz1vj5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.10.02 21:43:45 | 000,000,000 | ---D | M] (Evernote Web Clipper) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4xvz1vj5.default\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
[2012.09.05 05:39:44 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4xvz1vj5.default\extensions\toolbar@ask.com
[2012.10.18 10:11:29 | 000,158,191 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\4xvz1vj5.default\extensions\{1a0c9ebe-ddf9-4b76-b8a3-675c77874d37}.xpi
[2012.11.25 09:51:10 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\4xvz1vj5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.01.22 17:01:11 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\4xvz1vj5.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2012.09.05 05:39:44 | 000,002,299 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\4xvz1vj5.default\searchplugins\askcom.xml
[2010.03.19 22:36:05 | 000,001,820 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\4xvz1vj5.default\searchplugins\bing.xml
[2011.01.08 11:23:32 | 000,000,935 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\4xvz1vj5.default\searchplugins\conduit.xml
[2012.12.08 15:32:03 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.12.08 15:32:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.12.08 15:32:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2010.04.01 13:29:34 | 000,000,000 | ---D | M] (Bytemobile Optimization Client) -- C:\PROGRAM FILES\CONGSTAR\INTERNETMANAGER\BIN\ADDON
[2012.12.08 15:32:03 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.12.08 15:32:03 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.12.08 15:32:11 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.10.20 14:41:03 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.20 14:41:03 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.10.20 14:41:03 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.20 14:41:03 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.20 14:41:03 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.20 14:41:03 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: Google
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\***\AppData\Local\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\***\AppData\Local\Google\Chrome\Application\16.0.912.75\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\***\AppData\Local\Google\Chrome\Application\16.0.912.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: ActiveTouch General Plugin Container (Enabled) = C:\Users\***\AppData\Roaming\Mozilla\plugins\npatgpc.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AdBlock = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.14_0\
CHR - Extension: Google Mail = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.12.16 16:26:17 | 000,367,064 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	²©²ÊÍ¨,²©²ÊÍø,½ð±¦²©188,²©²ÊÍ¨ÆÀ¼¶,°Ù¼ÒÀÖ,°ÂÃî°Ù¼ÒÀÖ
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	100sexlinks.com - Informationen zum Thema Sex links. Diese Website steht zum Verkauf!
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	123topsearch.com
O1 - Hosts: 127.0.0.1	123topsearch.com
O1 - Hosts: 127.0.0.1	www.132.com
O1 - Hosts: 127.0.0.1	132.com
O1 - Hosts: 127.0.0.1	www.136136.net
O1 - Hosts: 127.0.0.1	136136.net
O1 - Hosts: 127.0.0.1	,?,?,,,??,?
O1 - Hosts: 12632 more lines...
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Google BAE\BAE.dll (Your Company Name)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-4040590631-702980346-2514396740-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AML] C:\Program Files\Sony\VAIO Launcher\AML.exe (Sony)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-4040590631-702980346-2514396740-1000..\Run: [] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-4040590631-702980346-2514396740-1000..\Run: [AnyDVD] C:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - HKU\S-1-5-21-4040590631-702980346-2514396740-1000..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKU\S-1-5-21-4040590631-702980346-2514396740-1000..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-4040590631-702980346-2514396740-1000..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-4040590631-702980346-2514396740-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Denise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Denise\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Denise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Programme\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O7 - HKU\S-1-5-21-4040590631-702980346-2514396740-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4040590631-702980346-2514396740-1000\..Trusted Domains: ohost.de ([www] http in Trusted sites)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (GMNRev Class)
O16 - DPF: {741747F6-83B4-4FB9-A268-8CA4010762C8} hxxp://www3.snapfish.de/SnapfishActivia2.cab (Snapfish Activia2)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://akamaicdn.webex.com/client/WBXclient-T27L10NSP30-13034/event/ieatgpc1.cab (GpcContainer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2B14BF3A-16C1-4179-A370-4A23F8F96915}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF073E29-1B3C-415F-9D76-B0371949D0DC}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\***\Desktop\Meine Bilder\broken-social-scene-feel-good-lost-wallpaper-1920x1200.jpg
O24 - Desktop BackupWallPaper: C:\Users\***\Desktop\Meine Bilder\broken-social-scene-feel-good-lost-wallpaper-1920x1200.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.03.01 22:43:30 | 000,000,121 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Data\setup.exe
O34 - HKLM BootExecute: (autocheck autochk /p \??\G:)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\Microsoft
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\Microsoft
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {8F736E10-8E5C-4399-A532-D0C00A406227} - Microsoft .NET Framework 1.1 Security Update (KB2698023)
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - C:\Windows\System32\Adobe
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe - (Broadcom Corporation.)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpFolder: C:^Users^Denise^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk - C:\Programme\Microsoft Office\Office14\ONENOTEM.EXE - (Microsoft Corporation)
MsConfig - StartUpReg: Acrobat Assistant 8.0 - hkey= - key= - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
MsConfig - StartUpReg: AnyDVD - hkey= - key= - C:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
MsConfig - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig - StartUpReg: CanonSolutionMenu - hkey= - key= - C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
MsConfig - StartUpReg: ISBMgr.exe - hkey= - key= - C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
MsConfig - StartUpReg: KiesHelper - hkey= - key= -  File not found
MsConfig - StartUpReg: KiesPDLR - hkey= - key= - C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
MsConfig - StartUpReg: KiesTrayAgent - hkey= - key= - C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig - StartUpReg: MarketingTools - hkey= - key= - C:\Programme\Sony\Marketing Tools\MarketingTools.exe (Sony NSCE)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: SearchSettings - hkey= - key= -  File not found
MsConfig - StartUpReg: Skytel - hkey= - key= - C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
MsConfig - State: "startup" - 2
 
Drivers32: aux - wdmaud.drv (Microsoft Corporation)
Drivers32: aux1 - wdmaud.drv (Microsoft Corporation)
Drivers32: midi - wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - wdmaud.drv (Microsoft Corporation)
Drivers32: midi3 - wdmaud.drv (Microsoft Corporation)
Drivers32: midi4 - wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - midimap.dll (Microsoft Corporation)
Drivers32: mixer - wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - wdmaud.drv (Microsoft Corporation)
Drivers32: mixer3 - wdmaud.drv (Microsoft Corporation)
Drivers32: mixer4 - wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
Drivers32: MSVideo8 - VfWWDM32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - DivX.dll (DivX, Inc.)
Drivers32: VIDC.dvsd - C:\Programme\Common Files\Sony Shared\VideoLib\sonydv.dll (Sony Corporation)
Drivers32: VIDC.IYUV - iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YUY2 - msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - DivX.dll (DivX, Inc.)
Drivers32: VIDC.YVU9 - tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - msyuv.dll (Microsoft Corporation)
Drivers32: wave - wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - wdmaud.drv (Microsoft Corporation)
Drivers32: wave3 - wdmaud.drv (Microsoft Corporation)
Drivers32: wave4 - wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - msacm32.drv (Microsoft Corporation)
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.12.25 15:00:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012.12.25 15:00:39 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012.12.25 15:00:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012.12.24 17:38:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2012.12.24 17:38:18 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\Windows\System32\sdnclean.exe
[2012.12.21 09:28:09 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.21 09:28:09 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.12.13 17:49:41 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2012.12.12 09:19:16 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.12.12 09:19:16 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.12.12 09:19:15 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.12.12 09:19:15 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.12.12 09:19:15 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.12.12 09:19:14 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.12.12 09:19:14 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.12.12 09:19:13 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.12.12 09:14:52 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2012.12.12 09:14:38 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll
[2012.12.12 09:14:37 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012.12.12 09:14:36 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2012.12.12 09:14:35 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012.12.12 09:14:35 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012.12.12 09:14:35 | 000,034,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\winusb.sys
[2012.12.12 09:04:50 | 002,048,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.12.12 09:04:48 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2012.12.12 09:04:48 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnsvr.exe
[2012.12.12 09:04:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012.12.08 15:32:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.11.29 10:29:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.11.29 10:29:09 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012.11.29 10:29:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
 
========== Files - Modified Within 30 Days ==========
 
[2012.12.26 13:10:34 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.26 13:10:34 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.26 12:53:15 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.26 12:47:41 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.26 11:34:15 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.26 11:34:10 | 000,000,620 | ---- | M] () -- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job
[2012.12.26 11:34:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.26 11:33:56 | 3219,169,280 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.25 15:04:53 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.12.25 15:03:47 | 000,002,721 | ---- | M] () -- C:\Users\***\Desktop\Outlook.lnk
[2012.12.24 18:40:33 | 000,420,336 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.12.24 18:38:57 | 000,000,616 | ---- | M] () -- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2012.12.24 18:38:57 | 000,000,446 | ---- | M] () -- C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job
[2012.12.24 12:42:02 | 000,001,356 | ---- | M] () -- C:\Users\***\AppData\Local\d3d9caps.dat
[2012.12.16 14:12:54 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.12.16 11:50:29 | 000,293,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.15 18:55:13 | 000,002,617 | ---- | M] () -- C:\Users\***\Desktop\Word.lnk
[2012.12.12 12:53:51 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.12.12 12:53:51 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.12.10 09:41:51 | 000,674,832 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.12.10 09:41:51 | 000,634,650 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.12.10 09:41:51 | 000,146,484 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.12.10 09:41:51 | 000,120,214 | ---- | M] () -- C:\Windows\System32\perfc009.dat
 
========== Files Created - No Company Name ==========
 
[2012.12.24 17:38:43 | 000,000,446 | ---- | C] () -- C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job
[2012.12.24 17:38:42 | 000,000,616 | ---- | C] () -- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2012.12.24 17:38:37 | 000,000,620 | ---- | C] () -- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job
[2012.12.24 17:38:24 | 000,001,970 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2012.12.24 14:32:40 | 3219,169,280 | -HS- | C] () -- C:\hiberfil.sys
[2012.12.12 09:15:17 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.12.12 09:15:16 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.01.12 18:31:21 | 000,000,600 | ---- | C] () -- C:\Users\***\AppData\Roaming\winscp.rnd
[2011.11.29 16:38:18 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.11.29 16:38:12 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.11.29 16:38:12 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.11.29 16:38:12 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.11.29 16:38:12 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011.07.09 13:33:09 | 000,000,016 | ---- | C] () -- C:\Users\***\persistent_state
[2011.06.19 18:30:02 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.10.30 21:31:50 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2010.09.14 16:10:49 | 000,004,096 | -H-- | C] () -- C:\Users\***\AppData\Local\keyfile3.drm
[2009.01.10 20:48:53 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2008.09.03 19:04:41 | 000,010,752 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.08.06 20:58:38 | 000,000,094 | ---- | C] () -- C:\Users\***\AppData\Local\fusioncache.dat
[2008.08.05 17:52:58 | 000,001,356 | ---- | C] () -- C:\Users\***\AppData\Local\d3d9caps.dat
 
========== ZeroAccess Check ==========
 
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== Custom Scans ==========
 
< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012.12.08 15:32:09 | 000,892,008 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012.12.08 15:32:09 | 000,892,008 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012.12.08 15:32:09 | 000,892,008 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012.12.08 15:32:11 | 000,916,960 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012.12.08 15:32:11 | 000,916,960 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012.12.08 15:32:11 | 000,916,960 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011.05.01 16:46:16 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011.05.01 16:46:16 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011.05.01 16:46:16 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2012.11.14 03:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2012.11.14 03:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation)
 
< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012.12.08 15:32:09 | 000,892,008 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012.12.08 15:32:09 | 000,892,008 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012.12.08 15:32:09 | 000,892,008 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012.12.08 15:32:11 | 000,916,960 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012.12.08 15:32:11 | 000,916,960 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012.12.08 15:32:11 | 000,916,960 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011.05.01 16:46:16 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011.05.01 16:46:16 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011.05.01 16:46:16 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2012.11.14 03:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2012.11.14 03:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation)
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 72 bytes -> C:\Windows:07656D862C93ABC0

< End of report >

--- --- ---

Isin · 26.12.2012, 14:16

Und das OTL Extras Log:
OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 26.12.2012 13:26:17 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = c:\Users\***\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,69 Gb Available Physical Memory | 56,54% Memory free
6,19 Gb Paging File | 4,64 Gb Available in Paging File | 74,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222,73 Gb Total Space | 82,96 Gb Free Space | 37,25% Space Free | Partition Type: NTFS
 
