Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: yhs.delta-search Startseite in Google Chrome und Programm Spyhunter 4 entfernen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Alt 10.02.2013, 22:02   #1
Tenonen
 
yhs.delta-search Startseite in Google Chrome und Programm Spyhunter 4 entfernen - Standard

yhs.delta-search Startseite in Google Chrome und Programm Spyhunter 4 entfernen



Liebe Admins/Helfer,

folgendes Problem stellt sich seit heute auf meinem Rechner dar:

- Standardstartseite änderte sich in yhs.delta-search dot com statt normale google-Suche
- Genutzter Browser = Google Chrome
- Virenschutzprogramm von avast
- System ist auf aktuellem Stand (Windows Updates regelmäßig gemacht)
- Auf der Suche im Netz zu Löschungsmöglichkeiten der o. g. Seite entdeckte ich den ganzen Hintergrund zu diesem Schadprogramm, was sich bei mir unter Programme (Delta und Delta Toolbar) eingenistet hat
- Ich installierte dann Spyhunter 4 in der Hoffnung auf Abhilfe und ließ über die kostenlose Version einen Testlauf machen
- Ergebnis, er entdeckte 162 infizierte Stellen, 160 davon mit yhs…-Zuordnung und zwei weitere (Claro…)
- Danach hätte ich die Kaufversion erwerben müssen, um die infizierten Dateien zu bereinigen
- Dies unterließ ich und wurde auf Malwarebytes dot org aufmerksam
- Ich lud mir die kostenfreie Version runter und ließ das Programm einmal schnell und einmal einen ausführlichen Check machen
- Ergebnis: keine infizierten Dateien gefunden

Nun möchte ich weiterhin einerseits die Schadsoftware von Delta (yhs….) als auch andererseits das Programm Spyhunter 4 wieder loswerden. Beides ist nun nicht möglich.

Ich habe desweiteren auch HijackThis drüberlaufen lassen und auswerten lassen, es ergaben sich keine echten Warnmeldungen, nur einige wenige gelbe Fragezeichen.

Ich bitte höflichst um eure Unterstützung. Die Anleitungen, wie man einen thread erstellen soll und was man parallel noch installieren soll, habe ich befolgt. Alle benötigten logfiles sind angestellt.

Vielen Dank im Voraus für eine Rückmeldung.

Christian

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 10.02.2013 20:43:30 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\CHO\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 5,43 Gb Available Physical Memory | 67,96% Memory free
15,96 Gb Paging File | 12,65 Gb Available in Paging File | 79,24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 162,01 Gb Total Space | 54,36 Gb Free Space | 33,55% Space Free | Partition Type: NTFS
Drive D: | 292,97 Gb Total Space | 266,45 Gb Free Space | 90,95% Space Free | Partition Type: NTFS
 
