![]() |
|
Log-Analyse und Auswertung: yhs.delta-search Startseite in Google Chrome und Programm Spyhunter 4 entfernenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() | #1 |
![]() | ![]() yhs.delta-search Startseite in Google Chrome und Programm Spyhunter 4 entfernen Liebe Admins/Helfer, folgendes Problem stellt sich seit heute auf meinem Rechner dar: - Standardstartseite änderte sich in yhs.delta-search dot com statt normale google-Suche - Genutzter Browser = Google Chrome - Virenschutzprogramm von avast - System ist auf aktuellem Stand (Windows Updates regelmäßig gemacht) - Auf der Suche im Netz zu Löschungsmöglichkeiten der o. g. Seite entdeckte ich den ganzen Hintergrund zu diesem Schadprogramm, was sich bei mir unter Programme (Delta und Delta Toolbar) eingenistet hat - Ich installierte dann Spyhunter 4 in der Hoffnung auf Abhilfe und ließ über die kostenlose Version einen Testlauf machen - Ergebnis, er entdeckte 162 infizierte Stellen, 160 davon mit yhs…-Zuordnung und zwei weitere (Claro…) - Danach hätte ich die Kaufversion erwerben müssen, um die infizierten Dateien zu bereinigen - Dies unterließ ich und wurde auf Malwarebytes dot org aufmerksam - Ich lud mir die kostenfreie Version runter und ließ das Programm einmal schnell und einmal einen ausführlichen Check machen - Ergebnis: keine infizierten Dateien gefunden Nun möchte ich weiterhin einerseits die Schadsoftware von Delta (yhs….) als auch andererseits das Programm Spyhunter 4 wieder loswerden. Beides ist nun nicht möglich. Ich habe desweiteren auch HijackThis drüberlaufen lassen und auswerten lassen, es ergaben sich keine echten Warnmeldungen, nur einige wenige gelbe Fragezeichen. Ich bitte höflichst um eure Unterstützung. Die Anleitungen, wie man einen thread erstellen soll und was man parallel noch installieren soll, habe ich befolgt. Alle benötigten logfiles sind angestellt. Vielen Dank im Voraus für eine Rückmeldung. Christian OTL Logfile: Code:
ATTFilter OTL logfile created on: 10.02.2013 20:43:30 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\CHO\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,98 Gb Total Physical Memory | 5,43 Gb Available Physical Memory | 67,96% Memory free 15,96 Gb Paging File | 12,65 Gb Available in Paging File | 79,24% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 162,01 Gb Total Space | 54,36 Gb Free Space | 33,55% Space Free | Partition Type: NTFS Drive D: | 292,97 Gb Total Space | 266,45 Gb Free Space | 90,95% Space Free | Partition Type: NTFS Computer Name: CHO-VAIO | User Name: CHO | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.02.10 20:41:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\CHO\Desktop\OTL.exe PRC - [2013.02.10 17:59:56 | 000,050,477 | ---- | M] () -- C:\Users\CHO\Desktop\Defogger.exe PRC - [2013.01.20 20:29:18 | 028,539,272 | ---- | M] (Dropbox, Inc.) -- C:\Users\CHO\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.12.16 23:20:15 | 000,308,368 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe PRC - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.12.14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012.11.22 16:58:14 | 001,522,312 | ---- | M] (pdfforge GbR) -- C:\Program Files (x86)\PDF Architect\HelperService.exe PRC - [2012.11.22 16:56:10 | 000,905,864 | ---- | M] (pdfforge GbR) -- C:\Program Files (x86)\PDF Architect\ConversionService.exe PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe PRC - [2012.10.30 23:50:56 | 000,133,912 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\afwServ.exe PRC - [2012.07.11 13:39:56 | 001,835,520 | ---- | M] (TerraTec Electronic GmbH) -- C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe PRC - [2012.06.26 13:10:30 | 001,516,632 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe PRC - [2012.06.11 11:33:26 | 000,724,376 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe PRC - [2012.06.11 11:33:06 | 000,126,872 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe PRC - [2012.06.11 11:33:04 | 000,148,888 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe PRC - [2011.12.06 22:00:14 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe PRC - [2011.12.06 22:00:14 | 000,214,896 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe PRC - [2011.10.30 10:54:45 | 003,246,040 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe PRC - [2011.10.28 22:00:22 | 000,026,624 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe PRC - [2011.09.19 14:58:26 | 000,087,368 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe PRC - [2011.09.01 14:39:54 | 000,966,712 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe PRC - [2011.06.14 17:42:26 | 001,540,096 | ---- | M] (Nokia) -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe PRC - [2010.12.11 19:17:48 | 000,358,944 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe PRC - [2010.12.11 19:17:20 | 001,606,360 | ---- | M] () -- C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeNotify.exe PRC - [2010.12.11 19:17:06 | 005,145,824 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe PRC - [2010.12.11 19:10:14 | 010,811,992 | ---- | M] () -- C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe PRC - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe PRC - [2009.11.30 18:20:00 | 000,204,648 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe PRC - [2009.11.30 18:20:00 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe PRC - [2009.10.24 02:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe PRC - [2009.10.24 02:18:52 | 000,597,792 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe PRC - [2009.10.13 20:25:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2009.10.13 20:25:30 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe PRC - [2009.09.14 18:24:08 | 000,206,336 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe PRC - [2009.09.14 17:53:48 | 000,642,416 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe PRC - [2009.09.04 22:35:14 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe PRC - [2009.08.26 18:24:00 | 000,320,880 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe PRC - [2008.09.18 09:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe PRC - [2007.07.24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2007.01.04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe ========== Modules (No Company Name) ========== MOD - [2013.02.10 17:59:56 | 000,050,477 | ---- | M] () -- C:\Users\CHO\Desktop\Defogger.exe MOD - [2012.10.05 11:53:24 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll MOD - [2012.10.05 11:53:24 | 003,198,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll MOD - [2012.10.05 11:53:24 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll MOD - [2012.08.31 11:59:19 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll MOD - [2012.06.26 13:11:10 | 000,345,688 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtXml4.dll MOD - [2012.06.26 13:11:08 | 000,282,200 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtSvg4.dll MOD - [2012.06.26 13:11:02 | 008,197,208 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtGui4.dll MOD - [2012.06.26 13:11:00 | 002,302,040 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtCore4.dll MOD - [2012.06.26 13:10:58 | 000,202,328 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll MOD - [2012.06.26 13:10:58 | 000,027,736 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll MOD - [2011.12.06 22:00:14 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe MOD - [2011.09.27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.09.27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011.09.01 14:38:32 | 000,931,896 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Maps Service API.dll MOD - [2011.09.01 14:37:50 | 010,837,504 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtWebKit4.dll MOD - [2011.09.01 14:37:50 | 000,913,920 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtNetwork4.dll MOD - [2011.09.01 14:37:50 | 000,416,256 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\sqldrivers\qsqlite4.dll