| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Laptop scrollt unkontrolliert hin und herWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
19.12.2012, 00:15
| #1 |
| |  Laptop scrollt unkontrolliert hin und her Hallo, mein Laptop scrollt seit heute gelegentlich unkontrolliert nach oben und unten. Ich bin ein absoluter Computerlaie und bitte um einfache Beschreibungen zur Problemlösung. Hier die Auswertungen der Scans: OTL: OTL logfile created on: 18.12.2012 23:59:04 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Anna\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,86 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 56,06% Memory free 7,71 Gb Paging File | 5,89 Gb Available in Paging File | 76,45% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 450,16 Gb Total Space | 313,02 Gb Free Space | 69,54% Space Free | Partition Type: NTFS Drive E: | 1,88 Gb Total Space | 1,60 Gb Free Space | 85,06% Space Free | Partition Type: FAT Drive F: | 3,71 Gb Total Space | 3,38 Gb Free Space | 91,07% Space Free | Partition Type: FAT32 Computer Name: ANNA-PC | User Name: Anna | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.12.18 23:50:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Anna\Desktop\OTL.exe PRC - [2012.12.18 23:49:56 | 000,050,477 | ---- | M] () -- C:\Users\Anna\Desktop\Defogger.exe PRC - [2012.12.04 15:38:05 | 000,565,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE PRC - [2012.12.04 15:36:48 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.12.04 12:13:51 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2012.12.04 12:04:24 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2012.10.29 17:33:28 | 001,573,584 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe PRC - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.09.05 16:57:26 | 000,271,808 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe PRC - [2011.08.04 17:08:56 | 000,593,032 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE PRC - [2011.08.04 17:06:12 | 001,612,920 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE PRC - [2011.04.17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe PRC - [2011.02.07 08:56:11 | 000,138,192 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE PRC - [2010.12.22 21:25:02 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010.12.22 21:24:58 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010.12.12 14:58:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2010.12.09 06:27:50 | 001,025,616 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2010.12.09 06:27:50 | 000,311,376 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe PRC - [2010.12.09 06:27:50 | 000,287,824 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe PRC - [2010.11.12 02:21:52 | 000,257,344 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe PRC - [2010.11.12 02:21:46 | 000,295,232 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe PRC - [2010.10.28 18:55:02 | 000,969,824 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe PRC - [2010.09.14 03:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2010.09.14 03:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2010.04.27 03:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe PRC - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe ========== Modules (No Company Name) ========== MOD - [2012.12.18 23:49:56 | 000,050,477 | ---- | M] () -- C:\Users\Anna\Desktop\Defogger.exe MOD - [2012.12.07 11:57:24 | 011,824,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\398df77267992efc77df5ef5176a89c6\System.Web.ni.dll MOD - [2012.12.07 11:57:19 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1430191d067c0f28c3a676d3ecb85b26\System.Runtime.Remoting.ni.dll MOD - [2012.12.07 11:57:18 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6a68e4c50351a220511a5dfc3e025685\WindowsBase.ni.dll MOD - [2012.12.07 11:57:18 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\3bd31aaa7f3af438f4a46f2548fef115\IAStorCommon.ni.dll MOD - [2012.12.07 11:57:16 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\c5ad9f29f560bb09eafc09645159da38\IAStorUtil.ni.dll MOD - [2012.12.07 11:57:14 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\515c6ffea562bb0f03a1ed8f75279648\System.Windows.Forms.ni.dll MOD - [2012.12.07 11:57:09 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f4be07261983040b29685575b69085e8\System.Drawing.ni.dll MOD - [2012.12.07 11:57:04 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2d47118e5da6db054d5676e665f2be2\System.Xml.ni.dll MOD - [2012.12.07 11:57:01 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2f44dac350b6161a9e9ce7222ae94335\System.Configuration.ni.dll MOD - [2012.12.07 11:57:00 | 007,973,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c8ebcd93a2b547dc72dee2fcfabcdd50\System.ni.dll MOD - [2012.12.07 11:56:56 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5530227809880c9b8b1d834e5434e840\mscorlib.ni.dll MOD - [2012.12.01 04:22:25 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2012.12.01 04:22:22 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll MOD - [2012.11.28 14:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2012.11.28 14:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2010.11.12 02:22:22 | 000,465,640 | ---- | M] () -- C:\Program Files (x86)\NTI\Packard Bell MyBackup\sqlite3.dll ========== Services (SafeList) ========== SRV - [2012.12.12 14:45:54 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.12.04 15:38:05 | 000,565,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService) SRV - [2012.12.04 12:13:51 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.12.04 12:04:24 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.11.30 