Trojaner in System32

Laufzeit: 2 Stunde(n), 4 Minute(n), 34 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 2
Infizierte Dateien: 213

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1962c5bc-e475-465b-823b-133e711bceb9} (Adware.Starware) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
C:\Program Files\System32 (Backdoor.Bifrose) -> Quarantined and deleted successfully.
C:\Program Files\System32\PDFProfessional (Backdoor.Bifrose) -> Quarantined and deleted successfully.

Infizierte Dateien:
C:\Windows\System32\01840.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\01988.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\01A91.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0203C.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\02589.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\02E40.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\042F8.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\04633.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\06566.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\066AE.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\067F5.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\06862.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\06882.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\068B0.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0699A.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\06A36.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\06AB3.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\06B30.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\06B4F.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\06C58.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\06CA6.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\06CB6.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\06D14.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\06D90.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\06E1D.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\06E1E.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\06EA9.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\06EF7.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\06F26.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08046.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0895A.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08DDD.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\09710.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\09F4B.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0AA54.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0A053.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0A10F.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0A12E.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0A17C.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0A247.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0A248.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0A266.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0A267.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0A2D3.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0A3EC.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0A449.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0A469.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0A46A.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0A4C6.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0A4D6.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0A562.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0A591.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0A65C.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0A6C9.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0A8CC.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0AA33.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0AA52.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0AA53.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08E1B.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08E4A.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08EB7.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08ED6.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08F43.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08F63.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08F91.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08FA1.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08FA2.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08FA3.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08FA4.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08FEF.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0900E.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0904D.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0907B.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\090F8.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\09156.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\09157.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\091A4.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0924F.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\092EB.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\092FB.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\09359.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\09368.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\09397.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\093D5.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0950D.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0956B.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\095B9.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\096B3.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0AA90.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0AC16.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0AC74.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0AE57.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0AED4.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0AF8.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0AFCE.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0B0A8.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0B1E0.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0B412.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0B53A.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0B588.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0B653.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0B875.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0B9FB.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0BB62.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0C4C4.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0C6A8.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0D883.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0DF27.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0E35B.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0FB8D.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08047.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08111.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0816E.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0819D.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\081BC.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\081CC.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0821A.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\082C5.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\082F4.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08352.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\083BF.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0840D.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0848A.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\084C8.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08535.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08593.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0862F.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\086DB.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\087D4.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08832.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\088AF.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\09720.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0976E.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\097AC.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\097DB.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\097FA.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\09877.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\098C5.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\098D5.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\098E4.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\09A2C.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\09A4B.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\09B06.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\09BD1.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\09BE1.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\09BF4.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\09C1F.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\09C9C.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\09DE3.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\09E22.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\09E31.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\09E70.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\09F0C.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\09F4A.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\06F45.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\06F46.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\06FC2.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\07196.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\07197.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0729F.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\074D1.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0755D.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\07628.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\07686.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\07695.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\076E3.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0782B.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\07963.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\07A3D.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\07A4D.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\07A7C.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\07B18.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\07B95.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\07BA4.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\07BF2.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\07C50.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\07CDC.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\07DD6.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\07E05.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\07EFE.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\07FC9.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\0895B.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08979.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\089B8.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\089F6.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\089F7.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08A83.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08AA2.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08AF0.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08B2E.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08B7C.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08BCA.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08BDA.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08C28.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08CA5.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08D02.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08D12.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08D21.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08D41.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Windows\System32\08DCD.tmp (Worm.Conficker) -> Quarantined and deleted successfully.
C:\Programme 1\3GP_Converter034\Setup.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\System32\PDFProfessional\0x0407.ini (Backdoor.Bifrose) -> Quarantined and deleted successfully.
C:\Program Files\System32\PDFProfessional\0x0409.ini (Backdoor.Bifrose) -> Quarantined and deleted successfully.
C:\Program Files\System32\PDFProfessional\0x040c.ini (Backdoor.Bifrose) -> Quarantined and deleted successfully.
C:\Program Files\System32\PDFProfessional\1031.mst (Backdoor.Bifrose) -> Quarantined and deleted successfully.
C:\Program Files\System32\PDFProfessional\1033.mst (Backdoor.Bifrose) -> Quarantined and deleted successfully.
C:\Program Files\System32\PDFProfessional\1036.mst (Backdoor.Bifrose) -> Quarantined and deleted successfully.
C:\Program Files\System32\PDFProfessional\build.id (Backdoor.Bifrose) -> Quarantined and deleted successfully.
C:\Program Files\System32\PDFProfessional\Data132.CAB (Backdoor.Bifrose) -> Quarantined and deleted successfully.
C:\Program Files\System32\PDFProfessional\Nuance PDF Professional 6.msi (Backdoor.Bifrose) -> Quarantined and deleted successfully.
C:\Program Files\System32\PDFProfessional\setup.exe (Backdoor.Bifrose) -> Quarantined and deleted successfully.
C:\Program Files\System32\PDFProfessional\Setup.ini (Backdoor.Bifrose) -> Quarantined and deleted successfully.
C:\Program Files\System32\PDFProfessional\WindowsInstaller-KB893803-x86.exe (Backdoor.Bifrose) -> Quarantined and deleted successfully.
         