Computer Name: CHO-VAIO | User Name: CHO | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.02.10 20:41:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\CHO\Desktop\OTL.exe
PRC - [2013.02.10 17:59:56 | 000,050,477 | ---- | M] () -- C:\Users\CHO\Desktop\Defogger.exe
PRC - [2013.01.20 20:29:18 | 028,539,272 | ---- | M] (Dropbox, Inc.) -- C:\Users\CHO\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.12.16 23:20:15 | 000,308,368 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.12.14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.11.22 16:58:14 | 001,522,312 | ---- | M] (pdfforge GbR) -- C:\Program Files (x86)\PDF Architect\HelperService.exe
PRC - [2012.11.22 16:56:10 | 000,905,864 | ---- | M] (pdfforge GbR) -- C:\Program Files (x86)\PDF Architect\ConversionService.exe
PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.10.30 23:50:56 | 000,133,912 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\afwServ.exe
PRC - [2012.07.11 13:39:56 | 001,835,520 | ---- | M] (TerraTec Electronic GmbH) -- C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe
PRC - [2012.06.26 13:10:30 | 001,516,632 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2012.06.11 11:33:26 | 000,724,376 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012.06.11 11:33:06 | 000,126,872 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2012.06.11 11:33:04 | 000,148,888 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2011.12.06 22:00:14 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2011.12.06 22:00:14 | 000,214,896 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2011.10.30 10:54:45 | 003,246,040 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2011.10.28 22:00:22 | 000,026,624 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe
PRC - [2011.09.19 14:58:26 | 000,087,368 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
PRC - [2011.09.01 14:39:54 | 000,966,712 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
PRC - [2011.06.14 17:42:26 | 001,540,096 | ---- | M] (Nokia) -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010.12.11 19:17:48 | 000,358,944 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2010.12.11 19:17:20 | 001,606,360 | ---- | M] () -- C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeNotify.exe
PRC - [2010.12.11 19:17:06 | 005,145,824 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2010.12.11 19:10:14 | 010,811,992 | ---- | M] () -- C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe
PRC - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2009.11.30 18:20:00 | 000,204,648 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
PRC - [2009.11.30 18:20:00 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
PRC - [2009.10.24 02:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2009.10.24 02:18:52 | 000,597,792 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe
PRC - [2009.10.13 20:25:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009.10.13 20:25:30 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2009.09.14 18:24:08 | 000,206,336 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2009.09.14 17:53:48 | 000,642,416 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2009.09.04 22:35:14 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009.08.26 18:24:00 | 000,320,880 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe
PRC - [2008.09.18 09:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2007.07.24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007.01.04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.02.10 17:59:56 | 000,050,477 | ---- | M] () -- C:\Users\CHO\Desktop\Defogger.exe
MOD - [2012.10.05 11:53:24 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2012.10.05 11:53:24 | 003,198,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2012.10.05 11:53:24 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2012.08.31 11:59:19 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
MOD - [2012.06.26 13:11:10 | 000,345,688 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtXml4.dll
MOD - [2012.06.26 13:11:08 | 000,282,200 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtSvg4.dll
MOD - [2012.06.26 13:11:02 | 008,197,208 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtGui4.dll
MOD - [2012.06.26 13:11:00 | 002,302,040 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtCore4.dll
MOD - [2012.06.26 13:10:58 | 000,202,328 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
MOD - [2012.06.26 13:10:58 | 000,027,736 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
MOD - [2011.12.06 22:00:14 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2011.09.27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.09.01 14:38:32 | 000,931,896 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Maps Service API.dll
MOD - [2011.09.01 14:37:50 | 010,837,504 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtWebKit4.dll
MOD - [2011.09.01 14:37:50 | 000,913,920 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtNetwork4.dll
MOD - [2011.09.01 14:37:50 | 000,416,256 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\sqldrivers\qsqlite4.dll
MOD - [2011.09.01 14:37:50 | 000,196,608 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\imageformats\qjpeg4.dll
MOD - [2011.09.01 14:37:50 | 000,026,624 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\imageformats\qgif4.dll
MOD - [2011.09.01 14:37:48 | 008,166,912 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtGui4.dll
MOD - [2011.09.01 14:37:48 | 002,551,296 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtXmlPatterns4.dll
MOD - [2011.09.01 14:37:48 | 002,282,496 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtCore4.dll
MOD - [2011.09.01 14:37:48 | 002,246,656 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtDeclarative4.dll
MOD - [2011.09.01 14:37:48 | 001,288,192 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtScript4.dll
MOD - [2011.09.01 14:37:48 | 000,676,864 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtOpenGL4.dll
MOD - [2011.09.01 14:37:48 | 000,340,480 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtXml4.dll
MOD - [2011.09.01 14:37:48 | 000,266,752 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\phonon4.dll
MOD - [2011.09.01 14:37:48 | 000,190,464 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtSql4.dll
MOD - [2011.09.01 14:08:58 | 000,508,416 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtMultimediaKit1.dll
MOD - [2011.09.01 14:08:56 | 000,109,568 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\mediaservice\dsengine.dll
MOD - [2011.09.01 14:08:18 | 000,378,880 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QxtCore.dll
MOD - [2011.09.01 14:08:18 | 000,159,232 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QxtWeb.dll
MOD - [2011.09.01 14:08:16 | 000,089,088 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\qjson.dll
MOD - [2011.09.01 14:08:14 | 000,392,080 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\ssoengine.dll
MOD - [2011.09.01 14:08:14 | 000,387,976 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\OviShareLib.dll
MOD - [2011.09.01 14:08:14 | 000,058,768 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\securestorage.dll
MOD - [2011.09.01 14:07:04 | 000,727,552 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\CommonUpdateChecker.dll
MOD - [2010.12.11 19:17:20 | 001,606,360 | ---- | M] () -- C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeNotify.exe
MOD - [2010.12.11 19:17:06 | 005,145,824 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
MOD - [2010.12.11 19:10:14 | 010,811,992 | ---- | M] () -- C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe
MOD - [2010.12.11 17:23:00 | 000,279,904 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\Common\resource.dll
MOD - [2010.12.11 16:10:58 | 000,028,512 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\Common\rpc_client.dll
MOD - [2010.12.11 16:09:48 | 000,019,808 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\Common\thread_pool.dll
MOD - [2010.11.13 01:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.05 02:58:14 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2010.11.05 02:58:10 | 000,114,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2010.11.05 02:58:04 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2009.06.10 22:22:40 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
MOD - [2005.07.20 11:48:10 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\zlib1.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2009.09.16 22:28:42 | 000,167,424 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Care\collsvc.exe -- (SampleCollector)
SRV - [2013.02.10 16:33:31 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.01.14 21:34:36 | 001,024,384 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Running] -- C:\Programme\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