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-4040590631-702980346-2514396740-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{104CD429-8A9E-4806-A116-E0C7951AAA1C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{014A4062-9D4F-4672-B62D-0BD018FDC784}" = protocol=17 | dir=in | app=c:\program files\sony\vaio media plus\sohcimp.exe | 
"{02C65070-3525-42C9-A01A-CF62B7A6E415}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe | 
"{05A51F85-82F7-4BB7-8E0E-9AD5AA3D9757}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe | 
"{08A7D120-92E6-4CED-A4D7-4AE335CCDBDA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{091345BC-1D20-4FAA-95BD-80F4AF920427}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{0F428A2D-F367-4201-A358-F41B005A88FB}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe | 
"{0FC3A64C-1B2E-4E21-ABC8-BE686D102A59}" = protocol=6 | dir=in | app=c:\program files\sony\vaio media plus\sohcimp.exe | 
"{163A6256-9519-4651-9094-3CDBB78CC926}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe | 
"{17EDAC6C-1008-40C9-9F5B-40573B5BAD9F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{1A3E3653-CFC4-4CEF-A4EB-9F93B87BD077}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | 
"{24206674-137D-4FA9-9D46-C97F929C0416}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe | 
"{2A3595AA-8E62-4DE9-ADA9-AEBD93F7242B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe | 
"{39D2D2C0-7367-42EC-B248-2D7BEC35466E}" = protocol=17 | dir=in | app=c:\users\denise\appdata\roaming\dropbox\bin\dropbox.exe | 
"{3B5A710D-41D8-422E-94A0-FF7C97590008}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe | 
"{3EDD2883-E52B-4E2F-9667-96645DAB8861}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\hp1005mc.exe | 
"{4FA26C04-8ECE-487E-9FD3-5D9EE28D037D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | 
"{54F26CC8-4ECD-4F23-BF1E-99A018BFB231}" = protocol=6 | dir=in | app=c:\program files\sony\vaio media plus\sohdms.exe | 
"{62701176-317A-44EB-8F2E-30A72D8AF700}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{66F4D264-5EB3-4ECC-B69C-353EF5A41949}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | 
"{670C2148-A0BE-4C97-86BE-528ACE5D4B0F}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 11\programs\rm.exe | 
"{69777C53-133B-42B7-A54F-750445EE760F}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{6AB62673-FEA3-40AA-80A4-21492BEAB657}" = protocol=17 | dir=in | app=c:\program files\sony\vaio media plus\vmp.exe | 
"{718D1926-657E-4DFE-9E8B-82A70B4C5FA7}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{7C0E9432-016A-4FEB-A13B-CFAFC362146F}" = protocol=17 | dir=in | app=c:\program files\sony\vaio media plus\sohdms.exe | 
"{7D727100-7385-432A-A598-1B7F1D181BBF}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe | 
"{7F490743-9ECC-4943-9357-8CC9C4BBBBB9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe | 
"{7F9200EC-7611-446F-A885-A81C3C62A4FF}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 11\programs\pmsregisterfile.exe | 
"{80DED532-2D04-49D1-A5C2-952F0F87923C}" = protocol=17 | dir=in | app=c:\users\denise\appdata\roaming\dropbox\bin\dropbox.exe | 
"{83723F85-587A-4E0D-964F-47A3CDBBA846}" = protocol=6 | dir=in | app=c:\users\denise\appdata\roaming\dropbox\bin\dropbox.exe | 
"{8BC961D3-6B32-488F-9C95-3B7AF91D5D5B}" = protocol=17 | dir=in | app=c:\program files\sony\vaio media plus\sohds.exe | 
"{8CBBC22B-253A-4F4A-A29C-214EDDECBF57}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 11\programs\studio.exe | 
"{8DC23F20-E863-4DB5-8004-5F5CE4F3F081}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\hp1005mc.exe | 
"{8DCDB4AE-A726-4120-B638-6AD151919D4C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe | 
"{90AAC9D8-450E-4E52-B145-A6F1255600A1}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe | 
"{A78E2FD1-6130-428F-AF43-D611D1582CB2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe | 
"{AB3B4E79-959C-49AC-BE55-F2ED0577B5C4}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe | 
"{C4A092E5-8AAB-47D0-87B1-68E3841E5AFB}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 11\programs\umi.exe | 
"{D98EC851-B551-455A-88F2-F81E05A3BF7A}" = protocol=6 | dir=in | app=c:\program files\sony\vaio media plus\sohds.exe | 
"{DF7E316F-314A-41E3-9E92-DC429AEF3BB5}" = protocol=6 | dir=in | app=c:\users\denise\appdata\roaming\dropbox\bin\dropbox.exe | 
"{E3B8423B-446F-450D-AE5E-915F6F8929BD}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 11\programs\umi.exe | 
"{E54D6AA6-B12C-4712-85DA-A3B74C51A4E8}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 11\programs\studio.exe | 
"{F02BC70F-7594-4C2C-BC57-7BFEB21B416D}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 11\programs\pmsregisterfile.exe | 
"{F84B6F5C-4133-4427-AED6-323C1C040F01}" = protocol=6 | dir=in | app=c:\program files\sony\vaio media plus\vmp.exe | 
"{F99F3337-2317-4936-9A08-5F43C20BD8E5}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 11\programs\rm.exe | 
"{FF77461B-9D31-488F-93E0-6CA4271920C1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe | 
"TCP Query User{14FC02C3-EB6B-4EAE-8958-67839D1055E9}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"TCP Query User{2471527F-2A0E-4AA6-8CA0-40509E7A2309}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"TCP Query User{48249261-3BD5-40AF-A070-E541A945FF3B}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"TCP Query User{7F344106-1640-4E86-9921-F89DEBB1A862}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | 
"TCP Query User{7F44FE43-235B-4E28-99F3-064E14CA781F}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"TCP Query User{EB101D22-73E9-4651-8A7D-5FC16C0707BD}C:\program files\pinnacle\studio 11\programs\studio.exe" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 11\programs\studio.exe | 
"UDP Query User{20967927-0C8F-4D96-B544-FE3A8CA28F87}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"UDP Query User{3294CCF4-AA0D-443B-ABE1-26AB13597F88}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"UDP Query User{61605EE7-6E63-4AF0-848F-AA7461471E8E}C:\program files\pinnacle\studio 11\programs\studio.exe" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 11\programs\studio.exe | 
"UDP Query User{68BD919D-2FE5-4087-A244-C76F7267E9C8}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"UDP Query User{896715C7-0885-4A48-9154-D2A26BD4C458}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | 
"UDP Query User{FEA33787-9CE5-4BC5-A070-FCA2A16A9FEC}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{02D63222-CF76-E080-74DD-975B1672ED67}" = Catalyst Control Center Core Implementation
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.1.0.2200
"{0405000A-0570-549A-A819-3BCEEAA1B40B}" = Catalyst Control Center Localization Hungarian
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06786A53-D2D8-47CD-696A-ABC83625EBFE}" = Catalyst Control Center Graphics Light
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4808" = CanoScan 5600F Scanner Driver
"{1316AEF2-E086-46C7-B1FB-8C9A39A2ABF9}" = VAIO Media plus
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{14E7357F-487C-3BF6-7955-B898AA76306E}" = CCC Help Russian
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{16D9D199-E8A0-9FBA-DDF3-0E2D7826D694}" = Catalyst Control Center Localization Spanish
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18C24BF9-3B71-6F89-848C-D78C40197216}" = CCC Help Chinese Traditional
"{1974FF16-2A0A-76AF-D948-0037B0CB8EB5}" = CCC Help Hungarian
"{1E5F3CC6-D390-4393-A2AA-6CEC04F1705A}" = Image Resizer Powertoy Clone for Windows
"{1E87F957-F850-D9F9-60F3-842955AAF519}" = Catalyst Control Center Localization German
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{2018C019-30D9-4240-8C01-0865C10DCF5A}" = Unterstützung für VAIO-Präsentation
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{26921B2E-3E62-47F9-A514-1FC4A83BD738}" = Intel(R) PROSet/Wireless WiFi-Software
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 35
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{27A2ABE9-E4C4-45DD-B9A8-CEEEE380E7E1}" = VAIO Content Metadata Intelligent Analyzing Manager
"{27D28586-BEF1-4E06-8787-3B1FC3A41489}" = congstar Internet-Manager
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2C3D71B4-85C4-5FA9-859E-1413F94EF642}" = Catalyst Control Center Localization Greek
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{310395F2-9206-159B-43B0-BF63D9F01B61}" = Catalyst Control Center Localization Turkish
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java(TM) 6 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{326DC400-1FC4-4D7D-946D-06D1EAB93200}" = VAIO Guide
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B659FAD-E772-44A3-B7E7-560FF084669F}" = VAIO Smart Network
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}" = Adobe Premiere Elements 4.0
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{42E2EEB2-D48E-4A47-B181-32ECA031D93B}" = DJ_AIO_06_F2400_SW_Min
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{43DA617D-1B80-0B70-FAA0-52AFCE853F40}" = CCC Help Finnish
"{4742375A-9BD3-46D0-E0CC-A8819D2E2C54}" = CCC Help Greek
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4BB5D5A7-F75E-D8D9-0DF8-AA2C1F188CEB}" = Catalyst Control Center Localization French
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox
"{4FCBFEDD-0CBF-A4A8-79D3-E9EAD37336C9}" = CCC Help Chinese Standard
"{54C91EE3-65B9-A931-8382-12B2A02709F8}" = ATI Catalyst Install Manager
"{5511F0CC-59E0-02AD-941F-2323DA2BB377}" = CCC Help Swedish
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{58AEE3E0-8746-11DD-81B6-000AE67E2618}_is1" = grafstat4
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5A29796D-2566-3ADA-043D-28C51CD7D4C3}" = Catalyst Control Center Localization Chinese Standard
"{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}" = 
"{5D803295-DD78-0143-F64B-0D80852C43E9}" = CCC Help Italian
"{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Energie Verwaltung
"{61FD2585-3337-8822-899B-68612742BA2F}" = Catalyst Control Center Localization Russian
"{6332AFF1-9D9A-429C-AA03-F82749FA4F49}" = SonicStage Mastering Studio
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BAA71B6-8F43-4C72-931A-3354ABB0258A}" = F2400
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6C7196C0-D205-03E7-39A1-7A23AB69F659}" = CCC Help Czech
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{70D43D66-53BF-257F-72FC-96FB33B39276}" = Catalyst Control Center Graphics Full New
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{723F5CDD-839A-FF16-4CFA-C4E0AA54A315}" = ccc-core-static
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{73BD4567-1C4E-8D45-1D28-3D469026A883}" = Skins
"{757CC5BA-BF08-46A5-8D10-64C6FDF659C6}" = VAIO Content Metadata Manager Setting
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{761205A9-41DC-48C9-2CC1-F197D372DBEF}" = Catalyst Control Center Localization Italian
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B63B2922B174135AFC0E1377DD81EC2}" = 
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects
"{7E5DEF65-FE91-02F2-C291-22741AC34017}" = Catalyst Control Center Localization Danish
"{826E7114-AA2E-59AA-1916-2A753DC49153}" = ccc-utility
"{8299B94E-7F85-65A9-B0FA-6F6A8A6D4FBD}" = Catalyst Control Center Localization Thai
"{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}" = VAIO Update 4
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{8626472F-7AD7-C83B-66FA-00E0A1C50A26}" = Catalyst Control Center Localization Swedish
"{8662A65A-A2A1-072C-708D-1C1262776F6A}" = CCC Help Thai
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C3CD8CF-7012-51E5-107B-5A8C75701E1A}" = CCC Help Dutch
"{8ED3A392-28F1-4375-97AC-BF275B5855F9}" = OpenMG Secure Module 5.0.00
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{915C56D7-1EFD-4BF3-9FBE-2B0D39F36525}" = calibre
"{918CFAF6-AC40-F2C8-C044-7FA95C8A7099}" = CCC Help German
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{92D9E57D-73A5-4329-9888-FBBC16ED8944}_is1" = UN.CO.VER. 2.0
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9356940C-B360-4EF4-BE6C-BD488350AB17}" = Scan To
"{963B65F9-89C7-48BB-8E40-E7583DEC7C8D}" = SonicStage Mastering Studio
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" = 
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}" = SonicStage Mastering Studio Plugins
"{9C71059E-6DDD-4958-9251-7A5F865B6BA0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A33E457B-5369-481F-8B53-71108AE2EB5B}" = Roxio Easy Media Creator 10 LJ
"{A4399CF4-7A3F-4E84-B763-AD352640203D}" = VAIO Content Metadata XML Interface Library
"{A55A277A-4336-FACF-991A-52B51B8FAE78}" = Catalyst Control Center Localization Finnish
"{A5D54806-AA49-BBFF-A2D3-76FA3DF096FA}" = Catalyst Control Center Localization Korean
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAE442C0-F28B-8D58-1A1C-D566F9BCD294}" = Catalyst Control Center Localization Portuguese
"{AC76BA86-1033-F400-BA7E-000000000003}" = Adobe Acrobat  8 Standard - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B6B0D277-D003-307F-CF94-5F5894DFA3F1}" = Catalyst Control Center Graphics Full Existing
"{B7C03E84-AF46-42F4-809D-D4127D9086D0}" = VAIO Edit Components 6.4
"{BC653BB7-0AF0-22E5-A895-902AD52675CA}" = CCC Help Portuguese
"{BCEABBD6-6EDA-4246-7EDB-D68FCCD78A65}" = Catalyst Control Center Graphics Previews Common
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BDD17603-CB75-0639-E6DA-0D9AA92A605B}" = CCC Help English
"{BF5F6A06-0FC3-BEC0-9CC1-54D870A9EF97}" = Catalyst Control Center Localization Chinese Traditional
"{C221CE66-9C07-8EA7-8EF6-AAD8E4588AE0}" = CCC Help French
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C455F37C-E92E-5CEB-382D-8B8EC580266F}" = Catalyst Control Center Localization Norwegian
"{C6F150F6-AE89-30C7-6256-C40CF9328602}" = Catalyst Control Center Graphics Previews Vista
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{C772B18A-FA66-481A-B546-62550C106467}" = Pop Art Studio 6.2
"{C93F4E7C-1B31-449B-A304-EF277CF55E39}" = Catalyst Control Center - Branding
"{CABEC684-96B5-E559-2048-224883F16E91}" = Saal Design Software
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBAE1EE5-F6E0-BDEF-0D49-C2AE46BE3B88}" = CCC Help Polish
"{CC56A2CB-EC09-4175-B8BD-93E2440D410B}" = VAIO Content Metadata Manager Setting
"{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}" = HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D06F5884-B439-440B-A58D-6C057C2FF8EB}" = Click to Disc
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D0AE373E-C276-432B-9A95-F8DD356A8242}" = VAIO Movie Story
"{D3AF5596-546F-5975-39B4-259A197C7E24}" = Catalyst Control Center Localization Japanese
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D90507A2-6183-497D-9075-951DC80362DA}" = VAIO Media plus
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DDF57E4A-66B5-E9CC-C2A2-F2C98C57912C}" = CCC Help Turkish
"{DEBA60A3-7CDE-48D7-993D-7C68663AEE68}" = VAIO Content Metadata Intelligent Analyzing Manager
"{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}" = SonicStage Mastering Studio Audio Filter
"{E27D2C9F-83A1-A34C-E366-26EADB9270F7}" = Catalyst Control Center Localization Dutch
"{E2E7667F-C286-D110-7F9D-FC397A2607A8}" = CCC Help Danish
"{E7821540-B8F8-304F-1B97-C43D8582EB18}" = CCC Help Norwegian
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E8CA49A5-25C6-D80A-ED46-9D48A8B5D5F5}" = CCC Help Japanese
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}" = Pinnacle Instant DVD Recorder
"{F06300A2-87AE-042F-DE0F-1A5E380877C5}" = Catalyst Control Center Localization Czech
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F20E6529-0B46-FC26-378F-62CD640A98C4}" = Catalyst Control Center Localization Polish
"{F485E43D-18B1-4B40-AF4B-EDA78E91DA80}" = Dolby Control Center
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" = 
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F754B561-ACAD-A3FA-AF54-3E5F9E662B04}" = CCC Help Korean
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.5
"{F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}" = Adobe Premiere Elements 4.0 Templates
"{F8821B6D-B6C9-E676-9B7D-3269F36A1769}" = CCC Help Spanish
"{FACD3674-FC12-4B6C-A923-E1D687704E9B}" = VAIO Content Metadata XML Interface Library
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FC5A8E68-A2E5-4E14-91FA-7A3FB83C7E23}" = Adobe Photoshop Lightroom 4.2
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"7-Zip" = 7-Zip 9.20
"Adobe Acrobat  8 Standard - English, Français, Deutsch" = Adobe Acrobat 8.3.1 Standard
"Adobe Acrobat  8 Standard - English, Français, Deutsch_831" = Adobe Acrobat 8.3.1 - CPSID_83708
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AnyDVD" = AnyDVD
"Ashampoo Burning Studio 2009_is1" = Ashampoo Burning Studio 2009
"Atlantis - Sky Patrol" = Atlantis - Sky Patrol (remove only)
"Avira AntiVir Desktop" = Avira Free Antivirus
"Big Fish Games Center" = Big Fish Games Center
"Big Fish Games Sudoku" = Big Fish Games Sudoku (remove only)
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"CloneDVD2" = CloneDVD2
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"DebugMode Wink" = DebugMode Wink
"Digital Editions" = Adobe Digital Editions
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX-Setup
"dt icon module" = 
"Flickr Uploadr" = Flickr Uploadr 3.2.1
"gtfirstboot Setting Request" = 
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP LaserJet M1005 MFP" = HP LaserJet M1005
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{8ED3A392-28F1-4375-97AC-BF275B5855F9}" = OpenMG Secure Module 5.0.00
"Mahjong Towers Eternity EU" = Mahjong Towers Eternity EU (remove only)
"MarketingTools" = Vaio Marketing Tools
"MFU Module" = 
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"Mystery Case Files - Prime Suspects" = Mystery Case Files - Prime Suspects (remove only)
"NAVIGON Fresh" = NAVIGON Fresh 3.4.1
"Office14.SingleImage" = Microsoft Office Professional 2010
"PremElem40" = Adobe Premiere Elements 4.0
"PremElem40Templates" = Adobe Premiere Elements 4.0 Templates
"proDAD-Heroglyph-2.5" = proDAD Heroglyph 2.5
"proDAD-Vitascene-1.0" = proDAD Vitascene 1.0
"ProInst" = Intel PROSet Wireless
"SaalDesignSoftware" = Saal Design Software
"Shop for HP Supplies" = Shop for HP Supplies
"VAIO Help and Support" = 
"VAIO_My Club VAIO" = My Club VAIO
"Virtual Villagers" = Virtual Villagers (remove only)
"VLC media player" = VLC media player 2.0.1
"winscp3_is1" = WinSCP 4.3.6
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-4040590631-702980346-2514396740-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"ActiveTouchMeetingClient" = WebEx
"Amazon Kindle" = Amazon Kindle
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"MyFreeCodec" = MyFreeCodec
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 24.12.2012 13:36:48 | Computer Name = ***-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 24.12.2012 13:40:17 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 24.12.2012 13:41:14 | Computer Name = ***-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 24.12.2012 13:42:38 | Computer Name = ***-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung mcserver.exe, Version 1.0.0.0, Zeitstempel 0x4c1324dc,
 fehlerhaftes Modul dbus-1.dll, Version 0.0.0.0, Zeitstempel 0x4bebbb2c, Ausnahmecode
 0x40000015, Fehleroffset 0x00055d8f,  Prozess-ID 0x1738, Anwendungsstartzeit 01cde1fde1936a51.
 
Error - 25.12.2012 06:22:49 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 25.12.2012 06:22:52 | Computer Name = ***-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 25.12.2012 06:46:35 | Computer Name = ***-PC | Source = Windows Search Service | ID = 3024
Description = 
 
Error - 26.12.2012 06:34:22 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 26.12.2012 06:34:23 | Computer Name = ***-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 26.12.2012 06:41:11 | Computer Name = ***-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung mcserver.exe, Version 1.0.0.0, Zeitstempel 0x4c1324dc,
 fehlerhaftes Modul dbus-1.dll, Version 0.0.0.0, Zeitstempel 0x4bebbb2c, Ausnahmecode
 0x40000015, Fehleroffset 0x00055d8f,  Prozess-ID 0x14b4, Anwendungsstartzeit 01cde35497b19f9f.
 
[ System Events ]
Error - 24.12.2012 13:40:27 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 24.12.2012 13:40:59 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 24.12.2012 13:40:59 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 24.12.2012 13:43:48 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 25.12.2012 06:22:50 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 25.12.2012 06:25:40 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 26.12.2012 06:34:23 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 26.12.2012 06:35:28 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 26.12.2012 06:35:29 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 26.12.2012 06:38:03 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7009
Description = 
 
 
< End of report >

--- --- ---
[/QUOTE]

Schritt 2:

Zitat:

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:21 on 26/12/2012 (***)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...

-=E.O.F=-

Schritt 3:

Zitat:

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-26 14:37:58
-----------------------------
14:37:58.768 OS Version: Windows 6.0.6002 Service Pack 2
14:37:58.768 Number of processors: 2 586 0x1706
14:37:58.769 ComputerName: ***-PC UserName: ***
14:38:01.361 Initialize success
14:38:20.060 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
14:38:20.068 Disk 0 Vendor: Hitachi_ BBFO Size: 238475MB BusType: 3
14:38:20.077 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000065
14:38:20.086 Disk 1 Vendor: RICOH 01 Size: 238475MB BusType: 0
14:38:20.095 Disk 2 \Device\Harddisk2\DR2 -> \Device\00000066
14:38:20.106 Disk 2 Vendor: RICOH 02 Size: 238475MB BusType: 0
14:38:20.147 Disk 0 MBR read successfully
14:38:20.153 Disk 0 MBR scan
14:38:20.160 Disk 0 Windows VISTA default MBR code
14:38:20.167 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 10395 MB offset 2048
14:38:20.182 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 228078 MB offset 21291008
14:38:20.191 Disk 0 scanning sectors +488395120
14:38:20.281 Disk 0 scanning C:\Windows\system32\drivers
14:38:29.715 Service scanning
14:38:55.465 Modules scanning
14:39:05.219 Disk 0 trace - called modules:
14:39:05.333 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys
14:39:05.353 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x868999c0]
14:39:05.376 3 CLASSPNP.SYS[8afa38b3] -> nt!IofCallDriver -> [0x862b5460]
14:39:05.397 5 acpi.sys[806986bc] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x85d50028]
14:39:05.421 Scan finished successfully
14:41:26.754 Disk 0 MBR has been saved successfully to "C:\Users\***\Downloads\MBR.dat"
14:41:26.763 The log file has been saved successfully to "C:\Users\***\Downloads\aswMBR.txt"

Und Schritt 4:

Zitat:

