| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Internet ist seit Wochen sehr langsam - Mcafee Virenscanner Abo wurde nicht verlängertWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
18.06.2013, 22:48
| #1 |
 |  Internet ist seit Wochen sehr langsam - Mcafee Virenscanner Abo wurde nicht verlängert Ich hoffe, dass mir jemand weiterhelfen kann, da ich mich mit solchen Sachen kaum auskenne. Ich bin mir ziemlich sicher, dass ich mir einen Virus oder Trojaner eingefangen habe, aber was kann ich tun, damit mein Laptop wieder normal funktioniert ? |
|
18.06.2013, 22:51
| #2 | |
| /// TB-Ausbilder   |  Internet ist seit Wochen sehr langsam - Mcafee Virenscanner Abo wurde nicht verlängert Hallo,
__________________Zitat:
Wenn du deinen Rechner nach Malware untersuchen lassen willst, dann arbeite bitte diese Anleitung ab und poste die entsprechenden Logfiles.
__________________ |
|
18.06.2013, 23:58
| #3 |
| | Internet ist seit Wochen sehr langsam - Mcafee Virenscanner Abo wurde nicht verlängertCode:
ATTFilter OTL logfile created on: 19.06.2013 00:24:02 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\*****\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,60 Gb Total Physical Memory | 1,50 Gb Available Physical Memory | 41,67% Memory free
14,41 Gb Paging File | 2,67 Gb Available in Paging File | 18,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 449,84 Gb Total Space | 372,27 Gb Free Space | 82,76% Space Free | Partition Type: NTFS
Computer Name: **** | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\*****\Downloads\OTL (1).exe (OldTimer Tools)
PRC - C:\Users\*****\AppData\Roaming\KB00262145.exe ()
PRC - C:\Users\*****\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Users\*****\AppData\Roaming\Yontoo\YontooDesktop.exe (Yontoo LLC)
PRC - C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe (Microsoft)
PRC - C:\Programme\IB Updater\ExtensionUpdaterService.exe ()
PRC - C:\Windows\SysWOW64\jmdp\stij.exe ()
PRC - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\agcp.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe (Iminent)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MDCrashReportTool.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (Iminent)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
PRC - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe (Advanced Micro Devices, Inc.)
PRC - c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Care\listener.exe (Sony of America Corporation)
PRC - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
PRC - C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe (Microsoft Corporation)
PRC - C:\Windows\Microsoft.NET\Framework\v4.0.30319\cvtres.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Users\*****\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll ()
MOD - C:\Users\*****\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.225\pepflashplayer.dll ()
MOD - C:\Users\*****\AppData\Roaming\KB00262145.exe ()
MOD - C:\Users\*****\AppData\Roaming\Yontoo\dat\sqlite3.DLL ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ffmpegsumo.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\6ff6bd832b03b5d6ea275ba9bee2d3ef\System.IdentityModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\be692307d47b83000bba8bb6b484aff0\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\019ed4a55ecc7d1f5b933c27970dce9b\System.Runtime.DurableInstancing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\2609614ca03927f7a99418c74844059b\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f878765b06a1d56b04f4bd23a9c60985\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\233661f3a2b632e9553915c8639637d0\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\2f9e0112e10f9e70d3430d0be9863976\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\153143f74d840484b510d8cf5187796b\System.Windows.Forms.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\12630df9abc4ebf7ff67de989b8e8123\System.Configuration.Install.ni.dll ()
MOD - C:\Windows\SysWOW64\jmdp\stij.exe ()
MOD - C:\Windows\SysWOW64\jmdp\lmrn.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\ef7642a4f2724135d445e2ea36582e78\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll ()
MOD - C:\Windows\SysWOW64\jmdp\sqlite3.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (IBUpdaterService) -- C:\Windows\SysNative\dmwu.exe ()
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McOobeSv) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AMD FUEL Service) -- c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (IB Updater) -- C:\Programme\IB Updater\ExtensionUpdaterService.exe ()
SRV - (SProtection) -- C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe (Iminent)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (McODS) -- C:\Programme\McAfee\virusscan\mcods.exe (McAfee, Inc.)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation)
SRV - (ZAtheros Bt&Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Atheros Commnucations)
SRV - (VSNService) -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)
SRV - (DCDhcpService) -- C:\Programme\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe (Atheros Communication Inc.)
SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (PMBDeviceInfoProvider) -- c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (VCService) -- C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation)
SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update Common\VUAgent.exe (Sony Corporation)
SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (VcmINSMgr) -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
SRV - (VcmIAlzMgr) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (SpfService) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation)
SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
SRV - (MOBK649backup) -- C:\Program Files (x86)\McAfee Online Backup\MOBK649backup.exe (McAfee, Inc.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
SRV - (McAWFwk) -- c:\Programme\McAfee\MSC\McAWFwk.exe (McAfee, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose64) -- C:\Programme\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (HipShieldK) -- C:\Windows\SysNative\drivers\HipShieldK.sys (McAfee, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (amdxhc) -- C:\Windows\SysNative\drivers\amdxhc.sys (Advanced Micro Devices, INC.)
DRV:64bit: - (amdhub30) -- C:\Windows\SysNative\drivers\amdhub30.sys (Advanced Micro Devices, INC.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (SmbDrv) -- C:\Windows\SysNative\drivers\Smb_driver.sys (Synaptics Incorporated)
DRV:64bit: - (lehidmini) -- C:\Windows\SysNative\drivers\leath_hid.sys (Atheros)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)
DRV:64bit: - (ATHDFU) -- C:\Windows\SysNative\drivers\AthDfu.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices)
DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices)
DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\drivers\RtsPStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (MOBK649Filter) -- C:\Windows\SysNative\drivers\MOBK649.sys (Mozy, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (e1yexpress) -- C:\Windows\SysNative\drivers\e1y60x64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV:64bit: - (KMWDFILTER) -- C:\Windows\SysNative\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3754061674-2540918322-2663123439-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu
IE - HKU\S-1-5-21-3754061674-2540918322-2663123439-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com [binary data]
IE - HKU\S-1-5-21-3754061674-2540918322-2663123439-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://sony.msn.com [binary data]
IE - HKU\S-1-5-21-3754061674-2540918322-2663123439-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://mystart.incredibar.com/mb201?a=6PQWmVIlnT&i=26
IE - HKU\S-1-5-21-3754061674-2540918322-2663123439-1002\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-3754061674-2540918322-2663123439-1002\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKU\S-1-5-21-3754061674-2540918322-2663123439-1002\..\SearchScopes\{CFAE870E-EB2E-4455-96C0-4CE78E858158}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q212&_nkw={searchTerms}
IE - HKU\S-1-5-21-3754061674-2540918322-2663123439-1002\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb201/?search={searchTerms}&loc=IB_DS&a=6PQWmVIlnT&i=26
