| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: "MyStart IncrediBar"Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
27.06.2012, 12:20
| #1 |
| |  "MyStart IncrediBar" Hallo, wie schon oben angedeutet habe ich ein Problem... Auf meinem LapTop ist der MyStart IncrediBar aufgetaucht und ich habe bis jetzt noch keine Lösung gefunden, wie ich dieses Problem lösen soll. Habe die OTL runtergeladen und hier die Ergebnisse OTL logfile created on: 27.06.2012 12:54:26 - Run 1 OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\petra\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,55 Gb Available Physical Memory | 63,70% Memory free 7,99 Gb Paging File | 6,14 Gb Available in Paging File | 76,86% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 451,07 Gb Total Space | 390,56 Gb Free Space | 86,58% Space Free | Partition Type: NTFS Computer Name: PETRA-PC | User Name: petra | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.06.27 12:48:43 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\petra\Downloads\OTL.exe PRC - [2012.06.21 07:49:32 | 001,535,176 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe PRC - [2012.06.12 17:59:32 | 001,104,440 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe PRC - [2012.06.12 17:59:10 | 000,935,480 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe PRC - [2012.06.06 09:16:00 | 000,185,856 | ---- | M] () -- C:\Programme\Web Assistant\ExtensionUpdaterService.exe PRC - [2012.05.03 11:31:31 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012.04.30 09:44:38 | 005,106,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe PRC - [2012.04.05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe PRC - [2012.02.14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe PRC - [2011.10.13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE PRC - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2011.09.06 19:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE PRC - [2011.08.18 17:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE PRC - [2011.08.18 17:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE PRC - [2011.08.01 19:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe PRC - [2010.07.04 20:13:56 | 000,095,576 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe PRC - [2010.05.20 23:59:30 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin PRC - [2010.05.20 23:59:28 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe PRC - [2010.02.09 20:34:00 | 001,807,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe PRC - [2010.01.15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe PRC - [2009.12.15 21:14:22 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe PRC - [2009.06.24 23:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe PRC - [2009.06.09 16:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Programme\Dell\DellDock\DockLogin.exe PRC - [2009.06.05 02:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2009.06.05 02:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe ========== Modules (No Company Name) ========== MOD - [2012.06.21 07:49:32 | 009,459,912 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll MOD - [2012.06.14 13:10:28 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\761fd1afc17f11bf6d49c3a7d16465ca\System.Web.Services.ni.dll MOD - [2012.06.14 13:09:59 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll MOD - [2012.06.14 13:09:37 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll MOD - [2012.06.14 13:09:26 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll MOD - [2012.06.14 13:09:09 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll MOD - [2012.06.12 17:59:32 | 001,104,440 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe MOD - [2012.06.12 17:59:10 | 000,132,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\SiteSafety.dll MOD - [2012.05.13 11:09:14 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll MOD - [2012.05.13 11:09:08 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll MOD - [2012.05.12 18:03:09 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll MOD - [2012.05.12 18:01:53 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll MOD - [2012.05.12 18:01:46 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll MOD - [2012.05.12 18:01:42 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll MOD - [2012.05.12 18:01:40 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll MOD - [2012.05.12 18:01:33 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll MOD - [2012.05.03 11:31:29 | 001,952,696 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2011.08.18 17:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE MOD - [2010.11.13 02:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2010.11.05 03:58:50 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll MOD - [2010.08.10 00:01:06 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2010.05.04 15:36:28 | 000,970,752 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll MOD - [2010.02.09 20:34:00 | 001,807,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe MOD - [2010.02.09 20:34:00 | 000,365,888 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\de\DataSafeOnline.resources.dll MOD - [2010.02.09 20:34:00 | 000,275,776 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll MOD - [2010.02.09 20:34:00 | 000,152,896 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll MOD - [2010.02.09 20:34:00 | 000,095,552 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll MOD - [2010.02.09 20:34:00 | 000,058,688 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll MOD - [2010.02.09 20:34:00 | 000,046,400 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\de\SdbUI.resources.dll MOD - [2010.02.09 20:34:00 | 000,017,728 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll MOD - [2009.12.15 21:14:22 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ========== Win32 