19:59:26 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2012.11.29 09:26:17 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.11.09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.09.05 16:56:44 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe -- (McComponentHostService) SRV - [2011.04.17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe -- (NIS) SRV - [2011.02.07 08:56:11 | 000,138,192 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC) SRV - [2010.12.22 21:25:02 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010.12.22 21:24:58 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010.12.12 14:58:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2010.12.10 13:55:28 | 000,868,224 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Packard Bell\Packard Bell Power Management\ePowerSvc.exe -- (ePowerSvc) SRV - [2010.12.09 06:27:50 | 000,311,376 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService) SRV - [2010.11.12 02:21:52 | 000,257,344 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2010.10.08 02:24:16 | 000,150,016 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2010.09.21 14:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2010.09.14 03:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2010.06.02 00:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU) SRV - [2010.04.04 00:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe -- (GameConsoleService) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe -- (Updater Service) SRV - [2010.01.15 23:08:38 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe -- (GREGService) SRV - [2009.10.09 05:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.12.03 15:36:36 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.12.03 15:36:35 | 000,099,912 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.12.01 11:56:26 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent) DRV:64bit: - [2012.11.16 20:17:15 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012.03.01 07:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.04.21 02:37:49 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symnets.sys -- (SymNetS) DRV:64bit: - [2011.03.31 04:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\srtsp64.sys -- (SRTSP) DRV:64bit: - [2011.03.31 04:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\srtspx64.sys -- (SRTSPX) DRV:64bit: - [2011.03.15 03:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symefa64.sys -- (SymEFA) DRV:64bit: - [2011.03.11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.01.27 07:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symds64.sys -- (SymDS) DRV:64bit: - [2011.01.27 06:07:06 | 000,171,128 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\ironx64.sys -- (SymIRON) DRV:64bit: - [2010.12.23 18:44:22 | 012,260,000 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2010.12.15 19:42:08 | 000,035,368 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiMSa.sys -- (bScsiMSa) DRV:64bit: - [2010.12.12 14:58:00 | 000,025,576 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:64bit: - [2010.12.11 20:43:54 | 000,085,544 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiSDa.sys -- (bScsiSDa) DRV:64bit: - [2010.12.11 08:12:54 | 000,019,496 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdmp.sys -- (b57xdmp) DRV:64bit: - [2010.12.11 08:12:50 | 000,067,112 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdbd.sys -- (b57xdbd) DRV:64bit: - [2010.12.01 22:36:04 | 000,411,688 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) DRV:64bit: - [2010.11.12 07:23:40 | 000,138,024 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:64bit: - [2010.11.09 11:26:46 | 002,377,216 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2010.10.20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2010.10.15 09:28:18 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2010.10.08 02:23:38 | 000,019,192 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:64bit: - [2010.09.30 06:00:06 | 000,180,736 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2010.09.30 06:00:06 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2010.09.14 03:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010.07.17 20:25:24 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.06 01:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:64bit: - [2009.05.06 01:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV:64bit: - [2008.06.16 03:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV - [2012.11.30 23:19:38 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20121218.002\ex64.sys -- (NAVEX15) DRV - [2012.11.30 23:19:38 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) DRV - [2012.11.30 23:19:38 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2012.11.30 23:19:38 | 000,126,112 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20121218.002\eng64.sys -- (NAVENG) DRV - [2012.11.30 16:26:08 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20121215.001\IDSviA64.sys -- (IDSVia64) DRV - [2012.11.06 23:54:56 | 001,384,608 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20121130.005\BHDrvx64.sys -- (BHDrvx64) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10267&gct=hp&dc=EU&locale=de_NL IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{48EBBE69-3ADF-4199-A5C9-91B553C0F414}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10267&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGY&apn_dtid=^YYYYYY^YY^NL&apn_uid=a427c328-45a7-4197-808e-c3dab6c14551&apn_sauid=39CD1021-176C-4876-960E-CFA832C9249F IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Ask.com" FF - prefs.js..browser.startup.homepage: "hxxp://search.avira.com/?l=dis&o=APN10267&gct=hp&dc=EU&locale=de_NL" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1 FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10267&locale=de_NL&apn_uid=a427c328-45a7-4197-808e-c3dab6c14551&apn_ptnrs=%5EAGY&apn_sauid=39CD1021-176C-4876-960E-CFA832C9249F&apn_dtid=%5EYYYYYY%5EYY%5ENL&&q=" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\IPSFFPlgn\ [2012.12.18 23:51:11 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\coFFPlgn_2011_7_13_2 [2012.12.18 23:51:11 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.30 20:58:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.11.30 20:59:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anna\AppData\Roaming\mozilla\Extensions [2012.12.18 23:25:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anna\AppData\Roaming\mozilla\Firefox\Profiles\0fzp4tru.default\extensions [2012.12.18 23:25:10 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Users\Anna\AppData\Roaming\mozilla\Firefox\Profiles\0fzp4tru.default\extensions\toolbar@ask.com [2012.12.18 23:25:10 | 000,002,344 | ---- | M] () -- C:\Users\Anna\AppData\Roaming\mozilla\firefox\profiles\0fzp4tru.default\searchplugins\askcom.xml [2012.11.30 20:58:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.11.29 09:26:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.11.29 10:19:31 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.11.29 10:19:31 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.11.29 10:19:31 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.11.29 10:19:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.11.29 10:19:31 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.11.29 10:19:31 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL (Symantec Corporation) O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe (NTI Corporation) O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - Startup: C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Anna\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D3E57560-C482-45C1-B706-15E7A01B4AD4}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.12.18 23:54:21 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Anna\Desktop\OTL.exe [2012.12.18 23:30:37 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\Avira [2012.12.18 23:25:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.12.18 23:25:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com [2012.12.18 23:24:52 | 000,129,216 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2012.12.18 23:24:52 | 000,099,912 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2012.12.18 23:24:52 | 000,027,800 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2012.12.18 23:24:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2012.12.18 23:24:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2012.12.14 13:36:18 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\SNS [2012.12.07 12:40:07 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEGV [2012.12.07 12:30:07 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJSolutionMenuEX [2012.12.07 12:30:03 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEPPEX2 [2012.12.07 12:30:03 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonEPP [2012.12.07 12:29:59 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJMyPrinter [2012.12.07 12:29:58 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\Canon [2012.12.07 12:26:13 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJPLM [2012.12.07 12:24:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG3100 series Benutzerregistrierung [2012.12.07 12:24:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON [2012.12.07 12:24:00 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJWSpt [2012.12.07 12:21:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities [2012.12.07 12:21:54 | 000,000,000 | ---D | C] -- C:\Program Files\Canon [2012.12.07 12:21:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG3100 series Manual [2012.12.07 12:21:04 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ [2012.12.07 12:20:58 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information [2012.12.07 12:20:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG3100 series [2012.12.07 12:20:25 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ [2012.12.07 12:20:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\STRING [2012.12.07 12:18:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon [2012.12.03 18:08:12 | 000,000,000 | R--D | C] -- C:\Users\Anna\Dropbox [2012.12.03 18:06:45 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox [2012.12.03 18:06:21 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\Dropbox [2012.12.03 15:46:44 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\CyberLink [2012.12.03 15:46:44 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink [2012.12.03 15:46:35 | 000,000,000 | ---D | C] -- C:\Users\Anna\Documents\Youcam [2012.12.03 15:20:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2012.12.01 14:55:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0 [2012.12.01 04:23:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer [2012.12.01 04:23:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\de-DE [2012.12.01 04:23:26 | 000,000,000 | ---D | C] -- C:\Windows\de-DE [2012.12.01 04:23:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\de [2012.12.01 04:23:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0407 [2012.12.01 04:23:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE [2012.12.01 04:23:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\de [2012.12.01 04:23:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0407 [2012.12.01 04:22:35 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui [2012.12.01 04:22:35 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui [2012.12.01 04:22:34 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui [2012.12.01 04:22:34 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui [2012.12.01 04:17:50 | 000,000,000 | ---D | C] -- C:\Windows\NAPP_Dism_Log [2012.12.01 01:34:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared [2012.11.30 23:27:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus [2012.11.30 23:18:48 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Local\Microsoft Games [2012.11.30 22:58:11 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Local\Macromedia [2012.11.30 22:57:53 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan [2012.11.30 22:57:53 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2012.11.30 22:57:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan [2012.11.30 22:57:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2012.11.30 22:48:14 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Local\Apple Computer [2012.11.30 22:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 [2012.11.30 22:45:15 | 000,174,200 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS [2012.11.30 22:45:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared [2012.11.30 22:45:15 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec [2012.11.30 22:43:48 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\Apple Computer [2012.11.30 21:18:44 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Local\Diagnostics [2012.11.30 21:11:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012.11.30 21:10:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2012.11.30 21:09:14 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Local\Adobe [2012.11.30 21:08:25 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012.11.30 21:08:05 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012.11.30 21:08:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2012.11.30 21:08:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2012.11.30 21:07:07 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Local\Apple [2012.11.30 21:07:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2012.11.30 21:05:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2012.11.30 21:05:31 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2012.11.30 21:05:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2012.11.30 21:04:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2012.11.30 21:04:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2012.11.30 20:58:56 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Local\Mozilla [2012.11.30 20:58:55 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\Mozilla [2012.11.30 20:58:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012.11.30 20:58:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012.11.30 20:58:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012.11.30 20:56:01 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\Skype [2012.11.30 20:55:54 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2012.11.30 20:55:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012.11.30 20:54:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2012.11.30 20:48:05 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\Adobe [2012.11.30 20:42:49 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\Intel Corporation [2012.11.30 20:42:38 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\Macromedia [2012.11.30 20:42:26 | 000,000,000 | R--D | C] -- C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012.11.30 20:42:26 | 000,000,000 | R--D | C] -- C:\Users\Anna\Searches [2012.11.30 20:42:26 | 000,000,000 | R--D | C] -- C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012.11.30 20:42:18 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\Identities [2012.11.30 20:42:17 | 000,000,000 | R--D | C] -- C:\Users\Anna\Contacts [2012.11.30 20:42:03 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Local\VirtualStore [2012.11.30 20:41:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OEM [2012.11.30 20:41:15 | 000,000,000 | ---D | C] -- C:\Program Files\PB Accessory Store [2012.11.30 20:41:02 | 000,000,000 | --SD | C] -- C:\Users\Anna\AppData\Roaming\Microsoft [2012.11.30 20:41:02 | 000,000,000 | R--D | C] -- C:\Users\Anna\Videos [2012.11.30 20:41:02 | 000,000,000 | R--D | C] -- C:\Users\Anna\Saved Games [2012.11.30 20:41:02 | 000,000,000 | R--D | C] -- C:\Users\Anna\Pictures [2012.11.30 20:41:02 | 000,000,000 | R--D | C] -- C:\Users\Anna\Music [2012.11.30 20:41:02 | 000,000,000 | R--D | C] -- C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012.11.30 20:41:02 | 000,000,000 | R--D | C] -- C:\Users\Anna\Links [2012.11.30 20:41:02 | 000,000,000 | R--D | C] -- C:\Users\Anna\Favorites [2012.11.30 20:41:02 | 000,000,000 | R--D | C] -- C:\Users\Anna\Downloads [2012.11.30 20:41:02 | 000,000,000 | R--D | C] -- C:\Users\Anna\Documents [2012.11.30 20:41:02 | 000,000,000 | R--D | C] -- C:\Users\Anna\Desktop [2012.11.30 20:41:02 | 000,000,000 | R--D | C] -- C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\Vorlagen [2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\AppData\Local\Verlauf [2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\AppData\Local\Temporary Internet Files [2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\Startmenü [2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\SendTo [2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\Recent [2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\Netzwerkumgebung [2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\Lokale Einstellungen [2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\Documents\Eigene