Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: windows-security-screen! --> windows gesperrt

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 05.02.2012, 01:15   #1
AJ.
 
windows-security-screen! --> windows gesperrt - Standard

windows-security-screen! --> windows gesperrt



Hallo!

Auch mich hat es erwischt und ich habe einen netten Screen mit einer angeblichen Windowssperre auf einem der Userkonten meines Notebooks.

hier die OTL.txt Datei:

Code:
ATTFilter
OTL logfile created on: 04.02.2012 22:05:55 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\AJ\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,92 Gb Total Physical Memory | 2,79 Gb Available Physical Memory | 71,19% Memory free
7,83 Gb Paging File | 7,01 Gb Available in Paging File | 89,46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448,70 Gb Total Space | 391,90 Gb Free Space | 87,34% Space Free | Partition Type: NTFS
 
Computer Name: TANJA-VAIO | User Name: AJ | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.02.04 21:59:55 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\AJ\Desktop\OTL.exe
PRC - [2012.02.02 09:41:45 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.01.09 15:46:02 | 000,156,512 | ---- | M] (BullGuard Ltd.) -- C:\Programme\BullGuard Ltd\BullGuard\Files32\Spamfilter\LittleHook.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.02.02 09:41:45 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.11.12 08:03:32 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011.07.19 18:02:06 | 000,482,648 | ---- | M] () -- C:\Programme\BullGuard Ltd\BullGuard\Files32\SQLite.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011.10.29 22:48:24 | 000,054,432 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Care\VCService.exe -- (VCService)
SRV:64bit: - [2011.10.27 20:53:32 | 001,245,800 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent)
SRV:64bit: - [2011.08.26 11:19:50 | 000,260,768 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:64bit: - [2011.05.19 18:15:44 | 000,549,616 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2011.04.27 16:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011.04.27 16:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011.02.18 21:15:06 | 000,099,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:64bit: - [2011.01.20 11:27:18 | 000,286,936 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV:64bit: - [2011.01.14 08:01:51 | 000,203,776 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.12.09 16:26:26 | 000,923,024 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV:64bit: - [2010.12.06 09:14:50 | 000,584,080 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2010.10.25 17:55:26 | 000,387,896 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV:64bit: - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2012.02.04 19:20:43 | 000,496,992 | ---- | M] (BullGuard Ltd.) [Auto | Stopped] -- C:\Programme\BullGuard Ltd\BullGuard\BsMailProxy\BsMailProxy.dll -- (BsMailProxy)
SRV - [2012.02.04 19:20:43 | 000,246,112 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Programme\BullGuard Ltd\BullGuard\BsMain.dll -- (BsMain)
SRV - [2012.01.12 10:14:26 | 000,566,624 | ---- | M] (BullGuard Ltd.) [Auto | Stopped] -- C:\Programme\BullGuard Ltd\BullGuard\BsFire.dll -- (BsFire)
SRV - [2012.01.12 10:14:26 | 000,196,448 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Programme\BullGuard Ltd\BullGuard\BullGuardScanner.exe -- (BsScanner)
SRV - [2012.01.09 15:46:06 | 000,343,392 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Programme\BullGuard Ltd\BullGuard\BullGuardUpdate.exe -- (BsUpdate)
SRV - [2011.12.15 13:13:56 | 000,341,344 | ---- | M] (BullGuard Ltd.) [Auto | Stopped] -- C:\Programme\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe -- (BsBhvScan)
SRV - [2011.12.15 13:13:54 | 000,265,568 | ---- | M] (BullGuard Ltd.) [Auto | Stopped] -- C:\Programme\BullGuard Ltd\BullGuard\BsFileScan.dll -- (BsFileScan)
SRV - [2011.12.15 13:13:54 | 000,069,984 | ---- | M] (BullGuard Ltd.) [Auto | Stopped] -- C:\Programme\BullGuard Ltd\BullGuard\BsBackup.dll -- (BsBackup)
SRV - [2011.02.19 03:19:12 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.01.20 11:16:26 | 000,887,000 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2011.01.05 07:11:44 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2011.01.05 07:10:33 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010.12.23 16:24:52 | 000,095,632 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2010.11.27 00:55:44 | 000,398,176 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2010.11.05 23:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010.11.02 13:49:46 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2010.11.02 13:39:08 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2010.11.02 13:34:14 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2010.10.12 15:52:48 | 000,423,280 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2010.09.30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010.09.14 05:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010.09.14 05:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010.09.10 08:47:30 | 000,108,400 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2010.09.10 08:47:30 | 000,067,952 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2010.07.29 19:39:24 | 000,951,584 | ---- | M] (Broadcom Corporation.) [Auto | Stopped] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.09.02 08:46:18 | 000,192,000 | ---- | M] (IVT Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe -- (BsHelpCS)
SRV - [2009.09.02 08:41:24 | 001,466,476 | ---- | M] (IVT Corporation) [Auto | Stopped] -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe -- (BlueSoleilCS)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.01.09 16:11:22 | 000,424,040 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\afwcore.sys -- (afwcore)
DRV:64bit: - [2012.01.09 16:11:22 | 000,039,528 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afw.sys -- (AFW)
DRV:64bit: - [2012.01.09 16:11:14 | 000,256,072 | ---- | M] (NovaShield, Inc.) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\NSKernel.sys -- (NovaShieldFilterDriver)
DRV:64bit: - [2012.01.09 16:11:14 | 000,025,160 | ---- | M] (NovaShield, Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NSNetmon.sys -- (NovaShieldTDIDriver)
DRV:64bit: - [2012.01.09 16:11:04 | 000,290,376 | ---- | M] (BitDefender S.R.L.) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Trufos.sys -- (Trufos)
DRV:64bit: - [2012.01.09 16:10:54 | 000,066,272 | ---- | M] (BullGuard Ltd.) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\BdSpy.sys -- (BdSpy)
DRV:64bit: - [2011.11.28 18:54:06 | 000,591,192 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011.11.28 18:53:58 | 000,304,472 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011.11.28 18:52:22 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011.11.28 18:52:20 | 000,058,712 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011.11.28 18:52:11 | 000,066,904 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011.11.28 18:51:53 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011.04.27 14:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.30 02:19:52 | 000,425,064 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.01.14 08:04:13 | 012,252,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011.01.14 08:04:13 | 012,252,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.01.14 08:02:02 | 008,283,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.01.14 08:02:02 | 000,295,424 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.01.14 07:59:48 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2011.01.05 07:10:11 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.12.21 21:09:15 | 000,329,832 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2010.12.10 10:57:42 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.12.06 21:38:55 | 000,316,024 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.09 03:16:36 | 008,500,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel(R)
DRV:64bit: - [2010.11.03 23:35:22 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010.11.03 23:35:21 | 000,344,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010.11.03 23:35:21 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.11.03 23:35:21 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.11.03 23:34:50 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.11.01 21:09:19 | 000,180,736 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.11.01 21:09:19 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.09.14 05:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010.09.14 05:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010.09.14 05:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010.09.14 05:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010.04.26 21:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2010.03.19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009.08.28 15:05:00 | 000,043,912 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VCommMgr.sys -- (VcommMgr)
DRV:64bit: - [2009.08.28 15:04:44 | 000,047,880 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btcusb.sys -- (Btcsrusb)
DRV:64bit: - [2009.08.26 10:18:20 | 000,034,440 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btnetBus.sys -- (btnetBUs)
DRV:64bit: - [2009.08.26 10:16:52 | 000,030,344 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV:64bit: - [2009.08.26 10:16:44 | 000,024,840 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BtHidBus.sys -- (BtHidBus)
DRV:64bit: - [2009.08.26 10:16:20 | 000,017,032 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VComm.sys -- (VComm)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.06.17 13:02:44 | 000,020,488 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btnetdrv.sys -- (BT)
DRV:64bit: - [2009.06.17 13:02:20 | 000,036,872 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV:64bit: - [2009.06.10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009.06.10 21:35:02 | 000,281,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1y60x64.sys -- (e1yexpress) Intel(R)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.26 14:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2009.04.29 15:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.msn.com/?ocid=OIE9MSE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1me10IE9SE_DEDE/110
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?ocid=OIE9MSE
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.12.05 09:10:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.01.17 11:26:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\antiphishing@bullguard: C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\FF\antiphishing@bullguard\ [2012.02.04 19:17:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.02.02 09:41:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.17 11:26:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mail@gutscheinrausch.de: C:\Users\AJ\AppData\Roaming\Mozilla\Firefox\Profiles\gv50iz8g.default\extensions\mail@gutscheinrausch.de [2012.01.24 17:49:46 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\firejump@firejump.net: C:\Users\AJ\AppData\Roaming\Mozilla\Firefox\Profiles\gv50iz8g.default\extensions\firejump@firejump.net [2012.01.24 17:49:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{380AE6CB-09B9-4373-B360-D01C2462A6E7}: C:\Program Files\BullGuard Ltd\BullGuard\files32\backup\thunderbirdbkplugin [2012.02.04 19:17:22 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{0E810812-F4BB-4309-942A-755587587A5E}: C:\Program Files\BullGuard Ltd\BullGuard\Files32\Spamfilter\TbSpamfilter [2012.02.04 19:17:11 | 000,000,000 | ---D | M]
 