IE - HKU\S-1-5-21-3754061674-2540918322-2663123439-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3754061674-2540918322-2663123439-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Funmoods"
FF - prefs.js..browser.search.selectedEngine: "Funmoods"
FF - prefs.js..browser.startup.homepage: "hxxp://searchfunmoods.com/?f=1&a=nv2&cd=2XzuyEtN2Y1L1Qzu0AyCyE0B0FyD0C0FtB0B0F0FzytCtDtCtN0D0Tzu0CyEyBzztN1L2XzutBtFtBtFtCtFyDyByBtN1L1Czu1G2XtB&cr=1288961602&ir="
FF - prefs.js..extensions.enabledAddons: %7B5ebdca98-43b3-45bb-87e0-716029fb42ab%7D:6.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\*****\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX [2013.03.06 13:00:04 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\PROGRAM FILES\IB UPDATER\FIREFOX [2013.03.06 13:00:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012.12.18 20:01:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013.01.31 12:59:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox [2013.03.06 13:00:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\Program Files\IB Updater\Firefox [2013.03.06 13:00:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.14 18:14:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2012.12.19 11:07:52 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.14 18:14:06 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2013.03.28 10:16:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Extensions
[2013.05.12 15:49:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\zzchadsu.default\extensions
[2013.04.23 00:28:59 | 000,000,000 | ---D | M] ("Nuova scheda") -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\zzchadsu.default\extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab}
[2013.05.12 15:49:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\zzchadsu.default\extensions\staged
[2013.04.29 16:18:07 | 000,224,945 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\zzchadsu.default\extensions\gophoto@gophoto.it.xpi
[2013.04.17 15:50:46 | 000,201,930 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\zzchadsu.default\extensions\hdvc@hdvc.com.xpi
[2013.05.12 15:49:18 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\zzchadsu.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.04.26 20:17:45 | 000,002,351 | ---- | M] () -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\zzchadsu.default\searchplugins\Funmoods.xml
[2013.04.12 07:43:43 | 000,002,120 | ---- | M] () -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\zzchadsu.default\searchplugins\MyStart Search.xml
[2013.04.14 18:13:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
File not found (No name found) -- C:\USERS\ESRA KüCüKVARUZAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZZCHADSU.DEFAULT\EXTENSIONS\{5EBDCA98-43B3-45BB-87E0-716029FB42AB}
[2013.04.14 18:14:06 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.03.07 17:45:15 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.03.07 17:45:15 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.03.07 17:45:15 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.03.07 17:45:15 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.03.07 17:45:15 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.03.07 17:45:15 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Esra K\u00FCc\u00FCkvaruzan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\McChPlg.dll
CHR - plugin: Java Deployment Toolkit 7.0.10.8 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U1 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Enabled) = c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files (x86)\Sony\Media Go\npmediago.dll
CHR - plugin: PlayStation(R)Network Downloader Check Plug-in (Enabled) = C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_222.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - Extension: TelevisionFanatic = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\agaihojkldnbljibbboiphnefbpnpohg\4.94.1.37999_0\
CHR - Extension: Google Drive = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: IB Updater = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.557_0\
CHR - Extension: SiteAdvisor = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\
CHR - Extension: Iminent = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.21.4.1_0\
CHR - Extension: SweetIM for Facebook = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\
CHR - Extension: HDvid Codec = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli\2.0_0\
CHR - Extension: Yontoo = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\
CHR - Extension: DVDVideoSoft Browser Extension = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\
CHR - Extension: GoPhoto.it = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.5_0\
CHR - Extension: Google Mail = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: TelevisionFanatic = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\agaihojkldnbljibbboiphnefbpnpohg\4.94.1.37999_0\
CHR - Extension: Google Drive = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: IB Updater = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.557_0\
CHR - Extension: SiteAdvisor = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\
CHR - Extension: Iminent = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.21.4.1_0\
CHR - Extension: SweetIM for Facebook = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\
CHR - Extension: HDvid Codec = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli\2.0_0\
CHR - Extension: Yontoo = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\
CHR - Extension: DVDVideoSoft Browser Extension = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\
CHR - Extension: GoPhoto.it = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.5_0\
CHR - Extension: Google Mail = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IB Updater) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\IB Updater\Extension64.dll ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\McAfee\systemcore\ScriptSn.20120510062228.dll (McAfee, Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IB Updater) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\IB Updater\Extension32.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120510062228.dll (McAfee, Inc.)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll (Iminent)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [McAfeeWrapperApplication] C:\Program Files (x86)\McAfeeMOBK\WrapperTrayIcon.exe (McAfee, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe (Iminent)
O4 - HKLM..\Run: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (Iminent)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3754061674-2540918322-2663123439-1002..\Run: [Facebook Update] C:\Users\*****\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-3754061674-2540918322-2663123439-1002..\Run: [KB00262145.exe] C:\Users\*****\AppData\Roaming\KB00262145.exe ()
O4 - HKU\S-1-5-21-3754061674-2540918322-2663123439-1002..\Run: [monlt] C:\Users\*****\AppData\Roaming\monlt.exe ()
O4 - HKU\S-1-5-21-3754061674-2540918322-2663123439-1002..\Run: [SkyDrive] C:\Users\*****\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3754061674-2540918322-2663123439-1002..\Run: [uwoupnhn] C:\Users\*****\AppData\Local\Temp\Alelelelel\mfdfbupnhn.exe (CJSC "Computing Forces")
O4 - HKU\S-1-5-21-3754061674-2540918322-2663123439-1002..\Run: [xybxmkjk] C:\Users\*****\Lhnhnhnhnh\idppbmkjk.exe (Bloodshed Software)
O4 - HKU\S-1-5-21-3754061674-2540918322-2663123439-1002..\Run: [Yontoo Desktop] C:\Users\*****\AppData\Roaming\Yontoo\YontooDesktop.exe (Yontoo LLC)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3754061674-2540918322-2663123439-1002..\RunOnce: [Uninstall C:\Users\*****\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\*****\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910" File not found
O4 - HKU\S-1-5-21-3754061674-2540918322-2663123439-1002..\RunOnce: [Uninstall C:\Users\*****\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\*****\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" File not found
O4 - HKU\S-1-5-21-3754061674-2540918322-2663123439-1002..\RunOnce: [Uninstall C:\Users\*****\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\*****\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112" File not found
O4 - HKU\S-1-5-21-3754061674-2540918322-2663123439-1002..\RunOnce: [Uninstall C:\Users\*****\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\*****\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64" File not found