14:48:04.0251 8040 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:48:04.0432 8040 ============================================================
14:48:04.0432 8040 Current date / time: 2012/12/26 14:48:04.0432
14:48:04.0432 8040 SystemInfo:
14:48:04.0432 8040
14:48:04.0432 8040 OS Version: 6.0.6002 ServicePack: 2.0
14:48:04.0432 8040 Product type: Workstation
14:48:04.0432 8040 ComputerName: ***-PC
14:48:04.0432 8040 UserName: ***
14:48:04.0432 8040 Windows directory: C:\Windows
14:48:04.0432 8040 System windows directory: C:\Windows
14:48:04.0432 8040 Processor architecture: Intel x86
14:48:04.0432 8040 Number of processors: 2
14:48:04.0432 8040 Page size: 0x1000
14:48:04.0432 8040 Boot type: Normal boot
14:48:04.0432 8040 ============================================================
14:48:05.0532 8040 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:48:05.0545 8040 ============================================================
14:48:05.0545 8040 \Device\Harddisk0\DR0:
14:48:05.0546 8040 MBR partitions:
14:48:05.0546 8040 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x144E000, BlocksNum 0x1BD77170
14:48:05.0546 8040 ============================================================
14:48:05.0613 8040 C: <-> \Device\Harddisk0\DR0\Partition1
14:48:05.0613 8040 ============================================================
14:48:05.0613 8040 Initialize success
14:48:05.0613 8040 ============================================================
14:48:22.0197 6248 ============================================================
14:48:22.0197 6248 Scan started
14:48:22.0197 6248 Mode: Manual;
14:48:22.0198 6248 ============================================================
14:48:23.0255 6248 ================ Scan system memory ========================
14:48:23.0255 6248 System memory - ok
14:48:23.0255 6248 ================ Scan services =============================
14:48:23.0461 6248 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
14:48:23.0517 6248 ACPI - ok
14:48:23.0638 6248 [ E8FE4FCE23D2809BD88BCC1D0F8408CE ] AdobeActiveFileMonitor6.0 C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
14:48:23.0659 6248 AdobeActiveFileMonitor6.0 - ok
14:48:23.0768 6248 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
14:48:23.0819 6248 AdobeARMservice - ok
14:48:23.0943 6248 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:48:24.0003 6248 AdobeFlashPlayerUpdateSvc - ok
14:48:24.0071 6248 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:48:24.0095 6248 adp94xx - ok
14:48:24.0144 6248 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:48:24.0194 6248 adpahci - ok
14:48:24.0226 6248 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
14:48:24.0274 6248 adpu160m - ok
14:48:24.0318 6248 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:48:24.0335 6248 adpu320 - ok
14:48:24.0386 6248 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:48:24.0398 6248 AeLookupSvc - ok
14:48:24.0459 6248 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
14:48:24.0516 6248 AFD - ok
14:48:24.0579 6248 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:48:24.0593 6248 agp440 - ok
14:48:24.0622 6248 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
14:48:24.0658 6248 aic78xx - ok
14:48:24.0707 6248 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
14:48:24.0747 6248 ALG - ok
14:48:24.0813 6248 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
14:48:24.0858 6248 aliide - ok
14:48:24.0908 6248 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
14:48:24.0949 6248 amdagp - ok
14:48:25.0003 6248 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
14:48:25.0014 6248 amdide - ok
14:48:25.0041 6248 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
14:48:25.0083 6248 AmdK7 - ok
14:48:25.0134 6248 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:48:25.0181 6248 AmdK8 - ok
14:48:25.0264 6248 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
14:48:25.0284 6248 AntiVirSchedulerService - ok
14:48:25.0325 6248 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
14:48:25.0376 6248 AntiVirService - ok
14:48:25.0497 6248 [ 8D3A55F7B7BE6B374479E5195F477226 ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys
14:48:25.0519 6248 AnyDVD - ok
14:48:25.0570 6248 [ 9325E49D555D8F12CE1735227DBB3D80 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
14:48:25.0614 6248 ApfiltrService - ok
14:48:25.0678 6248 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
14:48:25.0718 6248 Appinfo - ok
14:48:25.0781 6248 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
14:48:25.0823 6248 arc - ok
14:48:25.0868 6248 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:48:25.0916 6248 arcsas - ok
14:48:25.0962 6248 [ 6B3AB8F67B37402A4174CAA45002903E ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
14:48:26.0001 6248 ArcSoftKsUFilter - ok
14:48:26.0150 6248 [ 40C145F12FF461A0220303BDA134F598 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:48:26.0192 6248 aspnet_state - ok
14:48:26.0243 6248 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:48:26.0252 6248 AsyncMac - ok
14:48:26.0310 6248 [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi C:\Windows\system32\drivers\atapi.sys
14:48:26.0347 6248 atapi - ok
14:48:26.0436 6248 [ 24B4375ABBC587BDC99E231383C16B8F ] athr C:\Windows\system32\DRIVERS\athr.sys
14:48:26.0491 6248 athr - ok
14:48:26.0567 6248 [ 33E222C68F71A06CB11C5EEB49D91F02 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
14:48:26.0602 6248 Ati External Event Utility - ok
14:48:26.0779 6248 [ EB4652A6571EF66C6C778E1007623F1F ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:48:26.0848 6248 atikmdag - ok
14:48:26.0940 6248 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:48:26.0978 6248 AudioEndpointBuilder - ok
14:48:26.0985 6248 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
14:48:26.0987 6248 Audiosrv - ok
14:48:27.0038 6248 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
14:48:27.0074 6248 avgntflt - ok
14:48:27.0130 6248 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
14:48:27.0138 6248 avipbb - ok
14:48:27.0156 6248 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
14:48:27.0186 6248 avkmgr - ok
14:48:27.0240 6248 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
14:48:27.0269 6248 Beep - ok
14:48:27.0355 6248 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
14:48:27.0370 6248 BFE - ok
14:48:27.0454 6248 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
14:48:27.0513 6248 BITS - ok
14:48:27.0558 6248 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
14:48:27.0564 6248 blbdrive - ok
14:48:27.0611 6248 [ 70CD6D71FC48BBBD1385D7B35AEADECC ] BMLoad C:\Windows\system32\drivers\BMLoad.sys
14:48:27.0616 6248 BMLoad - ok
14:48:27.0669 6248 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:48:27.0677 6248 bowser - ok
14:48:27.0706 6248 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
14:48:27.0711 6248 BrFiltLo - ok
14:48:27.0728 6248 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
14:48:27.0732 6248 BrFiltUp - ok
14:48:27.0763 6248 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
14:48:27.0799 6248 Browser - ok
14:48:27.0830 6248 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
14:48:27.0837 6248 Brserid - ok
14:48:27.0864 6248 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
14:48:27.0903 6248 BrSerWdm - ok
14:48:27.0935 6248 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
14:48:27.0942 6248 BrUsbMdm - ok
14:48:27.0971 6248 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
14:48:27.0975 6248 BrUsbSer - ok
14:48:28.0047 6248 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
14:48:28.0081 6248 BthEnum - ok
14:48:28.0130 6248 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:48:28.0135 6248 BTHMODEM - ok
14:48:28.0149 6248 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:48:28.0184 6248 BthPan - ok
14:48:28.0239 6248 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
14:48:28.0264 6248 BTHPORT - ok
14:48:28.0329 6248 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
14:48:28.0373 6248 BthServ - ok
14:48:28.0408 6248 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
14:48:28.0444 6248 BTHUSB - ok
14:48:28.0495 6248 [ 7F256D9FFF384FAA40DF5DB1CB8531D9 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
14:48:28.0511 6248 btwaudio - ok
14:48:28.0538 6248 [ D87D990131AAABB27D4046790292366D ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
14:48:28.0578 6248 btwavdt - ok
14:48:28.0619 6248 [ D02F4D18AA4A38F781BEEFEB1892E144 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
14:48:28.0659 6248 btwl2cap - ok
14:48:28.0696 6248 [ E1771C0FB49E747AB2B2D29DA50510F9 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
14:48:28.0737 6248 btwrchid - ok
14:48:28.0794 6248 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:48:28.0806 6248 cdfs - ok
14:48:28.0875 6248 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:48:28.0921 6248 cdrom - ok
14:48:29.0008 6248 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
14:48:29.0055 6248 CertPropSvc - ok
14:48:29.0091 6248 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
14:48:29.0127 6248 circlass - ok
14:48:29.0179 6248 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
14:48:29.0229 6248 CLFS - ok
14:48:29.0269 6248 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:48:29.0287 6248 clr_optimization_v2.0.50727_32 - ok
14:48:29.0414 6248 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:48:29.0436 6248 clr_optimization_v4.0.30319_32 - ok
14:48:29.0474 6248 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:48:29.0483 6248 CmBatt - ok
14:48:29.0498 6248 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:48:29.0540 6248 cmdide - ok
14:48:29.0580 6248 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:48:29.0591 6248 Compbatt - ok
14:48:29.0601 6248 COMSysApp - ok
14:48:29.0616 6248 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:48:29.0653 6248 crcdisk - ok
14:48:29.0685 6248 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
14:48:29.0697 6248 Crusoe - ok
14:48:29.0746 6248 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:48:29.0750 6248 CryptSvc - ok
14:48:29.0830 6248 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:48:29.0848 6248 DcomLaunch - ok
14:48:29.0898 6248 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:48:29.0947 6248 DfsC - ok
14:48:30.0094 6248 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
14:48:30.0178 6248 DFSR - ok
14:48:30.0263 6248 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
14:48:30.0288 6248 Dhcp - ok
14:48:30.0365 6248 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
14:48:30.0373 6248 disk - ok
14:48:30.0427 6248 [ F206E28ED74C491FD5D7C0A1119CE37F ] DMICall C:\Windows\system32\DRIVERS\DMICall.sys
14:48:30.0432 6248 DMICall - ok
14:48:30.0497 6248 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:48:30.0535 6248 Dnscache - ok
14:48:30.0587 6248 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:48:30.0597 6248 dot3svc - ok
14:48:30.0646 6248 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
14:48:30.0704 6248 Dot4 - ok
14:48:30.0740 6248 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
14:48:30.0747 6248 Dot4Print - ok
14:48:30.0776 6248 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
14:48:30.0786 6248 dot4usb - ok
14:48:30.0837 6248 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
14:48:30.0881 6248 DPS - ok
14:48:30.0943 6248 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:48:30.0981 6248 drmkaud - ok
14:48:31.0044 6248 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:48:31.0091 6248 DXGKrnl - ok
14:48:31.0132 6248 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
14:48:31.0139 6248 E1G60 - ok
14:48:31.0178 6248 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
14:48:31.0214 6248 EapHost - ok
14:48:31.0306 6248 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
14:48:31.0356 6248 Ecache - ok
14:48:31.0412 6248 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:48:31.0472 6248 ehRecvr - ok
14:48:31.0510 6248 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
14:48:31.0556 6248 ehSched - ok
14:48:31.0588 6248 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
14:48:31.0623 6248 ehstart - ok
14:48:31.0681 6248 [ D71233D7CCC2E64F8715A20428D5A33B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
14:48:31.0692 6248 ElbyCDIO - ok
14:48:31.0740 6248 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:48:31.0760 6248 elxstor - ok
14:48:31.0839 6248 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
14:48:31.0914 6248 EMDMgmt - ok
14:48:31.0967 6248 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:48:31.0975 6248 ErrDev - ok
14:48:32.0052 6248 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
14:48:32.0116 6248 EventSystem - ok
14:48:32.0204 6248 [ 306AC856622864C761CBDB5E816BB9D8 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
14:48:32.0286 6248 EvtEng - ok
14:48:32.0377 6248 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
14:48:32.0424 6248 exfat - ok
14:48:32.0470 6248 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:48:32.0486 6248 fastfat - ok
14:48:32.0526 6248 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:48:32.0567 6248 fdc - ok
14:48:32.0610 6248 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
14:48:32.0645 6248 fdPHost - ok
14:48:32.0688 6248 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
14:48:32.0734 6248 FDResPub - ok
14:48:32.0778 6248 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:48:32.0824 6248 FileInfo - ok
14:48:32.0859 6248 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:48:32.0899 6248 Filetrace - ok
14:48:32.0976 6248 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:48:33.0015 6248 FLEXnet Licensing Service - ok
14:48:33.0047 6248 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:48:33.0086 6248 flpydisk - ok
14:48:33.0155 6248 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:48:33.0175 6248 FltMgr - ok
14:48:33.0302 6248 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
14:48:33.0377 6248 FontCache - ok
14:48:33.0489 6248 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:48:33.0526 6248 FontCache3.0.0.0 - ok
14:48:33.0578 6248 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:48:33.0611 6248 Fs_Rec - ok
14:48:33.0662 6248 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:48:33.0710 6248 gagp30kx - ok
14:48:33.0778 6248 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
14:48:33.0843 6248 gpsvc - ok
14:48:33.0946 6248 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
14:48:33.0975 6248 gupdate - ok
14:48:34.0010 6248 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
14:48:34.0012 6248 gupdatem - ok
14:48:34.0056 6248 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:48:34.0109 6248 HdAudAddService - ok
14:48:34.0175 6248 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:48:34.0234 6248 HDAudBus - ok
14:48:34.0267 6248 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:48:34.0276 6248 HidBth - ok
14:48:34.0296 6248 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
14:48:34.0306 6248 HidIr - ok
14:48:34.0361 6248 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
14:48:34.0375 6248 hidserv - ok
14:48:34.0407 6248 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:48:34.0416 6248 HidUsb - ok
14:48:34.0446 6248 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:48:34.0491 6248 hkmsvc - ok
14:48:34.0527 6248 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
14:48:34.0582 6248 HpCISSs - ok
14:48:34.0756 6248 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
14:48:34.0816 6248 hpqcxs08 - ok
14:48:34.0858 6248 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
14:48:34.0911 6248 hpqddsvc - ok
14:48:34.0987 6248 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
14:48:35.0041 6248 HSFHWAZL - ok
14:48:35.0129 6248 [ 7BC42C65B5C6281777C1A7605B253BA8 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
14:48:35.0167 6248 HSF_DPV - ok
14:48:35.0238 6248 [ 65D37BD167DD35C3663F4F097174E891 ] HSPADataCardusbmdm C:\Windows\system32\DRIVERS\HSPADataCardusbmdm.sys
14:48:35.0282 6248 HSPADataCardusbmdm - ok
14:48:35.0337 6248 [ 65D37BD167DD35C3663F4F097174E891 ] HSPADataCardusbnmea C:\Windows\system32\DRIVERS\HSPADataCardusbnmea.sys
14:48:35.0350 6248 HSPADataCardusbnmea - ok
14:48:35.0369 6248 [ 65D37BD167DD35C3663F4F097174E891 ] HSPADataCardusbser C:\Windows\system32\DRIVERS\HSPADataCardusbser.sys
14:48:35.0384 6248 HSPADataCardusbser - ok
14:48:35.0438 6248 [ 9EBF2D102CCBB6BCDFBF1B7922F8BA2E ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
14:48:35.0458 6248 HSXHWAZL - ok
14:48:35.0531 6248 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:48:35.0584 6248 HTTP - ok
14:48:35.0611 6248 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
14:48:35.0623 6248 i2omp - ok
14:48:35.0655 6248 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:48:35.0695 6248 i8042prt - ok
14:48:35.0774 6248 [ DB0CC620B27A928D968C1A1E9CD9CB87 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
14:48:35.0779 6248 iaStor - ok
14:48:35.0810 6248 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
14:48:35.0854 6248 iaStorV - ok
14:48:35.0967 6248 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:48:36.0037 6248 idsvc - ok
14:48:36.0063 6248 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:48:36.0075 6248 iirsp - ok
14:48:36.0155 6248 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
14:48:36.0226 6248 IKEEXT - ok
14:48:36.0340 6248 [ 2DEB2538C9372568BB67B5FDF2359790 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
14:48:36.0422 6248 IntcAzAudAddService - ok
14:48:36.0476 6248 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
14:48:36.0510 6248 intelide - ok
14:48:36.0577 6248 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:48:36.0624 6248 intelppm - ok
14:48:36.0671 6248 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:48:36.0689 6248 IPBusEnum - ok
14:48:36.0714 6248 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:48:36.0725 6248 IpFilterDriver - ok
14:48:36.0788 6248 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:48:36.0803 6248 iphlpsvc - ok
14:48:36.0807 6248 IpInIp - ok
14:48:36.0843 6248 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
14:48:36.0877 6248 IPMIDRV - ok
14:48:36.0907 6248 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
14:48:36.0943 6248 IPNAT - ok
14:48:36.0976 6248 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:48:36.0980 6248 IRENUM - ok
14:48:37.0002 6248 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:48:37.0009 6248 isapnp - ok
14:48:37.0080 6248 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
14:48:37.0102 6248 iScsiPrt - ok
14:48:37.0118 6248 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
14:48:37.0131 6248 iteatapi - ok
14:48:37.0154 6248 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
14:48:37.0161 6248 iteraid - ok
14:48:37.0200 6248 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
14:48:37.0212 6248 IviRegMgr - ok
14:48:37.0227 6248 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:48:37.0238 6248 kbdclass - ok
14:48:37.0254 6248 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
14:48:37.0257 6248 kbdhid - ok
14:48:37.0286 6248 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
14:48:37.0319 6248 KeyIso - ok
14:48:37.0378 6248 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:48:37.0419 6248 KSecDD - ok
14:48:37.0472 6248 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
14:48:37.0511 6248 KtmRm - ok
14:48:37.0555 6248 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
14:48:37.0565 6248 LanmanServer - ok
14:48:37.0641 6248 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:48:37.0686 6248 LanmanWorkstation - ok
14:48:37.0739 6248 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:48:37.0745 6248 lltdio - ok
14:48:37.0772 6248 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:48:37.0808 6248 lltdsvc - ok
14:48:37.0840 6248 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:48:37.0846 6248 lmhosts - ok
14:48:37.0864 6248 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:48:37.0872 6248 LSI_FC - ok
14:48:37.0890 6248 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:48:37.0930 6248 LSI_SAS - ok
14:48:37.0976 6248 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:48:38.0017 6248 LSI_SCSI - ok
14:48:38.0053 6248 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
14:48:38.0062 6248 luafv - ok
14:48:38.0109 6248 [ A3E700D78EEC390F1208098CDCA5C6B6 ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus.sys
14:48:38.0117 6248 MarvinBus - ok
14:48:38.0135 6248 [ D5673785903639D186DC345FF86F423F ] massfilter C:\Windows\system32\drivers\massfilter.sys
14:48:38.0165 6248 massfilter - ok
14:48:38.0218 6248 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:48:38.0260 6248 Mcx2Svc - ok
14:48:38.0306 6248 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
14:48:38.0310 6248 mdmxsdk - ok
14:48:38.0346 6248 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
14:48:38.0386 6248 megasas - ok
14:48:38.0431 6248 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
14:48:38.0443 6248 MegaSR - ok
14:48:38.0487 6248 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
14:48:38.0497 6248 MMCSS - ok
14:48:38.0514 6248 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
14:48:38.0548 6248 Modem - ok
14:48:38.0593 6248 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:48:38.0599 6248 monitor - ok
14:48:38.0619 6248 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:48:38.0625 6248 mouclass - ok
14:48:38.0637 6248 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\drivers\mouhid.sys
14:48:38.0676 6248 mouhid - ok
14:48:38.0710 6248 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
14:48:38.0717 6248 MountMgr - ok
14:48:38.0799 6248 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:48:38.0839 6248 MozillaMaintenance - ok
14:48:38.0892 6248 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
14:48:38.0911 6248 mpio - ok
14:48:38.0934 6248 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:48:38.0980 6248 mpsdrv - ok
14:48:39.0048 6248 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
14:48:39.0102 6248 MpsSvc - ok
14:48:39.0157 6248 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
14:48:39.0200 6248 Mraid35x - ok
14:48:39.0257 6248 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:48:39.0304 6248 MRxDAV - ok
14:48:39.0367 6248 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:48:39.0383 6248 mrxsmb - ok
14:48:39.0422 6248 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:48:39.0466 6248 mrxsmb10 - ok
14:48:39.0512 6248 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:48:39.0550 6248 mrxsmb20 - ok
14:48:39.0617 6248 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
14:48:39.0659 6248 msahci - ok
14:48:39.0728 6248 [ 31FE01F58C95E1296F909BE52DEA63DD ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
14:48:39.0768 6248 MSCSPTISRV - ok
14:48:39.0812 6248 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:48:39.0858 6248 msdsm - ok
14:48:39.0901 6248 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
14:48:39.0956 6248 MSDTC - ok
14:48:39.0973 6248 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:48:40.0012 6248 Msfs - ok
14:48:40.0073 6248 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:48:40.0118 6248 msisadrv - ok
14:48:40.0162 6248 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:48:40.0180 6248 MSiSCSI - ok
14:48:40.0189 6248 msiserver - ok
14:48:40.0235 6248 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:48:40.0274 6248 MSKSSRV - ok
14:48:40.0342 6248 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:48:40.0350 6248 MSPCLOCK - ok
14:48:40.0381 6248 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:48:40.0389 6248 MSPQM - ok
14:48:40.0405 6248 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:48:40.0423 6248 MsRPC - ok
14:48:40.0446 6248 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:48:40.0479 6248 mssmbios - ok
14:48:40.0512 6248 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:48:40.0515 6248 MSTEE - ok
14:48:40.0566 6248 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
14:48:40.0600 6248 Mup - ok
14:48:40.0645 6248 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
14:48:40.0650 6248 napagent - ok
14:48:40.0719 6248 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:48:40.0725 6248 NativeWifiP - ok
14:48:40.0800 6248 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:48:40.0848 6248 NDIS - ok
14:48:40.0903 6248 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:48:40.0939 6248 NdisTapi - ok
14:48:40.0969 6248 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:48:41.0005 6248 Ndisuio - ok
14:48:41.0092 6248 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:48:41.0130 6248 NdisWan - ok
14:48:41.0170 6248 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:48:41.0176 6248 NDProxy - ok
14:48:41.0254 6248 [ 510C138564486FF926A3F773205C63D1 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:48:41.0289 6248 Net Driver HPZ12 - ok
14:48:41.0334 6248 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:48:41.0375 6248 NetBIOS - ok