Services (SafeList) ========== SRV:64bit: - [2010.02.25 20:03:00 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\stacsv64.exe -- (STacSV) SRV:64bit: - [2009.07.17 03:06:22 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc) SRV:64bit: - [2009.06.25 12:48:28 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2009.03.02 20:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe -- (AESTFilters) SRV - [2012.06.21 08:40:20 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.06.12 17:59:10 | 000,935,480 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe -- (vToolbarUpdater11.1.0) SRV - [2012.06.06 09:16:00 | 000,185,856 | ---- | M] () [Auto | Running] -- C:\Programme\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater) SRV - [2012.05.03 11:31:32 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.04.30 09:44:38 | 005,106,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent) SRV - [2012.02.14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd) SRV - [2011.10.21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011.10.13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate) SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011.08.18 17:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService) SRV - [2010.10.22 13:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.02.25 20:03:00 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\STacSV64.exe -- (STacSV) SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2009.07.28 17:10:48 | 000,088,888 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE -- (IGDCTRL) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.06.09 16:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Programme\Dell\DellDock\DockLogin.exe -- (DockLoginService) SRV - [2009.06.06 02:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService) SRV - [2009.06.05 02:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R) SRV - [2009.03.02 20:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe -- (AESTFilters) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.04.19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA) DRV:64bit: - [2012.03.19 05:17:26 | 000,383,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.02.22 05:25:32 | 000,289,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64) DRV:64bit: - [2012.01.31 04:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64) DRV:64bit: - [2011.12.23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64) DRV:64bit: - [2011.12.23 13:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter) DRV:64bit: - [2011.12.23 13:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver) DRV:64bit: - [2011.11.24 23:23:32 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) DRV:64bit: - [2011.11.24 23:23:28 | 000,098,616 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) DRV:64bit: - [2011.10.01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2011.10.01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2011.10.01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2011.10.01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2011.05.10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.06.14 10:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk) DRV:64bit: - [2010.05.12 12:14:54 | 000,159,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm) DRV:64bit: - [2010.05.12 12:14:54 | 000,126,952 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM) DRV:64bit: - [2010.05.12 12:14:52 | 000,125,416 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM) DRV:64bit: - [2010.05.12 12:14:52 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb) DRV:64bit: - [2010.05.12 12:14:52 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter) DRV:64bit: - [2010.04.27 04:25:16 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm) DRV:64bit: - [2010.04.27 04:25:16 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM) DRV:64bit: - [2010.04.27 04:25:16 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) DRV:64bit: - [2010.02.25 20:03:00 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA) DRV:64bit: - [2009.07.17 03:06:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY) DRV:64bit: - [2009.07.17 03:06:16 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:64bit: - [2009.07.09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2009.06.25 13:26:10 | 000,273,456 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009.06.25 13:24:30 | 006,036,480 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2009.06.15 20:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.06.04 12:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009.05.20 05:10:00 | 000,393,728 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009.05.08 10:15:18 | 000,215,552 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2006.11.01 13:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV - [2012.04.10 21:04:32 | 000,025,072 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Programme\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0) DRV - [2010.06.14 10:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6C5A0DE2-7270-4DE8-BB24-9D7105C60892} IE:64bit: - HKLM\..\SearchScopes\{6C5A0DE2-7270-4DE8-BB24-9D7105C60892}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {a51a36e6-31e7-4838-9ff7-76298b527ec0} - C:\Program Files (x86)\softonic-Germany\tbsoft.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKLM\..\SearchScopes\{9ECEAF35-78E2-4FF8-AFB9-7C9F1DD069B2}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2843456 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/USCON/8 IE - HKCU\..\URLSearchHook: {0e3dbc69-a682-48da-84e1-82c63a5d678e} - No CLSID value found IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {a51a36e6-31e7-4838-9ff7-76298b527ec0} - C:\Program Files (x86)\softonic-Germany\tbsoft.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233} IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&AF=110004&babsrc=SP_ss&mntrId=7e95789700000000000078e4008e89c5 IE - HKCU\..