Videos [2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\Documents\Eigene Musik [2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\Eigene Dateien [2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\Documents\Eigene Bilder [2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\Druckumgebung [2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\Cookies [2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\AppData\Local\Anwendungsdaten [2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\Anwendungsdaten [2012.11.30 20:41:02 | 000,000,000 | -H-D | C] -- C:\Users\Anna\AppData [2012.11.30 20:41:02 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Local\Temp [2012.11.30 20:41:02 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Local\Microsoft [2012.11.30 20:41:02 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\Media Center Programs [2012.11.30 20:40:56 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2012.11.30 20:40:56 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2012.11.30 20:40:56 | 000,000,000 | -HSD | C] -- C:\Recovery [2012.11.30 20:40:56 | 000,000,000 | -HSD | C] -- C:\Programme [2012.11.30 20:40:56 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2012.11.30 20:40:56 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2012.11.30 20:40:56 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2012.11.30 20:40:56 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2012.11.30 20:40:56 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2012.11.30 20:40:56 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2012.11.30 20:40:56 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2012.11.30 20:40:56 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2012.11.30 20:06:42 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess [2012.11.30 20:06:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NV [2012.11.30 20:06:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NV [2012.11.30 20:03:17 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Web Camera [2012.11.30 20:03:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Video Web Camera [2012.11.30 20:02:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeMedia [2012.11.30 20:02:02 | 000,000,000 | ---D | C] -- C:\Windows\de [2012.11.30 20:01:52 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live [2012.11.30 20:01:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition [2012.11.30 20:01:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live [2012.11.30 20:01:18 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012.11.30 20:01:16 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live [2012.11.30 20:00:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live [2012.11.30 19:59:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared [2012.11.30 19:57:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared [2012.11.30 19:57:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2012.11.30 19:56:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2012.11.30 19:55:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft [2012.11.30 19:55:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bing Bar Installer [2012.11.30 19:51:51 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2012.11.30 19:51:29 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2012.11.30 19:51:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2012.11.30 19:51:17 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2012.11.30 19:51:17 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2012.11.30 19:51:11 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2012.11.30 19:50:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent [2012.11.30 19:49:52 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech [2012.11.30 19:49:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Launch Manager [2012.11.30 19:44:02 | 002,578,576 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll [2012.11.30 19:44:01 | 001,868,944 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll [2012.11.30 19:42:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics [2012.11.30 19:42:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Renesas Electronics [2012.11.30 19:41:44 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2012.11.30 19:34:48 | 000,000,000 | ---D | C] -- C:\book [2012.11.30 19:34:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel [2012.11.30 19:31:20 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012.11.30 19:30:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel [2012.11.30 19:30:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel [2012.11.30 19:28:29 | 000,000,000 | -HSD | C] -- C:\System Volume Information ========== Files - Modified Within 30 Days ========== [2012.12.18 23:59:04 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.12.18 23:59:04 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.12.18 23:50:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Anna\Desktop\OTL.exe [2012.12.18 23:50:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.12.18 23:50:42 | 3104,722,944 | -HS- | M] () -- C:\hiberfil.sys [2012.12.18 23:49:56 | 000,050,477 | ---- | M] () -- C:\Users\Anna\Desktop\Defogger.exe [2012.12.18 23:40:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.12.18 23:36:37 | 000,000,000 | ---- | M] () -- C:\Users\Anna\defogger_reenable [2012.12.18 23:25:16 | 001,994,480 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1207020.003\Cat.DB [2012.12.18 23:25:16 | 000,002,078 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.12.14 11:51:45 | 000,289,144 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.12.13 19:22:13 