[2012.01.21 11:07:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AJ\AppData\Roaming\mozilla\Extensions
[2012.01.24 17:49:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AJ\AppData\Roaming\mozilla\Firefox\Profiles\gv50iz8g.default\extensions
[2012.01.24 17:49:44 | 000,000,000 | ---D | M] (FireJump) -- C:\Users\AJ\AppData\Roaming\mozilla\Firefox\Profiles\gv50iz8g.default\extensions\firejump@firejump.net
[2012.01.24 17:49:46 | 000,000,000 | ---D | M] (Gutscheinrausch.de) -- C:\Users\AJ\AppData\Roaming\mozilla\Firefox\Profiles\gv50iz8g.default\extensions\mail@gutscheinrausch.de
[2011.08.23 15:15:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.02.02 09:41:46 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.01.18 00:51:12 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.01.18 00:51:12 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.01.18 00:51:12 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.18 00:51:12 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.01.18 00:51:12 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.01.18 00:51:12 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [BullGuard] C:\Program Files\BullGuard Ltd\BullGuard\bullguard.exe (BullGuard Ltd.)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BtTray] C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe (IVT Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [SHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation)
O4 - HKLM..\Run: [VAIO Boot Manager] C:\Program Files (x86)\Sony\VAIO Boot Manager\StartUpProcessDelayTool.exe (Sony Corporation)
O4 - HKCU..\Run: [Firefox helper] C:\Users\AJ\AppData\Local\Mozilla\Firefox\firefox.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Programme\BullGuard Ltd\BullGuard\Antiphishing\IE\BgAntiphishingIE.dll (BullGuard Ltd.)
O9 - Extra Button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Programme\BullGuard Ltd\BullGuard\Files32\Antiphishing\IE\BgAntiphishingIE.dll (BullGuard Ltd.)
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\BGLsp.dll (BullGuard Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\BGLsp.dll (BullGuard Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\BGLsp.dll (BullGuard Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\BGLsp.dll (BullGuard Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\BGLsp.dll (BullGuard Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\BGLsp.dll (BullGuard Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\BGLsp.dll (BullGuard Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\BGLsp.dll (BullGuard Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\BGLsp.dll (BullGuard Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\BGLsp.dll (BullGuard Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\BGLsp.dll (BullGuard Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000023 - C:\Windows\SysNative\BGLsp.dll (BullGuard Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\BGLsp.dll (BullGuard Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\BGLsp.dll (BullGuard Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\BGLsp.dll (BullGuard Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\BGLsp.dll (BullGuard Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWow64\BGLsp.dll (BullGuard Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWow64\BGLsp.dll (BullGuard Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWow64\BGLsp.dll (BullGuard Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWow64\BGLsp.dll (BullGuard Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWow64\BGLsp.dll (BullGuard Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWow64\BGLsp.dll (BullGuard Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWow64\BGLsp.dll (BullGuard Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\SysWow64\BGLsp.dll (BullGuard Ltd.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{912C9998-1133-4413-84C9-DEA149EBE451}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (BgGamingMonitor.dll) - C:\Windows\SysNative\BgGamingMonitor.dll (BullGuard Ltd.)
O20 - AppInit_DLLs: (BgGamingMonitor.dll) -C:\Windows\SysWow64\BgGamingMonitor.dll (BullGuard Ltd.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.02.04 21:59:53 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\AJ\Desktop\OTL.exe
[2012.02.04 21:38:27 | 000,000,000 | ---D | C] -- C:\Users\AJ\AppData\Roaming\BullGuard
[2012.02.04 19:17:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BullGuard
[2012.02.04 19:16:57 | 000,000,000 | ---D | C] -- C:\ProgramData\BullGuard
[2012.02.04 19:16:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BullGuard Ltd
[2012.02.04 19:16:55 | 000,000,000 | ---D | C] -- C:\Program Files\BullGuard Ltd
[2012.02.04 14:05:57 | 000,000,000 | ---D | C] -- C:\Users\AJ\AppData\Local\Windows Live
[2012.02.04 14:05:57 | 000,000,000 | ---D | C] -- C:\Users\AJ\AppData\Local\{AB6271BC-253B-444D-9175-40F580DD0ABA}
[2012.02.04 14:05:47 | 000,000,000 | ---D | C] -- C:\Users\AJ\AppData\Local\{2826E8FC-24D7-424E-97A5-4BDF4175E49A}
[2012.01.31 18:57:22 | 000,000,000 | ---D | C] -- C:\Users\AJ\AppData\Local\ArcSoft
[2012.01.31 18:57:18 | 000,000,000 | ---D | C] -- C:\Users\AJ\AppData\Roaming\ArcSoft
[2012.01.25 23:26:43 | 000,000,000 | ---D | C] -- C:\Users\AJ\Documents\ICQ
[2012.01.24 17:49:44 | 000,493,056 | ---- | C] ( datenhaus GmbH) -- C:\Windows\SysWow64\dhRichClient3.dll
[2012.01.24 17:49:42 | 000,000,000 | ---D | C] -- C:\Users\AJ\AppData\Roaming\DesktopIconForAmazon