O4 - HKU\S-1-5-21-3754061674-2540918322-2663123439-1002..\RunOnce: [Uninstall C:\Users\*****\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\*****\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314" File not found
O4 - HKU\S-1-5-21-3754061674-2540918322-2663123439-1002..\RunOnce: [Uninstall C:\Users\*****\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\*****\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\*****\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\*****\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{01A9B807-333C-40A4-980F-BF4E52C9E206}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A68420D3-4D4D-44BC-AF72-0423C75A7E81}: DhcpNameServer = 172.16.16.19
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{16723f69-696a-11e2-97ba-844bf5cf2c00}\Shell - "" = AutoRun
O33 - MountPoints2\{16723f69-696a-11e2-97ba-844bf5cf2c00}\Shell\AutoRun\command - "" = E:\ZTE_Handset_USB_Driver.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.06.18 23:30:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013.06.18 18:46:59 | 000,000,000 | R--D | C] -- C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2013.06.18 13:42:36 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Sony
[2013.06.17 23:17:47 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Apple Computer
[2013.06.17 23:17:47 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\Apple Computer
[2013.06.17 23:17:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.06.17 23:17:28 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2013.06.17 23:16:29 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.06.17 23:16:27 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.06.17 23:16:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013.06.17 23:16:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013.06.17 23:16:27 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013.06.17 23:13:59 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\Apple
[2013.06.17 23:13:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013.06.17 23:12:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013.06.17 23:12:02 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013.06.17 23:12:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013.06.17 23:11:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013.06.17 23:11:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013.06.17 22:57:36 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite
[2013.06.17 22:55:45 | 000,000,000 | ---D | C] -- C:\ProgramData\WindSolutions
[2013.06.16 10:57:33 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.06.16 10:57:33 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.06.16 10:57:33 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.06.16 10:57:32 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.06.16 10:57:32 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.06.16 10:57:32 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.06.16 10:57:32 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.06.16 10:57:32 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.06.16 10:57:32 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.06.16 10:57:30 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.06.16 10:57:29 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.06.16 10:57:29 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.06.16 10:57:28 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.06.16 10:55:55 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.06.16 10:55:54 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.06.13 09:59:57 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013.06.13 09:59:57 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013.06.13 09:59:35 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2013.06.13 09:59:34 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2013.06.13 09:58:53 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.06.13 09:58:30 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2013.06.13 09:58:30 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2013.06.13 09:58:29 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013.06.13 09:58:28 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013.06.13 09:58:27 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2013.06.13 09:58:26 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2013.06.13 09:57:37 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.06.13 09:57:36 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.06.06 15:38:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.06.19 00:12:22 | 000,001,132 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.19 00:00:15 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.18 22:29:03 | 000,000,976 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3754061674-2540918322-2663123439-1002UA.job
[2013.06.18 22:22:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.18 19:29:04 | 000,000,954 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3754061674-2540918322-2663123439-1002Core.job
[2013.06.18 18:54:31 | 000,020,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.18 18:54:31 | 000,020,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.18 18:46:43 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.18 18:46:23 | 2901,434,368 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.17 23:17:30 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.06.16 23:25:03 | 000,000,211 | ---- | M] () -- C:\Users\*****\Documents\artikel nummer.rtf
[2013.06.13 09:48:24 | 000,064,000 | ---- | M] () -- C:\Users\*****\AppData\Roaming\KB00262145.exe
[2013.06.13 09:48:24 | 000,000,322 | ---- | M] () -- C:\Users\*****\AppData\Roaming\KB00262145.exe.BAT
[2013.06.12 23:43:06 | 000,000,625 | ---- | M] () -- C:\Users\*****\Documents\Krankheiten2.rtf
[2013.06.12 14:50:18 | 000,084,076 | ---- | M] () -- C:\Users\*****\AppData\Roaming\KB00262145.exe.DAT
[2013.06.12 00:00:37 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.06.12 00:00:37 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.06.10 20:40:54 | 000,168,428 | ---- | M] () -- C:\Windows\SysNative\s000000.dat
[2013.06.10 20:17:37 | 000,000,040 | ---- | M] () -- C:\Windows\SysNative\sstate_prev.sdt
[2013.06.10 20:17:34 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\sstates.sdt
[2013.06.08 16:06:58 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.06.08 13:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.06.06 15:39:06 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013.06.05 11:03:00 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.06.05 11:03:00 | 000,696,870 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.06.05 11:03:00 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.06.05 11:03:00 | 000,148,134 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.06.05 11:03:00 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.06.02 14:17:29 | 000,000,550 | ---- | M] () -- C:\Users\*****\Documents\Hairfree.rtf
[2013.05.29 15:51:43 | 000,022,678 | ---- | M] () -- C:\Users\*****\Desktop\41ky9nUW2JL._SY445_.jpg
[2013.05.29 15:04:55 | 000,000,209 | ---- | M] () -- C:\Users\*****\Documents\ege.rtf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.06.17 23:17:30 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.06.17 23:13:50 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013.06.16 23:25:02 | 000,000,211 | ---- | C] () -- C:\Users\*****\Documents\artikel nummer.rtf
[2013.06.11 23:11:40 | 000,000,625 | ---- | C] () -- C:\Users\*****\Documents\Krankheiten2.rtf
[2013.06.10 20:40:54 | 000,168,428 | ---- | C] () -- C:\Windows\SysNative\s000000.dat
[2013.06.10 20:17:34 | 000,000,040 | ---- | C] () -- C:\Windows\SysNative\sstate_prev.sdt
[2013.06.10 20:17:34 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\sstates.sdt
[2013.06.06 15:39:06 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.06.06 15:39:06 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013.06.02 14:17:29 | 000,000,550 | ---- | C] () -- C:\Users\*****\Documents\Hairfree.rtf
[2013.05.29 15:51:43 | 000,022,678 | ---- | C] () -- C:\Users\*****\Desktop\41ky9nUW2JL._SY445_.jpg
[2013.05.29 15:04:54 | 000,000,209 | ---- | C] () -- C:\Users\*****\Documents\ege.rtf
[2013.05.08 10:46:27 | 000,000,322 | ---- | C] () -- C:\Users\*****\AppData\Roaming\KB00262145.exe.BAT