14:48:41.0497 6248 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
14:48:41.0518 6248 netbt - ok
14:48:41.0564 6248 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
14:48:41.0568 6248 Netlogon - ok
14:48:41.0626 6248 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
14:48:41.0658 6248 Netman - ok
14:48:41.0684 6248 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
14:48:41.0693 6248 netprofm - ok
14:48:41.0751 6248 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:48:41.0776 6248 NetTcpPortSharing - ok
14:48:41.0928 6248 [ E559EA9138C77B5D1FDA8C558764A25F ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
14:48:42.0003 6248 NETw5v32 - ok
14:48:42.0070 6248 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:48:42.0158 6248 nfrd960 - ok
14:48:42.0195 6248 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:48:42.0254 6248 NlaSvc - ok
14:48:42.0327 6248 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:48:42.0333 6248 Npfs - ok
14:48:42.0375 6248 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
14:48:42.0427 6248 nsi - ok
14:48:42.0524 6248 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:48:42.0554 6248 nsiproxy - ok
14:48:42.0624 6248 [ 2D5B276B70F560DC3B199206276B852B ] NSUService C:\Program Files\Sony\Network Utility\NSUService.exe
14:48:42.0637 6248 NSUService - ok
14:48:42.0887 6248 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:48:42.0929 6248 Ntfs - ok
14:48:42.0969 6248 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
14:48:43.0012 6248 ntrigdigi - ok
14:48:43.0072 6248 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
14:48:43.0079 6248 Null - ok
14:48:43.0133 6248 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:48:43.0149 6248 nvraid - ok
14:48:43.0201 6248 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:48:43.0256 6248 nvstor - ok
14:48:43.0330 6248 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:48:43.0347 6248 nv_agp - ok
14:48:43.0355 6248 NwlnkFlt - ok
14:48:43.0367 6248 NwlnkFwd - ok
14:48:43.0506 6248 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
14:48:43.0568 6248 ohci1394 - ok
14:48:43.0817 6248 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:48:43.0836 6248 ose - ok
14:48:44.0427 6248 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:48:44.0818 6248 osppsvc - ok
14:48:44.0899 6248 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
14:48:44.0925 6248 p2pimsvc - ok
14:48:44.0940 6248 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
14:48:44.0948 6248 p2psvc - ok
14:48:44.0972 6248 [ F5395A0379C51283471354402F7B949D ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
14:48:45.0007 6248 PACSPTISVR - ok
14:48:45.0053 6248 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
14:48:45.0087 6248 Parport - ok
14:48:45.0127 6248 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:48:45.0164 6248 partmgr - ok
14:48:45.0214 6248 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
14:48:45.0254 6248 Parvdm - ok
14:48:45.0335 6248 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
14:48:45.0423 6248 PcaSvc - ok
14:48:45.0478 6248 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
14:48:45.0499 6248 pci - ok
14:48:45.0516 6248 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
14:48:45.0555 6248 pciide - ok
14:48:45.0608 6248 [ 1BEBE7DE8508A02650CDCE45C664C2A2 ] PCLEPCI C:\Windows\system32\drivers\pclepci.sys
14:48:45.0644 6248 PCLEPCI - ok
14:48:45.0702 6248 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:48:45.0730 6248 pcmcia - ok
14:48:45.0799 6248 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:48:45.0855 6248 PEAUTH - ok
14:48:45.0944 6248 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
14:48:45.0986 6248 pla - ok
14:48:46.0053 6248 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:48:46.0125 6248 PlugPlay - ok
14:48:46.0185 6248 [ 37E5E8FFBAD35605DAEEC3224EA0E465 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:48:46.0222 6248 Pml Driver HPZ12 - ok
14:48:46.0266 6248 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
14:48:46.0274 6248 PNRPAutoReg - ok
14:48:46.0288 6248 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
14:48:46.0296 6248 PNRPsvc - ok
14:48:46.0424 6248 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:48:46.0493 6248 PolicyAgent - ok
14:48:46.0544 6248 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:48:46.0580 6248 PptpMiniport - ok
14:48:46.0629 6248 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
14:48:46.0665 6248 Processor - ok
14:48:46.0716 6248 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
14:48:46.0759 6248 ProfSvc - ok
14:48:46.0786 6248 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
14:48:46.0788 6248 ProtectedStorage - ok
14:48:46.0844 6248 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
14:48:46.0852 6248 PSched - ok
14:48:46.0909 6248 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
14:48:46.0918 6248 PxHelp20 - ok
14:48:46.0991 6248 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:48:47.0009 6248 ql2300 - ok
14:48:47.0057 6248 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:48:47.0098 6248 ql40xx - ok
14:48:47.0159 6248 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
14:48:47.0188 6248 QWAVE - ok
14:48:47.0201 6248 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:48:47.0212 6248 QWAVEdrv - ok
14:48:47.0223 6248 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:48:47.0260 6248 RasAcd - ok
14:48:47.0297 6248 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
14:48:47.0317 6248 RasAuto - ok
14:48:47.0393 6248 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:48:47.0406 6248 Rasl2tp - ok
14:48:47.0507 6248 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
14:48:47.0610 6248 RasMan - ok
14:48:47.0700 6248 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:48:47.0748 6248 RasPppoe - ok
14:48:47.0813 6248 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:48:47.0826 6248 RasSstp - ok
14:48:47.0897 6248 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:48:47.0919 6248 rdbss - ok
14:48:47.0975 6248 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:48:47.0983 6248 RDPCDD - ok
14:48:48.0020 6248 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
14:48:48.0066 6248 rdpdr - ok
14:48:48.0075 6248 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:48:48.0129 6248 RDPENCDD - ok
14:48:48.0212 6248 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:48:48.0229 6248 RDPWD - ok
14:48:48.0256 6248 [ 001B4278407F4303EFC902A2B16F2453 ] regi C:\Windows\system32\drivers\regi.sys
14:48:48.0292 6248 regi - ok
14:48:48.0389 6248 [ B33C88DF3588ACF250B87A004526C31A ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
14:48:48.0466 6248 RegSrvc - ok
14:48:48.0571 6248 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:48:48.0590 6248 RemoteAccess - ok
14:48:48.0716 6248 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:48:48.0737 6248 RemoteRegistry - ok
14:48:48.0857 6248 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:48:48.0874 6248 RFCOMM - ok
14:48:48.0940 6248 [ F2993908BE03181C781228DAADC55230 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
14:48:48.0952 6248 rimsptsk - ok
14:48:49.0007 6248 [ CD6E3947724B337F9BC1524B710231EB ] risdptsk C:\Windows\system32\DRIVERS\risdptsk.sys
14:48:49.0046 6248 risdptsk - ok
14:48:49.0083 6248 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
14:48:49.0127 6248 RpcLocator - ok
14:48:49.0175 6248 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
14:48:49.0188 6248 RpcSs - ok
14:48:49.0239 6248 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:48:49.0252 6248 rspndr - ok
14:48:49.0328 6248 [ F175B21F20B60958295F9221F11FED9F ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
14:48:49.0345 6248 RTHDMIAzAudService - ok
14:48:49.0413 6248 [ BDE341367892DCFDFAAA2BD854C5E338 ] RtkHDMIService C:\Windows\RtkAudioService.exe
14:48:49.0456 6248 RtkHDMIService - ok
14:48:49.0508 6248 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
14:48:49.0513 6248 SamSs - ok
14:48:49.0566 6248 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:48:49.0581 6248 sbp2port - ok
14:48:49.0657 6248 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:48:49.0677 6248 SCardSvr - ok
14:48:49.0802 6248 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
14:48:49.0851 6248 Schedule - ok
14:48:49.0874 6248 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:48:49.0876 6248 SCPolicySvc - ok
14:48:49.0927 6248 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
14:48:49.0969 6248 sdbus - ok
14:48:50.0045 6248 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:48:50.0066 6248 SDRSVC - ok
14:48:50.0182 6248 [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
14:48:50.0335 6248 SDScannerService - ok
14:48:50.0404 6248 [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
14:48:50.0468 6248 SDUpdateService - ok
14:48:50.0507 6248 [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
14:48:50.0508 6248 SDWSCService - ok
14:48:50.0525 6248 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:48:50.0553 6248 secdrv - ok
14:48:50.0597 6248 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
14:48:50.0634 6248 seclogon - ok
14:48:50.0664 6248 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
14:48:50.0702 6248 SENS - ok
14:48:50.0732 6248 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
14:48:50.0735 6248 Serenum - ok
14:48:50.0760 6248 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
14:48:50.0767 6248 Serial - ok
14:48:50.0796 6248 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:48:50.0800 6248 sermouse - ok
14:48:50.0860 6248 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
14:48:50.0902 6248 SessionEnv - ok
14:48:50.0944 6248 [ 8B7C1768D2CDE2E02E09A66563DDFD16 ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
14:48:50.0982 6248 SFEP - ok
14:48:51.0019 6248 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:48:51.0024 6248 sffdisk - ok
14:48:51.0042 6248 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:48:51.0076 6248 sffp_mmc - ok
14:48:51.0109 6248 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:48:51.0139 6248 sffp_sd - ok
14:48:51.0179 6248 [ C33BFBD6E9E41FCD9FFEF9729E9FAED6 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:48:51.0184 6248 sfloppy - ok
14:48:51.0220 6248 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:48:51.0233 6248 SharedAccess - ok
14:48:51.0305 6248 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:48:51.0360 6248 ShellHWDetection - ok
14:48:51.0394 6248 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
14:48:51.0408 6248 sisagp - ok
14:48:51.0442 6248 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
14:48:51.0449 6248 SiSRaid2 - ok
14:48:51.0482 6248 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:48:51.0520 6248 SiSRaid4 - ok
14:48:51.0611 6248 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
14:48:51.0657 6248 SkypeUpdate - ok
14:48:51.0817 6248 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
14:48:51.0949 6248 slsvc - ok
14:48:51.0963 6248 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
14:48:51.0970 6248 SLUINotify - ok
14:48:52.0043 6248 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:48:52.0080 6248 Smb - ok
14:48:52.0132 6248 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:48:52.0138 6248 SNMPTRAP - ok
14:48:52.0207 6248 [ D07F3C6FE13D291A5C27E2D2E8EC7F52 ] SOHCImp C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe
14:48:52.0227 6248 SOHCImp - ok
14:48:52.0267 6248 [ E507433FC0237B9FFCB6F97235E8C47D ] SOHDms C:\Program Files\Sony\VAIO Media plus\SOHDms.exe
14:48:52.0312 6248 SOHDms - ok
14:48:52.0343 6248 [ E674417F83C45679CD9C804D77E485A3 ] SOHDs C:\Program Files\Sony\VAIO Media plus\SOHDs.exe
14:48:52.0351 6248 SOHDs - ok
14:48:52.0424 6248 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
14:48:52.0430 6248 spldr - ok
14:48:52.0494 6248 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
14:48:52.0510 6248 Spooler - ok
14:48:52.0541 6248 [ CF7532B3D8061F3D0A9C6478850DABD4 ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
14:48:52.0552 6248 SPTISRV - ok
14:48:52.0623 6248 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:48:52.0636 6248 srv - ok
14:48:52.0679 6248 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:48:52.0695 6248 srv2 - ok
14:48:52.0714 6248 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:48:52.0758 6248 srvnet - ok
14:48:52.0804 6248 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:48:52.0819 6248 SSDPSRV - ok
14:48:52.0846 6248 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
14:48:52.0877 6248 ssmdrv - ok
14:48:52.0948 6248 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:48:52.0960 6248 SstpSvc - ok
14:48:53.0023 6248 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
14:48:53.0043 6248 stisvc - ok
14:48:53.0073 6248 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:48:53.0079 6248 swenum - ok
14:48:53.0141 6248 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
14:48:53.0195 6248 swprv - ok
14:48:53.0237 6248 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
14:48:53.0245 6248 Symc8xx - ok
14:48:53.0265 6248 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
14:48:53.0271 6248 Sym_hi - ok
14:48:53.0290 6248 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
14:48:53.0296 6248 Sym_u3 - ok
14:48:53.0360 6248 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
14:48:53.0382 6248 SysMain - ok
14:48:53.0405 6248 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:48:53.0416 6248 TabletInputService - ok
14:48:53.0472 6248 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:48:53.0520 6248 TapiSrv - ok
14:48:53.0558 6248 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
14:48:53.0594 6248 TBS - ok
14:48:53.0670 6248 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:48:53.0708 6248 Tcpip - ok
14:48:53.0739 6248 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
14:48:53.0747 6248 Tcpip6 - ok
14:48:53.0783 6248 [ 74905EBCBB8CBDB1F3C0B1778BBCB4BC ] tcpipBM C:\Windows\system32\drivers\tcpipBM.sys
14:48:53.0817 6248 tcpipBM - ok
14:48:53.0854 6248 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:48:53.0859 6248 tcpipreg - ok
14:48:53.0888 6248 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:48:53.0892 6248 TDPIPE - ok
14:48:53.0909 6248 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:48:53.0944 6248 TDTCP - ok
14:48:53.0997 6248 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:48:54.0004 6248 tdx - ok
14:48:54.0053 6248 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:48:54.0095 6248 TermDD - ok
14:48:54.0161 6248 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
14:48:54.0221 6248 TermService - ok
14:48:54.0262 6248 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
14:48:54.0271 6248 Themes - ok
14:48:54.0286 6248 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
14:48:54.0292 6248 THREADORDER - ok
14:48:54.0320 6248 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
14:48:54.0371 6248 TrkWks - ok
14:48:54.0463 6248 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:48:54.0476 6248 TrustedInstaller - ok
14:48:54.0509 6248 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:48:54.0542 6248 tssecsrv - ok
14:48:54.0593 6248 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
14:48:54.0602 6248 tunmp - ok
14:48:54.0644 6248 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:48:54.0654 6248 tunnel - ok
14:48:54.0686 6248 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:48:54.0731 6248 uagp35 - ok
14:48:54.0779 6248 [ 3D7B66D3B25DFBDE7B96114E2D8EF2B3 ] uCamMonitor C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
14:48:54.0837 6248 uCamMonitor - ok
14:48:54.0900 6248 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:48:54.0919 6248 udfs - ok
14:48:54.0949 6248 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:48:55.0003 6248 UI0Detect - ok
14:48:55.0011 6248 UIUSys - ok
14:48:55.0060 6248 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:48:55.0103 6248 uliagpkx - ok
14:48:55.0140 6248 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
14:48:55.0158 6248 uliahci - ok
14:48:55.0187 6248 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
14:48:55.0203 6248 UlSata - ok
14:48:55.0219 6248 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
14:48:55.0237 6248 ulsata2 - ok
14:48:55.0252 6248 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:48:55.0258 6248 umbus - ok
14:48:55.0291 6248 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
14:48:55.0340 6248 upnphost - ok
14:48:55.0386 6248 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:48:55.0422 6248 usbccgp - ok
14:48:55.0477 6248 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:48:55.0512 6248 usbcir - ok
14:48:55.0550 6248 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:48:55.0600 6248 usbehci - ok
14:48:55.0660 6248 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:48:55.0678 6248 usbhub - ok
14:48:55.0704 6248 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:48:55.0740 6248 usbohci - ok
14:48:55.0788 6248 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:48:55.0798 6248 usbprint - ok
14:48:55.0859 6248 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:48:55.0895 6248 usbscan - ok
14:48:55.0933 6248 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:48:55.0979 6248 USBSTOR - ok
14:48:56.0025 6248 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:48:56.0035 6248 usbuhci - ok
14:48:56.0087 6248 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
14:48:56.0132 6248 usbvideo - ok
14:48:56.0188 6248 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
14:48:56.0206 6248 UxSms - ok
14:48:56.0266 6248 [ D6E6BD77F4BEDD695553D5EA1FFDFCDD ] VAIO Entertainment TV Device Arbitration Service C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
14:48:56.0286 6248 VAIO Entertainment TV Device Arbitration Service - ok
14:48:56.0370 6248 [ 693A3FDD279C345105FFF9DDE277849B ] VAIO Event Service C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
14:48:56.0395 6248 VAIO Event Service - ok
14:48:56.0446 6248 [ 3497E634FAFA17550446A91C6721B567 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
14:48:56.0496 6248 VAIO Power Management - ok
14:48:56.0547 6248 [ 9D1DD772DEC13B0DA3289A4B266B0767 ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
14:48:56.0577 6248 VcmIAlzMgr - ok
14:48:56.0618 6248 [ C44A507B71EB90E8299D2AF8FB05AE5B ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
14:48:56.0636 6248 VcmXmlIfHelper - ok
14:48:56.0642 6248 Vcsw - ok
14:48:56.0707 6248 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
14:48:56.0724 6248 vds - ok
14:48:56.0749 6248 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:48:56.0754 6248 vga - ok
14:48:56.0774 6248 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
14:48:56.0780 6248 VgaSave - ok
14:48:56.0801 6248 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
14:48:56.0808 6248 viaagp - ok
14:48:56.0822 6248 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
14:48:56.0858 6248 ViaC7 - ok
14:48:56.0897 6248 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
14:48:56.0926 6248 viaide - ok
14:48:56.0961 6248 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:48:56.0994 6248 volmgr - ok
14:48:57.0054 6248 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:48:57.0098 6248 volmgrx - ok
14:48:57.0152 6248 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:48:57.0200 6248 volsnap - ok
14:48:57.0271 6248 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:48:57.0289 6248 vsmraid - ok
14:48:57.0378 6248 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
14:48:57.0427 6248 VSS - ok
14:48:57.0464 6248 [ 0E2357BF1E70E17EFB13D08FCE74FCBC ] VzCdbSvc C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
14:48:57.0478 6248 VzCdbSvc - ok
14:48:57.0493 6248 [ 99BCBD7F13779AE06944776A8D4BB5C3 ] VzFw C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
14:48:57.0533 6248 VzFw - ok
14:48:57.0584 6248 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
14:48:57.0629 6248 W32Time - ok
14:48:57.0671 6248 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:48:57.0711 6248 WacomPen - ok
14:48:57.0749 6248 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
14:48:57.0762 6248 Wanarp - ok
14:48:57.0769 6248 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:48:57.0772 6248 Wanarpv6 - ok
14:48:57.0809 6248 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:48:57.0847 6248 wcncsvc - ok
14:48:57.0879 6248 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:48:57.0921 6248 WcsPlugInService - ok
14:48:57.0952 6248 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
14:48:57.0958 6248 Wd - ok
14:48:58.0029 6248 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:48:58.0080 6248 Wdf01000 - ok
14:48:58.0126 6248 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:48:58.0138 6248 WdiServiceHost - ok
14:48:58.0142 6248 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:48:58.0146 6248 WdiSystemHost - ok
14:48:58.0207 6248 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
14:48:58.0250 6248 WebClient - ok
14:48:58.0315 6248 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:48:58.0380 6248 Wecsvc - ok
14:48:58.0429 6248 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:48:58.0453 6248 wercplsupport - ok
14:48:58.0518 6248 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
14:48:58.0549 6248 WerSvc - ok
14:48:58.0589 6248 [ F9AD3A5E3FD7E0BDB18B8202B0FDD4E4 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
14:48:58.0606 6248 WimFltr - ok
14:48:58.0717 6248 [ 5A77AC34A0FFB70CE8B35B524FEDE9BA ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
14:48:58.0749 6248 winachsf - ok
14:48:58.0817 6248 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
14:48:58.0843 6248 WinDefend - ok
14:48:58.0850 6248 WinHttpAutoProxySvc - ok
14:48:58.0942 6248 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:48:58.0957 6248 Winmgmt - ok
14:48:59.0049 6248 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
14:48:59.0095 6248 WinRM - ok
14:48:59.0187 6248 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:48:59.0248 6248 Wlansvc - ok
14:48:59.0318 6248 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:48:59.0347 6248 WmiAcpi - ok
14:48:59.0410 6248 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:48:59.0422 6248 wmiApSrv - ok
14:48:59.0515 6248 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
14:48:59.0554 6248 WMPNetworkSvc - ok
14:48:59.0612 6248 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:48:59.0624 6248 WPCSvc - ok
14:48:59.0681 6248 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:48:59.0694 6248 WPDBusEnum - ok
14:48:59.0757 6248 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
14:48:59.0763 6248 WpdUsb - ok
14:48:59.0951 6248 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:48:59.0994 6248 WPFFontCache_v0400 - ok
14:49:00.0045 6248 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:49:00.0081 6248 ws2ifsl - ok
14:49:00.0128 6248 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
14:49:00.0131 6248 wscsvc - ok
14:49:00.0135 6248 WSearch - ok
14:49:00.0219 6248 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
14:49:00.0293 6248 wuauserv - ok
14:49:00.0353 6248 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:49:00.0359 6248 WudfPf - ok
14:49:00.0391 6248 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:49:00.0398 6248 WUDFRd - ok
14:49:00.0422 6248 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:49:00.0464 6248 wudfsvc - ok
14:49:00.0501 6248 [ 88AF537264F2B818DA15479CEEAF5D7C ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
14:49:00.0505 6248 XAudio - ok
14:49:00.0526 6248 [ 15A317674A08DF26BE65164D959E9203 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
14:49:00.0541 6248 XAudioService - ok
14:49:00.0588 6248 [ 67E3D2AF24C3873E6A0CAC89DE78D63B ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
14:49:00.0622 6248 yukonwlh - ok
14:49:00.0629 6248 ================ Scan global ===============================
14:49:00.0671 6248 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
14:49:00.0766 6248 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
14:49:00.0801 6248 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
14:49:00.0869 6248 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
14:49:00.0874 6248 [Global] - ok
14:49:00.0874 6248 ================ Scan MBR ==================================
14:49:00.0886 6248 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
14:49:01.0407 6248 \Device\Harddisk0\DR0 - ok
14:49:01.0407 6248 ================ Scan VBR ==================================
14:49:01.0410 6248 [ 696284FF6D7557DB3C8A7C538AEDE973 ] \Device\Harddisk0\DR0\Partition1
14:49:01.0411 6248 \Device\Harddisk0\DR0\Partition1 - ok
14:49:01.0411 6248 ============================================================
14:49:01.0411 6248 Scan finished
14:49:01.0411 6248 ============================================================
14:49:01.0422 6584 Detected object count: 0
14:49:01.0422 6584 Actual detected object count: 0
14:51:57.0908 6940 Deinitialize success