[2012.01.24 00:51:54 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.01.24 00:51:54 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012.01.24 00:51:53 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012.01.24 00:51:53 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012.01.24 00:51:53 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012.01.24 00:51:53 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012.01.22 13:18:03 | 000,000,000 | ---D | C] -- C:\Users\AJ\AppData\Roaming\SoftGrid Client
[2012.01.22 13:18:03 | 000,000,000 | ---D | C] -- C:\Users\AJ\AppData\Local\SoftGrid Client
[2012.01.22 12:54:46 | 000,000,000 | ---D | C] -- C:\Users\AJ\AppData\Roaming\gtk-2.0
[2012.01.22 12:04:21 | 000,000,000 | ---D | C] -- C:\Users\AJ\.thumbnails
[2012.01.22 11:47:46 | 000,000,000 | ---D | C] -- C:\Users\AJ\Documents\gegl-0.0
[2012.01.22 11:47:46 | 000,000,000 | ---D | C] -- C:\Users\AJ\.gimp-2.6
[2012.01.22 11:47:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
[2012.01.22 11:47:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIMP-2.0
[2012.01.22 11:46:09 | 019,735,256 | ---- | C] (                                                            ) -- C:\Users\AJ\Desktop\gimp-2.6.8-x64-setup.exe
[2012.01.22 11:39:28 | 020,367,424 | ---- | C] (The GIMP Team                                               ) -- C:\Users\AJ\Desktop\gimp-2.6.11-i686-setup-1.exe
[2012.01.21 11:07:08 | 000,000,000 | ---D | C] -- C:\Users\AJ\AppData\Roaming\Mozilla
[2012.01.21 11:07:08 | 000,000,000 | ---D | C] -- C:\Users\AJ\AppData\Local\Mozilla
[2012.01.21 11:06:01 | 000,000,000 | ---D | C] -- C:\Users\AJ\AppData\Roaming\Skype
[2012.01.21 11:01:20 | 000,000,000 | ---D | C] -- C:\Users\AJ\AppData\Roaming\ICQ
[2012.01.21 10:55:06 | 000,000,000 | ---D | C] -- C:\Users\AJ\AppData\Roaming\ATI
[2012.01.21 10:55:06 | 000,000,000 | ---D | C] -- C:\Users\AJ\AppData\Local\ATI
[2012.01.21 10:55:05 | 000,000,000 | ---D | C] -- C:\Users\AJ\AppData\Roaming\Intel Corporation
[2012.01.21 10:54:38 | 000,000,000 | ---D | C] -- C:\Users\AJ\AppData\Roaming\Adobe
[2012.01.21 10:54:18 | 000,000,000 | ---D | C] -- C:\Users\AJ\AppData\Local\bluesoleil
[2012.01.21 10:54:14 | 000,000,000 | ---D | C] -- C:\Users\AJ\AppData\Local\Adobe
[2012.01.21 10:53:52 | 000,000,000 | R--D | C] -- C:\Users\AJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.01.21 10:53:52 | 000,000,000 | R--D | C] -- C:\Users\AJ\Searches
[2012.01.21 10:53:52 | 000,000,000 | R--D | C] -- C:\Users\AJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.01.21 10:53:43 | 000,000,000 | ---D | C] -- C:\Users\AJ\AppData\Roaming\Identities
[2012.01.21 10:53:39 | 000,000,000 | R--D | C] -- C:\Users\AJ\Contacts
[2012.01.21 10:53:37 | 000,000,000 | ---D | C] -- C:\Users\AJ\AppData\Local\VirtualStore
[2012.01.21 10:53:30 | 000,000,000 | ---D | C] -- C:\Users\AJ\AppData\Roaming\Sony Corporation
[2012.01.21 10:52:59 | 000,000,000 | ---D | C] -- C:\Users\AJ\AppData\Roaming\Intel
[2012.01.21 10:52:58 | 000,000,000 | --SD | C] -- C:\Users\AJ\AppData\Roaming\Microsoft
[2012.01.21 10:52:58 | 000,000,000 | R--D | C] -- C:\Users\AJ\Videos
[2012.01.21 10:52:58 | 000,000,000 | R--D | C] -- C:\Users\AJ\Saved Games
[2012.01.21 10:52:58 | 000,000,000 | R--D | C] -- C:\Users\AJ\Pictures
[2012.01.21 10:52:58 | 000,000,000 | R--D | C] -- C:\Users\AJ\Music
[2012.01.21 10:52:58 | 000,000,000 | R--D | C] -- C:\Users\AJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.01.21 10:52:58 | 000,000,000 | R--D | C] -- C:\Users\AJ\Links
[2012.01.21 10:52:58 | 000,000,000 | R--D | C] -- C:\Users\AJ\Favorites
[2012.01.21 10:52:58 | 000,000,000 | R--D | C] -- C:\Users\AJ\Downloads
[2012.01.21 10:52:58 | 000,000,000 | R--D | C] -- C:\Users\AJ\Documents
[2012.01.21 10:52:58 | 000,000,000 | R--D | C] -- C:\Users\AJ\Desktop
[2012.01.21 10:52:58 | 000,000,000 | R--D | C] -- C:\Users\AJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.01.21 10:52:58 | 000,000,000 | -HSD | C] -- C:\Users\AJ\Vorlagen
[2012.01.21 10:52:58 | 000,000,000 | -HSD | C] -- C:\Users\AJ\AppData\Local\Verlauf
[2012.01.21 10:52:58 | 000,000,000 | -HSD | C] -- C:\Users\AJ\AppData\Local\Temporary Internet Files
[2012.01.21 10:52:58 | 000,000,000 | -HSD | C] -- C:\Users\AJ\Startmenü
[2012.01.21 10:52:58 | 000,000,000 | -HSD | C] -- C:\Users\AJ\SendTo
[2012.01.21 10:52:58 | 000,000,000 | -HSD | C] -- C:\Users\AJ\Recent
[2012.01.21 10:52:58 | 000,000,000 | -HSD | C] -- C:\Users\AJ\Netzwerkumgebung
[2012.01.21 10:52:58 | 000,000,000 | -HSD | C] -- C:\Users\AJ\Lokale Einstellungen
[2012.01.21 10:52:58 | 000,000,000 | -HSD | C] -- C:\Users\AJ\Documents\Eigene Videos
[2012.01.21 10:52:58 | 000,000,000 | -HSD | C] -- C:\Users\AJ\Documents\Eigene Musik
[2012.01.21 10:52:58 | 000,000,000 | -HSD | C] -- C:\Users\AJ\Eigene Dateien
[2012.01.21 10:52:58 | 000,000,000 | -HSD | C] -- C:\Users\AJ\Documents\Eigene Bilder
[2012.01.21 10:52:58 | 000,000,000 | -HSD | C] -- C:\Users\AJ\Druckumgebung
[2012.01.21 10:52:58 | 000,000,000 | -HSD | C] -- C:\Users\AJ\Cookies
[2012.01.21 10:52:58 | 000,000,000 | -HSD | C] -- C:\Users\AJ\AppData\Local\Anwendungsdaten
[2012.01.21 10:52:58 | 000,000,000 | -HSD | C] -- C:\Users\AJ\Anwendungsdaten
[2012.01.21 10:52:58 | 000,000,000 | -H-D | C] -- C:\Users\AJ\AppData
[2012.01.21 10:52:58 | 000,000,000 | ---D | C] -- C:\Users\AJ\AppData\Local\Temp
[2012.01.21 10:52:58 | 000,000,000 | ---D | C] -- C:\Users\AJ\AppData\Local\Sony Corporation