\SearchScopes\{4443A312-6D48-4124-B58E-AE2E60D42909}: "URL" = hxxp://www.google.de/search?q={searchTerms} IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={1911187D-7802-4A71-9F0E-A5D96F282657}&mid=097c801aaa5447d08dcd75f39d326929-ecc26f00bf9ec8f3cd6384436219504c8d9617f0&lang=de&ds=AVG&pr=fr&d=2012-04-29 18:04:51&v=11.0.0.9&sap=dsp&q={searchTerms} IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb155/?search={searchTerms}&loc=IB_DS&a=6R8xbKxZ0m&i=26 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "MyStart Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "about:home" FF - prefs.js..keyword.URL: "hxxp://isearch.avg.com/search?cid=%7Bae77709c-4fa0-4a4f-815e-ffd0e1446e85%7D&mid=097c801aaa5447d08dcd75f39d326929-ecc26f00bf9ec8f3cd6384436219504c8d9617f0&ds=AVG&v=11.1.0.7&lang=de&pr=fr&d=2012-04-29%2018%3A04%3A51&sap=ku&q=" FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF - prefs.js..network.proxy.type: 0 FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\petra\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2012.06.26 19:10:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.04.15 16:26:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012.06.12 12:40:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.7\ [2012.06.12 17:59:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012.04.29 18:03:11 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012.06.26 19:10:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.05.03 11:31:32 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.06.24 12:34:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.04.15 16:26:49 | 000,000,000 | ---D | M] [2011.04.13 09:16:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\petra\AppData\Roaming\mozilla\Extensions [2012.06.26 19:10:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\petra\AppData\Roaming\mozilla\Firefox\Profiles\hrpv5rd4.default\extensions [2011.08.01 14:33:09 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\petra\AppData\Roaming\mozilla\Firefox\Profiles\hrpv5rd4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.03.03 16:52:22 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Users\petra\AppData\Roaming\mozilla\Firefox\Profiles\hrpv5rd4.default\extensions\2020Player_IKEA@2020Technologies.com [2012.06.26 19:10:10 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Users\petra\AppData\Roaming\mozilla\Firefox\Profiles\hrpv5rd4.default\extensions\ffxtlbr@incredibar.com [2012.06.26 19:09:57 | 000,002,203 | ---- | M] () -- C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\hrpv5rd4.default\searchplugins\MyStart Search.xml [2012.05.03 11:31:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.04.29 18:03:11 | 000,000,000 | ---D | M] (AVG Do Not Track) -- C:\PROGRAM FILES (X86)\AVG\AVG2012\FIREFOX\DONOTTRACK [2012.06.12 12:40:22 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES (X86)\AVG\AVG2012\FIREFOX4 [2012.06.26 19:10:03 | 000,000,000 | ---D | M] (Web Assistant) -- C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2012.06.12 17:59:34 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\11.1.0.7 [2012.05.03 11:31:31 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.04.14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll [2012.01.03 20:54:27 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.06.12 17:59:32 | 000,003,766 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml [2012.03.13 13:58:30 | 000,002,310 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml [2012.01.03 20:54:27 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.01.03 20:54:27 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.01.03 20:54:27 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.01.03 20:54:27 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.01.03 20:54:27 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.) O2:64bit: - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension64.dll () O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension32.dll () O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll File not found O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll () O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly Technologies Ltd) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll () O3 - HKLM\..\Toolbar: (softonic-Germany Toolbar) - {a51a36e6-31e7-4838-9ff7-76298b527ec0} - C:\Program Files (x86)\softonic-Germany\tbsoft.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll File not found O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0E3DBC69-A682-48DA-84E1-82C63A5D678E} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (softonic-Germany Toolbar) - {A51A36E6-31E7-4838-9FF7-76298B527EC0} - C:\Program Files (x86)\softonic-Germany\tbsoft.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Programme\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.) O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [QuickSet] C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.) O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe () O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd) O4 - HKLM..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter File not found O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe () O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe () O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKCU..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts) O4 - HKCU..