[2013.05.07 16:17:24 | 000,084,076 | ---- | C] () -- C:\Users\*****\AppData\Roaming\KB00262145.exe.DAT
[2013.05.07 16:17:24 | 000,064,000 | ---- | C] () -- C:\Users\*****\AppData\Roaming\KB00262145.exe
[2013.05.01 22:37:40 | 000,021,101 | ---- | C] () -- C:\Users\*****\AppData\Local\recently-used.xbel
[2013.03.04 15:10:05 | 000,004,096 | ---- | C] () -- C:\Users\*****\Januar.jpg
[2012.05.10 07:50:32 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2012.05.10 06:15:43 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.04.16 06:22:06 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.04.16 06:22:06 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.04.16 06:22:06 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[1601.01.01 02:00:00 | 000,221,184 | ---- | C] () -- C:\Users\*****\AppData\Roaming\monlt.exe
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.01.06 22:39:13 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\(C8-64-C7-CA-EA-7E)
[2013.06.18 20:59:06 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\8B515B03
[2013.01.08 20:55:35 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\dl_0
[2012.12.22 17:42:01 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\DVDVideoSoft
[2012.12.22 17:41:25 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\DVDVideoSoftIEHelpers
[2013.04.23 00:27:35 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Funmoods
[2013.01.12 13:02:39 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Iminent
[2013.03.25 13:07:11 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\MatchWare
[2013.02.09 21:53:58 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\PhotoScape
[2013.06.18 13:42:36 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Sony
[2013.06.19 00:38:31 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Yontoo
========== Purity Check ==========
< End of report >
Code:
ATTFilter OTL Extras logfile created on: 19.06.2013 00:24:02 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\*****\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,60 Gb Total Physical Memory | 1,50 Gb Available Physical Memory | 41,67% Memory free
14,41 Gb Paging File | 2,67 Gb Available in Paging File | 18,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 449,84 Gb Total Space | 372,27 Gb Free Space | 82,76% Space Free | Partition Type: NTFS
Computer Name: ***** | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3754061674-2540918322-2663123439-1002\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00FC8C50-282F-4B48-996C-F40D3EB48665}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{1851E79D-7F75-4ECC-A552-C808D8E8A133}" = lport=138 | protocol=17 | dir=in | app=system |
"{1C4BE34C-0ED6-46C9-9B91-97158EB783FC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2B7073F6-DB4F-4A07-965A-E73BA8CCAB99}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{2D3E15BE-397A-485E-860D-DC2A99B3FB81}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{35B45D11-57C4-4D90-93F4-735907AAD239}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{448BDC70-4CE0-4DC9-94CD-924FEE35104A}" = lport=137 | protocol=17 | dir=in | app=system |
"{4BBAC8D7-CAC1-4EE0-8CD7-67F1A3F72C35}" = lport=10243 | protocol=6 | dir=in | app=system |
"{4F143021-503E-4B33-A546-5659F7661A2E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{627A5E4F-B97D-4EF2-90CA-71BD13611184}" = lport=3888 | protocol=17 | dir=in | app=c:\program files (x86)\sony\vaio creations\vaio movie story\vmstory.exe |
"{63654A4E-445B-4DC2-B5DB-0B64DF110E46}" = rport=138 | protocol=17 | dir=out | app=system |
"{65BDDC2C-B04D-47D0-B6ED-19C397279C66}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6D1332EA-757E-4154-B3A5-A611BC8BF1CB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{73F3E484-C1E8-4E84-BB16-B4F083841204}" = lport=3880 | protocol=6 | dir=in | app=c:\program files (x86)\sony\vaio creations\vaio movie story\vmstory.exe |
"{7C09999A-BA9C-4128-8B8A-DE4591882F4D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8090D6D9-301E-444E-9A5D-3B36F9A94FA9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{837C7DA6-BA81-4BF9-8C19-99540AFCD1E7}" = lport=80 | protocol=6 | dir=in | app=c:\program files\sony\vaio smart network\wfda\wifidirectapplication.exe |
"{866E3C05-36B6-488A-9E89-98B7355358EF}" = lport=445 | protocol=6 | dir=in | app=system |
"{88C3E7A1-C4C8-4C0B-B2B3-28B356C083C6}" = lport=139 | protocol=6 | dir=in | app=system |
"{9023D00D-33B7-495D-9E1F-F2C8E3215EF1}" = rport=10243 | protocol=6 | dir=out | app=system |
"{AB7CEE34-C0F1-4E2F-96F7-17474C445771}" = rport=445 | protocol=6 | dir=out | app=system |
"{AE2832F1-2847-4EF4-B164-263795536F5F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B2CEEEC1-0E7E-41A7-B395-A10840134CA2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B3804B2A-70ED-4B19-9C55-3985EB909FA0}" = rport=139 | protocol=6 | dir=out | app=system |
"{CB7A8940-BD24-42FC-A064-90B31E6441B9}" = lport=3888 | protocol=6 | dir=in | app=c:\program files (x86)\sony\vaio creations\vaio movie story\vmstory.exe |
"{DF3B4215-7FDA-4BA7-95AD-905B1F9BDAA5}" = rport=137 | protocol=17 | dir=out | app=system |
"{E4E2F1FA-5DF1-4B95-A59C-9C2A85B472D5}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{F7C8C1C1-0566-4987-94A1-B8B5C2743723}" = lport=53 | protocol=17 | dir=in | app=c:\program files\sony\vaio smart network\wfda\dcdhcpservice.exe |
"{FA30F165-069F-4606-9091-95780B137A54}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{081E22EE-C9A2-4E29-9CD5-777FA023C0BB}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{087B78FE-099E-48DA-850A-341210806DB4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0FA5B52F-7CC2-49B8-ABD1-3A0193C3A88B}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{10A9E9DE-1A65-4798-8CDD-A17110D0EBB4}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{1C4FB62A-A4DD-4BC9-BCF0-FDAD10730ABF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1E5048AC-7F73-4F75-B410-280AAB7AA772}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{375D9D96-3DA3-48A6-908D-45A503759279}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{42419279-EC2D-4834-87A0-39AEDCA98403}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{42B68F88-A3E0-48D2-B5D6-32CBE4072768}" = dir=in | app=c:\program files (x86)\iminent\iminent.messengers.exe |
"{432AF867-F7AE-4A33-A1DA-54FBAB165763}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{47B40895-D6E2-4B6D-AED4-AADDFE41D361}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4A629AE4-9204-4B64-9ECC-2A3924E6BD57}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4ABD3F6D-7CAB-4260-A70D-76919FF272CD}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{4C6F4F3F-7231-4560-9AC7-1B64A8CF2408}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{54DE0F7E-69A6-4064-9BAD-435098922CA7}" = dir=in | app=c:\program files (x86)\iminent\iminent.exe |
"{632374F1-A1DD-4C1E-9019-527BF99D9EEA}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{6329A47F-FF86-4CD2-9564-14A738A646A0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{664B0EDD-957E-4D3C-9D53-F5D088047F19}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{6FCBE958-A8D1-401A-8B37-FE07A244DFA9}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{72B9502A-3A61-4ECE-98B9-5D6D577F4F4D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{79EC4777-C00B-475F-9FB8-73E73EAB2772}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{7C81242F-3629-4129-B74B-D80DEC1C7E6F}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{82184A70-7588-4072-BD01-A903E1DECA0C}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{824143F3-4C80-497C-A199-AD9BB8225A56}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{91D48460-A7BE-4F18-BF25-971AD3AAFD7B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{952C26CC-28FA-4A27-AE62-9450DFED1086}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{9B4FE176-51B9-4EED-96B2-F32098C65EBC}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{9E89F4A9-5F35-4DF1-B001-0CB0EA686FC9}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9FC02898-3CD4-4039-B07B-F72F9943CD22}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{A1A7BF79-E2B9-450D-9550-FDE06DCEA594}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{A98F9905-915B-49CF-91F2-521E8F6938C5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AACC01EE-72B8-42A2-BBC5-8174B56568CA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AB2FEEDB-21DB-413B-B22D-CC9FDE448C12}" = protocol=6 | dir=out | app=system |