[2012.01.21 10:52:58 | 000,000,000 | ---D | C] -- C:\Users\AJ\Roaming
[2012.01.21 10:52:58 | 000,000,000 | ---D | C] -- C:\Users\AJ\AppData\Local\Microsoft
[2012.01.21 10:52:58 | 000,000,000 | ---D | C] -- C:\Users\AJ\AppData\Roaming\Media Center Programs
[2012.01.21 10:52:58 | 000,000,000 | ---D | C] -- C:\Users\AJ\AppData\Roaming\Macromedia
[2012.01.19 19:45:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.7
[2012.01.19 19:44:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.7
[2012.01.19 18:00:33 | 000,000,000 | RH-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
[2012.01.19 17:24:16 | 000,069,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\offreg.dll
[2012.01.19 17:24:16 | 000,014,336 | ---- | C] (iolo technologies, LLC) -- C:\Windows\SysNative\iolorgdf64.exe
[2012.01.19 17:24:16 | 000,000,000 | ---D | C] -- C:\ProgramData\iolo
[2012.01.17 11:25:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2012.01.17 11:25:02 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2012.01.17 11:24:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2012.01.17 11:23:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2012.01.17 11:22:30 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2012.01.11 01:02:16 | 000,024,416 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\SysNative\AdobePDFUI.dll
[2012.01.11 00:59:37 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012.01.11 00:59:37 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012.01.11 00:59:37 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.01.11 00:59:37 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.01.11 00:59:35 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012.01.11 00:59:34 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012.01.11 00:59:34 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012.01.09 16:11:22 | 000,424,040 | ---- | C] (Agnitum Ltd.) -- C:\Windows\SysNative\drivers\afwcore.sys
[2012.01.09 16:11:22 | 000,039,528 | ---- | C] (Agnitum Ltd.) -- C:\Windows\SysNative\drivers\afw.sys
[2012.01.09 16:11:14 | 000,256,072 | ---- | C] (NovaShield, Inc.) -- C:\Windows\SysNative\drivers\NSKernel.sys
[2012.01.09 16:11:14 | 000,025,160 | ---- | C] (NovaShield, Inc.) -- C:\Windows\SysNative\drivers\NSNetmon.sys
[2012.01.09 16:11:04 | 000,290,376 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\Trufos.sys
[2012.01.09 16:10:54 | 000,066,272 | ---- | C] (BullGuard Ltd.) -- C:\Windows\SysNative\drivers\BdSpy.sys
[2012.01.09 15:45:58 | 000,111,064 | ---- | C] (BullGuard Ltd.) -- C:\Windows\SysNative\BgGamingMonitor.dll
[2012.01.09 15:45:58 | 000,100,216 | ---- | C] (BullGuard Ltd.) -- C:\Windows\SysWow64\BgGamingMonitor.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.02.04 21:59:55 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\AJ\Desktop\OTL.exe
[2012.02.04 21:44:46 | 001,621,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.02.04 21:44:46 | 000,699,376 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.02.04 21:44:46 | 000,654,694 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.02.04 21:44:46 | 000,149,314 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.02.04 21:44:46 | 000,122,268 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.02.04 21:37:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.04 21:37:27 | 3155,054,592 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.04 20:46:13 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.04 19:41:29 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.04 19:41:29 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.04 19:24:19 | 000,005,780 | ---- | M] () -- C:\Windows\SysWow64\LOCALSERVICE.INI
[2012.02.04 19:23:51 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.02.04 19:23:12 | 000,001,433 | ---- | M] () -- C:\Windows\SysWow64\bscs.ini
[2012.02.04 19:17:26 | 000,000,990 | ---- | M] () -- C:\Users\Public\Desktop\BullGuard.lnk
[2012.02.04 19:16:25 | 000,002,127 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012.02.04 19:15:43 | 026,748,760 | ---- | M] () -- C:\Users\Public\Desktop\BullGuard Internet Security 12 Install.exe
[2012.02.04 18:22:37 | 000,004,538 | ---- | M] () -- C:\Users\AJ\.recently-used.xbel
[2012.02.04 17:27:02 | 000,272,092 | ---- | M] () -- C:\Users\AJ\Desktop\Foto-0022.jpg
[2012.02.04 15:39:45 | 001,065,258 | ---- | M] () -- C:\Users\AJ\Desktop\me4.02.12.JPG
[2012.02.04 15:35:30 | 000,036,436 | ---- | M] () -- C:\Users\AJ\Desktop\GLAZKRAK.TTF
[2012.02.04 15:34:53 | 000,014,900 | ---- | M] () -- C:\Users\AJ\Desktop\glazkrak.zip
[2012.02.04 15:10:59 | 000,889,605 | ---- | M] () -- C:\Users\AJ\Desktop\me4.02.12black.JPG
[2012.02.04 14:47:00 | 002,620,894 | ---- | M] () -- C:\Users\AJ\Desktop\DSC_0204.JPG
[2012.02.04 14:06:32 | 000,206,642 | ---- | M] () -- C:\Users\AJ\julie (600x800).jpg
[2012.02.04 13:58:41 | 000,044,921 | ---- | M] () -- C:\Users\AJ\Desktop\5296de47-52249470.jpg
[2012.02.04 13:57:56 | 000,047,574 | ---- | M] () -- C:\Users\AJ\Desktop\9ef683da-52598621.jpg
[2012.02.04 12:07:52 | 000,254,873 | ---- | M] () -- C:\Users\AJ\Desktop\julie.jpg
[2012.01.31 19:36:30 | 000,012,039 | ---- | M] () -- C:\Users\AJ\Desktop\DSC00162_mini.jpg
[2012.01.31 19:36:14 | 000,018,236 | ---- | M] () -- C:\Users\AJ\Desktop\DSC00161_mini.jpg
[2012.01.22 13:40:29 | 010,821,423 | ---- | M] () -- C:\Users\AJ\Desktop\Unbenannt.xcf
[2012.01.22 13:35:44 | 000,186,702 | ---- | M] () -- C:\Users\AJ\Desktop\papier4.jpg