MOD - [2011.09.01 14:37:50 | 000,196,608 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\imageformats\qjpeg4.dll MOD - [2011.09.01 14:37:50 | 000,026,624 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\imageformats\qgif4.dll MOD - [2011.09.01 14:37:48 | 008,166,912 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtGui4.dll MOD - [2011.09.01 14:37:48 | 002,551,296 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtXmlPatterns4.dll MOD - [2011.09.01 14:37:48 | 002,282,496 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtCore4.dll MOD - [2011.09.01 14:37:48 | 002,246,656 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtDeclarative4.dll MOD - [2011.09.01 14:37:48 | 001,288,192 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtScript4.dll MOD - [2011.09.01 14:37:48 | 000,676,864 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtOpenGL4.dll MOD - [2011.09.01 14:37:48 | 000,340,480 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtXml4.dll MOD - [2011.09.01 14:37:48 | 000,266,752 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\phonon4.dll MOD - [2011.09.01 14:37:48 | 000,190,464 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtSql4.dll MOD - [2011.09.01 14:08:58 | 000,508,416 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtMultimediaKit1.dll MOD - [2011.09.01 14:08:56 | 000,109,568 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\mediaservice\dsengine.dll MOD - [2011.09.01 14:08:18 | 000,378,880 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QxtCore.dll MOD - [2011.09.01 14:08:18 | 000,159,232 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QxtWeb.dll MOD - [2011.09.01 14:08:16 | 000,089,088 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\qjson.dll MOD - [2011.09.01 14:08:14 | 000,392,080 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\ssoengine.dll MOD - [2011.09.01 14:08:14 | 000,387,976 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\OviShareLib.dll MOD - [2011.09.01 14:08:14 | 000,058,768 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\securestorage.dll MOD - [2011.09.01 14:07:04 | 000,727,552 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\CommonUpdateChecker.dll MOD - [2010.12.11 19:17:20 | 001,606,360 | ---- | M] () -- C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeNotify.exe MOD - [2010.12.11 19:17:06 | 005,145,824 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe MOD - [2010.12.11 19:10:14 | 010,811,992 | ---- | M] () -- C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe MOD - [2010.12.11 17:23:00 | 000,279,904 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\Common\resource.dll MOD - [2010.12.11 16:10:58 | 000,028,512 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\Common\rpc_client.dll MOD - [2010.12.11 16:09:48 | 000,019,808 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\Common\thread_pool.dll MOD - [2010.11.13 01:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2010.11.05 02:58:14 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll MOD - [2010.11.05 02:58:10 | 000,114,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll MOD - [2010.11.05 02:58:04 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll MOD - [2009.06.10 22:22:40 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll MOD - [2005.07.20 11:48:10 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\zlib1.dll ========== Services (SafeList) ========== SRV:64bit: - [2009.09.16 22:28:42 | 000,167,424 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Care\collsvc.exe -- (SampleCollector) SRV - [2013.02.10 16:33:31 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.01.14 21:34:36 | 001,024,384 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Running] -- C:\Programme\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service) SRV - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012.11.22 16:58:14 | 001,522,312 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\HelperService.exe -- (PDF Architect Helper Service) SRV - [2012.11.22 16:56:10 | 000,905,864 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\ConversionService.exe -- (PDF Architect Service) SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2012.10.30 23:50:56 | 000,133,912 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\afwServ.exe -- (avast! Firewall) SRV - [2012.10.26 09:44:28 | 001,286,784 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Update\VUAgent.exe -- (VUAgent) SRV - [2012.07.13 13:14:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.06.11 11:33:26 | 000,724,376 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2012.02.10 16:02:24 | 000,399,944 | ---- | M] (Elgato Systems GmbH) [Auto | Running] -- C:\Program Files (x86)\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe -- (EyeTV Netstream) SRV - [2011.12.06 22:00:14 | 000,214,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper) SRV - [2011.10.30 10:54:45 | 003,246,040 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv) SRV - [2011.09.19 14:58:26 | 000,087,368 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe -- (DeviceMonitorService) SRV - [2010.12.11 19:18:12 | 001,064,584 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2009.11.30 18:51:18 | 000,571,248 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management) SRV - [2009.11.30 18:20:00 | 000,204,648 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe -- (VAIO Event Service) SRV - [2009.11.25 18:06:06 | 000,821,760 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe -- (VSNService) SRV - [2009.10.24 02:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider) SRV - [2009.10.15 15:34:36 | 000,427,304 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms) SRV - [2009.10.15 15:34:36 | 000,091,432 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe -- (SOHPlMgr) SRV - [2009.10.15 15:34:36 | 000,075,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs) SRV - [2009.10.15 15:34:34 | 000,120,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp) SRV - [2009.10.15 15:34:34 | 000,070,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe -- (SOHDBSvr) SRV - [2009.10.13 20:25:30 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) SRV - [2009.09.21 15:24:40 | 001,420,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2009.09.21 15:00:44 | 000,831,760 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2009.09.16 12:27:12 | 000,480,624 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr) SRV - [2009.09.14 18:24:08 | 000,206,336 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc) SRV - [2009.09.14 18:24:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service) SRV - [2009.09.14 17:53:48 | 000,642,416 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw) SRV - [2009.09.08 17:09:20 | 000,110,960 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper) SRV - [2009.09.04 22:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2009.09.01 20:42:00 | 000,361,840 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr) SRV - [2009.08.31 00:59:30 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10) SRV - [2009.08.31 00:59:18 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008.09.18 09:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor) SRV - [2007.07.24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2007.01.04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.12.14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012.10.30 23:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:64bit: - [2012.10.30 23:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2012.10.30 23:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2012.10.30 23:51:55 | 000,262,656 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis2.sys -- (aswNdis2) DRV:64bit: - [2012.10.30 23:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2012.10.30 23:51:55 | 000,021,136 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd) DRV:64bit: - [2012.10.30 23:51:53 | 000,132,864 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswFW.sys -- (aswFW) DRV:64bit: - [2012.10.30 23:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2012.10.15 17:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:64bit: - [2012.09.28 10:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012.06.22 11:01:32 | 000,022,704 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EsgScanner.sys -- (EsgScanner) DRV:64bit: - [2012.06.11 11:33:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.01.09 17:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd) DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt) DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:64bit: - [2012.01.09 17:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc) DRV:64bit: - [2011.10.30 10:54:46 | 000,285,280 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp) DRV:64bit: - [2011.10.30 10:54:43 | 001,263,200 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm273.sys -- (tdrpman273) DRV:64bit: - [2011.10.30 10:54:39 | 000,943,712 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter) DRV:64bit: - [2011.10.30 10:54:26 | 000,277,088 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman) DRV:64bit: - [2011.09.06 22:10:01 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis) DRV:64bit: - [2011.08.02 17:38:44 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl) DRV:64bit: - [2011.05.13 03:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm) DRV:64bit: - [2011.05.13 03:21:04 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd) DRV:64bit: - [2011.05.13 03:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) DRV:64bit: - [2011.05.13 03:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.01.24 17:34:02 | 000,096,512 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SD11CL64.sys -- (SD11CL64) DRV:64bit: - [2011.01.24 11:51:02 | 000,075,904 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SDI01164.SYS -- (SDI01164) DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 11:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010.04.12 09:09:08 | 000,131,144 | ---- | M] (ABILIS Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AbilisBdaTuner.sys -- (AbilisT) DRV:64bit: - [2009.11.18 21:03:16 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2009.11.18 21:03:15 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2009.11.18 21:03:15 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2009.11.18 21:03:13 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt) DRV:64bit: - [2009.11.18 21:02:45 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2009.11.06 21:34:48 | 000,084,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2009.11.06 21:27:30 | 000,093,696 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci) DRV:64bit: - [2009.11.05 07:30:19 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009.11.04 10:59:59 | 000,253,488 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService) DRV:64bit: - [2009.10.27 21:06:59 | 000,151,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:64bit: - [2009.10.13 20:16:40 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009.09.15 21:09:08 | 000,075,776 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe) DRV:64bit: - [2009.09.15 11:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) DRV:64bit: - [2009.08.19 21:09:21 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP) DRV:64bit: - [2009.08.05 22:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2009.07.31 21:02:03 | 000,393,216 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.26 13:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter) DRV:64bit: - [2009.05.20 11:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2007.04.17 10:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi) DRV:64bit: - [2006.12.08 02:00:00 | 000,706,560 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxusbase.sys -- (fxusbase) DRV:64bit: - [2006.12.08 02:00:00 | 000,105,472 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avmcowan.sys -- (AVMCOWAN) DRV - [2011.03.02 17:17:20 | 000,013,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Programme\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2007.04.17 19:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\regi.sys -- (regi) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\CHO\Desktop IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\..\SearchScopes,DefaultScope = {206CCB53-ADEE-4B29-8104-E192191AAFA1} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.yhs.delta-search.com/?q={searchTerms}&affID=119816&tt=030213_yh&babsrc=SP_ss&mntrId=588a7b3d0000000000000023142b6861 IE - HKCU\..\SearchScopes\{206CCB53-ADEE-4B29-8104-E192191AAFA1}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SVEC_deDE455DE456 IE - HKCU\..\SearchScopes\{691936AE-67AA-48FD-9DAC-9A5EE9140B8C}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms} IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\..\SearchScopes\{FA9AB297-91D8-4245-BCF5-1904DA0804BD}: "URL" = hxxp://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search IE - HKCU\..\SearchScopes\{FB1E7508-A71F-4624-9C09-DFA26E9E2B9E}: "URL" = Shopping.com Deutschland - der große Produkt- und Preisvergleich IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.* ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_39: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\CHO\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\CHO\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.10.30 11:33:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.10.31 21:53:25 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2012.11.29 20:25:25 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.10.31 21:53:26 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.10.30 11:33:57 | 000,000,000 | ---D | M] [2013.02.06 13:53:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions ========== Chrome ========== CHR - homepage: YHS Delta Search CHR - default_search_provider: Delta Search (Enabled) CHR - default_search_provider: search_url = hxxp://www.yhs.delta-search.com/?q={searchTerms}&affID=119816&tt=030213_yh&babsrc=SP_ss&mntrId=588a7b3d0000000000000023142b6861 CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: YHS Delta Search CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\CHO\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\CHO\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\CHO\AppData\Local\Google\Chrome\Application\24.0.1312.57\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\CHO\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - Extension: Brushed = C:\Users\CHO\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofcmglifg\1.0_0\ CHR - Extension: YouTube = C:\Users\CHO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: Adblock Plus = C:\Users\CHO\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\ CHR - Extension: Google-Suche = C:\Users\CHO\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\ CHR - Extension: Delta Toolbar = C:\Users\CHO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnnabbonolmdccgncgckdfikehphiknc\1.0_0\ CHR - Extension: avast! WebRep = C:\Users\CHO\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\ O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll (Delta-search.com) O2 - BHO: (AusweisApp 1.8.0.0) - {C9EE92B7-EDD5-4ad9-8029-2EC6818E653A} - C:\Program Files (x86)\AusweisApp\siqeCardClient.ols (OpenLimit SignCubes AG) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GbR) O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll (Delta-search.com) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~2\TerraTec\TERRAT~1\THCDES~1.DLL (TerraTec Electronic GmbH) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation) O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation) O4 - HKLM..\Run: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe () O4 - HKCU..\Run: [] File not found O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia) O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia) O4 - HKCU..