\Run: [Facebook Update] C:\Users\petra\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell) O4 - Startup: C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found O4 - Startup: C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\petra\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\petra\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Free YouTube Download - C:\Users\petra\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\petra\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.) O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.) O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A91FF006-E3E9-4187-B913-B907919DB51B}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.) O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll () O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.06.27 08:42:14 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.06.27 08:42:13 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.06.26 19:10:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\v-Grabber [2012.06.26 19:10:03 | 000,000,000 | ---D | C] -- C:\Program Files\Web Assistant [2012.06.21 07:53:04 | 000,000,000 | ---D | C] -- C:\Users\petra\AppData\Local\Macromedia [2012.06.12 12:40:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [1 C:\Users\petra\Desktop\*.tmp files -> C:\Users\petra\Desktop\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.06.27 12:47:53 | 000,000,000 | ---- | M] () -- C:\Users\petra\defogger_reenable [2012.06.27 12:41:42 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.06.27 12:41:42 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.06.27 12:40:02 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.06.27 12:36:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.06.27 12:33:12 | 3218,358,272 | -HS- | M] () -- C:\hiberfil.sys [2012.06.27 10:37:22 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3798010367-166737839-1888609618-1000UA.job [2012.06.27 08:57:56 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job [2012.06.27 08:42:16 | 000,000,916 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.06.27 08:37:01 | 100,743,023 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm [2012.06.27 08:08:32 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3798010367-166737839-1888609618-1000Core.job [2012.06.26 19:10:11 | 000,000,684 | ---- | M] () -- C:\user.js [2012.06.26 17:07:13 | 000,417,778 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm [2012.06.21 07:47:35 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job [2012.06.21 07:47:35 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job [2012.06.14 12:33:52 | 000,290,040 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.06.13 22:43:55 | 001,522,310 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.06.13 22:43:55 | 000,654,844 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.06.13 22:43:55 | 000,616,686 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.06.13 22:43:55 | 000,130,426 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.06.13 22:43:55 | 000,106,808 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.06.12 12:40:22 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk [1 C:\Users\petra\Desktop\*.tmp files -> C:\Users\petra\Desktop\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.06.27 12:47:53 | 000,000,000 | ---- | C] () -- C:\Users\petra\defogger_reenable [2012.06.27 08:42:16 | 000,000,916 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.06.21 07:49:40 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.06.20 22:00:32 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job [2012.04.01 13:39:01 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2012.04.01 13:39:01 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2012.01.11 20:29:23 | 000,002,528 | ---- | C] () -- C:\Users\petra\AppData\Roaming\$_hpcst$.hpc [2011.04.15 16:41:14 | 000,000,418 | ---- | C] () -- C:\Windows\hpwmdl28.dat.temp [2011.04.15 16:18:26 | 000,241,469 | ---- | C] () -- C:\Windows\hpwins28.dat [2011.03.03 14:36:59 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI ========== LOP Check ========== [2012.06.26 19:11:32 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\.minecraft [2012.03.22 20:36:25 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\AVG2012 [2012.03.13 13:58:27 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Babylon [2011.08.05 17:53:07 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\DVDVideoSoft [2011.08.01 14:33:08 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\DVDVideoSoftIEHelpers [2011.01.07 22:54:21 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\FRITZ! [2010.06.30 18:00:24 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\OpenOffice.org [2011.09.21 07:47:19 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Origin [2011.05.16 11:29:23 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\PCDr [2012.01.11 20:47:58 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Samsung [2011.07.02 16:32:37 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Simfy [2012.06.16 12:41:10 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\SoftGrid Client [2011.10.14 17:27:21 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\SPORE [2011.10.15 19:32:34 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\Thunderbird [2011.03.03 14:38:06 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\TP [2010.06.30 14:29:43 | 000,000,000 | ---D | M] -- C:\Users\petra\AppData\Roaming\WildTangent [2012.06.27 08:08:32 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3798010367-166737839-1888609618-1000Core.job [2012.06.27 10:37:22 | 000,000,928 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3798010367-166737839-1888609618-1000UA.job [2012.06.21 07:47:35 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job [2012.06.21 07:47:35 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job [2012.04.10 12:35:03 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012.06.27 08:57:56 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job ========== Purity Check ========== < End of report > und OTL Extras logfile created on: 27.06.2012 12:54:26 - Run 1 OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\petra\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,55 Gb Available