M-K-D-B · 26.12.2012, 20:49

Servus,

Schritt 1
Ich sehe, dass du sog. Registry Cleaner auf dem System hast.
In deinem Fall CCleaner.

Wir empfehlen auf keinen Fall jegliche Art von Registry Cleaner.

Der Grund ist ganz einfach:

Die Registry ist das Hirn des Systems. Funktioniert das Hirn nicht, funktioniert der Rest nicht mehr wirklich.
Wir lesen oft genug von Hilfesuchenden, dass deren System nach der Nutzung von Registry Cleanern nicht mehr booted.

Wie soll der Cleaner zu 100% wissen ob der Eintrag benötigt wird oder nicht ?
Es ist vollkommen egal ob ein paar verwaiste Registry Einträge am System sind oder nicht.
Auch die dauernd angepriesene Beschleunigung des Systems ist nur bedingt wahr. Du würdest es nicht merken.

Ein sogenanntes False Positive von einem Cleaner kann auch dein System unbootbar machen.
Zerstörst Du die Registry, zerstörst Du Windows.

Ich empfehle dir hiermit die oben genannte Software zu deinstallieren und in Zukunft auf solche Art von Software zu verzichten.
Am Ende empfehle ich dir ein anderes Tool, mit dem du deine temporären Dateien entfernen kannst.

Schritt 2
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.

Bitte lade Junkware Removal Tool auf Deinen Desktop.

Starte das Tool mit Doppelklick. Vista und 7 Nutzer bitte mit Rechtsklick "als Administrator ausführen" starten.
Das Tool wird sich öffnen und mit dem Scan beginnen.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 4
Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von JRT,
die Logdatei von ComboFix.

Isin · 28.12.2012, 14:04

Danke für die Hinweise, Matthias!

Ich habe den CC-Cleaner deinstalliert - es ging tatsächlich um die Systembeschleunigung...

Na ja, schade, dass das nicht klappt.

Apropos - im Moment braucht der Rechner noch länger als sonst, um hochzufahren. Ich nehme an, dass das an der Prozedur liegt?! Ich habe z.B. bei defogger keine Einstellungen verändert - ich tue gerade stumpf, was du mir sagst, nicht mehr und nicht weniger.

Schritt 2:

Zitat:

# AdwCleaner v2.103 - Datei am 28/12/2012 um 13:40:49 erstellt
# Aktualisiert am 25/12/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : *** - ***-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\***\Downloads\adwcleaner.exe
# Option [Löschen]

**** [Dienste] ****

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4xvz1vj5.default\searchplugins\Askcom.xml
Datei Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4xvz1vj5.default\searchplugins\Conduit.xml
Ordner Gelöscht : C:\Program Files\Ask.com
Ordner Gelöscht : C:\ProgramData\APN
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\Users\Denise\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\Denise\AppData\Roaming\Mozilla\Firefox\Profiles\4xvz1vj5.default\extensions\toolbar@ask.com
Ordner Gelöscht : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\APN
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\Ask.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKCU\Software\PIP
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\Software\APN
Schlüssel Gelöscht : HKLM\Software\AskToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2449729
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{13F3917B56CD4C25848BDC69916971BB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3FC7CBBC4C1E11DCA1A752EA55D89593}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{62369F2F77534556AEF4C58152E3BDE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7585478E9D9B42108671C12F8714CEFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7B63B2922B174135AFC0E1377DD81EC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B13A7C41581B411290FBC0395694E2A9}
Schlüssel Gelöscht : HKLM\Software\PIP
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run []
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v17.0.1 (de)

Datei : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4xvz1vj5.default\prefs.js

C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4xvz1vj5.default\user.js ... Gelöscht !

Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
Gelöscht : user_pref("browser.search.defaultenginename", "Ask.com");
Gelöscht : user_pref("browser.search.defaultthis.engineName", "softonic-Germany Customized Web Search");
Gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2449729&Sea[...]
Gelöscht : user_pref("browser.search.order.1", "Ask.com");
Gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "");
Gelöscht : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_u[...]

-\\ Google Chrome v16.0.912.75

Datei : C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [9728 octets] - [28/12/2012 13:40:49]

########## EOF - C:\AdwCleaner[S1].txt - [9788 octets] ##########

Schritt 3:

Zitat:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.2.8 (12.27.2012:2)
OS: Windows Vista (TM) Home Premium x86
Ran by Denise on 28.12.2012 at 14:11:00,75
Blog: Malware Analysis and Removal
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ FireFox

Successfully deleted the following from C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\4xvz1vj5.default\prefs.js

user_pref("extensions.crossrider.bic", "131335ba2b8cbbac2ba6c5c94c5ea6ab");

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.12.2012 at 14:13:27,14
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Und Schritt 4:

Combofix Logfile:

Code:

ATTFilter

ComboFix 12-12-28.02 - *** 28.12.2012  14:25:58.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.3069.1894 [GMT 1:00]
ausgeführt von:: c:\users\***\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
 ADS - Windows: deleted 72 bytes in 1 streams. 
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\programdata\Roaming\Intel\Wireless\Settings\Settings.ini
c:\windows\system32\System32\MASetupCleaner.exe
c:\windows\system32\System32\muzapp.exe
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
c:\windows\unin0407.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-11-28 bis 2012-12-28  ))))))))))))))))))))))))))))))
.
.
2012-12-28 13:37 . 2012-12-28 13:38	--------	d-----w-	c:\users\Denise\AppData\Local\temp
2012-12-28 13:37 . 2012-12-28 13:37	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-12-28 13:19 . 2012-12-28 13:19	60872	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A750E40-AD8C-40E6-B008-5A9564D978DC}\offreg.dll
2012-12-28 13:10 . 2012-12-28 13:10	--------	d-----w-	c:\windows\ERUNT
2012-12-28 13:10 . 2012-12-28 13:10	--------	d-----w-	C:\JRT
2012-12-28 12:37 . 2012-11-08 18:00	6812136	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A750E40-AD8C-40E6-B008-5A9564D978DC}\mpengine.dll
2012-12-25 14:01 . 2012-12-25 14:01	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2012-12-25 14:01 . 2012-12-25 14:01	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2012-12-25 14:01 . 2012-12-25 14:01	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2012-12-25 14:01 . 2012-12-25 14:01	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2012-12-25 14:01 . 2012-12-25 14:01	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2012-12-25 14:01 . 2012-12-25 14:01	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2012-12-25 14:01 . 2012-12-25 14:01	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2012-12-25 14:00 . 2012-12-25 14:01	--------	d-----w-	c:\program files\QuickTime
2012-12-25 14:00 . 2012-12-25 14:00	--------	d-----w-	c:\programdata\Apple Computer
2012-12-21 08:28 . 2012-12-16 13:12	34304	----a-w-	c:\windows\system32\atmlib.dll
2012-12-21 08:28 . 2012-12-16 10:50	293376	----a-w-	c:\windows\system32\atmfd.dll
2012-12-12 08:14 . 2012-07-26 02:46	9728	----a-w-	c:\windows\system32\Wdfres.dll
2012-12-12 08:14 . 2012-07-26 02:32	155136	----a-w-	c:\windows\system32\drivers\WUDFRd.sys
2012-12-12 08:14 . 2012-07-26 02:33	66560	----a-w-	c:\windows\system32\drivers\WUDFPf.sys
2012-12-12 08:14 . 2009-07-14 12:12	16896	----a-w-	c:\windows\system32\winusb.dll
2012-12-12 08:14 . 2012-07-26 03:20	73216	----a-w-	c:\windows\system32\WUDFSvc.dll
2012-12-12 08:14 . 2012-07-26 03:20	172032	----a-w-	c:\windows\system32\WUDFPlatform.dll
2012-12-12 08:14 . 2012-07-26 03:39	526952	----a-w-	c:\windows\system32\drivers\Wdf01000.sys
2012-12-12 08:14 . 2012-07-26 03:39	47720	----a-w-	c:\windows\system32\drivers\WdfLdr.sys
2012-12-12 08:14 . 2012-07-26 03:21	196608	----a-w-	c:\windows\system32\WUDFHost.exe
2012-12-12 08:14 . 2012-07-26 03:20	613888	----a-w-	c:\windows\system32\WUDFx.dll
2012-12-12 08:14 . 2012-07-26 03:20	38912	----a-w-	c:\windows\system32\WUDFCoinstaller.dll
2012-12-12 08:14 . 2009-07-13 23:51	34944	----a-w-	c:\windows\system32\drivers\winusb.sys
2012-12-12 08:04 . 2012-11-13 01:36	2048000	----a-w-	c:\windows\system32\win32k.sys
2012-12-12 08:04 . 2012-11-02 10:18	376320	----a-w-	c:\windows\system32\dpnet.dll
2012-12-12 08:04 . 2012-11-02 08:26	23040	----a-w-	c:\windows\system32\dpnsvr.exe
2012-12-12 08:04 . 2012-08-21 11:47	224640	----a-w-	c:\windows\system32\drivers\volsnap.sys
2012-12-12 08:04 . 2012-11-13 01:29	2048	----a-w-	c:\windows\system32\tzres.dll
2012-11-29 09:29 . 2012-11-29 09:29	--------	d-----w-	c:\program files\Common Files\Skype
2012-11-29 09:29 . 2012-11-29 09:29	--------	d-----r-	c:\program files\Skype
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-12 11:53 . 2012-04-03 07:11	697272	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-12-12 11:53 . 2011-05-24 05:54	73656	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-29 03:09 . 2011-11-29 15:38	330240	----a-w-	c:\windows\MASetupCaller.dll
2012-10-29 03:09 . 2011-11-29 15:38	45320	----a-w-	c:\windows\system32\MAMACExtract.dll
2012-10-25 02:12 . 2012-10-25 02:12	94208	----a-w-	c:\windows\system32\QuickTimeVR.qtx
2012-10-25 02:12 . 2012-10-25 02:12	69632	----a-w-	c:\windows\system32\QuickTime.qts
2012-10-17 17:31 . 2012-10-17 17:32	93672	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2012-10-17 17:30 . 2012-07-06 15:25	821736	----a-w-	c:\windows\system32\npdeployJava1.dll
2012-10-17 17:30 . 2010-05-06 08:21	746984	----a-w-	c:\windows\system32\deployJava1.dll
2012-12-08 14:32 . 2012-12-08 14:32	262112	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"AnyDVD"="c:\program files\SlySoft\AnyDVD\AnyDVDtray.exe" [2012-12-20 6750448]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-12-03 843704]
"KiesAirMessage"="c:\program files\Samsung\Kies\KiesAirMessage.exe" [2012-11-01 577536]
"KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2012-12-03 967608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2008-02-23 122880]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-29 6111232]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"AML"="c:\program files\Sony\VAIO Launcher\AML.exe" [2008-03-26 1093632]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
.
c:\users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
EvernoteClipper.lnk - c:\program files\Evernote\Evernote\EvernoteClipper.exe [2011-8-8 977408]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Acrobat - Schnellstart.lnk - c:\windows\Installer\{AC76BA86-1033-F400-BA7E-000000000003}\_SC_Acrobat.exe [2008-5-16 295606]
MCtlSvc.lnk - c:\program files\congstar\Internetmanager\Bin\mcserver.exe [2012-10-1 89600]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2008-05-12 21:45	98304	----a-w-	c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk /p \??\g:\0autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
backup=c:\windows\pss\BTTray.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^***^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk]
path=c:\users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
backup=c:\windows\pss\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2011-08-30 11:24	624056	----a-w-	c:\program files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
2012-12-20 21:58	6750448	----a-w-	c:\program files\SlySoft\AnyDVD\AnyDVDtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-10-11 20:56	59280	----a-w-	c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2008-03-11 00:20	689488	----a-w-	c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe]
2008-04-03 18:03	317280	----a-w-	c:\program files\Sony\ISB Utility\ISBMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
2012-12-03 14:35	843704	----a-w-	c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2012-12-03 14:35	309688	----a-w-	c:\program files\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MarketingTools]
2008-06-02 11:47	36864	----a-w-	c:\program files\Sony\Marketing Tools\MarketingTools.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-25 02:12	421888	----a-w-	c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2008-04-29 04:48	1826816	----a-w-	c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs	REG_MULTI_SZ   	BthServ
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-12-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 11:53]
.
2012-12-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-28 20:29]
.
2012-12-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-28 20:29]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.t-online.de/
IE: Add to Evernote 4.0 - c:\program files\Evernote\Evernote\EvernoteIE.dll/204
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: An vorhandenes PDF anfügen - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Auswahl in Adobe PDF konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Auswahl in vorhandene PDF-Datei konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: In Adobe PDF konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Verknüpfungsziel in Adobe PDF konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
Trusted Zone: ohost.de\www
TCP: DhcpNameServer = 192.168.1.1
DPF: {741747F6-83B4-4FB9-A268-8CA4010762C8} - hxxp://www3.snapfish.de/SnapfishActivia2.cab
FF - ProfilePath - c:\users\Denise\AppData\Roaming\Mozilla\Firefox\Profiles\4xvz1vj5.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.t-online.de/
FF - ExtSQL: 2012-11-15 12:44; {23fcfd51-4958-4f00-80a3-ae97e717ed8b}; c:\program files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF - ExtSQL: !HIDDEN! 2009-06-24 19:02; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2010-07-12 18:13; smartwebprinting@hp.com; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{a51a36e6-31e7-4838-9ff7-76298b527ec0} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-KiesHelper - c:\program files\Samsung\Kies\KiesHelper.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2012-12-28 14:38
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2012-12-28  14:41:30
ComboFix-quarantined-files.txt  2012-12-28 13:41
.
Vor Suchlauf: 12 Verzeichnis(se), 88.883.093.504 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 89.511.120.896 Bytes frei
.
- - End Of File - - 64C922019E720B1940AC5CBF04E9C3DE

--- --- ---

Windows Defender vergessen auszuschalten... *seufz* Mea culpa!