\Run: [Remote Control Editor] C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe (TerraTec Electronic GmbH) O4 - Startup: C:\Users\CHO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\CHO\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39) O16 - DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{55B67249-4A60-4633-A780-8CC983E8AD75}: DhcpNameServer = 193.189.244.206 193.189.244.225 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5657B908-A148-499F-AD0E-8C5D1CB8F014}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB8C9484-BDD0-485F-9085-847F9BF303D0}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll) - File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013.02.10 16:24:04 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{58660844-9630-11e1-b61a-5063139f441a}\Shell - "" = AutoRun O33 - MountPoints2\{58660844-9630-11e1-b61a-5063139f441a}\Shell\AutoRun\command - "" = G:\Setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.02.10 20:38:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\CHO\Desktop\OTL.exe [2013.02.10 19:52:19 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\CHO\Desktop\HijackThis.exe [2013.02.10 17:20:39 | 000,000,000 | ---D | C] -- C:\Users\CHO\AppData\Roaming\Malwarebytes [2013.02.10 17:20:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.02.10 17:20:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.02.10 17:20:26 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013.02.10 17:20:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013.02.10 17:18:35 | 010,156,344 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\CHO\Desktop\mbam-setup-1.70.0.1100.exe [2013.02.10 16:23:45 | 000,000,000 | ---D | C] -- C:\Users\CHO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter [2013.02.10 16:23:43 | 000,000,000 | ---D | C] -- C:\sh4ldr [2013.02.10 16:23:43 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group [2013.02.10 16:22:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2013.02.10 16:21:56 | 000,726,464 | ---- | C] (Enigma Software Group USA, LLC.) -- C:\Users\CHO\Desktop\SpyHunter-Installer.exe [2013.02.06 13:58:14 | 000,000,000 | ---D | C] -- C:\Users\CHO\Local Settings [2013.02.06 13:58:13 | 000,000,000 | ---D | C] -- C:\Users\CHO\AppData\Roaming\Software4u [2013.02.06 13:54:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions [2013.02.06 13:54:06 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins [2013.02.06 13:54:02 | 000,000,000 | ---D | C] -- C:\Users\CHO\AppData\Roaming\CRDeltaTB [2013.02.06 13:53:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Delta [2013.02.06 13:53:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.02.06 13:53:55 | 000,000,000 | ---D | C] -- C:\Users\CHO\AppData\Roaming\Delta [2013.02.06 13:53:46 | 000,000,000 | ---D | C] -- C:\Users\CHO\AppData\Roaming\Babylon [2013.02.06 13:53:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.02.10 20:41:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\CHO\Desktop\OTL.exe [2013.02.10 20:37:43 | 000,000,000 | ---- | M] () -- C:\Users\CHO\defogger_reenable [2013.02.10 20:35:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2344207949-3861841193-2648694436-1003UA.job [2013.02.10 20:33:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.02.10 20:19:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.02.10 20:06:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2344207949-3861841193-2648694436-1000UA.job [2013.02.10 19:52:20 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\CHO\Desktop\HijackThis.exe [2013.02.10 19:37:15 | 000,009,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.02.10 19:37:15 | 000,009,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.02.10 19:28:04 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.02.10 19:27:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.02.10 19:27:24 | 2133,381,119 | -HS- | M] () -- C:\hiberfil.sys [2013.02.10 17:59:56 | 000,050,477 | ---- | M] () -- C:\Users\CHO\Desktop\Defogger.exe [2013.02.10 17:43:30 | 000,007,054 | ---- | M] () -- C:\Users\CHO\Desktop\mbam-log-2012-04-25 (12-32-04).zip [2013.02.10 17:20:28 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.02.10 17:18:39 | 010,156,344 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\CHO\Desktop\mbam-setup-1.70.0.1100.exe [2013.02.10 16:24:04 | 000,000,000 | ---- | M] () -- C:\autoexec.bat [2013.02.10 16:23:45 | 000,002,254 | ---- | M] () -- C:\Users\CHO\Desktop\SpyHunter.lnk [2013.02.10 16:21:57 | 000,726,464 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Users\CHO\Desktop\SpyHunter-Installer.exe [2013.02.10 16:13:29 | 001,599,906 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.02.10 16:13:29 | 000,700,608 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.02.10 16:13:29 | 000,655,280 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.02.10 16:13:29 | 000,149,372 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.02.10 16:13:29 | 000,122,152 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.02.10 16:13:22 | 001,599,906 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.02.06 13:52:06 | 000,163,392 | ---- | M] () -- C:\Users\CHO\Desktop\IDMSetup_1.9.0.exe [2013.02.05 21:35:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2344207949-3861841193-2648694436-1003Core.job [2013.02.05 21:17:11 | 005,374,150 | ---- | M] () -- C:\Users\CHO\Desktop\ETV mille Deutsche 2001.zip [2013.02.03 20:13:01 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2344207949-3861841193-2648694436-1000Core.job [2013.01.29 20:23:18 | 000,244,401 | ---- | M] () -- C:\test.xml [2013.01.26 13:29:06 | 000,001,047 | ---- | M] () -- C:\Users\CHO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013.01.26 13:28:56 | 000,001,011 | ---- | M] () -- C:\Users\CHO\Desktop\Dropbox.lnk [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.02.10 20:37:43 | 000,000,000 | ---- | C] () -- C:\Users\CHO\defogger_reenable [2013.02.10 17:59:53 | 000,050,477 | ---- | C] () -- C:\Users\CHO\Desktop\Defogger.exe [2013.02.10 17:43:26 | 000,007,054 | ---- | C] () -- C:\Users\CHO\Desktop\mbam-log-2012-04-25 (12-32-04).zip [2013.02.10 17:20:28 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.02.10 16:24:04 | 000,000,000 | ---- | C] () -- C:\autoexec.bat [2013.02.10 16:23:48 | 000,022,704 | ---- | C] () -- C:\Windows\SysNative\drivers\EsgScanner.sys [2013.02.10 16:23:45 | 000,002,254 | ---- | C] () -- C:\Users\CHO\Desktop\SpyHunter.lnk [2013.02.06 13:52:02 | 000,163,392 | ---- | C] () -- C:\Users\CHO\Desktop\IDMSetup_1.9.0.exe [2013.02.05 21:17:07 | 005,374,150 | ---- | C] () -- C:\Users\CHO\Desktop\ETV mille Deutsche 2001.zip [2013.01.19 09:28:18 | 000,001,145 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk [2012.05.04 23:07:15 | 001,599,906 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.11.07 20:51:36 | 000,166,354 | ---- | C] () -- C:\Windows\hpwins05.dat.temp [2011.11.07 20:51:36 | 000,004,785 | ---- | C] () -- C:\Windows\hpwmdl05.dat.temp [2011.10.30 11:18:23 | 000,273,739 | ---- | C] () -- C:\Windows\hpwins05.dat [2011.10.30 11:18:23 | 000,003,111 | ---- | C] () -- C:\Windows\hpwmdl05.dat [2011.10.28 22:01:13 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\SonyVideoProcessor.dll [2011.10.28 21:49:17 | 000,001,607 | ---- | C] () -- C:\Windows\SysWow64\McOEMAppRules.dat ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.05.06 09:16:14 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\Acronis [2012.11.29 20:25:33 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\APP_NAME_NON_STRING [2013.01.29 22:18:31 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\Auslogics [2013.02.06 13:53:46 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\Babylon [2013.02.06 13:54:02 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\CRDeltaTB [2013.02.06 13:53:55 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\Delta [2013.02.10 19:31:02 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\Dropbox [2012.06.01 19:03:16 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\Eumex 400 [2012.11.07 10:07:07 