SRV - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.11.22 16:58:14 | 001,522,312 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2012.11.22 16:56:10 | 000,905,864 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.10.30 23:50:56 | 000,133,912 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2012.10.26 09:44:28 | 001,286,784 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Update\VUAgent.exe -- (VUAgent)
SRV - [2012.07.13 13:14:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.06.11 11:33:26 | 000,724,376 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.02.10 16:02:24 | 000,399,944 | ---- | M] (Elgato Systems GmbH) [Auto | Running] -- C:\Program Files (x86)\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe -- (EyeTV Netstream)
SRV - [2011.12.06 22:00:14 | 000,214,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011.10.30 10:54:45 | 003,246,040 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2011.09.19 14:58:26 | 000,087,368 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2010.12.11 19:18:12 | 001,064,584 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.11.30 18:51:18 | 000,571,248 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV - [2009.11.30 18:20:00 | 000,204,648 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2009.11.25 18:06:06 | 000,821,760 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV - [2009.10.24 02:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009.10.15 15:34:36 | 000,427,304 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2009.10.15 15:34:36 | 000,091,432 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe -- (SOHPlMgr)
SRV - [2009.10.15 15:34:36 | 000,075,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2009.10.15 15:34:34 | 000,120,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2009.10.15 15:34:34 | 000,070,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe -- (SOHDBSvr)
SRV - [2009.10.13 20:25:30 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON)
SRV - [2009.09.21 15:24:40 | 001,420,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2009.09.21 15:00:44 | 000,831,760 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2009.09.16 12:27:12 | 000,480,624 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2009.09.14 18:24:08 | 000,206,336 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2009.09.14 18:24:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2009.09.14 17:53:48 | 000,642,416 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2009.09.08 17:09:20 | 000,110,960 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV - [2009.09.04 22:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009.09.01 20:42:00 | 000,361,840 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV - [2009.08.31 00:59:30 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2009.08.31 00:59:18 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.09.18 09:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2007.07.24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007.01.04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.12.14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.10.30 23:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012.10.30 23:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012.10.30 23:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012.10.30 23:51:55 | 000,262,656 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis2.sys -- (aswNdis2)
DRV:64bit: - [2012.10.30 23:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.10.30 23:51:55 | 000,021,136 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012.10.30 23:51:53 | 000,132,864 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswFW.sys -- (aswFW)
DRV:64bit: - [2012.10.30 23:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.10.15 17:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012.09.28 10:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.06.22 11:01:32 | 000,022,704 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EsgScanner.sys -- (EsgScanner)
DRV:64bit: - [2012.06.11 11:33:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.09 17:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.01.09 17:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.10.30 10:54:46 | 000,285,280 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2011.10.30 10:54:43 | 001,263,200 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm273.sys -- (tdrpman273)
DRV:64bit: - [2011.10.30 10:54:39 | 000,943,712 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2011.10.30 10:54:26 | 000,277,088 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2011.09.06 22:10:01 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis)
DRV:64bit: - [2011.08.02 17:38:44 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2011.05.13 03:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011.05.13 03:21:04 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2011.05.13 03:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011.05.13 03:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.24 17:34:02 | 000,096,512 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SD11CL64.sys -- (SD11CL64)
DRV:64bit: - [2011.01.24 11:51:02 | 000,075,904 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SDI01164.SYS -- (SDI01164)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 11:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.04.12 09:09:08 | 000,131,144 | ---- | M] (ABILIS Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AbilisBdaTuner.sys -- (AbilisT)
DRV:64bit: - [2009.11.18 21:03:16 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.11.18 21:03:15 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009.11.18 21:03:15 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009.11.18 21:03:13 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2009.11.18 21:02:45 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009.11.06 21:34:48 | 000,084,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009.11.06 21:27:30 | 000,093,696 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci)
DRV:64bit: - [2009.11.05 07:30:19 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.11.04 10:59:59 | 000,253,488 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009.10.27 21:06:59 | 000,151,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009.10.13 20:16:40 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.09.15 21:09:08 | 000,075,776 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe)
DRV:64bit: - [2009.09.15 11:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
DRV:64bit: - [2009.08.19 21:09:21 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2009.08.05 22:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009.07.31 21:02:03 | 000,393,216 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.26 13:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2009.05.20 11:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2007.04.17 10:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV:64bit: - [2006.12.08 02:00:00 | 000,706,560 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxusbase.sys -- (fxusbase)
DRV:64bit: - [2006.12.08 02:00:00 | 000,105,472 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avmcowan.sys -- (AVMCOWAN)
DRV - [2011.03.02 17:17:20 | 000,013,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Programme\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007.04.17 19:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\regi.sys -- (regi)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\CHO\Desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\..\SearchScopes,DefaultScope = {206CCB53-ADEE-4B29-8104-E192191AAFA1}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.yhs.delta-search.com/?q={searchTerms}&affID=119816&tt=030213_yh&babsrc=SP_ss&mntrId=588a7b3d0000000000000023142b6861
IE - HKCU\..\SearchScopes\{206CCB53-ADEE-4B29-8104-E192191AAFA1}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SVEC_deDE455DE456
IE - HKCU\..\SearchScopes\{691936AE-67AA-48FD-9DAC-9A5EE9140B8C}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{FA9AB297-91D8-4245-BCF5-1904DA0804BD}: "URL" = hxxp://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search
IE - HKCU\..\SearchScopes\{FB1E7508-A71F-4624-9C09-DFA26E9E2B9E}: "URL" = Shopping.com Deutschland - der große Produkt- und Preisvergleich
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_39: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\CHO\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\CHO\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.10.30 11:33:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.10.31 21:53:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2012.11.29 20:25:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.10.31 21:53:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.10.30 11:33:57 | 000,000,000 | ---D | M]
 