M-K-D-B · 28.12.2012, 15:24

Servus,

gibt es derzeit noch Probleme, die auf Malware hindeuten?
Das Problem mit dem langsamen Neustart sollte besser werden. Wir sind ja noch nicht fertig.

Schritt 1
Lade SystemLook von jpshortstuff von einem der folgenden Spiegel herunter und speichere das Tool auf dem Desktop.

Download Mirror #1 - Download Mirror #2

Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:
Code:
ATTFilter
```
:filefind
*Ask*

:folderfind
*Ask*

:regfind
Ask
         
```
Klicke nun auf den Button Look, um den Scan zu starten.
Wenn der Suchlauf beendet ist, wird sich Dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
Die Ergebnisse werden auf dem Desktop als SystemLook.txt gespeichert.

Schritt 2
Starte bitte OTL.exe.
Wähle unter
Extra Registrierung: Benutze Safe List und klicke auf den Scan Button.
Poste die OTL.txt und die Extras.txt hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Beantwortung der gestellten Frage,
die Logdatei von SystemLook,
die beiden Logdateien von OTL.

Isin · 28.12.2012, 22:37

Nein, Matthias, ich kann soweit keine Beeinträchtigung oder irgendwelche Hinweise auf Malware feststellen.

Anbei die gezippte Log-Datei von Schritt 1.

Isin · 28.12.2012, 22:59

Und Schritt 2 - das OTL-Log:
OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 28.12.2012 22:38:24 - Run 5
OTL by OldTimer - Version 3.2.69.0     Folder = c:\Users\***\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,75 Gb Available Physical Memory | 58,34% Memory free
6,19 Gb Paging File | 4,73 Gb Available in Paging File | 76,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222,73 Gb Total Space | 83,15 Gb Free Space | 37,33% Space Free | Partition Type: NTFS
 
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.12.24 14:39:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- c:\Users\***\Downloads\OTL.exe
PRC - [2012.12.20 22:58:21 | 006,750,448 | ---- | M] (SlySoft, Inc.) -- C:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe
PRC - [2012.12.08 15:32:11 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.12.03 15:35:18 | 000,843,704 | ---- | M] (Samsung) -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012.12.03 15:35:10 | 000,967,608 | ---- | M] (Samsung) -- C:\Programme\Samsung\Kies\Kies.exe
PRC - [2012.08.08 08:48:55 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.05.24 19:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.05.08 18:44:28 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.08 18:44:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.08 18:44:28 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.08.08 17:28:02 | 000,977,408 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Programme\Evernote\Evernote\EvernoteClipper.exe
PRC - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.06.12 07:10:38 | 000,089,600 | ---- | M] (ZTE) -- C:\Programme\congstar\Internetmanager\Bin\mcserver.exe
PRC - [2010.05.13 09:42:22 | 000,031,232 | ---- | M] () -- C:\Programme\congstar\Internetmanager\Bin\db_daemon.exe
PRC - [2010.05.13 09:42:16 | 000,215,552 | ---- | M] () -- C:\Programme\congstar\Internetmanager\Bin\dbus-daemon.exe
PRC - [2010.05.13 09:42:00 | 000,043,008 | ---- | M] () -- C:\Programme\congstar\Internetmanager\Bin\gconfd-2.exe
PRC - [2010.01.09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.08.24 11:59:12 | 000,870,240 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Update 4\VAIOUpdt.exe
PRC - [2008.05.12 22:45:06 | 000,182,112 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe
PRC - [2008.05.12 22:45:06 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2008.04.30 18:41:12 | 000,815,104 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe
PRC - [2008.04.30 18:10:10 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008.04.29 05:48:08 | 000,098,304 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RTKAUDIOSERVICE.EXE
PRC - [2008.04.24 13:06:12 | 001,771,360 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Power Management\SPMgr.exe
PRC - [2008.04.24 13:06:10 | 000,411,488 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe
PRC - [2008.04.03 14:52:46 | 000,229,376 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\Network Utility\NSUService.exe
PRC - [2008.03.04 19:58:30 | 000,063,328 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Media plus\SOHDs.exe
PRC - [2008.03.04 19:56:42 | 000,350,048 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Media plus\SOHDms.exe
PRC - [2008.03.04 19:54:50 | 000,104,288 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Media plus\SOHCImp.exe
PRC - [2008.03.03 13:45:48 | 000,333,088 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
PRC - [2008.02.23 01:38:50 | 000,122,880 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\Apoint.exe
PRC - [2008.02.23 01:38:50 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\ApntEx.exe
PRC - [2008.02.23 01:38:49 | 000,050,472 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\ApMsgFwd.exe
PRC - [2008.02.15 10:56:56 | 000,147,456 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2008.02.15 10:56:54 | 000,184,320 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2008.02.15 10:56:50 | 000,274,432 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2008.01.21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2008.01.21 03:23:50 | 000,318,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
PRC - [2007.11.09 16:34:28 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Programme\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
PRC - [2007.09.10 23:45:04 | 000,124,832 | ---- | M] () -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
PRC - [2007.03.26 06:00:26 | 000,069,632 | ---- | M] (Software 2000 Limited) -- C:\Windows\System32\spool\drivers\w32x86\3\HP1005MC.EXE
PRC - [2007.01.04 18:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.12.14 14:45:29 | 012,621,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\c651664b676131a29805b906e6e3a075\Kies.Theme.ni.dll
MOD - [2012.12.14 14:45:26 | 000,609,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\1ce87eeaf4631660db98892bced4e2d1\DevicePodcast.ni.dll
MOD - [2012.12.14 14:45:25 | 000,293,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\e5e647b2ca4cdc5b57ff9f1603380e0f\DeviceVideo.ni.dll
MOD - [2012.12.14 14:45:24 | 000,371,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\525e1d4bf4d56bba86a1658a9e0d083a\DevicePhoto.ni.dll
MOD - [2012.12.14 14:45:23 | 000,305,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\9abd5232b514e1c9a4b93798913bfd85\DeviceMusic.ni.dll
MOD - [2012.12.14 14:45:21 | 000,471,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\a7f0eab462c12b64065c72c79b725a40\VideoManager.ni.dll
MOD - [2012.12.14 14:45:19 | 001,493,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PodcastService\ce3a6aa746e080fd43eb5a28a11be2ce\PodcastService.ni.dll
MOD - [2012.12.14 14:45:14 | 000,623,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\3b8828ff5f509686c1bd0bdcce093484\PhotoManager.ni.dll
MOD - [2012.12.14 14:45:12 | 001,114,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\97a8edf707f9633f1e37466ad1d23f7e\Podcaster.ni.dll
MOD - [2012.12.14 14:44:57 | 000,038,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\dd8bec8239f56ab710ed7b9974cb044b\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
MOD - [2012.12.14 14:44:54 | 006,273,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\15d8f6fc75d21eafbbefdbf4c63d96fa\DeviceHost.ni.dll
MOD - [2012.12.14 14:44:31 | 001,879,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\e34e70977504b005227147c2c204039c\Phonebook.ni.dll
MOD - [2012.12.14 06:48:22 | 001,008,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CPKTMusicPlugin\f82d1513ee148f2ebeaa34560a9f3c02\CPKTMusicPlugin.ni.dll
MOD - [2012.12.14 06:48:18 | 000,941,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\ca84c400314176136195468cebc2f0a3\MusicManager.ni.dll
MOD - [2012.12.14 06:48:17 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\ae89d48e4b003ad779dc50831fe3651d\BATPlugin.ni.dll
MOD - [2012.12.14 06:48:16 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\f5e68ac69c316c6ed3fd2d32d86b9b40\Kies.Common.StoreManager.ni.dll
MOD - [2012.12.14 06:48:15 | 000,507,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\f8d1638945cfb17beeef41f95122a57e\Kies.Common.MediaDB.ni.dll
MOD - [2012.12.14 06:48:14 | 000,283,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\16ff612e95fab71238d3098306432669\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
MOD - [2012.12.14 06:48:14 | 000,064,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\bb1b8bf4cff449c07958f536e76f99d6\Kies.Common.AllShare.ni.dll
MOD - [2012.12.14 06:48:13 | 000,570,368 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\006e357b8b365cc092aebeb0715e92ba\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2012.12.14 06:48:13 | 000,189,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\d59def04f1a1362bf68d4c6290495129\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
MOD - [2012.12.14 06:48:11 | 000,622,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\7ed0d1663e2b2ba0364e980a31c78569\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
MOD - [2012.12.14 06:48:10 | 000,184,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\e67cd5af0d312ce2bc02f70086a85ab6\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2012.12.14 06:48:09 | 000,915,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\34d865a4131eedff179516d7e4ff98ba\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
MOD - [2012.12.14 06:48:07 | 001,058,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\e3ae9e006b93f18934ed38169b0d53b1\Kies.Common.DeviceService.ni.dll
MOD - [2012.12.14 06:48:05 | 002,200,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\3bc20954017591e3a683404935a9a707\Kies.Common.Multimedia.ni.dll
MOD - [2012.12.14 06:48:05 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\3423672e3ee870ee8c5ea4dccc7908b9\Interop.PRPLAYERCORELib.ni.dll
MOD - [2012.12.14 06:48:02 | 000,200,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\2787a3b938a879c11527af2645dce547\Kies.Common.MainUI.ni.dll
MOD - [2012.12.14 06:48:01 | 000,067,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\b5d9193934954f23c5b33709d029df5a\Kies.Common.DBManager.ni.dll
MOD - [2012.12.14 06:48:00 | 001,499,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\9ff0e3370c080afab9fb37039ccde6d3\Kies.Locale.ni.dll
MOD - [2012.12.14 06:48:00 | 000,274,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\21fe633b3fdc133e7a9b8d23d99ff751\Kies.Common.Util.ni.dll
MOD - [2012.12.14 06:47:57 | 000,078,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\c0ea119e4e74b68962a01ba3d4363846\Kies.MVVM.ni.dll
MOD - [2012.12.14 06:47:56 | 001,874,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\89596f42bb84a3197a871a7c3092cf06\Kies.UI.ni.dll
MOD - [2012.12.14 06:47:54 | 001,212,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\8c781ce4d99031ea3a3167c04a99487f\Kies.Interface.ni.dll
MOD - [2012.12.14 06:47:52 | 001,690,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\283e1e162d12bd85a8704a9dfa43706a\Kies.ni.exe
MOD - [2012.12.08 15:32:10 | 002,397,152 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2012.11.19 08:18:20 | 000,232,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\f8c8f34f4703169ec8ef159f4a3eff05\ASF_cSharpAPI.ni.dll
MOD - [2012.11.19 08:18:17 | 000,175,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\e029f4b6cd5483b6a24e612a45963b18\Interop.DevFileServiceLib.ni.dll
MOD - [2012.11.19 08:18:09 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\b2991e7347afcb391a714b60ebf7fdff\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2012.11.19 08:18:09 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\1ea9d4d50c7fdf418de5c801ed76701d\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2012.11.19 08:18:08 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\5911766cf78c9ff4b4b89dcd0d2f3899\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2012.11.19 08:17:57 | 000,743,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\0d8a6c359208a783ffc5c2209d02cd3c\ICSharpCode.SharpZipLib.ni.dll
MOD - [2012.11.19 08:17:57 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\dd6c740085ff9051f0b9d7aec72f889f\CabLib.ni.dll
MOD - [2012.11.19 08:17:55 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\2d61609a7f09305ef6e384741c3e863c\Interop.DeviceSearchLib.ni.dll
MOD - [2012.11.18 20:22:41 | 000,119,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\088676cc322e339363b855b240aa1105\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2012.11.18 20:22:21 | 000,771,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\3ebb49cd31ae72ca680a647130a33e95\System.Runtime.Remoting.ni.dll
MOD - [2012.11.17 16:26:13 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\adaaf894878905f022f824b84fcd59a8\System.ServiceProcess.ni.dll
MOD - [2012.11.17 15:57:51 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\aebb94e0eea9c39ec18a7915a711f621\System.Xaml.ni.dll
MOD - [2012.11.17 15:54:14 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\eca677743544906340bc26d89c2538e4\System.IdentityModel.Selectors.ni.dll
MOD - [2012.11.17 15:54:13 | 001,070,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\6be544795f68114304a2efdd502a52f0\System.IdentityModel.ni.dll
MOD - [2012.11.17 15:54:12 | 002,346,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\68c89abe0ec8381863d6bb18539504f9\System.Runtime.Serialization.ni.dll
MOD - [2012.11.17 15:54:09 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\949339bed597380b8fb6dd2dc97d8006\SMDiagnostics.ni.dll
MOD - [2012.11.17 15:54:08 | 017,404,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\2d737eebab3321e31bf20296d04a0e1a\System.ServiceModel.ni.dll
MOD - [2012.11.17 15:53:42 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ac05afefb5b28893d44ec451da0e6d4e\System.Web.ni.dll
MOD - [2012.11.17 15:53:10 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7f15d0cb7e4f87f86e425d5ffe7e8280\System.Configuration.ni.dll
MOD - [2012.11.16 06:30:56 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\741164a3e36f879b9f9e3ff176465127\System.Xml.ni.dll
MOD - [2012.11.16 06:30:17 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\22e554f2c4da53c07e4815a24e2d50e2\System.Windows.Forms.ni.dll
MOD - [2012.11.16 06:30:06 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2c6cd37f29fc76d6c2ed6bbed202d82c\System.Drawing.ni.dll
MOD - [2012.11.16 06:29:07 | 007,976,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll
MOD - [2012.11.16 06:28:46 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll
MOD - [2012.11.15 21:51:50 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7c8bffb6e42a248341d7821a8464ef0b\PresentationFramework.ni.dll
MOD - [2012.11.15 21:51:34 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74fade4c3e490c62af3d60742fb078a\PresentationCore.ni.dll
MOD - [2012.11.15 21:51:23 | 003,882,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\dfe6e22159d3f5bf61b5bfe1da6f2758\WindowsBase.ni.dll
MOD - [2012.11.15 21:46:22 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\14d2241be401f66cc1898dc5dc383b80\System.Core.ni.dll
MOD - [2012.11.15 21:46:21 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e10bbd79027aa4c1ca8950b78fd640d4\System.Xml.ni.dll
MOD - [2012.11.15 21:46:17 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\c63fe1e324904c893d2a5d02f0783658\System.Configuration.ni.dll
MOD - [2012.11.15 21:46:14 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\379599837ade465016dd5d96798b2766\System.ni.dll
MOD - [2012.11.15 21:46:05 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\dbc34d53e1fbedabecd201fe4f264961\mscorlib.ni.dll
MOD - [2011.07.29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
MOD - [2011.04.19 11:39:46 | 000,315,392 | ---- | M] () -- C:\Programme\Evernote\Evernote\libtidy.dll
MOD - [2011.04.19 11:39:44 | 000,433,664 | ---- | M] () -- C:\Programme\Evernote\Evernote\libxml2.dll
MOD - [2010.06.17 08:53:14 | 000,043,008 | ---- | M] () -- C:\Programme\congstar\Internetmanager\Bin\audio.dll
MOD - [2010.06.17 08:53:12 | 000,089,600 | ---- | M] () -- C:\Programme\congstar\Internetmanager\Bin\itapi.dll
MOD - [2010.06.17 08:53:06 | 000,054,272 | ---- | M] () -- C:\Programme\congstar\Internetmanager\Bin\coder.dll
MOD - [2010.06.17 08:53:00 | 000,025,088 | ---- | M] () -- C:\Programme\congstar\Internetmanager\Bin\log.dll
MOD - [2010.06.12 07:10:20 | 000,034,304 | ---- | M] () -- C:\Programme\congstar\Internetmanager\Bin\libctlsvr.dll
MOD - [2010.05.13 09:42:22 | 000,031,232 | ---- | M] () -- C:\Programme\congstar\Internetmanager\Bin\db_daemon.exe
MOD - [2010.05.13 09:42:16 | 000,215,552 | ---- | M] () -- C:\Programme\congstar\Internetmanager\Bin\dbus-daemon.exe
MOD - [2010.05.13 09:42:00 | 000,043,008 | ---- | M] () -- C:\Programme\congstar\Internetmanager\Bin\gconfd-2.exe
MOD - [2010.05.13 09:41:52 | 000,055,808 | ---- | M] () -- C:\Programme\congstar\Internetmanager\Bin\libgconfbackend-xml.dll
MOD - [2010.05.13 09:41:36 | 000,157,696 | ---- | M] () -- C:\Programme\congstar\Internetmanager\Bin\libgconf-2.dll
MOD - [2010.05.13 09:41:18 | 000,594,432 | ---- | M] () -- C:\Programme\congstar\Internetmanager\Bin\dbus-1.dll
MOD - [2010.05.13 09:39:54 | 000,341,504 | ---- | M] () -- C:\Programme\congstar\Internetmanager\Bin\sqlite3.dll
MOD - [2009.12.09 07:54:50 | 000,495,616 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll
MOD - [2009.03.30 05:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.03.28 08:19:06 | 000,080,688 | ---- | M] () -- C:\Programme\congstar\Internetmanager\Bin\zlib1.dll
MOD - [2008.05.16 09:08:07 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SPMDam\3.0.0.4140__1b3c579b6925895f\SPMDam.dll
MOD - [2008.05.16 09:08:06 | 000,086,016 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SPMCommon\3.0.0.4140__e3c7096ba83f9295\SPMCommon.dll
MOD - [2008.05.13 01:05:22 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008.05.06 12:50:00 | 000,971,776 | ---- | M] () -- C:\Programme\congstar\Internetmanager\Bin\libxml2.dll
MOD - [2007.09.09 16:07:00 | 000,151,552 | ---- | M] () -- C:\Programme\congstar\Internetmanager\Bin\libexpat.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2012.12.12 12:53:53 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.12.08 15:32:10 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.11.09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.05.08 18:44:28 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.08 18:44:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.11.16 17:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010.01.09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 21:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2008.05.16 09:06:39 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.05.12 22:45:06 | 000,182,112 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2008.04.30 18:41:12 | 000,815,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008.04.30 18:10:10 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008.04.29 05:48:08 | 000,098,304 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Windows\RTKAUDIOSERVICE.EXE -- (RtkHDMIService)
SRV - [2008.04.24 13:06:10 | 000,411,488 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV - [2008.04.03 14:52:46 | 000,229,376 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\Network Utility\NSUService.exe -- (NSUService)
SRV - [2008.03.04 19:58:30 | 000,063,328 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Media plus\SOHDs.exe -- (SOHDs)
SRV - [2008.03.04 19:56:42 | 000,350,048 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Media plus\SOHDms.exe -- (SOHDms)
SRV - [2008.03.04 19:54:50 | 000,104,288 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Media plus\SOHCImp.exe -- (SOHCImp)
SRV - [2008.03.03 13:45:48 | 000,333,088 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2008.03.03 12:27:14 | 000,087,328 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2008.02.15 10:56:56 | 000,147,456 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2008.02.15 10:56:56 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2008.02.15 10:56:54 | 000,184,320 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2008.02.15 10:56:50 | 000,274,432 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2008.01.21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.11.28 01:08:02 | 000,077,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2007.11.28 01:02:20 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2007.11.28 00:43:44 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2007.11.09 16:34:28 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Programme\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe -- (uCamMonitor)
SRV - [2007.09.10 23:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007.01.04 18:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2005.02.09 12:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Auto | Stopped] -- C:\Windows\System32\drivers\Pclepci.sys -- (PCLEPCI)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\***\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2012.08.26 13:56:17 | 000,121,248 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2012.05.08 18:44:29 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.05.08 18:44:29 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.11 14:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.02.11 04:29:56 | 000,106,880 | ---- | M] (HSPADataCard Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSPADataCardusbser.sys -- (HSPADataCardusbser)
DRV - [2010.02.11 04:29:56 | 000,106,880 | ---- | M] (HSPADataCard Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSPADataCardusbnmea.sys -- (HSPADataCardusbnmea)
DRV - [2010.02.11 04:29:56 | 000,106,880 | ---- | M] (HSPADataCard Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSPADataCardusbmdm.sys -- (HSPADataCardusbmdm)
DRV - [2010.02.11 04:29:56 | 000,010,240 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2009.12.15 03:46:26 | 000,024,192 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2009.12.15 03:46:18 | 000,013,184 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BMLoad.sys -- (BMLoad)
DRV - [2008.05.13 01:05:19 | 003,537,408 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.04.28 05:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2008.04.28 02:19:55 | 000,142,624 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2008.04.22 14:43:36 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2008.04.22 01:01:11 | 000,903,680 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008.04.16 01:04:24 | 000,046,592 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\risdptsk.sys -- (risdptsk)
DRV - [2008.04.16 01:04:12 | 000,068,096 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008.02.23 01:38:50 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008.01.30 16:33:28 | 000,017,408 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2007.12.17 02:57:23 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2007.12.13 01:05:02 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.05.26 09:03:06 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007.04.17 19:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2007.01.04 10:07:00 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{A043A837-321C-490B-BD62-6579BBD7EBA1}: "URL" = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://partnerpage.google.com/eu.s [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Nachrichten - Service - Shopping bei t-online.de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{4E00617F-726A-40E8-A109-B2B45FF401C7}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}
IE - HKCU\..\SearchScopes\{9A6E85CB-495D-4E32-A038-C8F7078F2B9D}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
IE - HKCU\..\SearchScopes\{A043A837-321C-490B-BD62-6579BBD7EBA1}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SNYK_de
IE - HKCU\..\SearchScopes\{B6E718B0-3138-40B4-87E8-BA53D4295B6F}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=12CDF9F2-2AB5-477F-B917-D14FDA84A61E&apn_sauid=CE2AC73B-41BF-49C7-86E6-D604C9B761CD
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.openintab: true
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.t-online.de/"
FF - prefs.js..extensions.enabledAddons: %7B0b457cAA-602d-484a-8fe7-c1d894a011ba%7D:0.98.26
FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68
FF - prefs.js..extensions.enabledAddons: %7BE0B8C461-F8FB-49b4-8373-FE32E9252800%7D:5.4
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0033-ABCDEFFEDCBA%7D:6.0.33
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0035-ABCDEFFEDCBA%7D:6.0.35
FF - prefs.js..extensions.enabledAddons: ff-bmboc%40bytemobile.com:4.2.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.50
FF - prefs.js..extensions.enabledItems: {1a0c9ebe-ddf9-4b76-b8a3-675c77874d37}:4.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: ff-bmboc@bytemobile.com:4.2.2
FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.88
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.07.12 17:13:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\congstar\Internetmanager\Bin\addon [2010.04.01 13:29:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.11.15 12:44:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.25 15:01:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.25 15:01:01 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.07.12 17:13:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.25 15:01:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.25 15:01:01 | 000,000,000 | ---D | M]
 