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\GinyasBrowserCompanion [2012.05.04 22:51:43 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\motorola [2012.05.07 20:53:56 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\MyPhoneExplorer [2012.11.07 10:13:15 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\Nokia [2012.05.05 11:22:35 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\PC Suite [2012.11.29 20:27:22 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\PDF Architect [2012.11.29 20:25:10 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\pdfforge [2013.02.06 13:58:13 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\Software4u [2012.05.13 08:27:14 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\systweak [2011.11.11 20:47:13 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\TeamViewer [2012.08.27 21:50:01 | 000,000,000 | ---D | M] -- C:\Users\CHO\AppData\Roaming\TerraTec ========== Purity Check ========== < End of report > OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 10.02.2013 20:43:30 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\CHO\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,98 Gb Total Physical Memory | 5,43 Gb Available Physical Memory | 67,96% Memory free 15,96 Gb Paging File | 12,65 Gb Available in Paging File | 79,24% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 162,01 Gb Total Space | 54,36 Gb Free Space | 33,55% Space Free | Partition Type: NTFS Drive D: | 292,97 Gb Total Space | 266,45 Gb Free Space | 90,95% Space Free | Partition Type: NTFS Computer Name: CHO-VAIO | User Name: CHO | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htafile [open] -- "%1" %* inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htafile [open] -- "%1" %* inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00DC8C3A-A3F8-46A1-9209-1853ABB9C37F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | "{024CBB58-664A-48C6-AE50-9DF36143F135}" = lport=2869 | protocol=6 | dir=in | app=system | "{043D29A2-0490-465C-9441-51BD2A213554}" = lport=2869 | protocol=6 | dir=in | app=system | "{06E0E7E6-59FE-4694-A51A-DECE1924FA04}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{0A9276F9-4763-4C73-9300-633E3B73F502}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{0E0678F5-5803-4C51-83E8-3F83B3764DB4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{1341BC44-EEBA-4683-8563-21E1EB417DBA}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{160DA3F9-4A68-45FC-91A5-9E11F956C3A6}" = lport=2869 | protocol=6 | dir=in | app=system | "{177E28A6-E663-4A64-91E5-502C4D808DA0}" = rport=137 | protocol=17 | dir=out | app=system | "{19BE2813-F1EF-4C2E-A57F-365AC170EB3B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{21252EF5-5EC4-4B00-9072-039A5F5E61CB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{2C8B9540-6229-4DA0-A088-2D8D2643121F}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{3195CF47-4CF7-4D31-A2E8-B62459EE76DD}" = rport=2869 | protocol=6 | dir=out | app=system | "{3A76797E-FAAE-4F8E-B682-81EF45FC86CD}" = lport=137 | protocol=17 | dir=in | app=system | "{3BB59AC4-225F-440C-9602-9B4E9F339FAF}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{3F95A46F-8FCA-41BD-9C70-2FE430992855}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{4BC4059B-6C93-40DB-8B59-73B98D0BCB5E}" = lport=10243 | protocol=6 | dir=in | app=system | "{4ED59CD5-82CA-4995-A56D-01F156C490B3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{574DD4E3-831D-446B-A468-9911B6F6727B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{5A1FB20F-30F1-4F0C-8914-97B5E0C8833A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{6F60FBFE-8E62-4919-A5E2-B3BE42782713}" = lport=445 | protocol=6 | dir=in | app=system | "{7A73F89E-4C4F-4972-97B1-DBE8D0F1F95D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{7DD2D5E5-CC7F-41E5-BA95-1BAFFD5307D0}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{8395B168-5393-458B-ADBA-4BA7DDEC34D3}" = rport=445 | protocol=6 | dir=out | app=system | "{8732EBC4-7C9C-4A3B-B909-10385D90EBDB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{89E29D01-E4F7-4661-8E20-20E49933B7E9}" = lport=138 | protocol=17 | dir=in | app=system | "{A0531AAB-FE88-403D-BFA3-1BC4FB0AC1D9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{AA6269EF-FCF0-459C-9221-E83960BE7594}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{B245A7B1-13B8-49CD-8F79-DA09E7261D1D}" = rport=138 | protocol=17 | dir=out | app=system | "{BE3FB89D-463B-4A0D-B187-DBD978E72A1A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{BE74CA27-66DB-4A27-A2F9-BA5FC0B887A2}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{C2522D85-9BB6-45C9-90E1-459CEDDC8A81}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | "{C2609ED1-E8CA-4D5D-97BC-4D55391F073C}" = rport=139 | protocol=6 | dir=out | app=system | "{C48721B4-53FA-4D55-9FEC-BD5BD81A52D2}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{C503A9F5-B363-403B-85EF-DAC5B327A7A2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{CDCDA8CB-820D-474D-A809-BA028DA23D14}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{CE189DE6-1F41-416F-B3FD-7872F8FF0726}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{CEF95F28-3290-4109-864D-3285C675DEC5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{D8E75861-FF67-4796-8149-44F1F39696F3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{E9B62DE8-B8DD-4EC8-9965-4715A5AE0A4B}" = rport=10243 | protocol=6 | dir=out | app=system | "{EDFD6FBA-6DF2-4BA0-BA1A-C7B6E74636EC}" = lport=139 | protocol=6 | dir=in | app=system | "{EFCF0F58-1EE8-4066-B1CE-B488CED507AB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{FF45A9FC-8EFE-4B3F-B2EE-08EF73AB3EC4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01A5F1F4-067E-4F6A-892B-1A11123B05D2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | "{028639A8-04D3-4845-9B3B-0002884240EF}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe | "{0878DAA3-2481-4F28-9363-275DE4F87600}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{0B526495-57CB-4ABF-8EA7-CC4BB5624D07}" = protocol=17 | dir=in | app=c:\users\cho\appdata\local\temp\7zs599c\hppiw.exe | "{0D97432D-783B-4FBE-A941-CE368266A8D1}" = protocol=6 | dir=in | app=f:\alicesetup.exe | "{102DEF33-C5A1-4460-9A90-98ABEC078897}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{16C5C96D-B067-487A-A6C8-6558B2FFC0AC}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe | "{17DF2950-C18C-4FE0-B86A-891FB7ED9D20}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{1A7B7F21-ED4B-4D89-B623-B7918AC253BB}" = protocol=6 | dir=out | app=system | "{1CA78752-A4A3-4967-8377-7F68620AE445}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{212FC2DC-24C0-4D4C-BAD0-525B520473D5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{2791A300-1332-44F8-94FF-04A2835B36A2}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe | "{27C559DD-2394-4814-AF71-B4CDD969C64B}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\insttool.exe | "{280DE6AB-E8B4-4938-971D-35C02FA36E9E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe | "{2A69B060-D9D9-48DA-AD90-66B85E32591B}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe | "{2A8F39A9-33EE-48B0-BA7B-16757849BE59}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{2AAFF87A-CAD2-4C78-932D-60CD68FAB635}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{2D06307F-0E93-43AB-8810-EFA9D2B89D89}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | "{2EDB8A54-CD91-4A9F-BB1B-D414D28A2454}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | "{31751B4A-0EDE-434B-925B-CAB8C78D76DC}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe | "{36CBA866-50AE-4502-BDAB-EC2DA5F12B03}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{39108446-E894-4141-8DD1-D2A59F1335C0}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{3CB99655-B688-4C98-BBE9-8074414FEDAE}" = dir=in | app=c:\users\cho\appdata\local\temp\7zs2efe\ojprol7x00_full_14\setup\hpznui40.exe | "{3F586DAB-A2E5-4CC2-8C1A-01AC9A90378C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{52B33ED4-AC2C-4043-8555-F8F9AC468497}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe | "{54D5228B-F756-4037-B3F6-2F9B3BDBEA1E}" = protocol=17 | dir=in | app=c:\users\cho\appdata\local\temp\7zs5862\hppiw.exe | "{58B55B2C-6FC6-4350-8255-5D9FDFDB2877}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{5AAE3754-891D-475F-9185-0CD6BC7427B5}" = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe | "{5F2EE9A3-DC51-4AF6-82BA-42CDBED2995F}" = protocol=6 | dir=in | app=c:\users\cho\appdata\local\temp\7zs599c\hppiw.exe | "{5F90CFD6-ED07-4516-B7D7-3924B640A796}" = protocol=6 | dir=in | app=c:\program files (x86)\software4u\idevice manager\software4u.idevicemanager.exe | "{60985C30-D3C6-491E-AC8D-154E23C08781}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe | "{6326EFDF-29E9-4815-AC60-5221D3E146EF}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe | "{63EE679B-5593-4594-8F25-B457A161B6BA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{6A1FEE55-8C4B-4935-8953-BE11D7A17301}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | "{6E7EC20E-11C1-4995-83BB-7945C09F67BF}" = protocol=6 | dir=in | app=c:\users\cho\appdata\local\temp\7zs5862\hppiw.exe | "{7063EFF1-A054-4742-A507-FBBBED3DDFCE}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | "{708EB8A2-F21E-4B11-9FE6-BFCEDE21A04B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe | "{7289FEED-2D44-4CCD-A117-41933F7AE1B9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{750E464F-90B9-470F-83F0-55B41AC70655}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{77288E3C-2086-41FD-94E6-E5E2624B73B7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | "{78C08D39-E8C5-41AB-BD81-4B1A019CA2E4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{7BF04A0F-6101-4A5D-B820-FC6A32A08A71}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | "{7E64AA0F-653B-4BF8-9522-A41FB4FA3029}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{839E9557-7F1F-4641-B580-AFCBB94F89BF}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{85CAA230-55BF-4B6D-9B62-00005FF4DF42}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{86F831A1-BC47-46EE-95A1-47C646E3A331}" = protocol=17 | dir=in | app=%systemroot%\ehome\ehrecvr.exe | "{87649EBB-CE3E-4444-9617-5E262C3A8214}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe | "{921E0615-5A8C-4A92-91F0-3D58D23434D6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{922F5185-C369-4806-A39C-0412E292083A}" = protocol=17 | dir=in | app=c:\users\cho\appdata\roaming\dropbox\bin\dropbox.exe | "{93D0D21C-A0CC-4F21-9E10-864B4C559478}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{9753D050-2C82-4C5C-887A-382CA453C033}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | "{97B06B09-332B-4C48-98FA-E118757DB40F}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe | "{9B8A5824-0105-4AC0-9C02-25CF7EA8CEE0}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{9BA63CB7-AA60-4640-A30A-07882BB507C6}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | "{A7DD9A62-4B7A-48CB-8EA9-5079F767406B}" = protocol=17 | dir=in | app=f:\alicesetup.exe | "{A974E2F4-6D53-477C-A9C0-6A3EBE5B39C5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | "{A9990A6C-158B-4758-8497-C8D883EA1616}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{AAACA720-AC64-4749-89A0-DA708C05A8C6}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{B22F352E-58DF-4815-9573-4F837C2DCA8A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe | "{B64A2512-D179-4CF3-9251-2AF4C48FC0A7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{B7D02A4B-7B7E-4D06-8B56-41A580A18C18}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\insttool.exe | "{C49FC8B0-F990-4137-90BB-B55D7E845E55}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe | "{C7240D99-E523-4EF7-B6C5-4DAC9AFCA55E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{C9F30E71-CEEE-4A4B-9BEC-1D8C5CD9CFEC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | "{D0B8F6B9-D73B-4920-BFC3-451D8FADEC8A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{D6562E7B-262F-47F5-AEC7-F4E57B28B1A9}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{D88A9955-E3D0-4705-A8A2-8817ADBD5D6F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{DA6A303A-8534-4B6A-B2B4-B6BA259E3364}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 | "{DB86E6BB-C8CC-4BF2-BDD6-32A37B1B3B3C}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe | "{DE41F9AC-04D4-4AB2-BA5B-60B08B538F1E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe | "{DE7C90B2-CECC-4D4A-8C5E-36F8D3132EF4}" = protocol=17 | dir=in | app=c:\program files (x86)\software4u\idevice manager\software4u.idevicemanager.exe | "{E0DB9ADF-AEFE-4B68-A35F-1095EBF9E580}" = protocol=6 | dir=in | app=c:\users\cho\appdata\roaming\dropbox\bin\dropbox.exe | "{E1F06D81-0BB2-4BD9-A6E0-07B7F402DD27}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{E2432F26-83DE-46F4-A193-87B3CBA1CD02}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | "{E300CF43-50EB-42BF-827B-4432189B84B4}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{EBB6DA5B-EB31-4564-AFED-442819B6DF1D}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{EC92A8C9-4B31-4110-9C05-4A62ACF1759D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe | "{ECA43F96-D9D5-4769-A2A5-150467B32D5D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe | "{ED482A63-1B6E-4767-902F-3B066B9F25E8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{F15F247A-94F0-47BF-BDA3-65A358218A26}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{F28DF523-5F5E-4964-8F6E-2C7E34829C13}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | "{F51FC2CE-1E2A-42EE-9393-00732771B533}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe | "TCP Query User{5BCA2577-9441-480C-9FC1-CB35EB1B0BA5}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\myphoneexplorer\myphoneexplorer.exe | "TCP Query User{96D2E363-8087-438F-8EF0-F92477393043}C:\program files (x86)\motorola media link\lite\mml.exe" = protocol=6 | dir=in | app=c:\program files (x86)\motorola media link\lite\mml.exe | "TCP Query User{A9B0E516-1296-4F48-B9F1-1EC45229EA1A}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\myphoneexplorer\myphoneexplorer.exe | "TCP Query User{B3205D26-3CB4-44E9-893D-657C26FB99F5}C:\users\cho\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\cho\appdata\roaming\dropbox\bin\dropbox.exe | "UDP Query User{13156401-5623-4B8E-8E4F-5538B85C9D0D}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\myphoneexplorer\myphoneexplorer.exe | "UDP Query User{218003A1-4A91-49E4-B998-45979F8EF50C}C:\program files (x86)\motorola media link\lite\mml.exe" = protocol=17 | dir=in | app=c:\program files (x86)\motorola media link\lite\mml.exe | "UDP Query User{9228CB66-5FC2-4016-9D1C-2B20A8F96DBD}C:\users\cho\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\cho\appdata\roaming\dropbox\bin\dropbox.exe | "UDP Query User{E1652EF9-DA5C-49D0-B7D5-82C898C55B94}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\myphoneexplorer\myphoneexplorer.