[2013.02.06 13:53:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
 
========== Chrome  ==========
 
CHR - homepage: YHS Delta Search
CHR - default_search_provider: Delta Search (Enabled)
CHR - default_search_provider: search_url = hxxp://www.yhs.delta-search.com/?q={searchTerms}&affID=119816&tt=030213_yh&babsrc=SP_ss&mntrId=588a7b3d0000000000000023142b6861
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: YHS Delta Search
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\CHO\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\CHO\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\CHO\AppData\Local\Google\Chrome\Application\24.0.1312.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\CHO\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - Extension: Brushed = C:\Users\CHO\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofcmglifg\1.0_0\
CHR - Extension: YouTube = C:\Users\CHO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Adblock Plus = C:\Users\CHO\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\
CHR - Extension: Google-Suche = C:\Users\CHO\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Delta Toolbar = C:\Users\CHO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnnabbonolmdccgncgckdfikehphiknc\1.0_0\
CHR - Extension: avast! WebRep = C:\Users\CHO\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll (Delta-search.com)
O2 - BHO: (AusweisApp 1.8.0.0) - {C9EE92B7-EDD5-4ad9-8029-2EC6818E653A} - C:\Program Files (x86)\AusweisApp\siqeCardClient.ols (OpenLimit SignCubes AG)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll (Delta-search.com)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~2\TerraTec\TERRAT~1\THCDES~1.DLL (TerraTec Electronic GmbH)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe ()
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\Run: [Remote Control Editor] C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe (TerraTec Electronic GmbH)
O4 - Startup: C:\Users\CHO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\CHO\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39)
O16 - DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{55B67249-4A60-4633-A780-8CC983E8AD75}: DhcpNameServer = 193.189.244.206 193.189.244.225
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5657B908-A148-499F-AD0E-8C5D1CB8F014}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB8C9484-BDD0-485F-9085-847F9BF303D0}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll) -  File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) -  File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.02.10 16:24:04 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{58660844-9630-11e1-b61a-5063139f441a}\Shell - "" = AutoRun
O33 - MountPoints2\{58660844-9630-11e1-b61a-5063139f441a}\Shell\AutoRun\command - "" = G:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.10 20:38:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\CHO\Desktop\OTL.exe
[2013.02.10 19:52:19 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\CHO\Desktop\HijackThis.exe
[2013.02.10 17:20:39 | 000,000,000 | ---D | C] -- C:\Users\CHO\AppData\Roaming\Malwarebytes
[2013.02.10 17:20:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.10 17:20:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.10 17:20:26 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.02.10 17:20:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.02.10 17:18:35 | 010,156,344 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\CHO\Desktop\mbam-setup-1.70.0.1100.exe
[2013.02.10 16:23:45 | 000,000,000 | ---D | C] -- C:\Users\CHO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
[2013.02.10 16:23:43 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2013.02.10 16:23:43 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013.02.10 16:22:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013.02.10 16:21:56 | 000,726,464 | ---- | C] (Enigma Software Group USA, LLC.) -- C:\Users\CHO\Desktop\SpyHunter-Installer.exe
[2013.02.06 13:58:14 | 000,000,000 | ---D | C] -- C:\Users\CHO\Local Settings
[2013.02.06 13:58:13 | 000,000,000 | ---D | C] -- C:\Users\CHO\AppData\Roaming\Software4u
[2013.02.06 13:54:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2013.02.06 13:54:06 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2013.02.06 13:54:02 | 000,000,000 | ---D | C] -- C:\Users\CHO\AppData\Roaming\CRDeltaTB
[2013.02.06 13:53:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Delta
[2013.02.06 13:53:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.02.06 13:53:55 | 000,000,000 | ---D | C] -- C:\Users\CHO\AppData\Roaming\Delta
[2013.02.06 13:53:46 | 000,000,000 | ---D | C] -- C:\Users\CHO\AppData\Roaming\Babylon
[2013.02.06 13:53:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.10 20:41:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\CHO\Desktop\OTL.exe
[2013.02.10 20:37:43 | 000,000,000 | ---- | M] () -- C:\Users\CHO\defogger_reenable
[2013.02.10 20:35:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2344207949-3861841193-2648694436-1003UA.job
[2013.02.10 20:33:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.10 20:19:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.10 20:06:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2344207949-3861841193-2648694436-1000UA.job
[2013.02.10 19:52:20 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\CHO\Desktop\HijackThis.exe
[2013.02.10 19:37:15 | 000,009,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.10 19:37:15 | 000,009,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.10 19:28:04 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.10 19:27:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.10 19:27:24 | 2133,381,119 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.10 17:59:56 | 000,050,477 | ---- | M] () -- C:\Users\CHO\Desktop\Defogger.exe
[2013.02.10 17:43:30 | 000,007,054 | ---- | M] () -- C:\Users\CHO\Desktop\mbam-log-2012-04-25 (12-32-04).zip
[2013.02.10 17:20:28 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.10 17:18:39 | 010,156,344 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\CHO\Desktop\mbam-setup-1.70.0.1100.exe
[2013.02.10 16:24:04 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2013.02.10 16:23:45 | 000,002,254 | ---- | M] () -- C:\Users\CHO\Desktop\SpyHunter.lnk
[2013.02.10 16:21:57 | 000,726,464 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Users\CHO\Desktop\SpyHunter-Installer.exe
[2013.02.10 16:13:29 | 001,599,906 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.02.10 16:13:29 | 000,700,608 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.02.10 16:13:29 | 000,655,280 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.02.10 16:13:29 | 000,149,372 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.02.10 16:13:29 | 000,122,152 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.02.10 16:13:22 | 001,599,906 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.02.06 13:52:06 | 000,163,392 | ---- | M] () -- C:\Users\CHO\Desktop\IDMSetup_1.9.0.exe
[2013.02.05 21:35:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2344207949-3861841193-2648694436-1003Core.job
[2013.02.05 21:17:11 | 005,374,150 | ---- | M] () -- C:\Users\CHO\Desktop\ETV mille Deutsche 2001.zip
[2013.02.03 20:13:01 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2344207949-3861841193-2648694436-1000Core.job
[2013.01.29 20:23:18 | 000,244,401 | ---- | M] () -- C:\test.xml
[2013.01.26 13:29:06 | 000,001,047 | ---- | M] () -- C:\Users\CHO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.01.26 13:28:56 | 000,001,011 | ---- | M] () -- C:\Users\CHO\Desktop\Dropbox.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.02.10 20:37:43 | 000,000,000 | ---- | C] () -- C:\Users\CHO\defogger_reenable
[2013.02.10 17:59:53 | 000,050,477 | ---- | C] () -- C:\Users\CHO\Desktop\Defogger.exe
[2013.02.10 17:43:26 | 000,007,054 | ---- | C] () -- C:\Users\CHO\Desktop\mbam-log-2012-04-25 (12-32-04).zip
[2013.02.10 17:20:28 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.10 16:24:04 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2013.02.10 16:23:48 | 000,022,704 | ---- | C] () -- C:\Windows\SysNative\drivers\EsgScanner.sys
[2013.02.10 16:23:45 | 000,002,254 | ---- | C] () -- C:\Users\CHO\Desktop\SpyHunter.lnk
[2013.02.06 13:52:02 | 000,163,392 | ---- | C] () -- C:\Users\CHO\Desktop\IDMSetup_1.9.0.exe
[2013.02.05 21:17:07 | 005,374,150 | ---- | C] () -- C:\Users\CHO\Desktop\ETV mille Deutsche 2001.zip
[2013.01.19 09:28:18 | 000,001,145 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
[2012.05.04 23:07:15 | 001,599,906 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.11.07 20:51:36 | 000,166,354 | ---- | C] () -- C:\Windows\hpwins05.dat.temp
[2011.11.07 20:51:36 | 000,004,785 | ---- | C] () -- C:\Windows\hpwmdl05.dat.temp
[2011.10.30 11:18:23 | 000,273,739 | ---- | C] () -- C:\Windows\hpwins05.dat
[2011.10.30 11:18:23 | 000,003,111 | ---- | C] () -- C:\Windows\hpwmdl05.dat
[2011.10.28 22:01:13 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\SonyVideoProcessor.dll
[2011.10.28 21:49:17 | 000,001,607 | ---- | C] () -- C:\Windows\SysWow64\McOEMAppRules.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.05.06 09:16:14 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\Acronis
[2012.11.29 20:25:33 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\APP_NAME_NON_STRING
[2013.01.29 22:18:31 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\Auslogics
[2013.02.06 13:53:46 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\Babylon
[2013.02.06 13:54:02 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\CRDeltaTB
[2013.02.06 13:53:55 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\Delta
[2013.02.10 19:31:02 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\Dropbox
[2012.06.01 19:03:16 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\Eumex 400
[2012.11.07 10:07:07 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\GinyasBrowserCompanion
[2012.05.04 22:51:43 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\motorola
[2012.05.07 20:53:56 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\MyPhoneExplorer
[2012.11.07 10:13:15 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\Nokia
[2012.05.05 11:22:35 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\PC Suite
[2012.11.29 20:27:22 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\PDF Architect
[2012.11.29 20:25:10 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\pdfforge
[2013.02.06 13:58:13 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\Software4u
[2012.05.13 08:27:14 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\systweak
[2011.11.11 20:47:13 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\TeamViewer
[2012.08.27 21:50:01 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\TerraTec
 