Logfile of random's system information tool 1.06 (written by random/random)
Run by *** at 2010-04-23 14:25:56
Microsoft® Windows Vista™ Home Premium  Service Pack 1
System drive C: has 21 GB (27%) free of 79 GB
Total RAM: 2046 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:26:30, on 23.04.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18294)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\mobsync.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\sony\VAIO Camera Utility\VCUServe.exe
C:\Program Files\sony\ISB Utility\ISBMgr.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Brownie\BrStsWnd.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Mindjet\MindManager 8\MmReminderService.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Apoint\Apvfb.exe
C:\Program Files\Brownie\brpjp04a.exe
C:\Program Files\Nuance\PDF Professional 6\PdfPro6Hook.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\humyo.de SmartDrive\HrfsClient.exe
C:\Windows\system\w98eject.exe
C:\VistaOSX09\RKLauncher.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\***\Desktop\HijackThis.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QPT0UFZK\RSIT[1].exe
C:\Users\***\Desktop\***.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: IEHelperObject - {4DC16316-5372-4476-9CA5-88B2786B838F} - C:\Program Files\humyo.de SmartDrive\HrfsDownloader.dll
O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll
O2 - BHO: CmjBrowserHelperObject Object - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files\Mindjet\MindManager 8\Mm8InternetExplorer.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file)
O2 - BHO: ZeonIEEventHelper Class - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: kikin Plugin - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files\kikin\ie_kikin.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Nuance PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IS CfgWiz] "C:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" /MODULE CfgWiz /GUID {BC8D3EAF-F864-4d4b-AB4D-B3D0C32E2840} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BrStsWnd] C:\Program Files\Brownie\BrstsWnd.exe Autorun
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [MMReminderService] C:\Program Files\Mindjet\MindManager 8\MMReminderService.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [PDFHook] C:\Program Files\Nuance\PDF Professional 6\pdfpro6hook.exe
O4 - HKLM\..\Run: [PDF6 Registry Controller] C:\Program Files\Nuance\PDF Professional 6\RegistryController.exe
O4 - HKLM\..\Run: [Nuance PDF Professional 6-reminder] "C:\Program Files\Nuance\PDF Professional 6\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Professional 6\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - Startup: Dock.lnk = C:\VistaOSX09\RKLauncher.exe
O4 - Startup: Dropbox.lnk = ***\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: humyo SmartDrive.lnk = C:\Program Files\humyo.de SmartDrive\HrfsClient.exe
O4 - Global Startup: w98Eject.lnk = C:\Windows\system\w98eject.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Append the content of the link to existing PDF file - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Append the content of the selected links to existing PDF file - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
O8 - Extra context menu item: Append to existing PDF file - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Create PDF file - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Create PDF file from the content of the link - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Create PDF files from the selected links - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open with Nuance PDF Converter 6.0 - res://C:\Program Files\Nuance\PDF Professional 6\cnvres_eng.dll /100
O8 - Extra context menu item: Open with PDF Professional 6 - res://C:\Program Files\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
O8 - Extra context menu item: Save Image To humyo.de - C:\Program Files\humyo.de SmartDrive\download.html
O8 - Extra context menu item: Save Target To humyo.de - C:\Program Files\humyo.de SmartDrive\download.html
O9 - Extra button: (no name) - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files\kikin\ie_kikin.dll