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes "{26A24AE4-039D-4CA4-87B4-2F86416016FF}" = Java(TM) 6 Update 16 (64-bit) "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64 "{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2 "{6B6C4C46-1B7E-4A41-9E70-ACFBB22B1D81}" = SpyHunter "{6B7DE186-374B-4873-AEC1-7464DA337DD6}" = VU5x64 "{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64 "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9D6C64CC-EA60-47A6-9C97-82C38231EDAE}" = HP OfficeJet L7300/L7500/7600/7700 "{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO "{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64 "{B0C6CCC9-0BAB-4636-A06F-B43B6FBC25DF}" = Motorola Mobile Drivers Installation 5.4.0 "{C862EC05-1C15-4327-B15D-C7788D6CFF73}" = Image Resizer Powertoy Clone for Windows (64 bit) "{CCAFF072-4DDB-4846-963D-15F02A8E9472}" = Intel(R) PROSet/Wireless WiFi-Software "{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support "{F0A36649-873E-4832-A5F1-BF5DF8600BDB}" = Windows Live Family Safety "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English "{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer "3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) "62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) "72A50F48CC5601190B9C4E74D81161693133E7F7" = Windows-Treiberpaket - Nokia Modem (02/25/2011 7.01.0.9) "930E4792BDAEAFB62A9514EE7578775658A5D07C" = Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405) "E0AC723A3DE3A04256288CADBBB011B112AED454" = Windows-Treiberpaket - Nokia Modem (02/25/2011 4.7) "HP Imaging Device Functions" = HP Imaging Device Functions 14.0 "HP Photosmart Essential" = HP Photosmart Essential 3.5 "HP Smart Web Printing" = HP Smart Web Printing 4.60 "HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0 "HPOCR" = OCR Software by I.R.I.S. 14.0 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack "NVIDIA Drivers" = NVIDIA Drivers "ProInst" = Intel PROSet Wireless [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{048DDE77-66D5-4335-8497-903856759B58}" = BPDSoftware "{04DB9640-A905-456C-96F5-F1EB80FEB5C9}" = ProductContext "{05DC79C6-4213-45D3-BE8A-50B8B7C1F0E1}" = bpd_scan_Carrier "{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan "{07D77970-B205-460C-84E4-263F30455597}" = Nokia Ovi Suite "{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network "{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data "{12451AF7-EFF8-4B5B-8255-282D7CC7CAEE}" = OviMPlatform "{12D0BE8D-538C-4AB1-86DE-C540308F50DA}" = VAIO Content Metadata Manager Settings "{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery "{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer) "{1E450972-E996-4EC1-A4C3-1518A46928D0}" = VAIO Content Metadata Intelligent Network Service Manager "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools "{1FD416D0-CC16-41D1-A25C-C9986CD8BBAB}" = VAIO Content Metadata Intelligent Analyzing Manager "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{208345BE-27BB-4367-B245-A5B6E764FDD0}" = VAIO Content Metadata Intelligent Analyzing Manager "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = Einstellungen für VAIO-Inhaltsüberwachung "{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 39 "{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}" = VAIO Content Metadata XML Interface Library "{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox "{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie "{2CC53A53-44F4-4667-8584-2FFC9ACB2242}" = Ovi Desktop Sync Engine "{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update "{30B41B7A-3C9D-44DE-A7A1-949011F33CC3}" = PDF Architect "{34DC654E-6E43-4BFA-9E00-6C16CFA7B9F0}" = VAIO Data Restore Tool "{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care "{37531547-B1F4-45E6-98FC-8AF5F2F0EAA4}" = VAIO Content Metadata Manager Settings "{378397D6-FD32-4092-A854-6A75CB7EDA46}" = MOTOROLA MEDIA LINK "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger "{4427F384-B5BE-4769-B7D0-C784FC321EB1}" = VAIO Content Metadata Intelligent Network Service Manager "{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}" = VAIO Content Metadata Intelligent Analyzing Manager "{48C46AB8-3499-4976-9017-9BE52365443E}" = Delta "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc) "{4F8697F4-3D30-4BD0-8F26-455C01F4EE8B}" = Integrity Tool "{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent "{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ "{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data "{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status "{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD "{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen "{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call "{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works "{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}" = TerraTec Home Cinema "{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution "{67ED38A3-4882-448B-B44D-3428AB00D7D5}" = Acronis*True*Image*Home "{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1 "{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform "{6D320CE8-79EB-4D45-8C6D-DEF74D84B49A}" = VAIO Window Organizer "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{6D8ED20E-E792-4DAC-BB66-009836CBD80B}" = VAIO Content Monitoring Settings "{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0 "{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data "{70991E0A-1108-437E-BA7D-085702C670C0}" = "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7392AA60-133D-4761-94DB-8FBC9B6CD5EA}" = VAIO Content Metadata Intelligent Network Service Manager "{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio "{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2 "{803E4FA5-A940-4420-B89D-A8BC2E160247}" = VAIO Energie Verwaltung "{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert "{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}" = Nokia PC Suite "{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = PMB VAIO Edition Guide "{8BCA0269-7213-49A9-A362-664F001FE033}" = Avanquest mobile PhoneTools "{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus "{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg "{8FA63AA5-7138-4B6F-8404-F18835E2B8F4}" = Media Gallery "{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010 "{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010 "{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010 "{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010 "{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010 "{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010 "{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010 "{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010 "{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 "{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010 "{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010 "{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie "{9294F169-72EE-4D74-AE92-CA25F64B4FF8}" = Fax "{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules "{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German) "{9615E45B-7670-4D17-9ED5-28B9E936EEDD}" = 7500_7600_7700_Help1 "{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" = "{96D8E26D-70CB-44DE-AE50-43095A39E5B2}" = VAIO Entertainment Platform "{9B163B82-3B46-4CE5-BF01-A53E550A8E58}" = Sony Home Network Library "{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D12A8B5-9D41-4465-BF11-70719EB0CD02}" = VU5x86 "{9DA53D22-D922-494C-B1D7-51CD9BCB9E4A}" = VAIO Hardware Diagnostics "{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update "{A3563827-B0DB-44DC-B037-15CC4E5E692F}" = VAIO Content Metadata XML Interface Library "{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection "{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver "{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Funktion Einstellungen "{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate "{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series "{A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0}" = Nokia Ovi Suite Software Updater "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A95187EF-BCF4-4468-B501-C0BAB976ADD1}" = VAIO Personalization Manager "{AB259D46-F851-41B0-9AFA-AED8998AD68A}" = MusicStation "{AC050677-EAFC-4B57-8F83-8205F65134D2}" = VAIO Content Metadata XML Interface Library "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Deutsch "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{B1DADBEB-7F82-4B29-84D6-5F14A020F0A0}" = VAIO Content Metadata Intelligent Analyzing Manager "{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story) "{B5A4C902-1636-48DB-8E38-F0DB102DDB59}" = MPM "{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy "{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB "{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default "{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2 "{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter "{BCA907B6-5A0F-473E-8C63-0FF0CFAEB7B7}" = VAIO Personalization