========== Purity Check ==========
 
 

< End of report >
         
--- --- ---

OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 10.02.2013 20:43:30 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\CHO\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 5,43 Gb Available Physical Memory | 67,96% Memory free
15,96 Gb Paging File | 12,65 Gb Available in Paging File | 79,24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 162,01 Gb Total Space | 54,36 Gb Free Space | 33,55% Space Free | Partition Type: NTFS
Drive D: | 292,97 Gb Total Space | 266,45 Gb Free Space | 90,95% Space Free | Partition Type: NTFS
 
Computer Name: CHO-VAIO | User Name: CHO | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00DC8C3A-A3F8-46A1-9209-1853ABB9C37F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | 
"{024CBB58-664A-48C6-AE50-9DF36143F135}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{043D29A2-0490-465C-9441-51BD2A213554}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{06E0E7E6-59FE-4694-A51A-DECE1924FA04}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{0A9276F9-4763-4C73-9300-633E3B73F502}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{0E0678F5-5803-4C51-83E8-3F83B3764DB4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{1341BC44-EEBA-4683-8563-21E1EB417DBA}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{160DA3F9-4A68-45FC-91A5-9E11F956C3A6}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{177E28A6-E663-4A64-91E5-502C4D808DA0}" = rport=137 | protocol=17 | dir=out | app=system | 
"{19BE2813-F1EF-4C2E-A57F-365AC170EB3B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{21252EF5-5EC4-4B00-9072-039A5F5E61CB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{2C8B9540-6229-4DA0-A088-2D8D2643121F}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{3195CF47-4CF7-4D31-A2E8-B62459EE76DD}" = rport=2869 | protocol=6 | dir=out | app=system | 
"{3A76797E-FAAE-4F8E-B682-81EF45FC86CD}" = lport=137 | protocol=17 | dir=in | app=system | 
"{3BB59AC4-225F-440C-9602-9B4E9F339FAF}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{3F95A46F-8FCA-41BD-9C70-2FE430992855}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{4BC4059B-6C93-40DB-8B59-73B98D0BCB5E}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{4ED59CD5-82CA-4995-A56D-01F156C490B3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{574DD4E3-831D-446B-A468-9911B6F6727B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{5A1FB20F-30F1-4F0C-8914-97B5E0C8833A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{6F60FBFE-8E62-4919-A5E2-B3BE42782713}" = lport=445 | protocol=6 | dir=in | app=system | 
"{7A73F89E-4C4F-4972-97B1-DBE8D0F1F95D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{7DD2D5E5-CC7F-41E5-BA95-1BAFFD5307D0}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{8395B168-5393-458B-ADBA-4BA7DDEC34D3}" = rport=445 | protocol=6 | dir=out | app=system | 
"{8732EBC4-7C9C-4A3B-B909-10385D90EBDB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{89E29D01-E4F7-4661-8E20-20E49933B7E9}" = lport=138 | protocol=17 | dir=in | app=system | 
"{A0531AAB-FE88-403D-BFA3-1BC4FB0AC1D9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{AA6269EF-FCF0-459C-9221-E83960BE7594}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{B245A7B1-13B8-49CD-8F79-DA09E7261D1D}" = rport=138 | protocol=17 | dir=out | app=system | 
"{BE3FB89D-463B-4A0D-B187-DBD978E72A1A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{BE74CA27-66DB-4A27-A2F9-BA5FC0B887A2}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{C2522D85-9BB6-45C9-90E1-459CEDDC8A81}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | 
"{C2609ED1-E8CA-4D5D-97BC-4D55391F073C}" = rport=139 | protocol=6 | dir=out | app=system | 
"{C48721B4-53FA-4D55-9FEC-BD5BD81A52D2}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{C503A9F5-B363-403B-85EF-DAC5B327A7A2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{CDCDA8CB-820D-474D-A809-BA028DA23D14}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{CE189DE6-1F41-416F-B3FD-7872F8FF0726}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{CEF95F28-3290-4109-864D-3285C675DEC5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{D8E75861-FF67-4796-8149-44F1F39696F3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{E9B62DE8-B8DD-4EC8-9965-4715A5AE0A4B}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{EDFD6FBA-6DF2-4BA0-BA1A-C7B6E74636EC}" = lport=139 | protocol=6 | dir=in | app=system | 
"{EFCF0F58-1EE8-4066-B1CE-B488CED507AB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{FF45A9FC-8EFE-4B3F-B2EE-08EF73AB3EC4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01A5F1F4-067E-4F6A-892B-1A11123B05D2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | 
"{028639A8-04D3-4845-9B3B-0002884240EF}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe | 
"{0878DAA3-2481-4F28-9363-275DE4F87600}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{0B526495-57CB-4ABF-8EA7-CC4BB5624D07}" = protocol=17 | dir=in | app=c:\users\cho\appdata\local\temp\7zs599c\hppiw.exe | 
"{0D97432D-783B-4FBE-A941-CE368266A8D1}" = protocol=6 | dir=in | app=f:\alicesetup.exe | 
"{102DEF33-C5A1-4460-9A90-98ABEC078897}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{16C5C96D-B067-487A-A6C8-6558B2FFC0AC}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe | 
"{17DF2950-C18C-4FE0-B86A-891FB7ED9D20}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{1A7B7F21-ED4B-4D89-B623-B7918AC253BB}" = protocol=6 | dir=out | app=system | 
"{1CA78752-A4A3-4967-8377-7F68620AE445}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{212FC2DC-24C0-4D4C-BAD0-525B520473D5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{2791A300-1332-44F8-94FF-04A2835B36A2}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe | 
"{27C559DD-2394-4814-AF71-B4CDD969C64B}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\insttool.exe | 
"{280DE6AB-E8B4-4938-971D-35C02FA36E9E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe | 
"{2A69B060-D9D9-48DA-AD90-66B85E32591B}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe | 
"{2A8F39A9-33EE-48B0-BA7B-16757849BE59}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{2AAFF87A-CAD2-4C78-932D-60CD68FAB635}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{2D06307F-0E93-43AB-8810-EFA9D2B89D89}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | 
"{2EDB8A54-CD91-4A9F-BB1B-D414D28A2454}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | 
"{31751B4A-0EDE-434B-925B-CAB8C78D76DC}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe | 
"{36CBA866-50AE-4502-BDAB-EC2DA5F12B03}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{39108446-E894-4141-8DD1-D2A59F1335C0}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{3CB99655-B688-4C98-BBE9-8074414FEDAE}" = dir=in | app=c:\users\cho\appdata\local\temp\7zs2efe\ojprol7x00_full_14\setup\hpznui40.exe | 
"{3F586DAB-A2E5-4CC2-8C1A-01AC9A90378C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{52B33ED4-AC2C-4043-8555-F8F9AC468497}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe | 
"{54D5228B-F756-4037-B3F6-2F9B3BDBEA1E}" = protocol=17 | dir=in | app=c:\users\cho\appdata\local\temp\7zs5862\hppiw.exe | 
"{58B55B2C-6FC6-4350-8255-5D9FDFDB2877}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{5AAE3754-891D-475F-9185-0CD6BC7427B5}" = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe | 
"{5F2EE9A3-DC51-4AF6-82BA-42CDBED2995F}" = protocol=6 | dir=in | app=c:\users\cho\appdata\local\temp\7zs599c\hppiw.exe | 