[2011.12.08 22:24:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2011.04.14 16:17:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2011.12.08 22:24:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\uploadr@flickr.com
[2012.12.28 13:40:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4xvz1vj5.default\extensions
[2012.12.02 23:04:26 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4xvz1vj5.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2010.04.27 19:28:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4xvz1vj5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.10.02 21:43:45 | 000,000,000 | ---D | M] (Evernote Web Clipper) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4xvz1vj5.default\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
[2012.10.18 10:11:29 | 000,158,191 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\4xvz1vj5.default\extensions\{1a0c9ebe-ddf9-4b76-b8a3-675c77874d37}.xpi
[2012.11.25 09:51:10 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\4xvz1vj5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.01.22 17:01:11 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\4xvz1vj5.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2010.03.19 22:36:05 | 000,001,820 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\4xvz1vj5.default\searchplugins\bing.xml
[2012.12.08 15:32:03 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.12.08 15:32:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.12.08 15:32:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2010.04.01 13:29:34 | 000,000,000 | ---D | M] (Bytemobile Optimization Client) -- C:\PROGRAM FILES\CONGSTAR\INTERNETMANAGER\BIN\ADDON
[2012.12.08 15:32:03 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.12.08 15:32:03 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.12.08 15:32:11 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.10.20 14:41:03 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.20 14:41:03 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.10.20 14:41:03 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.20 14:41:03 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.20 14:41:03 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.20 14:41:03 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: Google
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\***\AppData\Local\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\***\AppData\Local\Google\Chrome\Application\16.0.912.75\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\***\AppData\Local\Google\Chrome\Application\16.0.912.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: ActiveTouch General Plugin Container (Enabled) = C:\Users\***\AppData\Roaming\Mozilla\plugins\npatgpc.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AdBlock = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.14_0\
CHR - Extension: Google Mail = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012.12.28 14:37:58 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Google BAE\BAE.dll (Your Company Name)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AML] C:\Program Files\Sony\VAIO Launcher\AML.exe (Sony)
O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [AnyDVD] C:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKCU..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Programme\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O15 - HKCU\..Trusted Domains: ohost.de ([www] http in Trusted sites)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (GMNRev Class)
O16 - DPF: {741747F6-83B4-4FB9-A268-8CA4010762C8} hxxp://www3.snapfish.de/SnapfishActivia2.cab (Snapfish Activia2)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://akamaicdn.webex.com/client/WBXclient-T27L10NSP30-13034/event/ieatgpc1.cab (GpcContainer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2B14BF3A-16C1-4179-A370-4A23F8F96915}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF073E29-1B3C-415F-9D76-B0371949D0DC}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\***\Desktop\Meine Bilder\broken-social-scene-feel-good-lost-wallpaper-1920x1200.jpg
O24 - Desktop BackupWallPaper: C:\Users\***\Desktop\Meine Bilder\broken-social-scene-feel-good-lost-wallpaper-1920x1200.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.03.01 22:43:30 | 000,000,121 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk /p \??\G:)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.12.28 14:41:35 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.12.28 14:37:48 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\temp
[2012.12.28 14:21:25 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.12.28 14:21:25 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.12.28 14:21:25 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.12.28 14:21:20 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012.12.28 14:17:41 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.12.28 14:17:04 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.12.28 14:10:54 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2012.12.28 14:10:31 | 000,000,000 | ---D | C] -- C:\JRT
[2012.12.25 15:00:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012.12.25 15:00:39 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012.12.25 15:00:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012.12.21 09:28:09 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.21 09:28:09 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.12.13 17:49:41 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2012.12.12 09:19:16 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.12.12 09:19:16 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.12.12 09:19:15 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.12.12 09:19:15 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.12.12 09:19:15 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.12.12 09:19:14 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.12.12 09:19:14 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.12.12 09:19:13 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.12.12 09:14:52 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2012.12.12 09:14:38 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll
[2012.12.12 09:14:37 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012.12.12 09:14:36 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2012.12.12 09:14:35 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012.12.12 09:14:35 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012.12.12 09:14:35 | 000,034,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\winusb.sys
[2012.12.12 09:04:50 | 002,048,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.12.12 09:04:48 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2012.12.12 09:04:48 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnsvr.exe
[2012.12.12 09:04:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012.12.08 15:32:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.11.29 10:29:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.11.29 10:29:09 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012.11.29 10:29:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
 
========== Files - Modified Within 30 Days ==========
 
[2012.12.28 22:43:10 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.28 22:26:57 | 000,071,231 | ---- | M] () -- C:\Users\***\Documents\log.zip
[2012.12.28 22:12:15 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.28 22:12:11 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.28 22:12:11 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.28 22:12:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.28 22:11:55 | 3217,080,320 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.28 17:29:09 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.12.28 16:53:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.28 14:37:58 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.12.28 13:29:09 | 000,002,721 | ---- | M] () -- C:\Users\***\Desktop\Outlook.lnk
[2012.12.26 14:20:22 | 000,000,000 | ---- | M] () -- C:\Users\***\defogger_reenable
[2012.12.24 18:40:33 | 000,420,336 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.12.24 12:42:02 | 000,001,356 | ---- | M] () -- C:\Users\***\AppData\Local\d3d9caps.dat
[2012.12.16 14:12:54 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.12.16 11:50:29 | 000,293,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.15 18:55:13 | 000,002,617 | ---- | M] () -- C:\Users\***\Desktop\Word.lnk
[2012.12.12 12:53:51 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.12.12 12:53:51 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.12.10 09:41:51 | 000,674,832 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.12.10 09:41:51 | 000,634,650 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.12.10 09:41:51 | 000,146,484 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.12.10 09:41:51 | 000,120,214 | ---- | M] () -- C:\Windows\System32\perfc009.dat
 
========== Files Created - No Company Name ==========
 
[2012.12.28 22:26:57 | 000,071,231 | ---- | C] () -- C:\Users\***\Documents\log.zip
[2012.12.28 14:21:25 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.12.28 14:21:25 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.12.28 14:21:25 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.12.28 14:21:25 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.12.28 14:21:25 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.12.26 14:20:22 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable
[2012.12.24 14:32:40 | 3217,080,320 | -HS- | C] () -- C:\hiberfil.sys
[2012.12.12 09:15:17 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.12.12 09:15:16 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.01.12 18:31:21 | 000,000,600 | ---- | C] () -- C:\Users\***\AppData\Roaming\winscp.rnd
[2011.11.29 16:38:18 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.11.29 16:38:12 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.11.29 16:38:12 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.11.29 16:38:12 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.11.29 16:38:12 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011.07.09 13:33:09 | 000,000,016 | ---- | C] () -- C:\Users\***\persistent_state
[2011.06.19 18:30:02 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.10.30 21:31:50 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2010.09.14 16:10:49 | 000,004,096 | -H-- | C] () -- C:\Users\***\AppData\Local\keyfile3.drm
[2009.01.10 20:48:53 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2008.09.03 19:04:41 | 000,010,752 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.08.06 20:58:38 | 000,000,094 | ---- | C] () -- C:\Users\***\AppData\Local\fusioncache.dat
[2008.08.05 17:52:58 | 000,001,356 | ---- | C] () -- C:\Users\***\AppData\Local\d3d9caps.dat
 
========== ZeroAccess Check ==========
 
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

--- --- ---

Und das Extras-Log

OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 28.12.2012 22:38:24 - Run 5
OTL by OldTimer - Version 3.2.69.0     Folder = c:\Users\***\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,75 Gb Available Physical Memory | 58,34% Memory free
6,19 Gb Paging File | 4,73 Gb Available in Paging File | 76,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222,73 Gb Total Space | 83,15 Gb Free Space | 37,33% Space Free | Partition Type: NTFS
 