"{B2494E7E-B579-4FBD-A6B5-D68AAFCC1F7E}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{B3B1D031-0381-478F-B45B-0B10FC28DE6A}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B4B9BC09-584B-4AB3-B0F9-869BE1A0B334}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{B87EBF86-64C8-4534-BCA6-99F389A4C553}" = dir=in | app=c:\users\*****\appdata\local\microsoft\skydrive\skydrive.exe |
"{B8E52C9D-0507-4C39-A1EB-6351096F69AD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B94A5FE4-02ED-4E63-8C29-8357ACFC014B}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{BDCD8431-1FA5-478E-988C-1EE139D013AB}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{BF997A96-9D64-4EAA-8BC5-5260BE6528EE}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{C66DB19B-C093-4A9F-97AC-ED0095215006}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{CE347BCE-4E11-4648-8F93-531822752A3F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D2E8DE2E-E38F-4B7F-A26C-16888EFEF8DD}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{D720972A-8BDB-41B8-BE21-9C002F17EDDA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E1CDAAA0-4755-4D6F-BC66-D4E01665DD10}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{E4F36A9B-2026-4335-B8A6-DD5BF03EF0E5}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{E76E9FB2-125C-4156-8F3A-58D2005B8248}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{EF05E650-3782-4D79-86BD-F82DF8BC7A39}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{EF144CCA-25C5-43BD-8CF7-3DA33AADB82D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F7072189-96D4-4D65-84BC-104D9FEA1F19}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FAFF6F54-E5FB-4FA8-8040-89B9BE765D04}" = dir=in | app=c:\users\*****\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{FE08F53D-E84C-46E9-9900-E8E704339CC3}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{FF622E8F-4852-48E5-AA6D-8E3535F83993}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0EB7792D-EFA2-42AB-9A22-F33D9458E974}" = Media Gallery
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Atheros Bluetooth Suite (64)
"{26A24AE4-039D-4CA4-87B4-2F86417001FF}" = Java(TM) 7 Update 1 (64-bit)
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = IB Updater 2.0.0.578
"{34EB42BE-F4D3-44C1-B28E-9740115DB72C}" = VAIO - Microsoft Visual C++ 2010 SP1 Runtime 10.0.40219.325
"{46261E1C-5E0D-484E-8CCC-7F770375FBA2}" = VU5x64
"{471F7C0A-CA3A-4F4C-8346-DE36AD5E23D1}" = VAIO Care
"{488B67FC-072B-025B-AEF5-4AA50C378ABF}" = AMD Catalyst Install Manager
"{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = VSSTx64
"{5212FB9D-C7A1-7BF4-9096-3DD48819F21D}" = McAfee Online Backup
"{549AD5FB-F52D-4307-864A-C0008FB35D96}" = VCCx64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75C95C84-264F-4CC7-8A7E-346444E6C7C1}" = VAIO Improvement Validation
"{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{844D051D-4A3A-95EF-032E-3D07FE3A1A2F}" = ccc-utility64
"{8527DB8B-02ED-81A8-817B-4CD2145E208F}" = AMD Media Foundation Decoders
"{886C0C18-F905-49B2-90BA-EFC0FEDF27C6}" = VAIO - PlayMemories Home Plug-in
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 2.04.1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-1000-0000000FF1CE}_Office14.SingleImage_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-1000-0000000FF1CE}_Office14.SingleImage_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-1000-0000000FF1CE}_Office14.SingleImage_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-1000-0000000FF1CE}_Office14.SingleImage_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-1000-0000000FF1CE}_Office14.SingleImage_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-1000-0000000FF1CE}_Office14.SingleImage_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.SingleImage_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.SingleImage_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.SingleImage_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-1000-0000000FF1CE}_Office14.SingleImage_{3013A793-10A7-4D1F-B8B4-2FAA82F4D259}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-1000-0000000FF1CE}_Office14.SingleImage_{98782D5D-A9EE-43C6-88AD-B50AD8530E78}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-1000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010
"{90140000-0043-0407-1000-0000000FF1CE}_Office14.SingleImage_{8DFD91C7-66AE-4E54-9901-5D5F401AD329}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-1000-0000000FF1CE}_Office14.SingleImage_{8299B64F-1537-4081-974C-033EAB8F098E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-1000-0000000FF1CE}_Office14.SingleImage_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D55EAC07-7207-44BD-B524-0F063F327743}" = VIx64
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}" = VPMx64
"{E743BA71-5955-420B-AA52-67508054AD66}" = VAIO Update Merge Module x64
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{EFB013F9-42A2-854F-3906-08C385F54F71}" = AMD Fuel
"{F2611404-06BF-4E67-A5B7-8DB2FFC1CBF6}" = VSNx64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00476F3E-3C4D-4E02-B8BB-125350157EB9}" = Windows Live Mail
"{03426ED9-9D9C-4F71-B293-BBE6493367A2}" = Windows Live Mail
"{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker
"{03E2EED4-368D-49EA-B1AC-8B615E37E16D}" = Windows Live Messenger
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{046885A1-B4AE-4459-A0D1-8C93706698D6}" =
"{048C8498-C20B-4AF7-9978-7A79E567D74C}" = Photo Common
"{058EDEC8-1873-4B49-9A08-54ADE9CC129B}" = Movie Maker
"{06EED60F-7FFC-43A7-936E-AA4A8BD948B4}" = Windows Live Writer
"{07441A52-E208-478A-92B7-5C337CA8C131}" = VAIO - Remote Play mit PlayStation®3
"{087D261B-73AE-4B8A-8F18-2EE80DD2ED8B}" = Фотоальбом
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{0AD576A7-EDCE-469E-ADD7-1AC9DB200C6B}" = Windows Live Mail
"{0B783100-6F04-4E2F-B83D-0A9B4EEDE47A}" = Windows Live Writer Resources
"{0BC39E89-506A-4ADA-8924-27AEE2C97618}" = Windows Live Writer
"{0BFF2188-2D8E-4BE2-95D0-B3CCD4C6A0C9}" = Photo Common
"{0D0D2F6B-09C9-C584-F53B-E8956BB9B43E}" = CCC Help English
"{0DF95460-2887-4011-9344-1959CDF18ADC}" = Photo Common
"{0E1BB4B4-00FF-45B1-914B-AB8D8B9862B3}" = Windows Live UX Platform Language Pack
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{0F79CF48-8373-7105-6FE3-D2AE0B26ABE5}" = CCC Help Danish
"{1026DF85-1C0F-4839-888E-EB9D5B73CF46}" = Windows Live Writer
"{115356B4-8E81-43DB-BB2A-19E5ED95FBAF}" = Фотоколекція
"{15F3A6F5-06AE-4332-AE3E-21CD0416827A}" = Windows Live Mail
"{167A1F6A-9BF2-4B24-83DB-C6D659F680EA}" = Media Go
"{17DC7856-35F5-A0E5-27B9-BC6C5BBF7FD4}" = CCC Help Swedish
"{180BAB78-7FFA-10DE-41C4-2F39C2386BEF}" = CCC Help Portuguese
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{182D3167-FE80-4DF6-96C2-84AC0ABA20D8}" = Windows Live Writer Resources
"{18EE664A-8121-4023-8E6E-BB2E9AEEC75E}" = Catalyst Control Center - Branding
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19AFD9A4-B584-41C8-91EA-38EB2FC1BD50}" = Windows Live Messenger
"{1A79A578-4277-48AF-98A6-F9E48CF1B6D8}" = Windows Live Writer
"{1C0343CA-C2C3-69DF-34E9-DC6FA7274BB6}" = CCC Help Korean
"{1D6F9A9A-DCF3-45A7-9B14-46DDA778313F}" = Windows Liven sähköposti
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}" = Windows Live Messenger
"{1F0C818D-4A41-4E40-BAFB-BB940C82A518}" = Fotogalerija
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{207E9B4C-48A9-47CE-BBC8-ACF0B2006351}" = Windows Live Mail
"{21DD6041-7251-40FA-9D06-C5EB30268E0F}" = Qualcomm Atheros Direct Connect
"{23A3E560-069F-4CFC-8F6C-1B526EC735FC}" = Windows Live Writer Resources
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{254F7574-53A7-43D1-BC4D-B1E894AEE175}" = Windows Live Writer
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{262E7632-72F9-4CBE-9461-937F24106EF2}" = Windows Live Essentials
"{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13
"{27C467F8-F8EF-4f68-BD72-D63632B2096C}" = McAfee Online Backup
"{28B2947F-FC0B-4450-80E3-6DF698E824A6}" = Windows Liven peruspaketti
"{2A078A2B-E2C8-43A3-862C-DC57090AB7C2}" = Movie Maker
"{2AC4C6D7-512D-4B78-A85B-2C16E748AB8E}" = Movie Maker
"{2B068A64-F867-44E9-8827-A795647C8730}" = Фотографии (общедоступная версия)
"{2B919309-7052-45A4-B1C8-5B4894E8648B}" = Windows Live Writer
"{2DBAD634-0032-42E8-8A04-B4CFC5062EB0}" = Iminent
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{2F41EF61-A066-4EBF-84F8-21C1B317A780}" = VAIO - TrackID™ mit BRAVIA