"{5F90CFD6-ED07-4516-B7D7-3924B640A796}" = protocol=6 | dir=in | app=c:\program files (x86)\software4u\idevice manager\software4u.idevicemanager.exe | 
"{60985C30-D3C6-491E-AC8D-154E23C08781}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe | 
"{6326EFDF-29E9-4815-AC60-5221D3E146EF}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe | 
"{63EE679B-5593-4594-8F25-B457A161B6BA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{6A1FEE55-8C4B-4935-8953-BE11D7A17301}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | 
"{6E7EC20E-11C1-4995-83BB-7945C09F67BF}" = protocol=6 | dir=in | app=c:\users\cho\appdata\local\temp\7zs5862\hppiw.exe | 
"{7063EFF1-A054-4742-A507-FBBBED3DDFCE}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | 
"{708EB8A2-F21E-4B11-9FE6-BFCEDE21A04B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe | 
"{7289FEED-2D44-4CCD-A117-41933F7AE1B9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{750E464F-90B9-470F-83F0-55B41AC70655}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{77288E3C-2086-41FD-94E6-E5E2624B73B7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | 
"{78C08D39-E8C5-41AB-BD81-4B1A019CA2E4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{7BF04A0F-6101-4A5D-B820-FC6A32A08A71}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | 
"{7E64AA0F-653B-4BF8-9522-A41FB4FA3029}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{839E9557-7F1F-4641-B580-AFCBB94F89BF}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{85CAA230-55BF-4B6D-9B62-00005FF4DF42}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{86F831A1-BC47-46EE-95A1-47C646E3A331}" = protocol=17 | dir=in | app=%systemroot%\ehome\ehrecvr.exe | 
"{87649EBB-CE3E-4444-9617-5E262C3A8214}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe | 
"{921E0615-5A8C-4A92-91F0-3D58D23434D6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{922F5185-C369-4806-A39C-0412E292083A}" = protocol=17 | dir=in | app=c:\users\cho\appdata\roaming\dropbox\bin\dropbox.exe | 
"{93D0D21C-A0CC-4F21-9E10-864B4C559478}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{9753D050-2C82-4C5C-887A-382CA453C033}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | 
"{97B06B09-332B-4C48-98FA-E118757DB40F}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe | 
"{9B8A5824-0105-4AC0-9C02-25CF7EA8CEE0}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{9BA63CB7-AA60-4640-A30A-07882BB507C6}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
"{A7DD9A62-4B7A-48CB-8EA9-5079F767406B}" = protocol=17 | dir=in | app=f:\alicesetup.exe | 
"{A974E2F4-6D53-477C-A9C0-6A3EBE5B39C5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{A9990A6C-158B-4758-8497-C8D883EA1616}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{AAACA720-AC64-4749-89A0-DA708C05A8C6}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{B22F352E-58DF-4815-9573-4F837C2DCA8A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe | 
"{B64A2512-D179-4CF3-9251-2AF4C48FC0A7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B7D02A4B-7B7E-4D06-8B56-41A580A18C18}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\insttool.exe | 
"{C49FC8B0-F990-4137-90BB-B55D7E845E55}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe | 
"{C7240D99-E523-4EF7-B6C5-4DAC9AFCA55E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{C9F30E71-CEEE-4A4B-9BEC-1D8C5CD9CFEC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | 
"{D0B8F6B9-D73B-4920-BFC3-451D8FADEC8A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{D6562E7B-262F-47F5-AEC7-F4E57B28B1A9}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{D88A9955-E3D0-4705-A8A2-8817ADBD5D6F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{DA6A303A-8534-4B6A-B2B4-B6BA259E3364}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 | 
"{DB86E6BB-C8CC-4BF2-BDD6-32A37B1B3B3C}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe | 
"{DE41F9AC-04D4-4AB2-BA5B-60B08B538F1E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe | 
"{DE7C90B2-CECC-4D4A-8C5E-36F8D3132EF4}" = protocol=17 | dir=in | app=c:\program files (x86)\software4u\idevice manager\software4u.idevicemanager.exe | 
"{E0DB9ADF-AEFE-4B68-A35F-1095EBF9E580}" = protocol=6 | dir=in | app=c:\users\cho\appdata\roaming\dropbox\bin\dropbox.exe | 
"{E1F06D81-0BB2-4BD9-A6E0-07B7F402DD27}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{E2432F26-83DE-46F4-A193-87B3CBA1CD02}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | 
"{E300CF43-50EB-42BF-827B-4432189B84B4}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{EBB6DA5B-EB31-4564-AFED-442819B6DF1D}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{EC92A8C9-4B31-4110-9C05-4A62ACF1759D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe | 
"{ECA43F96-D9D5-4769-A2A5-150467B32D5D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe | 
"{ED482A63-1B6E-4767-902F-3B066B9F25E8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{F15F247A-94F0-47BF-BDA3-65A358218A26}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{F28DF523-5F5E-4964-8F6E-2C7E34829C13}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{F51FC2CE-1E2A-42EE-9393-00732771B533}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe | 
"TCP Query User{5BCA2577-9441-480C-9FC1-CB35EB1B0BA5}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\myphoneexplorer\myphoneexplorer.exe | 
"TCP Query User{96D2E363-8087-438F-8EF0-F92477393043}C:\program files (x86)\motorola media link\lite\mml.exe" = protocol=6 | dir=in | app=c:\program files (x86)\motorola media link\lite\mml.exe | 
"TCP Query User{A9B0E516-1296-4F48-B9F1-1EC45229EA1A}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\myphoneexplorer\myphoneexplorer.exe | 
"TCP Query User{B3205D26-3CB4-44E9-893D-657C26FB99F5}C:\users\cho\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\cho\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{13156401-5623-4B8E-8E4F-5538B85C9D0D}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\myphoneexplorer\myphoneexplorer.exe | 
"UDP Query User{218003A1-4A91-49E4-B998-45979F8EF50C}C:\program files (x86)\motorola media link\lite\mml.exe" = protocol=17 | dir=in | app=c:\program files (x86)\motorola media link\lite\mml.exe | 
"UDP Query User{9228CB66-5FC2-4016-9D1C-2B20A8F96DBD}C:\users\cho\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\cho\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{E1652EF9-DA5C-49D0-B7D5-82C898C55B94}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\myphoneexplorer\myphoneexplorer.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F86416016FF}" = Java(TM) 6 Update 16 (64-bit)
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{6B6C4C46-1B7E-4A41-9E70-ACFBB22B1D81}" = SpyHunter
"{6B7DE186-374B-4873-AEC1-7464DA337DD6}" = VU5x64
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6C64CC-EA60-47A6-9C97-82C38231EDAE}" = HP OfficeJet L7300/L7500/7600/7700
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{B0C6CCC9-0BAB-4636-A06F-B43B6FBC25DF}" = Motorola Mobile Drivers Installation 5.4.0
"{C862EC05-1C15-4327-B15D-C7788D6CFF73}" = Image Resizer Powertoy Clone for Windows (64 bit)
"{CCAFF072-4DDB-4846-963D-15F02A8E9472}" = Intel(R) PROSet/Wireless WiFi-Software
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{F0A36649-873E-4832-A5F1-BF5DF8600BDB}" = Windows Live Family Safety
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Windows-Treiberpaket - Nokia Modem  (02/25/2011 7.01.0.9)
"930E4792BDAEAFB62A9514EE7578775658A5D07C" = Windows Driver Package - Broadcom Bluetooth  (09/09/2009 6.2.0.9405)
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Windows-Treiberpaket - Nokia Modem  (02/25/2011 4.7)