Physical Memory | 63,70% Memory free 7,99 Gb Paging File | 6,14 Gb Available in Paging File | 76,86% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 451,07 Gb Total Space | 390,56 Gb Free Space | 86,58% Space Free | Partition Type: NTFS Computer Name: PETRA-PC | User Name: petra | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0C69139A-CC8B-4B3C-9B17-6D37AAF3D5C5}" = rport=139 | protocol=6 | dir=out | app=system | "{0D90AE01-AEE9-4A26-9554-BEE7792D395C}" = rport=10243 | protocol=6 | dir=out | app=system | "{1B70AF23-596E-46BF-8A9B-6CE39E097D74}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{1D89F2C3-79FF-4CEF-87ED-6D50DFCEC94E}" = lport=445 | protocol=6 | dir=in | app=system | "{260D064F-42F6-4E95-8E6A-D6ECAE7EB7CB}" = rport=137 | protocol=17 | dir=out | app=system | "{3395C50D-1701-4596-8DF4-64F30904A52C}" = lport=2869 | protocol=6 | dir=in | app=system | "{367FA151-E548-4178-9D04-467B90455944}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{400DE3B5-35E8-4A73-AB99-E6F540C1BA37}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{45AD54BD-9DBC-4472-8F74-1F3E3727FE96}" = rport=138 | protocol=17 | dir=out | app=system | "{4B97FF1F-EAF5-424B-A2F6-E12CC2FBE991}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{500FCD22-BC85-4A32-9A2F-A1F08B834D71}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{66CE16CD-6465-42BD-8C5C-0F1E1B7F2591}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{7646A1F8-D29D-4BDC-AC6F-D5951EDDCC06}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{779E3A3D-9E8A-4603-A7E9-B5072E3F7CBA}" = lport=5031 | protocol=17 | dir=in | name=avm tapi services for fritz!box - udp 5031 | "{84E163D7-3644-4952-8D54-09A618996BE3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{85E10BAD-0996-4432-B7BE-3ACC8DF42A49}" = lport=137 | protocol=17 | dir=in | app=system | "{8BBD3E5B-11BC-4756-BC0A-792A762DA995}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{AA0F537B-5FD5-4FA1-97F7-7A83D0FE5B43}" = rport=445 | protocol=6 | dir=out | app=system | "{AD1005DC-9CB6-46A3-AB5F-842DB7789199}" = lport=10243 | protocol=6 | dir=in | app=system | "{C40FD2DC-A38E-42B7-B33C-58D7E6EC86C9}" = lport=139 | protocol=6 | dir=in | app=system | "{CF425980-F4BE-4D41-A43C-AACAA8F0001B}" = lport=138 | protocol=17 | dir=in | app=system | "{D076DF74-B179-4170-8868-2A41D5D4D991}" = lport=2869 | protocol=6 | dir=in | app=system | "{DC871FE4-82FC-4F60-9BD0-A4325B867E17}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{EDEAE9A4-DB53-415C-B62B-8AD74B810ACE}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | "{F49C2338-B6C9-4CCE-BC5F-9F6B266FB24A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00BB576E-1235-4FC1-AB21-E5572ACDA5A3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | "{03507129-F1E2-4202-897E-D41209B68AE7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{051DB70A-11C9-4A73-8B59-795EA731D095}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe | "{0BC40D89-9D9F-4C00-8E78-F28E7EB660E4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | "{1721AA9E-D1B8-461A-8DD5-19900CD5D19D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{182AEF94-48B5-451F-823D-065492ECBF20}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | "{18E197AC-0D9B-4CDA-8066-2EA96A692EC3}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{191C08C4-AE53-4E8B-B530-55C63AA43948}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{1B66EE76-CD7B-4942-A0D0-8C55542EDC87}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{1E24F563-E9C8-4F5E-9A85-49AD14EB8DAE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | "{2355EC5C-DDA3-4560-96D1-987E985D49FD}" = protocol=6 | dir=in | app=c:\program files\fritz!dsl\webwaigd.exe | "{23F0311C-64D6-45D8-AE2D-D1F84DFBE6E3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{263360C2-EFB9-4C92-A72F-4593B8D48002}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{26BCA078-51BE-4AB3-8BCE-679E1E62B7D0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{2BE244E2-43A8-47AC-8386-B3B4EF028530}" = protocol=6 | dir=in | app=c:\program files\fritz!dsl\igdctrl.exe | "{2ED44E11-F5C5-4A5F-BB00-E6E2D6D80C0E}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{32BD55E9-4815-4E73-B6F3-280D0A1D3E6A}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | "{3960F89E-BB9C-42BC-8A20-55FC38A6C62C}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe | "{3BEBA7BA-47EE-4A47-9057-02A1A1EAA3BB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{40271632-8122-485B-B265-9187D27C0457}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{412586C0-26F6-4522-9E3B-16F02BCF162A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | "{435DA1C1-C34E-4DAC-BFBC-2E4CBDF36795}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{4F7B3810-4202-40C8-8447-20874B09450E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe | "{534DB06E-B3EA-49B5-A0AA-382782F13DB0}" = protocol=6 | dir=out | app=system | "{582BD32C-8125-4B0B-8E21-DB1DEB69E3EF}" = protocol=17 | dir=in | app=c:\program files\fritz!dsl\fboxupd.exe | "{585D123B-96FC-4789-A9C4-695830C63A04}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | "{621E029E-72EB-4F5F-A13C-318C20932705}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{627074B3-54B3-49C9-9BB7-CDC6DE1A77B4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{6515A9ED-AF27-4103-BDDA-747871342187}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | "{6D479A89-45F8-4BE6-B544-BE7377E389DD}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{707FA9CA-EFAA-431D-A9BA-7607378F43C8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | "{771F87A3-E6F4-4523-9BC9-1C54335FFFBD}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | "{77ECE3C4-AD81-4490-9DB4-4FE5FFBF3760}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{7B13765C-6327-481C-9799-810DA399084D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{7C130B27-2EDC-4815-94DC-20DB867E4C97}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{7DD2803E-FC00-4842-8F51-36C7B557EE2F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{806774FE-E73C-4850-93BC-DB6A3BA31FFD}" = protocol=17 | dir=in | app=c:\program files (x86)\fritz!