"{306C7AEF-16C7-428D-93AA-99D4A4090243}" = Movie Maker
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{31846283-C955-4CE1-9297-8670BD0C9A7E}" = Windows Live Messenger
"{31B97E28-3919-41BC-2017-2B880D98E610}" = CCC Help Turkish
"{32AA7594-09A9-437F-9541-5F760509B752}" = Фотогалерия
"{330BBA5F-4A63-4545-900F-8446F205BA52}" = Windows Live Writer Resources
"{3490653F-2789-46A1-B1BF-6BD4CF4131AB}" = FDUx86
"{34C5AD54-3CCD-4935-AB8D-8527058B96F7}" = Windows Live UX Platform Language Pack
"{35CB7C2D-B421-46FC-89CF-3B630628876F}" = Windows Live Writer Resources
"{36BEC461-B58A-414D-993E-E2BDD1F1A14B}" = Movie Maker
"{373EF285-A2DC-44EB-8D79-18918F33CB3A}" = Windows Live Messenger
"{37B0EFE4-12F3-473A-574D-4387BCB8441A}" = CCC Help Hungarian
"{37FDD121-C443-4FD3-A213-2449B397C068}" = Windows Live Messenger
"{38911305-6616-4D26-91DB-AD83B1F2DCF0}" = Windows Live Mail
"{3A26D9BD-0F73-432D-B522-2BA18138F7EF}" = VAIO Improvement
"{3A9ECD64-DE00-4779-A89E-C878513B2B37}" = Windows Live Writer Resources
"{3C3DCD2B-6FC7-41BF-BB80-40A936E1A785}" = Windows Live Writer
"{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie
"{3D4F3F4C-E364-4E46-BFB1-A00BF9777422}" = Windows Live UX Platform Language Pack
"{3FD0036E-236A-4EDD-894D-4374BEE64464}" = Windows Live UX Platform Language Pack
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{4279C954-A249-E92D-E9A8-C66A60DCAFC9}" = AMD VISION Engine Control Center
"{42B6C7E0-0DAE-488D-8DAF-838898102F19}" = Windows Live Writer
"{42E09928-C7CD-CAD9-C11F-097258056A61}" = CCC Help Russian
"{446CC8CE-0E90-44F7-ADD0-774B243EF090}" = Galerie de photos
"{45390337-A49F-05D0-F6E6-BD49112E3A57}" = CCC Help Japanese
"{46A648D2-C097-41A3-A517-E709F045B6CD}" = Movie Maker
"{49F068F2-4323-417B-AFC8-1E43F479D46C}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA2A466-8031-403A-8236-5301B4E391FB}" = Windows Live UX Platform Language Pack
"{4AF53C99-315D-4536-873F-029D2D274AE2}" = Photo Common
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4E55905B-849D-4633-9267-3EC77E24221A}" = Poczta usługi Windows Live
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{5078CEC3-A56F-4080-8CD4-ED7BCBE5686B}" = Photo Common
"{50849B2C-097E-47A5-A076-6F11A939E093}" = Windows Live Mail
"{51449A7F-4820-4757-9236-87A3BE7B6F27}" = Windows Live Writer
"{5156C9BF-1C27-430B-96D8-7129F11699A8}" = VAIO Data Restore Tool
"{51EF51B6-0D9F-4977-8F9D-A1E15017D2B7}" = Windows Live Mail
"{537B16E0-A39F-47CB-9C1E-50978862B108}" = Windows Live UX Platform Language Pack
"{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents
"{55268806-FC27-4CA2-9CCA-1269FD4831FE}" = Windows Live Writer
"{56232E3D-7EA9-45E0-A371-26CD80510AF7}" = Windows Live UX Platform Language Pack
"{56A4C6B1-31CF-CB4A-C406-22597868766A}" = Catalyst Control Center Profiles Mobile
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5917D694-AFC3-46BF-8CAB-0DABAF9D6FCB}" = Windows Live UX Platform Language Pack
"{5A30E103-9FA6-4A23-A107-E1F5F174BB62}" = Windows Live Temel Parçalar
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{5FE3BC4E-2BD5-4D6B-8BC4-640A42626AAD}" = Почта Windows Live
"{61438020-DDD4-42FA-99A2-50225441980A}" = ArcSoft Magic-i Visual Effects 2
"{6209125A-46C5-4099-96DC-72FD55B07C1C}" = Windows Live Writer Resources
"{62BBCDDC-4979-4E59-9D97-5B8E874C3191}" = Movie Maker
"{62CC9AF4-EDD9-43C8-9856-FFD60362CFA9}" = Windows Live Messenger
"{62F3CFC0-392F-4A47-24F2-52C41E4137E1}" = CCC Help Thai
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{6466EF6E-700E-470F-94CB-D0050302C84E}" = Remote Keyboard
"{66DB6D91-BF91-480B-933D-7CB8B1E64D74}" = Windows Live Messenger
"{6820112E-8AE8-7BA7-5398-F40DCF979A9A}" = Catalyst Control Center Graphics Previews Common
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{692955F2-DE9F-4078-8FAA-858D6F3A1776}" = VAIO Gesture Control
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6B8F13E2-F02B-445C-9A31-3C0E5D547CBA}" = Photo Common
"{6DA675F3-B549-4BDE-90FA-BEF8C3B87F00}" = Windows Live Mail
"{6E51F114-8713-8685-7AED-7CC5D05AD8BF}" = Catalyst Control Center Localization All
"{6F8F1F8A-CE10-0A04-7C5B-887FF4DEE2D6}" = CCC Help Italian
"{6FD21053-829D-40E7-B04C-CAFB7D5CD025}" = KUx86
"{701FE1BC-834A-4857-AF62-6EBA50CFBC78}" = Movie Maker
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{70BF63A5-DE6A-417C-AB93-5E31D0DA994E}" = Windows Live Writer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{715F9B21-2817-402A-9BF0-BDA764D21F09}" = Windows Live Essentials
"{7211F448-F865-4D37-B905-24D84E6C3E5E}" = Windows Live Writer Resources
"{73669388-1011-4B57-A90F-8B0415093AB2}" = Windows Live Writer
"{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}" = VAIO - Remote-Tastatur
"{743FD554-A73F-4FE8-BE7B-C283D16297F9}" = Photo Common
"{751EB657-3F22-4150-8CE4-D79A262F1D92}" = Movie Maker
"{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}" = Galeria fotografii
"{7607440C-FDCA-4210-9CD9-13D8F0DDAD0C}" = Windows Live Writer Resources
"{773879F5-3A4B-A238-F017-0AB4C423883C}" = CCC Help Chinese Traditional
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{794D971F-7EC1-4F71-A51C-773074CAB8DA}" = Windows Live Writer
"{797DC296-ADC5-4A08-8CBC-AEB0D6F4B249}" = Windows Live Essentials
"{7A83618D-879A-4258-8B5E-5AD8B5F3EDD0}" = Windows Live Writer
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"{7E41F42B-7ED8-4E15-A492-B93B287C027F}" = Windows Live Writer Resources
"{7E5A5CA6-B7D0-406E-A75E-157CAB47EB94}" = VMLx86
"{7E63F102-A9E9-4F4C-8004-BC62974736BF}" = Movie Maker
"{7E9A63B3-8572-4A4B-9F87-3C2A873BBC55}" = Windows Live UX Platform Language Pack
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" =
"{8063EB67-E777-4A56-9C1E-FAD75C2F5EC2}" = Photo Common
"{81450F79-0C75-8261-73B6-182C027EEA0F}" = CCC Help Chinese Standard
"{8146445E-B14D-4CBA-AB9A-728CF166DAC9}" = Windows Live Messenger
"{8176B9CA-F037-49C0-BD77-661B1DDCA6F3}" = Movie Maker
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =
"{83C9377F-5ED1-4AD8-B113-7C876AEAF3AB}" = Windows Live Messenger
"{854A24E3-A0EF-472A-B1D6-A2E9D43D5D8B}" = Windows Live Writer Resources
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =
"{857BC375-BCFB-474E-9BD9-7EBB18EC55E0}" = Windows Live Essentials
"{858B32BD-121C-4AC8-BD87-CE37C51C03E2}" = TrackID(TM) with BRAVIA
"{86C40513-B5A4-476E-9EAB-EC118DCF4502}" = Windows Live Writer
"{87425773-10F4-4858-8CBF-465093FA43DE}" = Windows Live Mail
"{88809C3E-8C92-4454-AEB7-B26166E3D6CD}" = Windows Live UX Platform Language Pack
"{8913AC02-67B8-4B52-91B2-BBA7B9C265B5}" = Windows Live Writer Resources
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8AAEB5A5-A397-46B6-8AF3-B6DC790C4E48}" = Windows Live Messenger
"{8CE152BA-1D16-11E1-867D-984BE15F174E}" = Evernote v. 4.5.2
"{8D813AFF-D91D-4EE0-821F-B901FC2E89FA}" = Windows Live
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E241C05-52BF-4862-AD1F-AAE465C0075B}" = Windows Live Mail
"{8E31695A-4694-4DC4-8BEF-F8F22520D38D}" = Windows Live Writer
"{8E797841-A110-41FD-B17A-3ABC0641187A}" = VAIO Control Center
"{902C4E0E-89CE-43B9-BCC0-F3A91E987F99}" = Windows Live Writer
"{9038E0C6-9CB9-4380-8FA3-B6B30FA304CF}" = Основи Windows Live
"{9093B0D5-EA59-4C9E-A2E3-CC130138DFCD}" = Fotogaléria
"{90993BD9-C7D9-4C2F-B56C-2F7AFEBD4CD0}" = Windows Live UX Platform Language Pack
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95246ACC-67B4-2091-B410-F9D70A60FEDC}" = CCC Help Spanish
"{953AA732-9AFB-49C9-84A4-7F96CA0A08DA}" = SweetPacks bundle uninstaller
"{96361BC7-B7C8-4594-AD89-813C371F4246}" = Windows Live Writer Resources
"{968B8056-7631-4204-9BFB-CF7E0965C31F}" = Windows Live Messenger
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{989889A7-D13D-4DA4-B059-B250784DFABC}" = Photo Common
"{9939B8FF-7D2D-4258-B5B9-B6BA8DD59905}" = Windows Live Mail
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B4D3AFE-8679-4704-AA4C-BAB0E41870EF}" = Windows Live Essentials
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C60D080-84E7-43A5-8ECA-28253D253BD7}" = Windows Live Essentials
"{9D3B7B6C-1493-441C-99B6-26A419354812}" = Windows Live Writer
"{9EDF46F0-2D4E-4C00-B2B6-0660666E9F60}" = Movie Maker
"{9F470E17-4FC3-4091-A508-D5347A16A2B9}" = Fotogalleriet
"{A035950F-15BA-41C0-9D8F-165FC0536012}" = Movie Maker
"{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" = SweetIM for Messenger 3.7
"{A0E4C4A6-1CC7-4442-8CAE-2D825B7BC1C1}" = Windows Live Writer Resources
"{A17946CA-18E5-4CF0-8D55-A56D804718F8}" = Movie Maker