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPOCR" = OCR Software by I.R.I.S. 14.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel PROSet Wireless
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{048DDE77-66D5-4335-8497-903856759B58}" = BPDSoftware
"{04DB9640-A905-456C-96F5-F1EB80FEB5C9}" = ProductContext
"{05DC79C6-4213-45D3-BE8A-50B8B7C1F0E1}" = bpd_scan_Carrier
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07D77970-B205-460C-84E4-263F30455597}" = Nokia Ovi Suite
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{12451AF7-EFF8-4B5B-8255-282D7CC7CAEE}" = OviMPlatform
"{12D0BE8D-538C-4AB1-86DE-C540308F50DA}" = VAIO Content Metadata Manager Settings
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"{1E450972-E996-4EC1-A4C3-1518A46928D0}" = VAIO Content Metadata Intelligent Network Service Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{1FD416D0-CC16-41D1-A25C-C9986CD8BBAB}" = VAIO Content Metadata Intelligent Analyzing Manager
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{208345BE-27BB-4367-B245-A5B6E764FDD0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = Einstellungen für VAIO-Inhaltsüberwachung
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 39
"{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}" = VAIO Content Metadata XML Interface Library
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2CC53A53-44F4-4667-8584-2FFC9ACB2242}" = Ovi Desktop Sync Engine
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{30B41B7A-3C9D-44DE-A7A1-949011F33CC3}" = PDF Architect
"{34DC654E-6E43-4BFA-9E00-6C16CFA7B9F0}" = VAIO Data Restore Tool
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{37531547-B1F4-45E6-98FC-8AF5F2F0EAA4}" = VAIO Content Metadata Manager Settings
"{378397D6-FD32-4092-A854-6A75CB7EDA46}" = MOTOROLA MEDIA LINK
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4427F384-B5BE-4769-B7D0-C784FC321EB1}" = VAIO Content Metadata Intelligent Network Service Manager
"{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{48C46AB8-3499-4976-9017-9BE52365443E}" = Delta
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"{4F8697F4-3D30-4BD0-8F26-455C01F4EE8B}" = Integrity Tool
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}" = TerraTec Home Cinema
"{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution
"{67ED38A3-4882-448B-B44D-3428AB00D7D5}" = Acronis*True*Image*Home
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D320CE8-79EB-4D45-8C6D-DEF74D84B49A}" = VAIO Window Organizer
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D8ED20E-E792-4DAC-BB66-009836CBD80B}" = VAIO Content Monitoring Settings
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{70991E0A-1108-437E-BA7D-085702C670C0}" = 
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7392AA60-133D-4761-94DB-8FBC9B6CD5EA}" = VAIO Content Metadata Intelligent Network Service Manager
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = VAIO Energie Verwaltung
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}" = Nokia PC Suite
"{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = PMB VAIO Edition Guide
"{8BCA0269-7213-49A9-A362-664F001FE033}" = Avanquest mobile PhoneTools
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FA63AA5-7138-4B6F-8404-F18835E2B8F4}" = Media Gallery
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{9294F169-72EE-4D74-AE92-CA25F64B4FF8}" = Fax
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9615E45B-7670-4D17-9ED5-28B9E936EEDD}" = 7500_7600_7700_Help1
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" = 
"{96D8E26D-70CB-44DE-AE50-43095A39E5B2}" = VAIO Entertainment Platform
"{9B163B82-3B46-4CE5-BF01-A53E550A8E58}" = Sony Home Network Library
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D12A8B5-9D41-4465-BF11-70719EB0CD02}" = VU5x86
"{9DA53D22-D922-494C-B1D7-51CD9BCB9E4A}" = VAIO Hardware Diagnostics
"{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update
"{A3563827-B0DB-44DC-B037-15CC4E5E692F}" = VAIO Content Metadata XML Interface Library
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Funktion Einstellungen
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0}" = Nokia Ovi Suite Software Updater
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A95187EF-BCF4-4468-B501-C0BAB976ADD1}" = VAIO Personalization Manager
"{AB259D46-F851-41B0-9AFA-AED8998AD68A}" = MusicStation
"{AC050677-EAFC-4B57-8F83-8205F65134D2}" = VAIO Content Metadata XML Interface Library
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B1DADBEB-7F82-4B29-84D6-5F14A020F0A0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"{B5A4C902-1636-48DB-8E38-F0DB102DDB59}" = MPM
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BCA907B6-5A0F-473E-8C63-0FF0CFAEB7B7}" = VAIO Personalization Manager
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C4CC491B-5E85-4E96-8911-DF425893DF4A}" = L7500
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CD5EA9D3-57B4-4DDA-8A5A-D7EC821D1551}" = Avanquest mobile PhoneTools
"{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}" = Sony Home Network Library
"{D0ED9100-DFFB-482C-8DB6-C626264757BD}" = SDI011 dual interface reader
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = Media Gallery
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{DF0415CC-0563-407F-B560-9B7F277122C5}" = VAIO BD Menu Data
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3DC1111-5D32-40F9-BB81-64E31294C1A4}" = VAIO Personalization Manager
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{ED3D79A6-B3BB-4482-B226-0B620F97258A}" = BPDSoftware_Ini
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EE56DCD1-13FD-435B-BC4C-EE8CD83FF17A}" = AusweisApp
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1432614-6183-49E6-98E8-674485463CFE}" = VAIO Original Function Settings
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" = 
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"AC3BB3E9-A26798-481476-BFAE54-CC8CB4B715AD_is1" = KKH-Allianz Sicherheitskit-Starter
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast" = avast! Internet Security
"bi_uninstaller" = Bundled software uninstaller
"delta" = Delta toolbar  
"EyeTV DTT Deluxe (2009) v2.00.02.8754" = EyeTV DTT Deluxe (2009) v2.00.02.8754
"EyeTV Netstream Service" = EyeTV Netstream for Windows Media Center
"InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"InstallShield_{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = PMB VAIO Edition Guide
"InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"Konfigurator Eumex 400" = Konfigurator Eumex 400
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"MarketingTools" = VAIO Marketing Tools
"MotoHelper" = MotoHelper 2.1.32 Driver 5.4.0
"MPE" = MyPhoneExplorer
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Suite" = Nokia PC Suite
"ODIR_is1" = ODIR
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"VAIO Help and Support" = 
"VAIO Premium Partners" = VAIO Premium Partners
"VAIO screensaver" = VAIO screensaver
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 10.02.2013 11:38:52 | Computer Name = CHO-VAIO | Source = EyeTV Netstream | ID = 5000
Description = .NET EXCEPTION System.Runtime.InteropServices.COMException (0x80004005):
 Eine Instanz der COM-Komponente mit der CLSID {E2085F28-FEB7-404A-B8E7-E659BDEAAA02}
 konnte aufgrund des folgenden Fehlers nicht von der IClassFactory erstellt werden:
 80004005.     bei Elgato.EyeTVNetstream.TomaDeviceDiscovery.UPnpFindNetstreamDevices(TomaList&
 netstreamDevices)
 