O9 - Extra 'Tools' menuitem: My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files\kikin\ie_kikin.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: An Mindjet MindManager senden - {2F72393D-2472-4F82-B600-ED77F354B7FF} - C:\Program Files\Mindjet\MindManager 8\Mm8InternetExplorer.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix: 
O17 - HKLM\System\CCS\Services\Tcpip\..\{2EFE0A4B-A6D7-4F13-8331-3D69AC430BF1}: NameServer = 192.168.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: humyo.com - humyo.com Ltd. - C:\Program Files\humyo.de SmartDrive\hrfscore.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: AVM IGD CTRL Service (IGDCTRL) - AVM Berlin - C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
O23 - Service: Symantec IS Kennwortprüfung (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe
O23 - Service: PDFProFiltSrv - Nuance Communications, Inc. - C:\Program Files\Nuance\PDF Professional 6\PDFProFiltSrv.exe
O23 - Service: SCM_Service - Unknown owner - C:\Windows\System32\WinService.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 17035 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{18908008-8A08-4050-9C1B-B271C41F12BB}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll [2006-11-17 96984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - c:\program files\real\realplayer\rpbrowserrecordplugin.dll [2010-01-07 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4DC16316-5372-4476-9CA5-88B2786B838F}]
IEHelperObject Class - C:\Program Files\humyo.de SmartDrive\HrfsDownloader.dll [2009-11-02 499608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}]
PlusIEEventHelper Class - C:\Program Files\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll [2009-02-06 249856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6FE6A929-59D1-4763-91AD-29B61CFFB35B}]
CmjBrowserHelperObject Object - C:\Program Files\Mindjet\MindManager 8\Mm8InternetExplorer.dll [2008-12-08 70944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Anmelde-Hilfsprogramm - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9}]
ZeonIEEventHelper Class - C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll [2009-03-26 475136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-18 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}]
kikin Plugin - C:\Program Files\kikin\ie_kikin.dll [2010-02-10 750256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{90222687-F593-4738-B738-FBEE9C7B26DF} - Show Norton Toolbar - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll [2006-11-17 565960]
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
{E3286BF1-E654-42FF-B4A6-5E111731DF6B} - Nuance PDF - C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll [2009-03-26 475136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2007-01-12 118784]
"VAIOCameraUtility"=C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe [2007-05-16 411768]
"ISBMgr.exe"=C:\Program Files\Sony\ISB Utility\ISBMgr.exe [2007-01-22 321656]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2006-11-17 107112]
"IS CfgWiz"=C:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe [2006-11-17 46728]
"osCheck"=C:\Program Files\Norton Internet Security\osCheck.exe [2006-11-17 22696]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-05-11 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-05-11 8429568]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-05-11 81920]
"BrStsWnd"=C:\Program Files\Brownie\BrstsWnd.exe [2007-07-31 815104]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2008-08-04 36352]
"MMReminderService"=C:\Program Files\Mindjet\MindManager 8\MMReminderService.exe [2008-12-08 37656]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-01-07 198160]
"NBKeyScan"=C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe [2008-02-21 1647912]
"PDFHook"=C:\Program Files\Nuance\PDF Professional 6\pdfpro6hook.exe [2009-08-06 1368064]
"PDF6 Registry Controller"=C:\Program Files\Nuance\PDF Professional 6\RegistryController.exe [2009-07-27 110880]
"Nuance PDF Professional 6-reminder"=C:\Program Files\Nuance\PDF Professional 6\Ereg\Ereg.exe [2008-11-03 54560]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-04-14 2790472]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
humyo SmartDrive.lnk - C:\Program Files\humyo.de SmartDrive\HrfsClient.exe
w98Eject.lnk - C:\Windows\system\w98eject.exe