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.12.13 19:22:13 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.12.13 19:22:13 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.12.13 19:22:13 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.12.13 19:22:13 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.12.07 12:52:12 | 000,002,031 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2012.12.07 12:24:00 | 000,002,087 | ---- | M] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk [2012.12.07 12:21:35 | 000,002,368 | ---- | M] () -- C:\Users\Public\Desktop\Canon MG3100 series Online-Handbuch.lnk [2012.12.05 15:15:38 | 000,002,492 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk [2012.12.03 18:08:12 | 000,001,012 | ---- | M] () -- C:\Users\Anna\Desktop\Dropbox.lnk [2012.12.03 18:06:53 | 000,001,022 | ---- | M] () -- C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012.12.03 17:24:59 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012.12.03 15:36:36 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2012.12.03 15:36:35 | 000,099,912 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2012.12.01 14:45:05 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2012.12.01 14:45:05 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2012.12.01 11:56:26 | 000,174,200 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS [2012.12.01 11:56:26 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT [2012.12.01 11:56:26 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF [2012.12.01 04:23:15 | 000,295,922 | ---- | M] () -- C:\Windows\SysNative\perfi007.dat [2012.12.01 04:23:15 | 000,038,104 | ---- | M] () -- C:\Windows\SysNative\perfd007.dat [2012.12.01 04:22:35 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui [2012.12.01 04:22:35 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui [2012.12.01 04:22:34 | 000,004,096 | ---- | M] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui [2012.12.01 04:22:34 | 000,002,560 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui [2012.12.01 04:17:50 | 000,011,453 | ---- | M] () -- C:\Windows\ChangeLang_Done.tag [2012.11.30 23:27:32 | 000,002,058 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2012.11.30 23:27:32 | 000,002,058 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012.11.30 22:48:08 | 000,001,795 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2012.11.30 20:58:45 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012.11.30 20:55:55 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2012.11.30 20:41:16 | 000,001,958 | ---- | M] () -- C:\Users\Public\Desktop\PB Zubehör Shop.lnk [2012.11.30 20:39:40 | 000,052,953 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2012.11.30 20:39:39 | 000,052,953 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2012.11.30 20:03:17 | 000,001,953 | ---- | M] () -- C:\Users\Public\Desktop\Video Web Camera.lnk [2012.11.30 19:59:17 | 000,001,225 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Photoshop Elements 8.0.lnk [2012.11.30 19:49:06 | 000,000,184 | ---- | M] () -- C:\Windows\LMv4.UNI [2012.11.30 19:34:22 | 000,015,906 | ---- | M] () -- C:\Windows\SysNative\results.xml [2012.11.30 19:32:22 | 000,000,006 | ---- | M] () -- C:\Windows\SysNative\PLD_Framework.cmd ========== Files Created - No Company Name ========== [2012.12.18 23:54:21 | 000,050,477 | ---- | C] () -- C:\Users\Anna\Desktop\Defogger.exe [2012.12.18 23:36:37 | 000,000,000 | ---- | C] () -- C:\Users\Anna\defogger_reenable [2012.12.18 23:25:16 | 000,002,078 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.12.07 12:52:12 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2012.12.07 12:52:12 | 000,002,031 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2012.12.07 12:24:00 | 000,002,087 | ---- | C] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk [2012.12.07 12:21:35 | 000,002,368 | ---- | C] () -- C:\Users\Public\Desktop\Canon MG3100 series Online-Handbuch.lnk [2012.12.07 12:20:54 | 000,063,744 | ---- | C] () -- C:\Windows\SysWow64\CNC1752D.TBL [2012.12.07 12:20:54 | 000,063,744 | ---- | C] () -- C:\Windows\SysNative\CNC1752D.TBL [2012.12.03 18:08:12 | 000,001,012 | ---- | C] () -- C:\Users\Anna\Desktop\Dropbox.lnk [2012.12.03 18:06:53 | 000,001,022 | ---- | C] () -- C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012.12.03 17:24:59 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012.12.01 14:57:48 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2012.12.01 14:45:05 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2012.12.01 14:45:05 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2012.12.01 14:38:36 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2012.12.01 04:26:52 | 000,011,453 | ---- | C] () -- C:\Windows\ChangeLang_Done.tag [2012.12.01 04:23:51 | 000,654,166 | ---- | C] () -- C:\Windows\SysNative\perfh007.dat [2012.12.01 04:23:51 | 000,295,922 | ---- | C] () -- C:\Windows\SysNative\perfi007.dat [2012.12.01 04:23:51 | 000,130,006 | ---- | C] () -- C:\Windows\SysNative\perfc007.dat [2012.12.01 04:23:51 | 000,038,104 | ---- | C] () -- C:\Windows\SysNative\perfd007.dat [2012.11.30 22:57:53 | 000,002,058 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012.11.30 22:57:52 | 000,002,058 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2012.11.30 22:57:51 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.11.30 22:45:15 | 000,007,488 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT [2012.11.30 22:45:15 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF [2012.11.30 21:11:29 | 000,001,795 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2012.11.30 21:07:06 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2012.11.30 