[2012.01.22 13:12:49 | 000,165,124 | ---- | M] () -- C:\Users\AJ\Desktop\papier.jpg
[2012.01.22 11:46:21 | 019,735,256 | ---- | M] (                                                            ) -- C:\Users\AJ\Desktop\gimp-2.6.8-x64-setup.exe
[2012.01.22 11:39:38 | 020,367,424 | ---- | M] (The GIMP Team                                               ) -- C:\Users\AJ\Desktop\gimp-2.6.11-i686-setup-1.exe
[2012.01.21 11:06:32 | 000,001,150 | ---- | M] () -- C:\Users\AJ\Desktop\Mozilla Firefox.lnk
[2012.01.21 11:04:52 | 000,000,355 | ---- | M] () -- C:\Users\AJ\Desktop\Computer - Verknüpfung.lnk
[2012.01.21 10:56:06 | 000,001,842 | ---- | M] () -- C:\Users\AJ\Desktop\ICQ7.7.lnk
[2012.01.20 23:19:32 | 001,599,338 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.01.12 01:08:05 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012.01.09 16:11:22 | 000,424,040 | ---- | M] (Agnitum Ltd.) -- C:\Windows\SysNative\drivers\afwcore.sys
[2012.01.09 16:11:22 | 000,039,528 | ---- | M] (Agnitum Ltd.) -- C:\Windows\SysNative\drivers\afw.sys
[2012.01.09 16:11:14 | 000,256,072 | ---- | M] (NovaShield, Inc.) -- C:\Windows\SysNative\drivers\NSKernel.sys
[2012.01.09 16:11:14 | 000,025,160 | ---- | M] (NovaShield, Inc.) -- C:\Windows\SysNative\drivers\NSNetmon.sys
[2012.01.09 16:11:04 | 000,290,376 | ---- | M] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\Trufos.sys
[2012.01.09 16:10:54 | 000,066,272 | ---- | M] (BullGuard Ltd.) -- C:\Windows\SysNative\drivers\BdSpy.sys
[2012.01.09 15:45:58 | 000,111,064 | ---- | M] (BullGuard Ltd.) -- C:\Windows\SysNative\BgGamingMonitor.dll
[2012.01.09 15:45:58 | 000,100,216 | ---- | M] (BullGuard Ltd.) -- C:\Windows\SysWow64\BgGamingMonitor.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.02.04 19:17:26 | 000,000,990 | ---- | C] () -- C:\Users\Public\Desktop\BullGuard.lnk
[2012.02.04 19:15:13 | 026,748,760 | ---- | C] () -- C:\Users\Public\Desktop\BullGuard Internet Security 12 Install.exe
[2012.02.04 18:22:37 | 000,004,538 | ---- | C] () -- C:\Users\AJ\.recently-used.xbel
[2012.02.04 18:19:47 | 000,751,254 | ---- | C] () -- C:\Users\AJ\Desktop\28082011866.JPG
[2012.02.04 18:19:34 | 000,577,407 | ---- | C] () -- C:\Users\AJ\Desktop\28082011863.JPG
[2012.02.04 18:17:59 | 000,272,092 | ---- | C] () -- C:\Users\AJ\Desktop\Foto-0022.jpg
[2012.02.04 15:39:44 | 001,065,258 | ---- | C] () -- C:\Users\AJ\Desktop\me4.02.12.JPG
[2012.02.04 15:34:53 | 000,014,900 | ---- | C] () -- C:\Users\AJ\Desktop\glazkrak.zip
[2012.02.04 15:10:58 | 000,889,605 | ---- | C] () -- C:\Users\AJ\Desktop\me4.02.12black.JPG
[2012.02.04 14:47:35 | 002,620,894 | ---- | C] () -- C:\Users\AJ\Desktop\DSC_0204.JPG
[2012.02.04 14:06:31 | 000,206,642 | ---- | C] () -- C:\Users\AJ\julie (600x800).jpg
[2012.02.04 13:58:09 | 000,044,921 | ---- | C] () -- C:\Users\AJ\Desktop\5296de47-52249470.jpg
[2012.02.04 13:57:55 | 000,047,574 | ---- | C] () -- C:\Users\AJ\Desktop\9ef683da-52598621.jpg
[2012.02.04 12:09:10 | 000,254,873 | ---- | C] () -- C:\Users\AJ\Desktop\julie.jpg
[2012.01.31 19:17:45 | 000,018,236 | ---- | C] () -- C:\Users\AJ\Desktop\DSC00161_mini.jpg
[2012.01.31 19:17:45 | 000,012,039 | ---- | C] () -- C:\Users\AJ\Desktop\DSC00162_mini.jpg
[2012.01.24 17:49:44 | 000,338,432 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll
[2012.01.22 13:35:43 | 000,186,702 | ---- | C] () -- C:\Users\AJ\Desktop\papier4.jpg
[2012.01.22 12:54:46 | 000,165,124 | ---- | C] () -- C:\Users\AJ\Desktop\papier.jpg
[2012.01.22 12:04:15 | 010,821,423 | ---- | C] () -- C:\Users\AJ\Desktop\Unbenannt.xcf
[2012.01.21 11:06:32 | 000,001,150 | ---- | C] () -- C:\Users\AJ\Desktop\Mozilla Firefox.lnk
[2012.01.21 11:04:52 | 000,000,355 | ---- | C] () -- C:\Users\AJ\Desktop\Computer - Verknüpfung.lnk
[2012.01.21 10:56:06 | 000,001,842 | ---- | C] () -- C:\Users\AJ\Desktop\ICQ7.7.lnk
[2012.01.19 19:56:14 | 3155,054,592 | -HS- | C] () -- C:\hiberfil.sys
[2012.01.19 18:00:33 | 000,002,024 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care.lnk
[2011.08.28 15:04:06 | 000,000,635 | ---- | C] () -- C:\Windows\SysWow64\SHORTCUT.INI
[2011.08.28 15:02:53 | 000,000,132 | ---- | C] () -- C:\Windows\SysWow64\REMOTEDEVICE.INI
[2011.08.27 22:00:00 | 000,005,780 | ---- | C] () -- C:\Windows\SysWow64\LOCALSERVICE.INI
[2011.08.27 21:59:57 | 000,000,102 | ---- | C] () -- C:\Windows\SysWow64\LOCALDEVICE.INI
[2011.08.27 21:56:28 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\BSPRINT.INI
[2011.08.27 16:33:49 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.08.25 10:30:37 | 001,599,338 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.02.19 03:12:26 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.02.19 03:06:10 | 000,002,975 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2011.01.14 09:20:50 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.01.14 09:20:50 | 000,206,952 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.01.14 09:20:50 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.01.14 09:20:50 | 000,002,975 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009.09.07 14:42:42 | 000,001,433 | ---- | C] () -- C:\Windows\SysWow64\bscs.ini
[2009.09.02 08:39:46 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\BsMobileCSps.dll
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009.07.13 22:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009.07.13 22:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009.07.13 22:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