Computer Name: ***-PC | User Name: ***| Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{104CD429-8A9E-4806-A116-E0C7951AAA1C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{014A4062-9D4F-4672-B62D-0BD018FDC784}" = protocol=17 | dir=in | app=c:\program files\sony\vaio media plus\sohcimp.exe | 
"{02C65070-3525-42C9-A01A-CF62B7A6E415}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe | 
"{05A51F85-82F7-4BB7-8E0E-9AD5AA3D9757}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe | 
"{08A7D120-92E6-4CED-A4D7-4AE335CCDBDA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{091345BC-1D20-4FAA-95BD-80F4AF920427}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{0F428A2D-F367-4201-A358-F41B005A88FB}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe | 
"{0FC3A64C-1B2E-4E21-ABC8-BE686D102A59}" = protocol=6 | dir=in | app=c:\program files\sony\vaio media plus\sohcimp.exe | 
"{163A6256-9519-4651-9094-3CDBB78CC926}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe | 
"{17EDAC6C-1008-40C9-9F5B-40573B5BAD9F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{1A3E3653-CFC4-4CEF-A4EB-9F93B87BD077}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | 
"{24206674-137D-4FA9-9D46-C97F929C0416}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe | 
"{2A3595AA-8E62-4DE9-ADA9-AEBD93F7242B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe | 
"{39D2D2C0-7367-42EC-B248-2D7BEC35466E}" = protocol=17 | dir=in | app=c:\users\denise\appdata\roaming\dropbox\bin\dropbox.exe | 
"{3B5A710D-41D8-422E-94A0-FF7C97590008}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe | 
"{3EDD2883-E52B-4E2F-9667-96645DAB8861}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\hp1005mc.exe | 
"{4FA26C04-8ECE-487E-9FD3-5D9EE28D037D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | 
"{54F26CC8-4ECD-4F23-BF1E-99A018BFB231}" = protocol=6 | dir=in | app=c:\program files\sony\vaio media plus\sohdms.exe | 
"{62701176-317A-44EB-8F2E-30A72D8AF700}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{66F4D264-5EB3-4ECC-B69C-353EF5A41949}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | 
"{670C2148-A0BE-4C97-86BE-528ACE5D4B0F}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 11\programs\rm.exe | 
"{69777C53-133B-42B7-A54F-750445EE760F}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{6AB62673-FEA3-40AA-80A4-21492BEAB657}" = protocol=17 | dir=in | app=c:\program files\sony\vaio media plus\vmp.exe | 
"{718D1926-657E-4DFE-9E8B-82A70B4C5FA7}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{7C0E9432-016A-4FEB-A13B-CFAFC362146F}" = protocol=17 | dir=in | app=c:\program files\sony\vaio media plus\sohdms.exe | 
"{7D727100-7385-432A-A598-1B7F1D181BBF}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe | 
"{7F490743-9ECC-4943-9357-8CC9C4BBBBB9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe | 
"{7F9200EC-7611-446F-A885-A81C3C62A4FF}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 11\programs\pmsregisterfile.exe | 
"{80DED532-2D04-49D1-A5C2-952F0F87923C}" = protocol=17 | dir=in | app=c:\users\***\appdata\roaming\dropbox\bin\dropbox.exe | 
"{83723F85-587A-4E0D-964F-47A3CDBBA846}" = protocol=6 | dir=in | app=c:\users\***\appdata\roaming\dropbox\bin\dropbox.exe | 
"{8BC961D3-6B32-488F-9C95-3B7AF91D5D5B}" = protocol=17 | dir=in | app=c:\program files\sony\vaio media plus\sohds.exe | 
"{8CBBC22B-253A-4F4A-A29C-214EDDECBF57}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 11\programs\studio.exe | 
"{8DC23F20-E863-4DB5-8004-5F5CE4F3F081}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\hp1005mc.exe | 
"{8DCDB4AE-A726-4120-B638-6AD151919D4C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe | 
"{90AAC9D8-450E-4E52-B145-A6F1255600A1}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe | 
"{A78E2FD1-6130-428F-AF43-D611D1582CB2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe | 
"{AB3B4E79-959C-49AC-BE55-F2ED0577B5C4}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe | 
"{C4A092E5-8AAB-47D0-87B1-68E3841E5AFB}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 11\programs\umi.exe | 
"{D98EC851-B551-455A-88F2-F81E05A3BF7A}" = protocol=6 | dir=in | app=c:\program files\sony\vaio media plus\sohds.exe | 
"{DF7E316F-314A-41E3-9E92-DC429AEF3BB5}" = protocol=6 | dir=in | app=c:\users\***\appdata\roaming\dropbox\bin\dropbox.exe | 
"{E3B8423B-446F-450D-AE5E-915F6F8929BD}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 11\programs\umi.exe | 
"{E54D6AA6-B12C-4712-85DA-A3B74C51A4E8}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 11\programs\studio.exe | 
"{F02BC70F-7594-4C2C-BC57-7BFEB21B416D}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 11\programs\pmsregisterfile.exe | 
"{F84B6F5C-4133-4427-AED6-323C1C040F01}" = protocol=6 | dir=in | app=c:\program files\sony\vaio media plus\vmp.exe | 
"{F99F3337-2317-4936-9A08-5F43C20BD8E5}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 11\programs\rm.exe | 
"{FF77461B-9D31-488F-93E0-6CA4271920C1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe | 
"TCP Query User{14FC02C3-EB6B-4EAE-8958-67839D1055E9}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"TCP Query User{2471527F-2A0E-4AA6-8CA0-40509E7A2309}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"TCP Query User{48249261-3BD5-40AF-A070-E541A945FF3B}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"TCP Query User{7F344106-1640-4E86-9921-F89DEBB1A862}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | 
"TCP Query User{7F44FE43-235B-4E28-99F3-064E14CA781F}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"TCP Query User{EB101D22-73E9-4651-8A7D-5FC16C0707BD}C:\program files\pinnacle\studio 11\programs\studio.exe" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 11\programs\studio.exe | 
"UDP Query User{20967927-0C8F-4D96-B544-FE3A8CA28F87}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"UDP Query User{3294CCF4-AA0D-443B-ABE1-26AB13597F88}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"UDP Query User{61605EE7-6E63-4AF0-848F-AA7461471E8E}C:\program files\pinnacle\studio 11\programs\studio.exe" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 11\programs\studio.exe | 
"UDP Query User{68BD919D-2FE5-4087-A244-C76F7267E9C8}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"UDP Query User{896715C7-0885-4A48-9154-D2A26BD4C458}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | 
"UDP Query User{FEA33787-9CE5-4BC5-A070-FCA2A16A9FEC}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{02D63222-CF76-E080-74DD-975B1672ED67}" = Catalyst Control Center Core Implementation
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.1.0.2200
"{0405000A-0570-549A-A819-3BCEEAA1B40B}" = Catalyst Control Center Localization Hungarian
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06786A53-D2D8-47CD-696A-ABC83625EBFE}" = Catalyst Control Center Graphics Light
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4808" = CanoScan 5600F Scanner Driver
"{1316AEF2-E086-46C7-B1FB-8C9A39A2ABF9}" = VAIO Media plus
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{14E7357F-487C-3BF6-7955-B898AA76306E}" = CCC Help Russian
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{16D9D199-E8A0-9FBA-DDF3-0E2D7826D694}" = Catalyst Control Center Localization Spanish
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18C24BF9-3B71-6F89-848C-D78C40197216}" = CCC Help Chinese Traditional
"{1974FF16-2A0A-76AF-D948-0037B0CB8EB5}" = CCC Help Hungarian
"{1E5F3CC6-D390-4393-A2AA-6CEC04F1705A}" = Image Resizer Powertoy Clone for Windows
"{1E87F957-F850-D9F9-60F3-842955AAF519}" = Catalyst Control Center Localization German
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{2018C019-30D9-4240-8C01-0865C10DCF5A}" = Unterstützung für VAIO-Präsentation
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{26921B2E-3E62-47F9-A514-1FC4A83BD738}" = Intel(R) PROSet/Wireless WiFi-Software
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 35
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{27A2ABE9-E4C4-45DD-B9A8-CEEEE380E7E1}" = VAIO Content Metadata Intelligent Analyzing Manager
"{27D28586-BEF1-4E06-8787-3B1FC3A41489}" = congstar Internet-Manager
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2C3D71B4-85C4-5FA9-859E-1413F94EF642}" = Catalyst Control Center Localization Greek
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{310395F2-9206-159B-43B0-BF63D9F01B61}" = Catalyst Control Center Localization Turkish
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java(TM) 6 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{326DC400-1FC4-4D7D-946D-06D1EAB93200}" = VAIO Guide
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B659FAD-E772-44A3-B7E7-560FF084669F}" = VAIO Smart Network
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}" = Adobe Premiere Elements 4.0
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{42E2EEB2-D48E-4A47-B181-32ECA031D93B}" = DJ_AIO_06_F2400_SW_Min
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{43DA617D-1B80-0B70-FAA0-52AFCE853F40}" = CCC Help Finnish
"{4742375A-9BD3-46D0-E0CC-A8819D2E2C54}" = CCC Help Greek
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4BB5D5A7-F75E-D8D9-0DF8-AA2C1F188CEB}" = Catalyst Control Center Localization French
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox
"{4FCBFEDD-0CBF-A4A8-79D3-E9EAD37336C9}" = CCC Help Chinese Standard
"{54C91EE3-65B9-A931-8382-12B2A02709F8}" = ATI Catalyst Install Manager
"{5511F0CC-59E0-02AD-941F-2323DA2BB377}" = CCC Help Swedish
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{58AEE3E0-8746-11DD-81B6-000AE67E2618}_is1" = grafstat4
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5A29796D-2566-3ADA-043D-28C51CD7D4C3}" = Catalyst Control Center Localization Chinese Standard
"{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}" = 
"{5D803295-DD78-0143-F64B-0D80852C43E9}" = CCC Help Italian
"{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Energie Verwaltung
"{61FD2585-3337-8822-899B-68612742BA2F}" = Catalyst Control Center Localization Russian
"{6332AFF1-9D9A-429C-AA03-F82749FA4F49}" = SonicStage Mastering Studio
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BAA71B6-8F43-4C72-931A-3354ABB0258A}" = F2400
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6C7196C0-D205-03E7-39A1-7A23AB69F659}" = CCC Help Czech
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{70D43D66-53BF-257F-72FC-96FB33B39276}" = Catalyst Control Center Graphics Full New
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{723F5CDD-839A-FF16-4CFA-C4E0AA54A315}" = ccc-core-static
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{73BD4567-1C4E-8D45-1D28-3D469026A883}" = Skins
"{757CC5BA-BF08-46A5-8D10-64C6FDF659C6}" = VAIO Content Metadata Manager Setting
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{761205A9-41DC-48C9-2CC1-F197D372DBEF}" = Catalyst Control Center Localization Italian
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects
"{7E5DEF65-FE91-02F2-C291-22741AC34017}" = Catalyst Control Center Localization Danish
"{826E7114-AA2E-59AA-1916-2A753DC49153}" = ccc-utility
"{8299B94E-7F85-65A9-B0FA-6F6A8A6D4FBD}" = Catalyst Control Center Localization Thai
"{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}" = VAIO Update 4
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{8626472F-7AD7-C83B-66FA-00E0A1C50A26}" = Catalyst Control Center Localization Swedish
"{8662A65A-A2A1-072C-708D-1C1262776F6A}" = CCC Help Thai
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C3CD8CF-7012-51E5-107B-5A8C75701E1A}" = CCC Help Dutch
"{8ED3A392-28F1-4375-97AC-BF275B5855F9}" = OpenMG Secure Module 5.0.00
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{915C56D7-1EFD-4BF3-9FBE-2B0D39F36525}" = calibre
"{918CFAF6-AC40-F2C8-C044-7FA95C8A7099}" = CCC Help German
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{92D9E57D-73A5-4329-9888-FBBC16ED8944}_is1" = UN.CO.VER. 2.0
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9356940C-B360-4EF4-BE6C-BD488350AB17}" = Scan To
"{963B65F9-89C7-48BB-8E40-E7583DEC7C8D}" = SonicStage Mastering Studio
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" = 
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}" = SonicStage Mastering Studio Plugins
"{9C71059E-6DDD-4958-9251-7A5F865B6BA0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A33E457B-5369-481F-8B53-71108AE2EB5B}" = Roxio Easy Media Creator 10 LJ
"{A4399CF4-7A3F-4E84-B763-AD352640203D}" = VAIO Content Metadata XML Interface Library
"{A55A277A-4336-FACF-991A-52B51B8FAE78}" = Catalyst Control Center Localization Finnish
"{A5D54806-AA49-BBFF-A2D3-76FA3DF096FA}" = Catalyst Control Center Localization Korean
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAE442C0-F28B-8D58-1A1C-D566F9BCD294}" = Catalyst Control Center Localization Portuguese
"{AC76BA86-1033-F400-BA7E-000000000003}" = Adobe Acrobat  8 Standard - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B6B0D277-D003-307F-CF94-5F5894DFA3F1}" = Catalyst Control Center Graphics Full Existing
"{B7C03E84-AF46-42F4-809D-D4127D9086D0}" = VAIO Edit Components 6.4
"{BC653BB7-0AF0-22E5-A895-902AD52675CA}" = CCC Help Portuguese
"{BCEABBD6-6EDA-4246-7EDB-D68FCCD78A65}" = Catalyst Control Center Graphics Previews Common
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BDD17603-CB75-0639-E6DA-0D9AA92A605B}" = CCC Help English
"{BF5F6A06-0FC3-BEC0-9CC1-54D870A9EF97}" = Catalyst Control Center Localization Chinese Traditional
"{C221CE66-9C07-8EA7-8EF6-AAD8E4588AE0}" = CCC Help French
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C455F37C-E92E-5CEB-382D-8B8EC580266F}" = Catalyst Control Center Localization Norwegian
"{C6F150F6-AE89-30C7-6256-C40CF9328602}" = Catalyst Control Center Graphics Previews Vista
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{C772B18A-FA66-481A-B546-62550C106467}" = Pop Art Studio 6.2
"{C93F4E7C-1B31-449B-A304-EF277CF55E39}" = Catalyst Control Center - Branding
"{CABEC684-96B5-E559-2048-224883F16E91}" = Saal Design Software
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBAE1EE5-F6E0-BDEF-0D49-C2AE46BE3B88}" = CCC Help Polish
"{CC56A2CB-EC09-4175-B8BD-93E2440D410B}" = VAIO Content Metadata Manager Setting
"{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}" = HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D06F5884-B439-440B-A58D-6C057C2FF8EB}" = Click to Disc
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D0AE373E-C276-432B-9A95-F8DD356A8242}" = VAIO Movie Story
"{D3AF5596-546F-5975-39B4-259A197C7E24}" = Catalyst Control Center Localization Japanese
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D90507A2-6183-497D-9075-951DC80362DA}" = VAIO Media plus
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DDF57E4A-66B5-E9CC-C2A2-F2C98C57912C}" = CCC Help Turkish
"{DEBA60A3-7CDE-48D7-993D-7C68663AEE68}" = VAIO Content Metadata Intelligent Analyzing Manager
"{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}" = SonicStage Mastering Studio Audio Filter
"{E27D2C9F-83A1-A34C-E366-26EADB9270F7}" = Catalyst Control Center Localization Dutch
"{E2E7667F-C286-D110-7F9D-FC397A2607A8}" = CCC Help Danish
"{E7821540-B8F8-304F-1B97-C43D8582EB18}" = CCC Help Norwegian
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E8CA49A5-25C6-D80A-ED46-9D48A8B5D5F5}" = CCC Help Japanese
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}" = Pinnacle Instant DVD Recorder
"{F06300A2-87AE-042F-DE0F-1A5E380877C5}" = Catalyst Control Center Localization Czech
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F20E6529-0B46-FC26-378F-62CD640A98C4}" = Catalyst Control Center Localization Polish
"{F485E43D-18B1-4B40-AF4B-EDA78E91DA80}" = Dolby Control Center
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" = 
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F754B561-ACAD-A3FA-AF54-3E5F9E662B04}" = CCC Help Korean
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.5
"{F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}" = Adobe Premiere Elements 4.0 Templates
"{F8821B6D-B6C9-E676-9B7D-3269F36A1769}" = CCC Help Spanish
"{FACD3674-FC12-4B6C-A923-E1D687704E9B}" = VAIO Content Metadata XML Interface Library
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FC5A8E68-A2E5-4E14-91FA-7A3FB83C7E23}" = Adobe Photoshop Lightroom 4.2
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"7-Zip" = 7-Zip 9.20
"Adobe Acrobat  8 Standard - English, Français, Deutsch" = Adobe Acrobat 8.3.1 Standard
"Adobe Acrobat  8 Standard - English, Français, Deutsch_831" = Adobe Acrobat 8.3.1 - CPSID_83708
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AnyDVD" = AnyDVD
"Ashampoo Burning Studio 2009_is1" = Ashampoo Burning Studio 2009
"Atlantis - Sky Patrol" = Atlantis - Sky Patrol (remove only)
"Avira AntiVir Desktop" = Avira Free Antivirus
"Big Fish Games Center" = Big Fish Games Center
"Big Fish Games Sudoku" = Big Fish Games Sudoku (remove only)
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CloneDVD2" = CloneDVD2
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"DebugMode Wink" = DebugMode Wink
"Digital Editions" = Adobe Digital Editions
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX-Setup
"dt icon module" = 
"Flickr Uploadr" = Flickr Uploadr 3.2.1
"gtfirstboot Setting Request" = 
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP LaserJet M1005 MFP" = HP LaserJet M1005
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{8ED3A392-28F1-4375-97AC-BF275B5855F9}" = OpenMG Secure Module 5.0.00
"Mahjong Towers Eternity EU" = Mahjong Towers Eternity EU (remove only)
"MarketingTools" = Vaio Marketing Tools
"MFU Module" = 
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"Mystery Case Files - Prime Suspects" = Mystery Case Files - Prime Suspects (remove only)
"NAVIGON Fresh" = NAVIGON Fresh 3.4.1
"Office14.SingleImage" = Microsoft Office Professional 2010
"PremElem40" = Adobe Premiere Elements 4.0
"PremElem40Templates" = Adobe Premiere Elements 4.0 Templates
"proDAD-Heroglyph-2.5" = proDAD Heroglyph 2.5
"proDAD-Vitascene-1.0" = proDAD Vitascene 1.0
"ProInst" = Intel PROSet Wireless
"SaalDesignSoftware" = Saal Design Software
"Shop for HP Supplies" = Shop for HP Supplies
"VAIO Help and Support" = 
"VAIO_My Club VAIO" = My Club VAIO
"Virtual Villagers" = Virtual Villagers (remove only)
"VLC media player" = VLC media player 2.0.1
"winscp3_is1" = WinSCP 4.3.6
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ActiveTouchMeetingClient" = WebEx
"Amazon Kindle" = Amazon Kindle
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"MyFreeCodec" = MyFreeCodec
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 28.12.2012 17:13:10 | Computer Name = ***-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 28.12.2012 17:13:12 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 28.12.2012 09:23:14 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7034
Description = 
 
Error - 28.12.2012 09:24:18 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7030
Description = 
 
Error - 28.12.2012 09:33:45 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7030
Description = 
 
Error - 28.12.2012 09:38:11 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7030
Description = 
 
Error - 28.12.2012 17:13:12 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description = 
 
 
< End of report >

--- --- ---

M-K-D-B · 29.12.2012, 11:20

Servus,

wir entfernen noch die letzten Reste und führen ein paar Kontrollsuchläufe durch.

Du musst bei Schritt 1 alle *** in C:\Users\***\AppData\Roaming... durch deinen richtigen Benutzernamen ersetzen, sonst wird der Fix nicht funktionieren!

Schritt 1

Fixen mit OTL

Starte bitte die OTL.exe.
Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:

ATTFilter

:reg
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B6E718B0-3138-40B4-87E8-BA53D4295B6F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{309072F6-5046-451F-9F64-BAE417B883A7}]
"Path"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2]
"A28B4D68DEBAA244EB686953B7074FEF"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509]
"A28B4D68DEBAA244EB686953B7074FEF"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\Ask.com\Updater\"=-
"C:\Program Files\Ask.com\"=-
"C:\Program Files\Ask.com\assets\oobe\"=-
"C:\Program Files\Ask.com\assets\"=-
"C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4xvz1vj5.default\extensions\toolbar@ask.com\"=-
"C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4xvz1vj5.default\extensions\toolbar@ask.com\chrome\content\"=-
"C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4xvz1vj5.default\extensions\toolbar@ask.com\chrome\"=-
"C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4xvz1vj5.default\extensions\toolbar@ask.com\chrome\skin\"=-
"C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4xvz1vj5.default\extensions\toolbar@ask.com\defaults\preferences\"=-
"C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4xvz1vj5.default\extensions\toolbar@ask.com\defaults\"=-
"C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4xvz1vj5.default\extensions\toolbar@ask.com\searchplugins\"=-

:Commands
[emptytemp]

Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
Schließe bitte nun alle Programme.
Klicke nun bitte auf den Fix Button.
OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
Kopiere nun den Inhalt hier in Deinen Thread

Schritt 2
Downloade Dir bitte Malwarebytes' Anti-Malware

Installiere das Programm in den vorgegebenen Pfad.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Starte Malwarebytes, klicke auf Aktualisierung --> Suche nach Aktualisierung
Wenn das Update beendet wurde, aktiviere Quick-Scan durchführen und drücke auf Scannen.
Wenn der Scan beendet ist, klicke auf Ergebnisse anzeigen.
Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread.
Nachträglich kannst du den Bericht unter "Log Dateien" finden.

Schritt 3

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 4
Downloade Dir bitte SecurityCheck

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS- Box.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Wenn der Scan beendet wurde sollte sich ein Textdokument ( checkup.txt ) öffnen.

Poste den Inhalt bitte hier.

Bitte poste mit deiner nächsten Antwort

die Logdatei von OTL,
die Logdatei von MBAM,
die Logdatei von ESET,
die Logdatei von SecurityCheck.

Isin · 29.12.2012, 17:47

Super! Danke!

Schritt 1:

Zitat:

All processes killed
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B6E718B0-3138-40B4-87E8-BA53D4295B6F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B6E718B0-3138-40B4-87E8-BA53D4295B6F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar\ deleted successfully.
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{309072F6-5046-451F-9F64-BAE417B883A7}\\Path scheduled to be deleted on reboot.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2\\A28B4D68DEBAA244EB686953B7074FEF deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509\\A28B4D68DEBAA244EB686953B7074FEF deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Ask.com\Updater\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Ask.com\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Ask.com\assets\oobe\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Ask.com\assets\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4xvz1vj5.default \extensions\toolbar@ask.com\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4xvz1vj5.default \extensions\toolbar@ask.com\chrome\content\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4xvz1vj5.default \extensions\toolbar@ask.com\chrome\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4xvz1vj5.default \extensions\toolbar@ask.com\chrome\skin\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4xvz1vj5.default \extensions\toolbar@ask.com\defaults\preferences\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4xvz1vj5.default \extensions\toolbar@ask.com\defaults\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\4xvz1vj5.default \extensions\toolbar@ask.com\searchplugins\ deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes

User: All Users

User: CloneDVDTemp
->Temp folder emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 58462 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: ***
->Temp folder emptied: 982083 bytes
->Temporary Internet Files folder emptied: 235488003 bytes
->Java cache emptied: 13882813 bytes
->FireFox cache emptied: 137748970 bytes
->Google Chrome cache emptied: 155129688 bytes
->Flash cache emptied: 191319 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5332 bytes
RecycleBin emptied: 2999774 bytes

Total Files Cleaned = 521,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 12292012_173314

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{309072F6-5046-451F-9F64-BAE417B883A7}\\Path scheduled to be deleted on reboot.

Der Papierkorb ist nun vom Desktop verschwunden; das hatte ich zwischenzeitlich schon mal und ist wahrscheinlich ohne Bedeutung, nehme ich an.

M-K-D-B · 29.12.2012, 17:57

Servus,

den Papierkorb können wir zum Schluss wiederherstellen, das sollte kein Problem sein.

Bitte mit den Schritten fortfahren.

Isin · 29.12.2012, 18:04

Schritt 2:

Das mit dem Markieren der Funde konnte ich erfreulicherweise auslassen.

Zitat:

Malwarebytes Anti-Malware 1.70.0.1100
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2012.12.29.08

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
*** :: ***-PC [Administrator]

29.12.2012 17:51:52
mbam-log-2012-12-29 (17-51-52).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 233728
Laufzeit: 10 Minute(n), 29 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

26.12.2012, 13:49	#4
M-K-D-B /// TB-Ausbilder	GVU-Trojaner eingefangen Servus, alles klar. Du kannst mit den Schritten weitermachen.

29.12.2012, 17:57	#14
M-K-D-B /// TB-Ausbilder	GVU-Trojaner eingefangen Servus, den Papierkorb können wir zum Schluss wiederherstellen, das sollte kein Problem sein. Bitte mit den Schritten fortfahren.

GVU-Trojaner eingefangen

Plagegeister aller Art und deren Bekämpfung: GVU-Trojaner eingefangen