Error - 10.02.2013 11:38:52 | Computer Name = CHO-VAIO | Source = EyeTV Netstream | ID = 1000
Description = UPnpFindNetstreamDevices() FAILED
 
Error - 10.02.2013 12:34:37 | Computer Name = CHO-VAIO | Source = EyeTV Netstream | ID = 5000
Description = .NET EXCEPTION System.Runtime.InteropServices.COMException (0x80004005):
 Eine Instanz der COM-Komponente mit der CLSID {E2085F28-FEB7-404A-B8E7-E659BDEAAA02}
 konnte aufgrund des folgenden Fehlers nicht von der IClassFactory erstellt werden:
 80004005.     bei Elgato.EyeTVNetstream.TomaDeviceDiscovery.UPnpFindNetstreamDevices(TomaList&
 netstreamDevices)
 
Error - 10.02.2013 12:34:37 | Computer Name = CHO-VAIO | Source = EyeTV Netstream | ID = 1000
Description = UPnpFindNetstreamDevices() FAILED
 
Error - 10.02.2013 14:29:03 | Computer Name = CHO-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})
 (Fehlercode = 0x80042000)
 
Error - 10.02.2013 14:29:04 | Computer Name = CHO-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 10.02.2013 14:29:26 | Computer Name = CHO-VAIO | Source = EyeTV Netstream | ID = 5000
Description = .NET EXCEPTION System.Runtime.InteropServices.COMException (0x80004005):
 Eine Instanz der COM-Komponente mit der CLSID {E2085F28-FEB7-404A-B8E7-E659BDEAAA02}
 konnte aufgrund des folgenden Fehlers nicht von der IClassFactory erstellt werden:
 80004005.     bei Elgato.EyeTVNetstream.TomaDeviceDiscovery.UPnpFindNetstreamDevices(TomaList&
 netstreamDevices)
 
Error - 10.02.2013 14:29:26 | Computer Name = CHO-VAIO | Source = EyeTV Netstream | ID = 1000
Description = UPnpFindNetstreamDevices() FAILED
 
Error - 10.02.2013 15:10:01 | Computer Name = CHO-VAIO | Source = EyeTV Netstream | ID = 5000
Description = .NET EXCEPTION System.Runtime.InteropServices.COMException (0x80004005):
 Eine Instanz der COM-Komponente mit der CLSID {E2085F28-FEB7-404A-B8E7-E659BDEAAA02}
 konnte aufgrund des folgenden Fehlers nicht von der IClassFactory erstellt werden:
 80004005.     bei Elgato.EyeTVNetstream.TomaDeviceDiscovery.UPnpFindNetstreamDevices(TomaList&
 netstreamDevices)
 
Error - 10.02.2013 15:10:01 | Computer Name = CHO-VAIO | Source = EyeTV Netstream | ID = 1000
Description = UPnpFindNetstreamDevices() FAILED
 
[ System Events ]
Error - 10.02.2013 14:29:24 | Computer Name = CHO-VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler
 beendet:   %%126
 
Error - 10.02.2013 14:29:50 | Computer Name = CHO-VAIO | Source = ipnathlp | ID = 31004
Description = 
 
Error - 10.02.2013 14:29:56 | Computer Name = CHO-VAIO | Source = DCOM | ID = 10010
Description = 
 
Error - 10.02.2013 14:29:58 | Computer Name = CHO-VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler
 beendet:   %%126
 
Error - 10.02.2013 14:31:54 | Computer Name = CHO-VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler
 beendet:   %%126
 
Error - 10.02.2013 14:32:42 | Computer Name = CHO-VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler
 beendet:   %%126
 
Error - 10.02.2013 14:36:52 | Computer Name = CHO-VAIO | Source = ipnathlp | ID = 31004
Description = 
 
Error - 10.02.2013 14:41:41 | Computer Name = CHO-VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler
 beendet:   %%126
 
Error - 10.02.2013 14:42:11 | Computer Name = CHO-VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler
 beendet:   %%126
 
Error - 10.02.2013 15:36:21 | Computer Name = CHO-VAIO | Source = ipnathlp | ID = 31004
Description = 
 
 
< End of report >
         
--- --- ---

 

Themen zu yhs.delta-search Startseite in Google Chrome und Programm Spyhunter 4 entfernen
0x80004005, adblock, auswerten, browser, check, dateien, delta toolbar, enigma, entfernen, esgscanner.sys, google, hijack, hijackthis, hintergrund, infizierte, install.exe, konfigurator, kostenlose, logfiles, malwarebytes, meldungen, officejet, plug-in, problem, programm, programme, rechner, remote control, schnell, seite, spyhunter 4, startseite, updates, version, warnmeldungen, windows, windows updates, yhs.delta-search




Ähnliche Themen: yhs.delta-search Startseite in Google Chrome und Programm Spyhunter 4 entfernen


  1. Windows 8.1: Adware (delta-homes) und SpyHunter entfernen
    Plagegeister aller Art und deren Bekämpfung - 28.05.2015 (9)
  2. babylon search und delta search als startseite im browser
    Plagegeister aller Art und deren Bekämpfung - 06.06.2014 (9)
  3. Delta-Homes in der Eingabezeile und Startseite des Chrome Browsers nicht zu entfernen.
    Plagegeister aller Art und deren Bekämpfung - 06.10.2013 (1)
  4. Delta Search entfernen nicht möglich. Windows 7, google chrome
    Plagegeister aller Art und deren Bekämpfung - 22.08.2013 (3)
  5. Delta Search verändert Suchmaschine in Chrome
    Log-Analyse und Auswertung - 11.08.2013 (15)
  6. Mit Spyhunter Delta-Search entfernen?
    Log-Analyse und Auswertung - 31.07.2013 (14)
  7. 2x | Delta Search + Spyhunter 4 - Virus beseitigen?
    Mülltonne - 24.07.2013 (3)
  8. Sm.de und Delta-Search beim Laden von Chrome
    Plagegeister aller Art und deren Bekämpfung - 25.06.2013 (54)
  9. Spyhunter ,Delta Search und versteckte Bedrohungen
    Plagegeister aller Art und deren Bekämpfung - 16.06.2013 (9)
  10. Spyhunter und Delta Search Entfernung
    Plagegeister aller Art und deren Bekämpfung - 19.04.2013 (11)
  11. Delta search und spyhunter 4 wegmachen?
    Plagegeister aller Art und deren Bekämpfung - 18.04.2013 (14)
  12. 3 Mal Formatiert immernoch Delta-Search im Chrome...
    Plagegeister aller Art und deren Bekämpfung - 28.03.2013 (16)
  13. delta-search Startseite in Google Chrome und Firefox
    Log-Analyse und Auswertung - 26.02.2013 (4)
  14. SPYHUNTER (und delta-search) entfernen!
    Plagegeister aller Art und deren Bekämpfung - 23.02.2013 (15)
  15. spyhunter und delta-search entfernen
    Log-Analyse und Auswertung - 21.02.2013 (16)
  16. search plus site in Google Chrome und PUP.Blabber entfernen
    Plagegeister aller Art und deren Bekämpfung - 20.02.2013 (10)
  17. "Funmoods Search" Startseite in Chrome lässt sich nicht entfernen - möglicher Virus?
    Plagegeister aller Art und deren Bekämpfung - 22.01.2013 (9)

Zum Thema yhs.delta-search Startseite in Google Chrome und Programm Spyhunter 4 entfernen - Liebe Admins/Helfer, folgendes Problem stellt sich seit heute auf meinem Rechner dar: - Standardstartseite änderte sich in yhs.delta-search dot com statt normale google-Suche - Genutzter Browser = Google Chrome - - yhs.delta-search Startseite in Google Chrome und Programm Spyhunter 4 entfernen...
Archiv
Du betrachtest: yhs.delta-search Startseite in Google Chrome und Programm Spyhunter 4 entfernen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.