< End of report >
         
und hier die Extras Datei:
Code:
ATTFilter
OTL Extras logfile created on: 04.02.2012 22:05:55 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\AJ\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,92 Gb Total Physical Memory | 2,79 Gb Available Physical Memory | 71,19% Memory free
7,83 Gb Paging File | 7,01 Gb Available in Paging File | 89,46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448,70 Gb Total Space | 391,90 Gb Free Space | 87,34% Space Free | Partition Type: NTFS
 
Computer Name: TANJA-VAIO | User Name: AJ | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{115B60D5-BBDB-490E-AF2E-064D37A3CE01}" = Media Gallery
"{11D25EF7-85FC-4B58-8278-485939C8637F}" = VAIO Update Merge Module x64
"{124C73A8-5C1B-EF26-867B-5B77F9BC4D07}" = ATI Catalyst Install Manager
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{133D3F07-D558-46CE-80E8-F4D75DBBAD63}" = PMB VAIO Edition Plug-in
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java(TM) 6 Update 22 (64-bit)
"{279C32E4-2D81-4FDA-8C02-7206845D0D38}" = VAIO Care
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{5AFD1F5C-8FDA-413C-AF38-F1E7BD10D72F}" = VAIO Media plus
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{7C3AC18F-F19B-4082-8D13-7D603848E06C}" = VAIO Update Merge Module x64
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{AF0BE024-8A51-E33A-D9A9-A4B8C8C71DD3}" = ccc-utility64
"{AF162E20-417F-4946-A06D-65734984957F}" = Intel(R) PROSet/Wireless WiFi-Software
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CFFA71A3-B098-31B4-94F7-07EA2A717418}" = WMV9/VC-1 Video Playback
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FBBAB883-0BEE-4744-8062-281B213ADC1E}" = Bluesoleil 5.4.277.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"BullGuard" = BullGuard
"DesktopIconAmazon" = Desktop Icon für Amazon
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"ProInst" = Intel PROSet Wireless
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007F778D-F15C-4EAB-AE92-071D21FAF632}" = Adobe Photoshop Elements 9
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{07441A52-E208-478A-92B7-5C337CA8C131}" = Remote Play mit PlayStation®3
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09535813-6A3C-7954-96A6-6C3CB279D269}" = CCC Help German
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight
"{118EFF90-3852-918E-1792-44912800232D}" = CCC Help Japanese
"{13EC74A6-4707-4D26-B9B9-E173403F3B08}" = Quick Web Access
"{146FEF7F-4761-3239-2B5C-AB97D021E8BC}" = Catalyst Control Center Profiles Mobile
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22008CF9-2B54-4022-AFD8-3B7D42C89E6B}" = PMB VAIO Edition Plug-in
"{25175695-4B20-4298-9F34-C2C57CD277B3}" = Elements STI Installer
"{25AF1025-095C-4AA9-A3FD-29710D3C3AE5}" = Remote Keyboard
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{280E31FF-90A9-2CE5-4877-4147A5844266}" = CCC Help Dutch
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2B11BA9C-7F97-4C16-970F-1491FD77969B}_is1" = GutscheinRausch.de - AddOn für Firefox
"{2B7C3552-72EA-E925-7024-D18F32BCBD06}" = CCC Help Italian
"{2F2CE655-BB00-BE89-6932-75B915963284}" = Catalyst Control Center Graphics Previews Common
"{31ABC808-794B-4710-B3E4-85F77784882E}" = VAIO Hardware Diagnostics
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = PMB VAIO Edition Guide
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34BA7E8F-7E1D-1B0B-E5C2-A9A1296091D2}" = CCC Help Thai
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3705D53F-BB01-4BEE-8585-289E71CAC4B4}" = Компаньон Messenger
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3845BDF0-8A2C-BF4C-11F3-8882075B9E26}" = CCC Help Greek
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer
"{464BA630-A5F5-5047-6DEB-01ED8F98BFB8}" = CCC Help Swedish
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{53E913F1-9D04-B864-CF80-E0CAFCB3F38C}" = CCC Help Hungarian
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{61438020-DDD4-42FA-99A2-50225441980A}" = ArcSoft Magic-i Visual Effects 2
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{670F35CC-ADFC-2260-B863-E18E588BC087}" = CCC Help French
"{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{70991E0A-1108-437E-BA7D-085702C670C0}" = 
"{712D5D1D-E668-C2A1-A508-81661F735B18}" = CCC Help Russian
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{734B6C6C-4740-476F-BB0C-F7AF469EDBB2}" = Remote Play with PlayStation 3
"{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}" = VAIO - Remote-Tastatur 
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{753152B8-456A-6D6C-4050-1C740049DAF7}" = ccc-core-static
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = 
"{8142D25E-028A-4563-86ED-5755783C8029}" = Messenger Companion
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" = 
"{8356CB97-A48F-44CB-837A-A12838DC4669}" = PMB VAIO Edition Plug-in
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" = 
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89AC9DCA-EB77-9B54-C109-9EE497C70A38}" = Catalyst Control Center Localization All
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{939C80FA-96C9-44A6-B318-8E7D8BD8481B}" = Messenger Companion
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0361AD3-CA02-90FD-6617-B8CAE4827F2B}" = CCC Help Norwegian
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A720A7F6-389B-2E93-7BDA-69D0A12F33CB}" = CCC Help Polish
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = 
"{A84F2351-A421-6A58-626F-5792820D40B7}" = CCC Help Danish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AC76BA86-1033-F400-BA7E-000000000004}" = Adobe Acrobat  9 Standard - English, Français, Deutsch
"{AC76BA86-1033-F400-BA7E-000000000004}_950" = Adobe Acrobat 9.5.0 - CPSID_83708
"{AC76BA86-1033-F400-BA7E-000000000004}{AC76BA86-1033-F400-BA7E-000000000004}" = Adobe Acrobat  9 Standard - English, Français, Deutsch
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.0 MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B46CA1A1-680B-6161-5312-A4FF0AFD518D}" = CCC Help English
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B79242FF-8ACC-0525-85FD-6B99215198AE}" = CCC Help Portuguese
"{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}" = Элемент управления Windows Live Mesh ActiveX для удаленных подключений
"{C0357E79-BAED-48F4-8AFE-A5E71AFC2658}" = 
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO-Handbuch
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = 
"{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}" = ArcSoft WebCam Companion 4
"{C7DAD22D-29D4-438F-B986-03B9ED582EA4}" = Messenger Companion
"{C7EE26A6-FBDC-4A9B-83FD-DD9B26D44DFE}" = VAIO - Media Gallery
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CBFD061C-4B27-4A89-ADD8-210316EEFA11}" = Windows Live Messenger
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D1B83E1A-0AF9-C416-F511-3AEDEC6EC6DD}" = Catalyst Control Center InstallProxy
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D531F5A4-18F6-4130-B9A4-9179D6E349FC}" = VAIO Care
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{D85FFE92-BF14-4E9B-BCCD-E5C16069E65F}_is1" = FireJump 1.0.1.8
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA5B3193-C386-E20C-3865-AAE363D7B863}" = CCC Help Finnish
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}" = Elements STI Installer
"{E3D10A51-7F06-015F-F5A6-A5FCF64FF54C}" = CCC Help Korean
"{E48CCB7E-63AF-43CC-B5D1-5E1A829BBD98}" = Catalyst Control Center - Branding
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5F25637-12A3-2ECE-BA56-4FD64411C5E1}" = CCC Help Czech
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EB9955F8-467C-47FC-90F8-12CD5DF684C3}" = Adobe Premiere Elements 9
"{EC2276B3-81C6-8FBD-358D-619B255F5ABA}" = CCC Help Spanish
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EFBEE79D-E49D-9451-459E-F776AC857F99}" = PX Profile Update
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F302F4F0-588D-6501-1ACF-BE3FDCC9135D}" = Adobe Community Help
"{F5678E75-7569-A976-96FA-FF03F5651A30}" = CCC Help Chinese Standard
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote
"{F8B48758-410A-4B09-A734-C5DEA282C7C9}" = VAIO Data Restore Tool
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" = 
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE9A6C6C-0A21-0439-6D7B-00B9BD06A74F}" = CCC Help Chinese Traditional
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 9" = Adobe Photoshop Elements 9
"avast" = avast! Free Antivirus
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"DivX Setup" = DivX-Setup
"InstallShield_{22008CF9-2B54-4022-AFD8-3B7D42C89E6B}" = VAIO - PMB VAIO Edition Plug-in
"InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = VAIO - PMB VAIO Edition Guide
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
"Mozilla Firefox 10.0 (x86 de)" = Mozilla Firefox 10.0 (x86 de)
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"PremElem90" = Adobe Premiere Elements 9
"splashtop" = Quick Web Access
"VAIO Help and Support" = 
"VAIO screensaver" = VAIO screensaver
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 04.01.2012 20:02:27 | Computer Name = Tanja-VAIO | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
 Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
 des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 12.01.2012 09:10:54 | Computer Name = Tanja-VAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: VAIOCare.exe, Version: 6.4.0.13180,
 Zeitstempel: 0x4d35b0a2  Name des fehlerhaften Moduls: VAIOCare.exe, Version: 6.4.0.13180,
 Zeitstempel: 0x4d35b0a2  Ausnahmecode: 0xc0000094  Fehleroffset: 0x0000000000009d79
ID
 des fehlerhaften Prozesses: 0x1564  Startzeit der fehlerhaften Anwendung: 0x01ccd12b9c9a5895
Pfad
 der fehlerhaften Anwendung: C:\Program Files\Sony\VAIO Care\VAIOCare.exe  Pfad des
 fehlerhaften Moduls: C:\Program Files\Sony\VAIO Care\VAIOCare.exe  Berichtskennung:
 db38a9a9-3d1e-11e1-82ce-f0bf97123fd8
 