\igd_finder.exe | "{81BDE8F8-52FE-4830-AE55-99B40FF1AE59}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{84DAF2F6-7549-48E2-AF6E-8365EA2EBB5E}" = dir=in | app=c:\users\petra\appdata\local\facebook\video\skype\facebookvideocalling.exe | "{8B4E255E-5681-4D35-B44B-53ADD6CAD820}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | "{9AD5145C-D87E-4283-885E-7B3DA4A816FF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe | "{9B3447D4-9D51-494D-B768-CCC0AA6D1E56}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | "{9CAAC77E-B10E-4D96-9D48-AFA2E1926E60}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{A17097D7-209D-4705-9382-D1E714FE0839}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | "{ABCF9C41-FC5C-4F33-9A4D-D9FA345175FD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | "{AC83A13C-B204-40A3-9D68-365463EB0BD7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | "{AE0D765A-C950-4C29-9689-1D7764AB5B94}" = protocol=6 | dir=in | app=c:\program files (x86)\fritz!\igd_finder.exe | "{B02A83B3-EA73-4AB2-BC2D-F42BBEBDA674}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | "{B9ADD64D-7D3A-4B90-8BD0-24BAAF7837C0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{BA4EF9A9-E2AC-42A1-ADD0-262C22BA2EA9}" = dir=in | app=d:\setup\hpznui40.exe | "{C12F29B6-6F46-4810-B490-35084999F387}" = protocol=17 | dir=in | app=c:\program files\fritz!dsl\webwaigd.exe | "{C16EFA4E-DA08-44FA-9F95-6A197FAB0189}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{C59298D3-A078-4A40-A78A-B3650D9547BF}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe | "{C7010334-DBFC-4BB1-AF67-C6E00D567DEE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | "{C7653EDA-2A8A-49DA-A8E9-F0F891387861}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe | "{C76A3E98-58B8-4178-BB18-9D4B0E727344}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | "{C8B5BBB1-E0A3-46EB-90FF-2742C1C1D782}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | "{D847F517-E2B1-4976-82CB-336298B1B0AF}" = protocol=6 | dir=in | app=c:\program files\fritz!dsl\fboxupd.exe | "{DCAFDCEC-CAAA-4B95-AAC8-E5ED5800E8BA}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{DE94D103-3492-4675-B0D9-9EC787C40807}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe | "{E1FDBE2B-09A4-47FA-B8B7-B3E922962259}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | "{E46FA436-D243-4DDD-91EE-6FDC1C6922CE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{E562B8D5-D425-4916-9E1C-3500F42C0DD7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe | "{EDE59941-6284-4395-89FC-7BD770463E0D}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe | "{FDC7ADA7-A787-4A3F-BD35-E17571BEA7EC}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | "{FE918E69-54B9-424B-AF63-FA06B06D5D3F}" = protocol=17 | dir=in | app=c:\program files\fritz!dsl\igdctrl.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java(TM) 6 Update 20 (64-bit) "{28D73032-5DAA-4F83-B154-85105DBCCB92}" = iTunes "{2D5D9603-22CF-4B99-83F6-0CD20330F62E}" = FRITZ!DSL64 "{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.458 "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 "{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}" = MobileMe Control Panel "{3C8159DD-1890-4625-A5B2-E3D8D78D4486}" = AVG 2012 "{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support "{49A4F76E-4285-4AEE-9D5D-9CCE5E86AA8F}" = AVG 2012 "{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64 "{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64) "{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}" = HP Officejet 4500 G510n-z "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 "{8505C641-422E-4E3C-B6B0-0F070E289FDD}" = TAPI Services for FRITZ!Box "{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer "{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A4DDB2AB-ECCD-4C3A-8633-77D5A1A0E542}" = Network64 "{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D285FC5F-3021-32E9-9C59-24CA325BDC5C}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 "{E461C0B2-523B-2940-C5DF-D174284CE609}" = ccc-utility64 "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit "AVG" = AVG 2012 "Dell Support Center" = Dell Support Center "Dell Wireless WLAN Card Utility" = Dell Wireless WLAN Card Utility "HP Document Manager" = HP Document Manager 2.0 "HP Imaging Device Functions" = HP Imaging Device Functions 13.0 "HP Smart Web Printing" = HP Smart Web Printing 4.5 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0 "HPExtendedCapabilities" = HP Customer Participation Program 13.0 "HPOCR" = OCR Software by I.R.I.S. 13.0 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Shop for HP Supplies" = Shop for HP Supplies "SynTPDeinstKey" = Dell Touchpad [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{03CFDC67-5B03-EE5C-4176-F545B0D2F485}" = CCC Help Korean "{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center "{0A2AC888-61DC-CD55-5969-8602A7E9716D}" = CCC Help Italian "{0CF884B6-C6D8-EB7B-D2BF-2877C6F49EBC}" = CCC Help Swedish "{0D3CECCA-A589-ECCA-EC0B-2F98F2789F60}" = simfy "{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup "{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan "{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch "{185CC275-907C-0D83-B0C2-7B065C5108D8}" = CCC Help Chinese Traditional "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie "{2ED967AD-FBB0-5355-F5F2-E7A03AAD4F71}" = Catalyst Control Center Localization All "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm "{30FA0F5C-B1A9-39EB-8148-3D574C0C8332}" = Catalyst Control Center Graphics Previews Common "{35852FDE-7263-23EA-435F-44E4B61996D0}" = CCC Help Japanese "{3A07247E-0645-8BCF-8419-FD857790108D}" = Skins "{3A4D5E2D-988D-4ee9-8E7F-3AC200A2B8F5}" = 4500G510nz_Software_Min "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker "{40F4FF7A-B214-4453-B973-080B09CED019}" = LoJack Factory Installer "{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg "{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax "{445F6C1F-C48F-0CC9-A030-040D3EA42C93}" = Catalyst Control Center Graphics Full New "{46E08E5F-02B4-E854-CD4F-ED3E4FEBE122}" = CCC Help French "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter "{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module "{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{5A841BCF-1C5B-E3DA-9475-892CA6576425}" = CCC Help Finnish "{5B05FF91-F20C-4832-A8DE-E1912639C17C}" = 4500G510nz "{5B8741B6-4BEA-47D3-DB77-959C7FF35B39}" = Catalyst Control Center Graphics Full Existing "{5FA16D15-FA5B-7F0F-7CBB-369E1E2937C9}" = CCC Help Spanish "{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call "{61F27C5E-5274-0DB8-67CC-5253C6CF2B93}" = CCC Help Dutch "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2 "{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module "{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator "{6625CE8F-6E89-561F-D828-1B8535DEEBB6}" = Catalyst Control Center Core Implementation "{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting "{690879A5-18EF-447B-98D6-B699D51008AB}" = 4500_G510nz_Help "{69533745-1E2D-4C98-8B4A-B7643EF9E1A2}" = Catalyst Control Center - Branding "{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox "{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari "{6D2CCC4B-007D-EEE7-3E69-578B178A7B91}" = Catalyst Control Center Graphics Previews Vista "{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{71E3D92F-2C51-B4E9-F2B6-EAF89C33E580}" = CCC Help Portuguese "{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77F218D6-EAF4-402C-36B1-C3F0EC62598D}" = ccc-core-static "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159 "{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide "{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{86C527CC-4AF2-903C-7BFF-5975272CC645}" = Catalyst Control Center InstallProxy "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2 "{8DDFDDE9-C206-F32E-66AD-D17558D7677E}" = CCC Help German "{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch "{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars "{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™ "{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175 "{A2A4AC67-DC60-A92B-DD50-65BEE8FA8D71}" = CCC Help Russian "{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn "{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software "{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1.2 - Deutsch "{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status "{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn "{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support "{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar "{B9C5005C-56CA-38E4-A093-79F22ECA0427}" = CCC Help Norwegian "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant "{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp "{DC93F14E-D2C9-D6D1-31B6-D31AC2AD3BB0}" = Catalyst Control Center Graphics Light "{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E6E0F53B-B7B8-E052-5C32-76C885536A3E}" = CCC Help Danish "{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "{F7FE3C6E-ECB8-0853-584F-BE19BA05B1B8}" = CCC Help Chinese Standard "{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials "{FCC49808-C684-FEFA-3C02-46A04A7C9EBD}" = CCC Help English "{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Advanced Audio FX Engine" = Advanced Audio FX Engine "conduitEngine" = Conduit Engine "DealPly" = DealPly "Dell Dock" = Dell Dock "Dell Webcam Central" = Dell Webcam Central "DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7 "Free Studio_is1" = Free Studio version 5.1.5 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.31 "incredibar" = Incredibar Toolbar on IE and Chrome "InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400 "McAfee Security Scan" = McAfee Security Scan Plus "Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de) "Mozilla Thunderbird 13.0.1 (x86 de)" = Mozilla Thunderbird 13.0.1 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "Office14.Click2Run" = Microsoft Office Klick-und-Los 2010 "Origin" = Origin "phase-6" = phase-6 2.1.2d "Simfy" = simfy "softonic-Germany Toolbar" = softonic-Germany Toolbar "Uninstall_is1" = Uninstall 1.0.0.1 "WildTangent dell Master Uninstall" = WildTangent-Spiele "Winamp" = Winamp "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR 4.11 (32-Bit) "Xvid_is1" = Xvid MPEG-4 Video Codec "Yahoo! Companion" = Yahoo! Toolbar ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Winamp Detect" = Winamp Erkennungs-Plug-in ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 24.09.2011 12:42:21 | Computer Name = petra-PC | Source = PC-Doctor | ID = 1 Description = (3932) Asapi: (18:42:21:4520)(3932) DEFECT.LOCALIZATION - Error -- Missing String: 9f8591c3-5048-42f7-9553-387b30449f54-0b26b1b3-6704-4eda-91d4-4dd27d06dbc3 : short-descr1 locale: PCDLocale: language = de, customer = dell, variant = dsc Error - 24.09.2011 12:42:21 | Computer Name = petra-PC | Source = PC-Doctor | ID = 1 Description = (3932) Asapi: (18:42:21:7870)(3932) DEFECT.LOCALIZATION - Error -- Missing String: 5dc4b59a-1f5d-427b-9110-b820c717226b-ea99f498-b3c1-4a2b-9d4b-6d47b924982d : short-descr1 locale: PCDLocale: language = de, customer = dell, variant = dsc Error - 24.09.2011 12:42:22 | Computer Name = petra-PC | Source = PC-Doctor | ID = 1 Description = (3932) Asapi: (18:42:22:0670)(3932) DEFECT.LOCALIZATION - Error -- Missing String: 8a6735b1-c078-4648-9416-b6bb29ec3dc1-73fdd448-4cd1-4d2f-86e3-82118f142adf : short-descr1 locale: PCDLocale: language = de, customer = dell, variant = dsc