C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dock.lnk - C:\VistaOSX09\RKLauncher.exe
Dropbox.lnk - C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon]
C:\Windows\system32\VESWinlogon.dll [2007-02-13 98304]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{000567f1-0144-11dd-9db0-0013a9c0d80e}]
shell\AutoRun\command - H:\Autorun.exe /run
shell\Shell00\command - H:\Autorun.exe /run
shell\Shell01\command - H:\Autorun.exe /action
shell\Shell02\command - H:\Autorun.exe /uninstall

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0e3d688a-65d6-11dc-b688-0013a9c0d80e}]
shell\AutoRun\command - H:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{358bfab3-b648-11de-8950-9ee0322b6db0}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE  .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5702cc1e-3e9e-11df-903e-c627131a4392}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE      .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{61c80495-9560-11dd-9417-000000000000}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE      .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{789c571a-7a0e-11de-b4e8-000000000000}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE  .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{97833ff4-3c82-11dc-b540-0013a9c0d80e}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE      .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{af20932f-3f6e-11df-bb61-8c44a89c7a92}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE      .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c9c6699f-d8f5-11de-a56f-cf33e1c98270}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE      .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ccc7acf7-f6b8-11dd-8f59-ce9a449fd699}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE      .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fa54e3ad-747d-11dd-aa8c-000000000000}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE  .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn


======File associations======

.scr - open - "%1" /S %*

======List of files/folders created in the last 3 months======

2010-04-23 14:25:56 ----D---- C:\rsit
2010-04-22 19:59:00 ----D---- C:\Users\***\AppData\Roaming\Malwarebytes
2010-04-22 19:58:49 ----D---- C:\ProgramData\Malwarebytes
2010-04-22 19:58:49 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-04-22 19:32:25 ----D---- C:\Program Files\CCleaner
2010-04-22 15:04:47 ----D---- C:\Program Files\Alwil Software
2010-04-22 15:04:07 ----D---- C:\ProgramData\Alwil Software
2010-04-18 19:26:21 ----D---- C:\ProgramData\Sun
2010-04-18 19:25:22 ----A---- C:\Windows\system32\javaws.exe
2010-04-18 19:25:22 ----A---- C:\Windows\system32\deployJava1.dll
2010-04-18 19:25:21 ----A---- C:\Windows\system32\javaw.exe
2010-04-18 19:25:21 ----A---- C:\Windows\system32\java.exe
2010-04-18 18:59:15 ----D---- C:\ProgramData\boost_interprocess
2010-04-14 21:21:19 ----D---- C:\Program Files\FRITZ!DSL
2010-04-14 21:21:19 ----D---- C:\Program Files\Common Files\AVM
2010-04-12 19:09:12 ----D---- C:\Users\***\AppData\Roaming\Nuance
2010-04-12 19:09:10 ----D---- C:\Users\***\AppData\Roaming\FLEXnet
2010-04-12 19:07:50 ----D---- C:\ProgramData\ScanSoft
2010-04-12 19:07:14 ----D---- C:\Users\***\AppData\Roaming\Zeon
2010-04-12 19:06:28 ----D---- C:\ProgramData\Nuance
2010-04-12 19:04:45 ----D---- C:\ProgramData\zeon
2010-04-12 19:04:37 ----D---- C:\Program Files\Common Files\ScanSoft Shared
2010-04-12 19:04:34 ----D---- C:\ProgramData\FLEXnet
2010-04-12 19:04:34 ----D---- C:\Program Files\Nuance
2010-04-12 19:00:34 ----D---- C:\Program Files\Tools
2010-04-12 19:00:01 ----D---- C:\Program Files\ReadMe
2010-04-12 19:00:01 ----D---- C:\Program Files\Prerequisite
2010-04-12 19:00:01 ----D---- C:\Program Files\Docs
2010-04-12 18:29:04 ----A---- C:\Windows\cadkasdeinst01.exe
2010-03-21 23:49:29 ----D---- C:\Users\***\AppData\Roaming\DivX
2010-03-17 12:23:42 ----D---- C:\Users\***\AppData\Roaming\Dropbox
2010-03-10 15:16:45 ----D---- C:\Users\***\AppData\Roaming\EndNote
2010-03-10 15:14:25 ----D---- C:\Program Files\Common Files\Risxtd
2010-03-10 15:14:13 ----D---- C:\Program Files\Common Files\ResearchSoft
2010-03-10 15:13:12 ----D---- C:\Program Files\EndNote X3
2010-03-10 15:12:32 ----D---- C:\ProgramData\Thomson.ResearchSoft.Installers
2010-03-10 15:11:27 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-03-10 15:11:03 ----D---- C:\Program Files\Endnote
2010-03-02 22:18:59 ----D---- C:\Program Files\Common Files\PX Storage Engine
2010-03-02 22:18:33 ----D---- C:\Program Files\DivX
2010-03-02 22:18:33 ----D---- C:\Program Files\Common Files\DivX Shared
2010-02-26 17:54:33 ----D---- C:\Windows\{665DADBF-390D-4C50-98A6-88C7B2690B3E}
2010-02-18 17:54:36 ----D---- C:\Users\***\AppData\Roaming\T-Online