Error - 12.01.2012 09:23:36 | Computer Name = Tanja-VAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: VAIOCare.exe, Version: 6.4.0.13180,
 Zeitstempel: 0x4d35b0a2  Name des fehlerhaften Moduls: VAIOCare.exe, Version: 6.4.0.13180,
 Zeitstempel: 0x4d35b0a2  Ausnahmecode: 0xc0000094  Fehleroffset: 0x0000000000009d79
ID
 des fehlerhaften Prozesses: 0x80c  Startzeit der fehlerhaften Anwendung: 0x01ccd12d6392d4a4
Pfad
 der fehlerhaften Anwendung: C:\Program Files\Sony\VAIO Care\VAIOCare.exe  Pfad des
 fehlerhaften Moduls: C:\Program Files\Sony\VAIO Care\VAIOCare.exe  Berichtskennung:
 a1acded1-3d20-11e1-9d06-f0bf97123fd8
 
Error - 17.01.2012 03:49:19 | Computer Name = Tanja-VAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: VAIOCare.exe, Version: 6.4.0.13180,
 Zeitstempel: 0x4d35b0a2  Name des fehlerhaften Moduls: VAIOCare.exe, Version: 6.4.0.13180,
 Zeitstempel: 0x4d35b0a2  Ausnahmecode: 0xc0000094  Fehleroffset: 0x0000000000009d79
ID
 des fehlerhaften Prozesses: 0x574  Startzeit der fehlerhaften Anwendung: 0x01ccd4ec81e5f468
Pfad
 der fehlerhaften Anwendung: C:\Program Files\Sony\VAIO Care\VAIOCare.exe  Pfad des
 fehlerhaften Moduls: C:\Program Files\Sony\VAIO Care\VAIOCare.exe  Berichtskennung:
 c2981e81-40df-11e1-9921-f0bf97123fd8
 
Error - 19.01.2012 12:31:41 | Computer Name = Tanja-VAIO | Source = ATIeRecord | ID = 16386
Description = ATI EEU Client has failed to start
 
Error - 19.01.2012 12:32:55 | Computer Name = Tanja-VAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: VESMgrSub.exe, Version: 5.4.0.11290,
 Zeitstempel: 0x4cf31bb2  Name des fehlerhaften Moduls: atiadlxy.dll, Version: 6.14.10.1054,
 Zeitstempel: 0x4d25f568  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000270c1  ID des fehlerhaften
 Prozesses: 0xbb4  Startzeit der fehlerhaften Anwendung: 0x01ccd6c719befec6  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\system32\atiadlxy.dll  Berichtskennung: 3d1df2b7-42bb-11e1-a053-f0bf97123fd8
 
Error - 19.01.2012 12:42:39 | Computer Name = Tanja-VAIO | Source = ATIeRecord | ID = 16386
Description = ATI EEU Client has failed to start
 
Error - 19.01.2012 12:51:01 | Computer Name = Tanja-VAIO | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Die Anwendung oder der Dienst "ElbServer" konnte nicht heruntergefahren
 werden.
 