Error - 24.09.2011 12:42:22 | Computer Name = petra-PC | Source = PC-Doctor | ID = 1 Description = (3932) Asapi: (18:42:22:3010)(3932) DEFECT.LOCALIZATION - Error -- Missing String: 07439fd5-7039-4014-b635-5bf088a1465b-a714733b-603b-4dbe-8f4f-78a8e338fb7b : short-descr1 locale: PCDLocale: language = de, customer = dell, variant = dsc Error - 25.09.2011 05:40:42 | Computer Name = petra-PC | Source = CVHSVC | ID = 100 Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt. Error - 25.09.2011 06:11:36 | Computer Name = petra-PC | Source = CVHSVC | ID = 100 Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt. Error - 25.09.2011 10:14:07 | Computer Name = petra-PC | Source = PC-Doctor | ID = 1 Description = (3908) Asapi: (16:14:07:4960)(3908) DEFECT.LOCALIZATION - Error -- Missing String: 8a6735b1-c078-4648-9416-b6bb29ec3dc1-73fdd448-4cd1-4d2f-86e3-82118f142adf : short-descr1 locale: PCDLocale: language = de, customer = dell, variant = dsc Error - 25.09.2011 10:14:09 | Computer Name = petra-PC | Source = PC-Doctor | ID = 1 Description = (3908) Asapi: (16:14:09:0160)(3908) DEFECT.LOCALIZATION - Error -- Missing String: 9f8591c3-5048-42f7-9553-387b30449f54-0b26b1b3-6704-4eda-91d4-4dd27d06dbc3 : short-descr1 locale: PCDLocale: language = de, customer = dell, variant = dsc Error - 25.09.2011 10:14:10 | Computer Name = petra-PC | Source = PC-Doctor | ID = 1 Description = (3908) Asapi: (16:14:10:7930)(3908) DEFECT.LOCALIZATION - Error -- Missing String: 07439fd5-7039-4014-b635-5bf088a1465b-a714733b-603b-4dbe-8f4f-78a8e338fb7b : short-descr1 locale: PCDLocale: language = de, customer = dell, variant = dsc Error - 25.09.2011 10:14:11 | Computer Name = petra-PC | Source = PC-Doctor | ID = 1 Description = (3908) Asapi: (16:14:11:2790)(3908) DEFECT.LOCALIZATION - Error -- Missing String: 5dc4b59a-1f5d-427b-9110-b820c717226b-ea99f498-b3c1-4a2b-9d4b-6d47b924982d : short-descr1 locale: PCDLocale: language = de, customer = dell, variant = dsc [ Dell Events ] Error - 28.05.2011 02:54:35 | Computer Name = petra-PC | Source = DataSafe | ID = 17 Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte. Error - 13.08.2011 02:00:07 | Computer Name = petra-PC | Source = DataSafe | ID = 17 Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte. Error - 13.08.2011 02:00:07 | Computer Name = petra-PC | Source = DataSafe | ID = 17 Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte. Error - 26.08.2011 07:15:40 | Computer Name = petra-PC | Source = DataSafe | ID = 17 Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte. Error - 26.08.2011 07:15:40 | Computer Name = petra-PC | Source = DataSafe | ID = 17 Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte. Error - 28.08.2011 05:51:11 | Computer Name = petra-PC | Source = DataSafe | ID = 17 Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte. Error - 28.08.2011 05:51:11 | Computer Name = petra-PC | Source = DataSafe | ID = 17 Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte. Error - 09.09.2011 08:06:38 | Computer Name = petra-PC | Source = DataSafe | ID = 17 Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte. Error - 09.09.2011 08:06:38 | Computer Name = petra-PC | Source = DataSafe | ID = 17 Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte. Error - 10.09.2011 05:24:53 | Computer Name = petra-PC | Source = DataSafe | ID = 17 Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte. [ System Events ] Error - 25.06.2012 01:49:31 | Computer Name = petra-PC | Source = DCOM | ID = 10016 Description = Error - 25.06.2012 01:53:41 | Computer Name = petra-PC | Source = Service Control Manager | ID = 7011 Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SftService erreicht. Error - 25.06.2012 08:27:44 | Computer Name = petra-PC | Source = Schannel | ID = 36888 Description = Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107. Error - 25.06.2012 08:28:00 | Computer Name = petra-PC | Source = Schannel | ID = 36888 Description = Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107. Error - 25.06.2012 08:29:02 | Computer Name = petra-PC | Source = Schannel | ID = 36888 Description = Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107. Error - 26.06.2012 07:04:47 | Computer Name = petra-PC | Source = DCOM | ID = 10016 Description = Error - 27.06.2012 02:58:59 | Computer Name = petra-PC | Source = Service Control Manager | ID = 7011 Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SftService erreicht. Error - 27.06.2012 02:59:22 | Computer Name = petra-PC | Source = DCOM | ID = 10016 Description = Error - 27.06.2012 04:36:13 | Computer Name = petra-PC | Source = DCOM | ID = 10010 Description = Error - 27.06.2012 06:34:36 | Computer Name = petra-PC | Source = DCOM | ID = 10016 Description = < End of report > Auch habe ich schon einen Scan mit Malwarebytes Anti Malware durchgeführt und hier die Ergebnisse Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.06.27.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 petra :: PETRA-PC [Administrator] 27.06.2012 10:45:04 mbam-log-2012-06-27 (10-45-04).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 416510 Laufzeit: 1 Stunde(n), 13 Minute(n), 1 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 4 HKCR\Interface\{77777777-7777-7777-7777-770077227758} (Adware.GamePlayLab) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (Adware.GamePlayLab) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FoxTab Media Player (Adware.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video Downloader (PUP.BundleInstaller.VG) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 2 C:\Program Files (x86)\FoxTabFLVPlayer\Uninstall\Uninstall.exe (Adware.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\v-Grabber\Uninstall.exe (PUP.BundleInstaller.VG) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Bitte helft mir weiter, denn das Problem ist immer noch da und es nervt. Danke Petra |
Baum-Darstellung