======List of files/folders modified in the last 3 months======

2010-04-23 14:26:20 ----AD---- C:\ProgramData\TEMP
2010-04-23 14:22:22 ----D---- C:\Windows\Temp
2010-04-23 14:08:00 ----A---- C:\Windows\Brownie.ini
2010-04-23 14:06:54 ----D---- C:\Windows\system32\drivers
2010-04-23 14:05:00 ----D---- C:\Windows\Resources
2010-04-23 14:00:54 ----RD---- C:\Program Files
2010-04-23 14:00:53 ----D---- C:\Windows\System32
2010-04-23 10:40:30 ----D---- C:\Windows\inf
2010-04-23 10:40:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-04-23 09:45:51 ----D---- C:\Windows
2010-04-22 19:59:09 ----D---- C:\Windows\Prefetch
2010-04-22 19:58:49 ----HD---- C:\ProgramData
2010-04-22 19:51:45 ----D---- C:\Windows\Minidump
2010-04-22 19:51:45 ----D---- C:\Windows\Debug
2010-04-22 15:51:58 ----D---- C:\Program Files\Avast
2010-04-22 15:06:01 ----SHD---- C:\Windows\Installer
2010-04-22 15:05:59 ----D---- C:\Windows\winsxs
2010-04-22 15:04:42 ----SHD---- C:\System Volume Information
2010-04-22 14:41:25 ----D---- C:\Windows\system32\Tasks
2010-04-20 22:32:24 ----D---- C:\Users\***\AppData\Roaming\Canon
2010-04-19 18:30:50 ----A---- C:\Windows\BRWMARK.INI
2010-04-18 19:26:19 ----D---- C:\Program Files\Common Files\Java
2010-04-18 19:24:42 ----D---- C:\Program Files\Java
2010-04-18 18:58:31 ----D---- C:\Program Files\humyo.de SmartDrive
2010-04-18 18:51:10 ----A---- C:\Windows\ricdb.ini
2010-04-14 21:21:19 ----D---- C:\Program Files\Common Files
2010-04-14 21:21:13 ----D---- C:\Windows\system32\catroot2
2010-04-14 18:47:03 ----A---- C:\Windows\system32\aswBoot.exe
2010-04-12 18:51:25 ----D---- C:\Users\***\AppData\Roaming\kikin
2010-04-09 07:36:27 ----D---- C:\Program Files\Mozilla Firefox
2010-04-08 07:02:57 ----D---- C:\Windows\system32\Samsung_USB_Drivers
2010-04-07 08:21:20 ----D---- C:\Users\***\AppData\Roaming\Skype
2010-04-07 08:00:04 ----D---- C:\Users\***\AppData\Roaming\skypePM
2010-04-07 06:52:07 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-07 06:51:24 ----D---- C:\Windows\system32\catroot
2010-04-01 04:42:58 ----D---- C:\Windows\system32\LogFiles
2010-03-31 14:18:56 ----A---- C:\Windows\system32\hrfsnp.dll
2010-03-23 00:01:42 ----D---- C:\Program Files\kikin
2010-03-12 01:09:24 ----SD---- C:\Users\***\AppData\Roaming\Microsoft
2010-03-09 14:37:25 ----D---- C:\ProgramData\maxdome
2010-02-23 01:36:04 ----D---- C:\Program Files\ICQ6.5
2010-02-21 18:05:21 ----A---- C:\Windows\PHLASH.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-04-14 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-04-14 162768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-04-14 46672]
R1 DMICall;Sony DMI Call service; C:\Windows\system32\DRIVERS\DMICall.sys [2006-10-18 10216]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2006-11-17 387432]
R1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20070809.002\IDSvix86.sys [2007-06-07 212280]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2007-02-01 25400]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-04-14 19024]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-04-14 51792]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2007-01-10 12672]
R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-17 11032]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-01-10 8192]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-01-12 140800]
R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 hrfsmrx;hrfsmrx; C:\Windows\System32\Drivers\hrfsmrx.sys [2010-03-31 144368]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-01-10 986624]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-01-10 206848]
R3 NETw4v32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-06-21 2222080]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-05-11 7115072]
R3 R5U870FLx86;R5U870 UVC Lower Filter  ; C:\Windows\System32\Drivers\R5U870FLx86.sys [2007-03-15 74240]
R3 R5U870FUx86;R5U870 UVC Upper Filter  ; C:\Windows\System32\Drivers\R5U870FUx86.sys [2007-03-15 43904]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-19 8192]
R3 SNC;Sony Firmware Extension Parser Device; C:\Windows\System32\Drivers\SonyNC.sys [2007-02-06 27520]
R3 SonyImgF;Sony Image Conversion Filter Driver; C:\Windows\system32\DRIVERS\SonyImgF.sys [2007-04-05 31104]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-09-13 330240]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2007-05-14 109744]
R3 ti21sony;ti21sony; C:\Windows\system32\drivers\ti21sony.sys [2007-04-23 812544]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 usbvideo;R5U870 (UVC) ; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
R3 WDMWANMP;NDIS WAN miniport; C:\Windows\system32\DRIVERS\wdmwanmp.sys [2003-01-13 26435]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-01-10 659968]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-02-08 195584]
S3 BIPAC_u;ISDN USB CAPI; C:\Windows\system32\DRIVERS\BIPAC_u.sys [2003-04-19 732416]