Error - 19.01.2012 12:56:44 | Computer Name = Tanja-VAIO | Source = .NET Runtime | ID = 1026
Description = 
 
Error - 19.01.2012 12:56:48 | Computer Name = Tanja-VAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: VAIOShell.exe, Version: 7.2.0.10270,
 Zeitstempel: 0x4eabda02  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651,
 Zeitstempel: 0x4e21213c  Ausnahmecode: 0xe0434352  Fehleroffset: 0x000000000000cacd
ID
 des fehlerhaften Prozesses: 0xb68  Startzeit der fehlerhaften Anwendung: 0x01ccd6cb3d764a66
Pfad
 der fehlerhaften Anwendung: C:\Program Files\Sony\VAIO Care\VAIOShell.exe  Pfad des
 fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll  Berichtskennung: 931f1a4c-42be-11e1-b821-f0bf97123fd8
 
[ System Events ]
Error - 20.01.2012 05:32:54 | Computer Name = Tanja-VAIO | Source = ipnathlp | ID = 31004
Description = 
 
Error - 20.01.2012 14:20:39 | Computer Name = Tanja-VAIO | Source = ipnathlp | ID = 31004
Description = 
 
Error - 20.01.2012 15:17:22 | Computer Name = Tanja-VAIO | Source = BROWSER | ID = 8032
Description = 
 
Error - 20.01.2012 16:53:33 | Computer Name = Tanja-VAIO | Source = ipnathlp | ID = 31004
Description = 
 
Error - 20.01.2012 17:05:37 | Computer Name = Tanja-VAIO | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR5 gefunden.
 
Error - 20.01.2012 17:05:38 | Computer Name = Tanja-VAIO | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR5 gefunden.
 
Error - 20.01.2012 17:05:38 | Computer Name = Tanja-VAIO | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR5 gefunden.
 
Error - 20.01.2012 17:05:39 | Computer Name = Tanja-VAIO | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR5 gefunden.
 
Error - 20.01.2012 17:06:00 | Computer Name = Tanja-VAIO | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR6 gefunden.
 
Error - 20.01.2012 17:06:02 | Computer Name = Tanja-VAIO | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR6 gefunden.
 
 
< End of report >
         

Ich bitte im dem Sinne dringend um hilfe!

Dankeschön für die Bemühungen bereits im vorraus! =)

LG AJ

Alt 05.02.2012, 10:59   #2
AJ.
 
windows-security-screen! --> windows gesperrt - Standard

windows-security-screen! --> windows gesperrt



Ich habe mich hier mal etwas durchgelesen und habe festgestellt, dass ein Scandurchlauf mit Maleware bytes nicht verkehrt wäre

Dieses Programm hat auch prompt den Verursacher entdeckt.

Hier poste ich mal die zwei Logdateien, die nach dem Scan erstellt wurden.
Der Rechner funktioniert zwar wieder aber die Infizierten dateien hängen immer noch in der Quarantäne....wäre nett, wenn ihr elfen könntet =)
Angehängte Dateien
Dateityp: txt mbam-log-2012-02-05 (10-02-12).txt (2,9 KB, 156x aufgerufen)
__________________


Antwort

Themen zu windows-security-screen! --> windows gesperrt
64-bit, adobe, antivirus, autorun, avast, bho, browser, defender, dringend, error, failed, fehler, firefox, flash player, format, gesperrt, home, igdpmd64.sys, logfile, microsoft office starter 2010, microsoft security, mozilla, realtek, registry, richtlinie, rundll, scan, security, software, usb 3.0, webcheck



Ähnliche Themen: windows-security-screen! --> windows gesperrt


  1. Windows Security Center - PC gesperrt - 100 Euro bezahlen
    Plagegeister aller Art und deren Bekämpfung - 30.03.2012 (1)
  2. Windows Security Center - PC gesperrt - 100 Euro bezahlen
    Alles rund um Windows - 30.03.2012 (1)
  3. Windows Security Center - Pc gesperrt
    Plagegeister aller Art und deren Bekämpfung - 21.03.2012 (13)
  4. 'Windows Security Center' Trojaner - Windows-Benutzer gesperrt !
    Log-Analyse und Auswertung - 16.03.2012 (5)
  5. Windows Security Center - Pc gesperrt
    Plagegeister aller Art und deren Bekämpfung - 16.03.2012 (12)
  6. Windows security Ihr computer wurde gesperrt
    Plagegeister aller Art und deren Bekämpfung - 06.03.2012 (19)
  7. windows security center windows gesperrt
    Log-Analyse und Auswertung - 04.03.2012 (1)
  8. Windows Security Center: Computer gesperrt
    Log-Analyse und Auswertung - 13.02.2012 (10)
  9. Windows Security Center: Computer gesperrt!
    Log-Analyse und Auswertung - 11.02.2012 (27)
  10. Achtung! Ihr Computer wurde gesperrt! Windows Security
    Plagegeister aller Art und deren Bekämpfung - 08.02.2012 (11)
  11. Windows Security Center: Warnung - PC gesperrt!
    Log-Analyse und Auswertung - 08.02.2012 (10)
  12. windows 7, weißer Bildschirm, Meldung: windows security center, Achtung! Ihr Computer wurde gesperrt
    Log-Analyse und Auswertung - 06.02.2012 (11)
  13. Windows Security Center - PC gesperrt - OTL Dateien
    Plagegeister aller Art und deren Bekämpfung - 05.02.2012 (6)
  14. Windows Security Center - Windows gesperrt
    Plagegeister aller Art und deren Bekämpfung - 05.02.2012 (2)
  15. windows security center 100 € strafe Computer gesperrt
    Plagegeister aller Art und deren Bekämpfung - 05.02.2012 (2)
  16. Windows Security Center ihr Computer wurde gesperrt
    Log-Analyse und Auswertung - 04.02.2012 (1)
  17. Windows Security Center Pc gesperrt, Hilfe????
    Log-Analyse und Auswertung - 03.02.2012 (1)

Zum Thema windows-security-screen! --> windows gesperrt - Hallo! Auch mich hat es erwischt und ich habe einen netten Screen mit einer angeblichen Windowssperre auf einem der Userkonten meines Notebooks. hier die OTL.txt Datei: Code: Alles auswählen Aufklappen - windows-security-screen! --> windows gesperrt...
Archiv
Du betrachtest: windows-security-screen! --> windows gesperrt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.