"{A17D2142-6D09-4C3D-AD24-FDF9EF3198C3}" = Windows Live Writer Resources
"{A19A8C25-272A-4CD6-8BA8-3772321A021B}" = Συλλογή φωτογραφιών
"{A1FBD2B3-6768-472D-BA46-C00EACBCE16C}" = Fotogalerie
"{A37F2060-813A-4325-9456-272B10EE75EF}" = Windows Live Essentials
"{A3D995FA-C9A0-4E7D-B430-3F7A6731B4D5}" = Windows Live UX Platform Language Pack
"{A412D7BD-FD86-461D-B385-CD8062F34131}" = Windows Live Messenger
"{A47EA9D4-BB87-415E-9239-28860434E5A0}" = Movie Maker
"{A49A517F-5332-4665-922C-6D9AD31ADD4F}" = VSNx86
"{A58FCEF4-3191-466C-8949-0FFFFFB7631D}" = Windows Live Writer Resources
"{A6852FB1-4C7C-B0E9-88FF-DA81107F58FC}" = CCC Help German
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}" = Podstawowe programy Windows Live
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA82E5EF-70C2-41CB-8432-309078304CBB}" = Photo Common
"{ABAF6F07-0D84-4700-948E-EC5042B9D978}" = Windows Live Mail
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{ADE1F206-1365-4B14-9A24-4B1A7DD58BAC}" = Windows Live UX Platform Language Pack
"{AE364ACC-B9DF-466B-B4EA-AEECD0CD581E}" = Windows Live Messenger
"{AE5F3379-8B81-457E-8E09-7E61D941AFA4}" = VAIO Gate
"{AE8044B5-FCA3-4EBE-AC78-0FB3A6E8DC76}" = Movie Maker
"{B096A0E4-26A1-4E9F-8548-577964B9434B}" = Windows Live Essentials
"{B24BB74E-8359-43AA-985A-8E80C9219C70}" = VSSTx86
"{B2692812-A0D0-E08E-43FF-85199964A9CD}" = CCC Help Polish
"{B306F739-A414-4698-BFAD-0AB23F73D14F}" = Windows Live Messenger
"{B625668D-34AA-462D-AA32-44BFA70F08E7}" = Windows Live Messenger
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B67B2671-2981-466B-BA14-25538AA871DC}" = Windows Live Messenger
"{B693A4C3-B708-4F25-978E-56CA2517914C}" = Windows Live UX Platform Language Pack
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B77D2795-23C0-4DBD-B7B5-CFB542D1FA3F}" = Windows Live Writer Resources
"{B7F31B9C-8775-4500-8E9D-6ABE9AE17CF4}" = Windows Live Essentials
"{B80D3EA9-A252-4AE5-AC51-81729F5C586F}" = Windows Live Mail
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BA068968-594F-40BE-8EE8-99119123C991}" = Windows Live UX Platform Language Pack
"{BAD4B8FA-4BDA-4A59-BE64-9741031680C7}" = Movie Maker
"{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}" = VAIO*CPU-Lüfterdiagnose
"{BFA6D5AD-25EA-475F-AD80-ECD408C674AB}" = Movie Maker
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C29DB401-182D-2F6F-DF7C-322D7DAC0E3A}" = Catalyst Control Center InstallProxy
"{C2F1EBBF-9AC4-4E0B-A7F4-74C9C7AD4813}" = Galerie foto
"{C32F4F5A-C9FB-427C-9F6F-9DB157611FFF}" = Valokuvavalikoima
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C4D82144-B2D5-4A0E-A470-16F13EBC5BCB}" = Windows Live Essentials
"{C529D3F4-A492-DA2B-831F-7002E0FDE232}" = CCC Help Greek
"{C595F480-788A-4F8F-8277-1A91F32CA879}" = Windows Live Writer
"{C67BC332-A59A-4D40-977F-664F60AB21D8}" = Photo Common
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO-Handbuch
"{C7929038-EDFB-416D-A2C9-CC65416DA0DF}" = Photo Common
"{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}" = ArcSoft WebCam Companion 4
"{C849BEF2-0216-45E5-841B-F0F2F4FDE319}" = MatchWare MindView 5.0
"{C8544A9A-76BE-4F82-811E-979799AE493B}" = VAIO Gesture Control
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{C9D08433-5FDD-43C6-8482-7AFA7D891D98}" = Windows Live UX Platform Language Pack
"{CA5C4498-C7E7-4808-AB41-A2B534A476AF}" = Windows Live Messenger
"{CAEDA0C9-8B41-4D69-B4D6-5AC66AAF44FB}" = Photo Common
"{CD239A50-AD95-4A72-9D5F-D4FBD4B89417}" = Movie Maker
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CE44687E-BC21-4B69-B0AE-6BDFD6B5C327}" = Windows Live Messenger
"{CE542E0D-E056-4426-9F98-084C13E18641}" = Windows Live UX Platform Language Pack
"{CEC7CAE9-3C4B-D87D-4C38-513942FB6FBB}" = CCC Help French
"{D04EBB49-C985-4A38-8695-62000861293A}" = Raccolta foto
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D16E0F0C-5D10-45CF-A585-CE3689B5A913}" = Windows Live Writer
"{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}" = VIx86
"{D1952E4A-9F67-4693-A06D-DA8E0FB2B00D}" = Windows Live Essentials
"{D1F5A388-09C9-4998-A793-B15DCDEB3B42}" = Photo Common
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D4EA8070-20E0-4BAF-BC44-D166C292FEBE}" = Windows Live Writer Resources
"{D56DA747-5FDB-4AD5-9A6A-3481C0ED44BD}" = Remote Play with PlayStation(R)3
"{D824AFCC-3408-4FB2-A6C9-28C660700DD4}" = Photo Common
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{DAD85607-2C8E-43D5-B068-4B218F1A7DB8}" = Windows Live Mail
"{DB1A3EA7-0C25-4BEC-A108-176195190369}" = VHD
"{DB7B6508-2AAB-4F26-99D4-74559A2F5E42}" = Fotoğraf Galerisi
"{DDD089CF-A19F-A089-974F-2B98B31D3177}" = CCC Help Dutch
"{DF184496-1CA2-4D07-92E7-0BD251D7DEF0}" = VCCx86
"{DFB0E1FE-B5DE-42D7-97A9-2A69FB530A73}" = Windows Live Messenger
"{E03CD71A-F595-49DF-9ADC-0CFC93B1B211}" = PlayMemories Home
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0E0FB88-D570-463E-A98E-733B7B656867}" = Photo Gallery
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E18F981B-401C-4D90-BC57-D8903564D558}" = Windows Live UX Platform Language Pack
"{E2087952-5015-4B4C-3C8C-BD68B12BDD45}" = CCC Help Finnish
"{E22E95E7-0A26-4AEC-A907-390C568C5BC1}" = Windows Live Messenger
"{E354D495-5DA4-4CCF-AB39-080F6A4141BE}" = Fotogalleri
"{E50E3DBC-46AA-4827-B2A6-F995D81DF526}" = Fotótár
"{E570053D-8ABC-4938-9E23-C634E08E7490}" = Windows Live Mail
"{E6757A5B-EE7E-4D72-82B7-D1B2991DF55E}" = PYV_x86
"{E682702C-609C-4017-99E7-3129C163955F}" = VAIO - Remote-Tastatur mit PlayStation®3
"{E6A3F960-E593-4DDE-B9F2-66885D973A26}" = Pošta Windows Live
"{E727B31A-8B24-4C1C-934A-69634E0D2C0B}" = Qualcomm Atheros WiFi Driver Installation
"{E800ADC4-F459-42F5-89A2-E754634B010A}" = Windows Live Writer Resources
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{EB91007A-0110-42A6-B869-2709955A9B2A}" = Photo Common
"{EC33D375-5164-4374-9061-43F5C6073219}" = Photo Common
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F09DD76B-D3D3-4558-B5BC-F1EEA6E00162}" = Windows Live UX Platform Language Pack
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1B91012-E6BC-A6A4-A258-103E33371CFC}" = CCC Help Czech
"{F1CA7DAE-F998-499C-8CA5-FC58CA2416EC}" = Windows Live Essentials
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F29C9CFE-350A-42AC-A7C8-04154D5FE8A9}" = Windows Live Writer
"{F54030F3-14B6-432D-9361-78DCB1473920}" = Photo Common
"{F54A07A9-9716-4094-9E79-F5E929679FFF}" = Windows Live Writer Resources
"{F5E338CE-E1C6-4F7D-8300-44DBD05B9F14}" = Galeria de Fotografias
"{F67CA22C-C11F-4573-8406-57F75BA06B51}" = Photo Gallery
"{F7304CCF-B4A0-49C7-88A8-CD3F28FFBF9A}" = Основные компоненты Windows Live
"{FA75723A-BF4A-40A2-BFCB-BBC320C27DC9}" = Windows Live Mail
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FC934905-F82C-EB6B-5940-709482D4910F}" = CCC Help Norwegian
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FEFD91C5-A25D-48D9-89DA-0FB7BB8B3EF7}" = Windows Live Writer Resources
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFFA0584-8E3D-4195-8283-CCA3AD73C746}" = Windows Live Messenger
"1ClickDownload" = HDVidCodec
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.37.1212
"funmoods" = Funmoods
"Google Chrome" = Google Chrome
"IMBoosterARP" = Iminent
"InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee Internet Security
"PhotoScape" = PhotoScape
"VAIO Help and Support" =
"WildTangent sony Master Uninstall" = WildTangent-Spiele
"WinLiveSuite" = Windows Live Essentials
"WNLT" = IB Updater Service
"WTA-00887a70-8a02-4e1e-b1f6-fd9c96a7446e" = Polar Bowler
"WTA-2a08eb6e-0c43-48f0-b93c-e1ef9fdc9153" = Virtual Villagers 4 - The Tree of Life
"WTA-33fec805-acff-402d-8917-df4e24c503ea" = Jewel Quest Solitaire 2
"WTA-3f1eac48-c555-4cda-bbed-cd43b3ad01e3" = Plants vs. Zombies - Game of the Year
"WTA-4fb5ce8c-1935-4e74-a7e5-de04764be720" = Mahjongg Artifacts
"WTA-58c4f38c-90e2-47f2-b5e6-4a0a657eb29b" = Mystery P.I. - The London Caper
"WTA-bbe53324-52be-47b9-9baa-037e23a988d6" = Mystery of Mortlake Mansion
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3754061674-2540918322-2663123439-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BB108A893815B64BF41C4574C3324FB7371AA244" = Atheros Outlook Addin 2010
"SkyDriveSetup.exe" = Microsoft SkyDrive
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 26.05.2013 15:27:31 | Computer Name = ***** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567,