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20070812.007\NAVENG.SYS [2007-07-23 81232]
S3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20070812.007\NAVEX15.SYS [2007-07-23 865904]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG-Adaptertreiber für Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver; C:\Windows\system32\DRIVERS\wg111v2.sys [2007-02-06 206336]
S3 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2006-12-12 407640]
S3 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2007-02-01 247608]
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2007-02-01 276792]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2007-01-12 113792]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2007-01-24 73728]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2007-01-12 40576]
S3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-09-06 110592]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-04-14 40384]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-11-17 107624]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-11-17 107624]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-11-17 107624]
R2 IGDCTRL;AVM IGD CTRL Service; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [2007-09-04 87344]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
R2 PDFProFiltSrv;PDFProFiltSrv; C:\Program Files\Nuance\PDF Professional 6\PDFProFiltSrv.exe [2009-07-27 134944]
R2 SCM_Service;SCM_Service; C:\Windows\System32\WinService.exe [2007-03-29 180224]
R2 SQLBrowser;SQL Server-Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
R2 STacSV;SigmaTel Audio Service; C:\Windows\system32\stacsv.exe [2007-09-13 102400]
R2 SymAppCore;Symantec AppCore Service; C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [2006-11-17 46736]
R2 TeamViewer4;TeamViewer 4; C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe [2009-08-24 185640]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-02 118784]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files\sony\VAIO Event Service\VESMgr.exe [2007-02-13 182392]
R2 VzCdbSvc;VAIO Entertainment Database Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2006-11-28 172032]
R2 VzFw;VAIO Entertainment File Import Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [2006-11-28 135168]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-01-10 386560]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-04-14 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-04-14 40384]
R3 humyo.com;humyo.com; C:\Program Files\humyo.de SmartDrive\hrfscore.exe [2010-03-31 3141616]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
R3 Vcsw;VAIO Entertainment UPnP Client Adapter; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [2006-11-28 274432]
S3 comHost;COM Host; C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [2006-11-17 49296]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe []
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 ISPwdSvc;Symantec IS Kennwortprüfung; C:\Program Files\Norton Internet Security\isPwdSvc.exe [2006-11-17 80552]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe [2006-12-14 45056]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2008-02-21 800040]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe [2006-12-14 57344]
S3 SonicStage Back-End Service;SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AvLib\SsBeSvc.exe [2007-01-24 112184]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe [2006-12-14 69632]
S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe [2007-01-24 75320]
S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2007-05-14 1174152]
S3 usnjsvc;Messenger USN Journal Reader-Service für freigegebene Ordner; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [2007-01-10 73728]
S3 VAIOMediaPlatform-IntegratedServer-AppServer;VAIO Media Integrated Server; C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe [2007-01-16 2523136]
S3 VAIOMediaPlatform-IntegratedServer-HTTP;VAIO Media Integrated Server (HTTP); C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-01-08 397312]
S3 VAIOMediaPlatform-IntegratedServer-UPnP;VAIO Media Integrated Server (UPnP); C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-01-16 1089536]
S3 VAIOMediaPlatform-Mobile-Gateway;VAIO Media Gateway Server; C:\Program Files\sony\VAIO Media Integrated Server\Platform\VmGateway.exe [2007-01-08 491520]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection; C:\Program Files\sony\VAIO Media Integrated Server\UCLS.exe [2007-01-10 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP); C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-01-08 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP); C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-01-16 1089536]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 MSSQLServerADHelper;Hilfsdienst von SQL Server für Active Directory; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]

-----------------EOF-----------------