Manager "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{C4CC491B-5E85-4E96-8911-DF425893DF4A}" = L7500 "{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail "{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup "{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service "{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support "{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp "{CD5EA9D3-57B4-4DDA-8A5A-D7EC821D1551}" = Avanquest mobile PhoneTools "{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}" = Sony Home Network Library "{D0ED9100-DFFB-482C-8DB6-C626264757BD}" = SDI011 dual interface reader "{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86 "{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents "{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver "{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential "{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = Media Gallery "{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3 "{DF0415CC-0563-407F-B560-9B7F277122C5}" = VAIO BD Menu Data "{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E3DC1111-5D32-40F9-BB81-64E31294C1A4}" = VAIO Personalization Manager "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English "{ED3D79A6-B3BB-4482-B226-0B620F97258A}" = BPDSoftware_Ini "{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core "{EE56DCD1-13FD-435B-BC4C-EE8CD83FF17A}" = AusweisApp "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1432614-6183-49E6-98E8-674485463CFE}" = VAIO Original Function Settings "{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote "{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials "{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm "{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" = "{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home "AC3BB3E9-A26798-481476-BFAE54-CC8CB4B715AD_is1" = KKH-Allianz Sicherheitskit-Starter "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "avast" = avast! Internet Security "bi_uninstaller" = Bundled software uninstaller "delta" = Delta toolbar "EyeTV DTT Deluxe (2009) v2.00.02.8754" = EyeTV DTT Deluxe (2009) v2.00.02.8754 "EyeTV Netstream Service" = EyeTV Netstream for Windows Media Center "InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer) "InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc) "InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data "InstallShield_{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = PMB VAIO Edition Guide "InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story) "Konfigurator Eumex 400" = Konfigurator Eumex 400 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100 "MarketingTools" = VAIO Marketing Tools "MotoHelper" = MotoHelper 2.1.32 Driver 5.4.0 "MPE" = MyPhoneExplorer "Nokia Ovi Suite" = Nokia Ovi Suite "Nokia PC Suite" = Nokia PC Suite "ODIR_is1" = ODIR "Office14.SingleImage" = Microsoft Office Home and Business 2010 "VAIO Help and Support" = "VAIO Premium Partners" = VAIO Premium Partners "VAIO screensaver" = VAIO screensaver "VLC media player" = VLC media player 1.1.11 "WinLiveSuite_Wave3" = Windows Live Essentials ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Dropbox" = Dropbox "Google Chrome" = Google Chrome ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 10.02.2013 11:38:52 | Computer Name = CHO-VAIO | Source = EyeTV Netstream | ID = 5000 Description = .NET EXCEPTION System.Runtime.InteropServices.COMException (0x80004005): Eine Instanz der COM-Komponente mit der CLSID {E2085F28-FEB7-404A-B8E7-E659BDEAAA02} konnte aufgrund des folgenden Fehlers nicht von der IClassFactory erstellt werden: 80004005. bei Elgato.EyeTVNetstream.TomaDeviceDiscovery.UPnpFindNetstreamDevices(TomaList& netstreamDevices) Error - 10.02.2013 11:38:52 | Computer Name = CHO-VAIO | Source = EyeTV Netstream | ID = 1000 Description = UPnpFindNetstreamDevices() FAILED Error - 10.02.2013 12:34:37 | Computer Name = CHO-VAIO | Source = EyeTV Netstream | ID = 5000 Description = .NET EXCEPTION System.Runtime.InteropServices.COMException (0x80004005): Eine Instanz der COM-Komponente mit der CLSID {E2085F28-FEB7-404A-B8E7-E659BDEAAA02} konnte aufgrund des folgenden Fehlers nicht von der IClassFactory erstellt werden: 80004005. bei Elgato.EyeTVNetstream.TomaDeviceDiscovery.UPnpFindNetstreamDevices(TomaList& netstreamDevices) Error - 10.02.2013 12:34:37 | Computer Name = CHO-VAIO | Source = EyeTV Netstream | ID = 1000 Description = UPnpFindNetstreamDevices() FAILED Error - 10.02.2013 14:29:03 | Computer Name = CHO-VAIO | Source = VzCdbSvc | ID = 7 Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA}) (Fehlercode = 0x80042000) Error - 10.02.2013 14:29:04 | Computer Name = CHO-VAIO | Source = VzCdbSvc | ID = 7 Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019) Error - 10.02.2013 14:29:26 | Computer Name = CHO-VAIO | Source = EyeTV Netstream | ID = 5000 Description = .NET EXCEPTION System.Runtime.InteropServices.COMException (0x80004005): Eine Instanz der COM-Komponente mit der CLSID {E2085F28-FEB7-404A-B8E7-E659BDEAAA02} konnte aufgrund des folgenden Fehlers nicht von der IClassFactory erstellt werden: 80004005. bei Elgato.EyeTVNetstream.TomaDeviceDiscovery.UPnpFindNetstreamDevices(TomaList& netstreamDevices) Error - 10.02.2013 14:29:26 | Computer Name = CHO-VAIO | Source = EyeTV Netstream | ID = 1000 Description = UPnpFindNetstreamDevices() FAILED Error - 10.02.2013 15:10:01 | Computer Name = CHO-VAIO | Source = EyeTV Netstream | ID = 5000 Description = .NET EXCEPTION System.Runtime.InteropServices.COMException (0x80004005): Eine Instanz der COM-Komponente mit der CLSID {E2085F28-FEB7-404A-B8E7-E659BDEAAA02} konnte aufgrund des folgenden Fehlers nicht von der IClassFactory erstellt werden: 80004005. bei Elgato.EyeTVNetstream.TomaDeviceDiscovery.UPnpFindNetstreamDevices(TomaList& netstreamDevices) Error - 10.02.2013 15:10:01 | Computer Name = CHO-VAIO | Source = EyeTV Netstream | ID = 1000 Description = UPnpFindNetstreamDevices() FAILED [ System Events ] Error - 10.02.2013 14:29:24 | Computer Name = CHO-VAIO | Source = Service Control Manager | ID = 7023 Description = Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet: %%126 Error - 10.02.2013 14:29:50 | Computer Name = CHO-VAIO | Source = ipnathlp | ID = 31004 Description = Error - 10.02.2013 14:29:56 | Computer Name = CHO-VAIO | Source = DCOM | ID = 10010 Description = Error - 10.02.2013 14:29:58 | Computer Name = CHO-VAIO | Source = Service Control Manager | ID = 7023 Description = Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet: %%126 Error - 10.02.2013 14:31:54 | Computer Name = CHO-VAIO | Source = Service Control Manager | ID = 7023 Description = Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet: %%126 Error - 10.02.2013 14:32:42 | Computer Name = CHO-VAIO | Source = Service Control Manager | ID = 7023 Description = Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet: %%126 Error - 10.02.2013 14:36:52 | Computer Name = CHO-VAIO | Source = ipnathlp | ID = 31004 Description = Error - 10.02.2013 14:41:41 | Computer Name = CHO-VAIO | Source = Service Control Manager | ID = 7023 Description = Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet: %%126 Error - 10.02.2013 14:42:11 | Computer Name = CHO-VAIO | Source = Service Control Manager | ID = 7023 Description = Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet: %%126 Error - 10.02.2013 15:36:21 | Computer Name = CHO-VAIO | Source = ipnathlp | ID = 31004 Description = < End of report > |
Themen zu yhs.delta-search Startseite in Google Chrome und Programm Spyhunter 4 entfernen |
0x80004005, adblock, auswerten, browser, check, dateien, delta toolbar, enigma, entfernen, esgscanner.sys, google, hijack, hijackthis, hintergrund, infizierte, install.exe, konfigurator, kostenlose, logfiles, malwarebytes, meldungen, officejet, plug-in, problem, programm, programme, rechner, remote control, schnell, seite, spyhunter 4, startseite, updates, version, warnmeldungen, windows, windows updates, yhs.delta-search |