Zeitstempel: 0x4d6727a7 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec49b8f Ausnahmecode: 0xc0000008 Fehleroffset: 0x000828c5 ID des fehlerhaften
Prozesses: 0x15f8 Startzeit der fehlerhaften Anwendung: 0x01ce5a3733dc5a8f Pfad der
fehlerhaften Anwendung: C:\Windows\SysWOW64\explorer.exe Pfad des fehlerhaften Moduls:
C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 4ea4f658-c63a-11e2-ae6a-844bf5cf2c00
Error - 27.05.2013 08:27:39 | Computer Name = ***** | Source = WinMgmt | ID = 10
Description =
Error - 27.05.2013 08:28:57 | Computer Name = ***** | Source = VSS | ID = 8194
Description =
Error - 27.05.2013 13:31:17 | Computer Name = ***** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bc100 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec49b8f Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce6c3 ID des fehlerhaften
Prozesses: 0x4c8 Startzeit der fehlerhaften Anwendung: 0x01ce5ad57cb07006 Pfad der
fehlerhaften Anwendung: C:\Windows\SysWOW64\svchost.exe Pfad des fehlerhaften Moduls:
C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 3c2b72ae-c6f3-11e2-ad35-844bf5cf2c00
Error - 28.05.2013 04:49:36 | Computer Name = ***** | Source = WinMgmt | ID = 10
Description =
Error - 28.05.2013 04:50:16 | Computer Name = ***** | Source = VSS | ID = 8194
Description =
Error - 28.05.2013 06:19:33 | Computer Name = ***** | Source = WinMgmt | ID = 10
Description =
Error - 28.05.2013 06:20:16 | Computer Name = ***** | Source = VSS | ID = 8194
Description =
Error - 28.05.2013 06:28:36 | Computer Name = ***** | Source = .NET Runtime | ID = 1026
Description =
Error - 28.05.2013 06:28:38 | Computer Name = ***** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Iminent.exe, Version: 5.52.31.0,
Zeitstempel: 0x50d190c1 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015,
Zeitstempel: 0x50b83c8a Ausnahmecode: 0xe0434352 Fehleroffset: 0x0000c41f ID des fehlerhaften
Prozesses: 0x1268 Startzeit der fehlerhaften Anwendung: 0x01ce5b8cab06c42a Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Iminent\Iminent.exe Pfad des fehlerhaften
Moduls: C:\Windows\syswow64\KERNELBASE.dll Berichtskennung: 5b4836c8-c781-11e2-ac60-844bf5cf2c00
[ System Events ]
Error - 23.03.2013 05:49:31 | Computer Name = ***** | Source = bowser | ID = 8003
Description =
Error - 23.03.2013 05:52:31 | Computer Name = ***** | Source = bowser | ID = 8003
Description =
Error - 23.03.2013 05:55:32 | Computer Name = ***** | Source = bowser | ID = 8003
Description =
Error - 23.03.2013 05:58:32 | Computer Name = ***** | Source = bowser | ID = 8003
Description =
Error - 23.03.2013 06:01:32 | Computer Name = ***** | Source = bowser | ID = 8003
Description =
Error - 23.03.2013 06:04:33 | Computer Name = ***** | Source = bowser | ID = 8003
Description =
Error - 23.03.2013 06:07:33 | Computer Name = ***** | Source = bowser | ID = 8003
Description =
Error - 23.03.2013 06:10:33 | Computer Name = ***** | Source = bowser | ID = 8003
Description =
Error - 23.03.2013 06:40:26 | Computer Name = ***** | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error - 23.03.2013 06:43:36 | Computer Name = ***** | Source = bowser | ID = 8003
Description =
< End of report >
gmer kann ich irgendwie nicht hochladen, da es zuviele Zeichen enthält:/ Was könnte ich denn da machen? Geändert von aharonov (19.06.2013 um 12:41 Uhr) |
|
19.06.2013, 01:19
| #4 | |
| /// TB-Ausbilder | Internet ist seit Wochen sehr langsam - Mcafee Virenscanner Abo wurde nicht verlängertZitat:
__________________ cheers, Leo |
|
19.06.2013, 08:27
| #5 |
| | Internet ist seit Wochen sehr langsam - Mcafee Virenscanner Abo wurde nicht verlängert Ok, ich glaube jetzt hat es funktioniert. |
|
19.06.2013, 12:42
| #6 |
| /// TB-Ausbilder | Internet ist seit Wochen sehr langsam - Mcafee Virenscanner Abo wurde nicht verlängert Hallo rambo123 und  Mein Name ist Leo und ich werde dich durch die Bereinigung deines Rechners begleiten. Eins vorneweg: Ich kann dir keine Garantien geben, dass ich alles finden werde. Bei schwerwiegenden Infektionen ist ein Formatieren und Neuinstallieren meist der schnellere und immer der sicherere Weg. Wenn du dich für eine Bereinigung entscheidest, dann sollten wir gründlich vorgehen. Bleib also dran, bis ich dir eindeutig mitteile, dass wir fertig sind. Auch wenn die auffälligen Symptome schon früh verschwinden, bedeutet das nicht, dass dein Rechner dann schon sauber und sicher ist.  Hinweise zum Ablauf
Los geht's: Dieser Rechner ist in der Tat infiziert... Schritt 1 Scan mit Combofix
Bitte poste in deiner nächsten Antwort:
__________________ --> Internet ist seit Wochen sehr langsam - Mcafee Virenscanner Abo wurde nicht verlängert |
|
19.06.2013, 21:25
| #7 |
| | Internet ist seit Wochen sehr langsam - Mcafee Virenscanner Abo wurde nicht verlängert Da steht : Versuche, einen neuen Systemwiederherstellungspunkt zu erstellen. |
|
19.06.2013, 22:14
| #8 |
| | Internet ist seit Wochen sehr langsam - Mcafee Virenscanner Abo wurde nicht verlängert Es hat doch geklappt  Ich habe es irgendwie nicht geschafft meinen Namen wegzubekommen, aber dafür habe ich es als Zip Datei hochgeladen. |
|
19.06.2013, 22:38
| #9 |
| /// TB-Ausbilder | Internet ist seit Wochen sehr langsam - Mcafee Virenscanner Abo wurde nicht verlängert Jede Menge Schrott ist da drauf..  Poste mir bitte auch noch das Logfile, welches du unter C:\QooBox\Add-Remove Programs.txt findest. Zusätzlich: Combofix-Skript
Bitte poste in deiner nächsten Antwort:
__________________ cheers, Leo |
|
20.06.2013, 10:38
| #10 |
| | Internet ist seit Wochen sehr langsam - Mcafee Virenscanner Abo wurde nicht verlängert So bitte |
|
20.06.2013, 12:45
| #11 |
| /// TB-Ausbilder | Internet ist seit Wochen sehr langsam - Mcafee Virenscanner Abo wurde nicht verlängert Hallo, jetzt muss mal all dieser Adware-Mist runter. Kein Wunder läuft das Ding so langsam... Schritt 1
Schritt 2 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 3 Starte bitte die OTL.exe.
Bitte poste in deiner nächsten Antwort:
__________________ cheers, Leo |
|
20.06.2013, 23:16
| #12 |
| | Internet ist seit Wochen sehr langsam - Mcafee Virenscanner Abo wurde nicht verlängert Danke für deine Mühe So hier ist das nächste Log. |
|
20.06.2013, 23:50
| #13 |
| | Internet ist seit Wochen sehr langsam - Mcafee Virenscanner Abo wurde nicht verlängert und hier das nächste |
|
21.06.2013, 00:39
| #14 |
| /// TB-Ausbilder | Internet ist seit Wochen sehr langsam - Mcafee Virenscanner Abo wurde nicht verlängert Still a long way to go... Ich hab für das Fixskript in Schritt 1 wieder deinen Namen durch ***** ersetzt. Bitte vor Ausführung des Fixes an diesen Stellen wieder den Namen einsetzen. Schritt 1 Fixen mit OTL
Code:
ATTFilter :OTL
[2013.06.19 21:34:21 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\8B515B03
[1601.01.01 02:00:00 | 000,244,224 | ---- | C] () -- C:\Users\*****\AppData\Roaming\monat.exe
[2013.06.13 09:48:24 | 000,000,322 | ---- | M] () -- C:\Users\*****\AppData\Roaming\KB00262145.exe.BAT
[2013.06.19 21:54:20 | 000,006,505 | ---- | M] () -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\zzchadsu.default\searchplugins\BrowserDefender.xml
[2013.06.19 21:54:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Speed Maximizer
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261339~1.144\{c16c1~1\browserdefender.dll) - File not found
O4 - HKU\S-1-5-21-3754061674-2540918322-2663123439-1002..\Run: [xybxmkjk] C:\Users\*****\Lhnhnhnhnh\idppbmkjk.exe (Jetico, Inc.)
O4 - HKU\S-1-5-21-3754061674-2540918322-2663123439-1002..\Run: [monat] C:\Users\*****\AppData\Roaming\monat.exe ()
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\PROGRAM FILES\IB UPDATER\FIREFOX
:files
C:\PROGRAM FILES\IB UPDATER
C:\Users\*****\Lhnhnhnhnh
:commands
[emptytemp]
Schritt 2
Schritt 3 Lade SystemLook (von jpshortstuff) herunter und speichere das Tool auf dem Desktop.
Schritt 4 Starte bitte die OTL.exe.
Bitte poste in deiner nächsten Antwort:
__________________ cheers, Leo |
|
22.06.2013, 01:03
| #15 |
| | Internet ist seit Wochen sehr langsam - Mcafee Virenscanner Abo wurde nicht verlängert so bitte: |
|
| Themen zu Internet ist seit Wochen sehr langsam - Mcafee Virenscanner Abo wurde nicht verlängert |
| eingefangen, funktionier, funktioniert, gefangen, gen, hoffe, inter, interne, internet, langsam, laptop, mcafee, sache, sachen, scan, scanner, sehr langsam, troja, trojaner, virenscan, virenscanner, virus, virus trojaner internet langsam, weiterhelfen, woche, wochen, ziemlich |
Textbox. 
Linear-Darstellung