20:58:45 | 000,001,171 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012.11.30 20:58:45 | 000,001,159 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012.11.30 20:42:31 | 000,001,417 | ---- | C] () -- C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2012.11.30 20:42:27 | 000,001,451 | ---- | C] () -- C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012.11.30 20:41:16 | 000,001,958 | ---- | C] () -- C:\Users\Public\Desktop\PB Zubehör Shop.lnk [2012.11.30 20:41:02 | 000,001,354 | ---- | C] () -- C:\Users\Anna\Desktop\User's Guide.lnk [2012.11.30 20:03:17 | 000,001,953 | ---- | C] () -- C:\Users\Public\Desktop\Video Web Camera.lnk [2012.11.30 20:01:51 | 000,001,317 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk [2012.11.30 20:01:47 | 000,001,386 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk [2012.11.30 20:01:41 | 000,001,470 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk [2012.11.30 20:01:37 | 000,002,498 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk [2012.11.30 19:59:17 | 000,001,237 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 8.0.lnk [2012.11.30 19:59:17 | 000,001,225 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Photoshop Elements 8.0.lnk [2012.11.30 19:56:34 | 000,002,435 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk [2012.11.30 19:51:16 | 000,007,621 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb [2012.11.30 19:50:34 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll [2012.11.30 19:49:06 | 000,000,184 | ---- | C] () -- C:\Windows\LMv4.UNI [2012.11.30 19:34:22 | 000,015,906 | ---- | C] () -- C:\Windows\SysNative\results.xml [2012.11.30 19:28:29 | 3104,722,944 | -HS- | C] () -- C:\hiberfil.sys [2011.01.06 05:09:23 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011.01.06 05:09:21 | 000,207,376 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011.01.06 05:09:18 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.12.07 12:29:58 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\Canon [2012.12.18 23:52:53 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\Dropbox [2012.12.14 13:36:22 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\SNS ========== Purity Check ========== < End of report > EXTRAS: OTL Extras logfile created on: 18.12.2012 23:59:04 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Anna\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,86 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 56,06% Memory free 7,71 Gb Paging File | 5,89 Gb Available in Paging File | 76,45% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 450,16 Gb Total Space | 313,02 Gb Free Space | 69,54% Space Free | Partition Type: NTFS Drive E: | 1,88 Gb Total Space | 1,60 Gb Free Space | 85,06% Space Free | Partition Type: FAT Drive F: | 3,71 Gb Total Space | 3,38 Gb Free Space | 91,07% Space Free | Partition Type: FAT32 Computer Name: ANNA-PC | User Name: Anna | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0E3C6304-4054-4595-9F5C-7FD69A77C84E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{121A8432-68AC-459B-9170-EC96980FF0EB}" = lport=10243 | protocol=6 | dir=in | app=system | "{21D09B81-C3FF-4035-9673-3C7DCE5D7C4D}" = lport=138 | protocol=17 | dir=in | app=system | "{25F7A9BA-B643-4360-BBE3-2F853B74AEB7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{28D1FC6D-83D1-4369-9B7B-D492FEA9A591}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{3B972797-9E96-4598-BF9E-5890DE380C7B}" = lport=445 | protocol=6 | dir=in | app=system | "{4642EB33-49FA-48D8-AEEA-28CC93F6A57F}" = lport=137 | protocol=17 | dir=in | app=system | "{49404C52-8B3B-431D-BE0D-FE8130E05E2F}" = rport=139 | protocol=6 | dir=out | app=system | "{52329914-8A01-4A04-9C6B-AD2FA23ABAC4}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{64800BEA-AF44-478B-95AE-940DAC0426F9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{7054BC95-07DF-424D-A38D-4637BFF9AC53}" = rport=138 | protocol=17 | dir=out | app=system | "{77B49F87-AAC3-482A-9B6B-BB366FD10B4E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{85E1052A-6889-4A48-8BA1-D8E44ACEE1F0}" = rport=137 | protocol=17 | dir=out | app=system | "{93E86964-E13C-47B6-9340-F30552713CCC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{9DF624A0-5AAE-49D5-AF59-F179C22826D7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{9EF79073-2C66-4842-B921-EE4CE09BBF46}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{AA629380-7F26-45A1-AEB8-0BBDDA43D056}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{B0FA0925-40E6-4667-9A08-66805DCC0012}" = lport=2869 | protocol=6 | dir=in | app=system | "{C5525E66-E07B-4965-9240-C37125DEC705}" = lport=139 | protocol=6 | dir=in | app=system | "{D3061038-052A-4E3E-A1F7-85BD4FEDC724}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{D88008C7-8B9A-4E14-9412-076722340CFA}" = rport=10243 | protocol=6 | dir=out | app=system | "{EE9260C0-65C6-4672-A068-6441E18C9847}" = rport=445 | protocol=6 | dir=out | app=system | "{F73B8F2C-E5C7-4CA6-A871-37C97C999BE3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{06AAF4CB-2AD9-4F65-A25B-2C174FF9DF81}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{1AA4B6AA-856C-432D-A00B-88333624DAAD}" = dir=in | app=c:\program files (x86)\cyberlink\homemedia\homemedia.exe | "{1D9FAC4C-1606-434E-A535-D35D5B758ED7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{1F5A9691-4474-4D32-AFF5-8963D7F4A21B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{224F0AB6-F53C-4CBE-B4BE-FB7DFA55AFB8}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{23E725B0-FC64-4ECB-924B-85883B671218}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{27EB6342-C747-44C0-839A-1B834368D7C0}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{3237EF3E-5036-4B6B-9110-93ABBAAB324F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{3AB490B4-DF94-4418-9BF6-FF64604D2C40}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{40FA2FCC-4905-4A6B-AF58-C910B2672A61}" = protocol=6 | dir=in | app=c:\users\anna\appdata\roaming\dropbox\bin\dropbox.exe | "{41DF1854-673B-418B-85A2-0FEF4DD92E0D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{44E7ADA2-8B86-4479-899C-117A6EA8CFF8}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{51B30B12-F995-40BA-A804-0C589C6C4ABC}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{5C806DDA-3C58-432C-BE1B-8DD01D5CD16E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{6F3B546F-980C-4670-BDBC-1F804C4449AC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{6F59DDC3-4D67-434B-9D1B-8340FAF4ABE1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{70618C2F-6BC6-440D-BE3C-C3F68AA7C789}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{73334823-B238-4392-BF19-E7B22298244B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{78F21811-27C4-4B0A-9B4E-68D19A6717DF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{8F9B603D-106C-4E42-AB5B-C6723A68DA41}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{8FD3F76D-5AD0-4B19-87DF-43CB976A3BF6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A0B3F7AD-27C6-4316-AC7F-CE6ED7961969}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{B38DEDF3-FC25-43D8-B33A-B5105617FC45}" = protocol=17 | dir=in | app=c:\users\anna\appdata\roaming\dropbox\bin\dropbox.exe | "{BCC913D1-AA41-4042-AA23-35DACB827D69}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{C1E93A0F-1B86-4F21-9AD1-72F93A2EAE25}" = protocol=6 | dir=out | app=system | "{C32B83C1-7C6C-4A09-861D-16F157CAA4E8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{CCE465D5-9935-4F69-8FF1-840C66B1790E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{CF4B0AB5-96BD-4748-939A-4A5273748D4D}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{D26ECADA-A53F-470A-9FE7-67253703FBA9}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{D6F330AC-E9F9-4C2F-9837-CCD1DB37A758}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{D9C3CEEE-7F87-44C2-8F07-AD78CB7839D9}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{F9DFDAFF-A2EC-46DD-BC7B-BAD2E3DC3152}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{029A4933-3F36-4E4F-AEC3-2207AB26463D}" = Broadcom Gigabit NetLink Controller "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series" = Canon MG3100 series MP Drivers "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{22D8AE6F-3C6B-47E8-8F04-629F23DBE978}" = iTunes "{4710662C-8204-4334-A977-B1AC9E547819}" = Broadcom Card Reader Driver Installer "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 266.19 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 266.19 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.11 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources "{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Elantech" = ETDWare PS/2-X64 8.0.6.0_WHQL "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Video Web Camera "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Backup Manager V3 "{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0 "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help "{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed "{3DB0448D-AD82-4923-B305-D001E521A964}" = Packard Bell Power Management "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}" = Nero StartSmart OEM "{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress "{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Packard Bell Social Networks "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management "{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = HomeMedia "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI - Deutsch "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center "{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections "{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade "{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help "{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide "{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help "{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer "{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0 "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Packard Bell Updater "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{f3b75363-fa28-46b2-9d9f-112252157a7b}" = Nero 9 Essentials "{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0 "Avira AntiVir Desktop" = Avira Free Antivirus "Canon MG3100 series Benutzerregistrierung" = Canon MG3100 series Benutzerregistrierung "Canon MG3100 series On-screen Manual" = Canon MG3100 series On-screen Manual "CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program "CanonMyPrinter" = Canon My Printer "CanonSolutionMenuEX" = Canon Solution Menu EX "Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX "Identity Card" = Identity Card "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Video Web Camera "InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Packard Bell MyBackup "InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Packard Bell Social Networks "InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso "LManager" = Launch Manager "McAfee Security Scan" = McAfee Security Scan Plus "Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "MP Navigator EX 5.0" = Canon MP Navigator EX 5.0 "NIS" = Norton Internet Security "Packard Bell Game Console" = Packard Bell Game Console "Packard Bell Registration" = Packard Bell Registration "Packard Bell Screensaver" = Packard Bell ScreenSaver "Packard Bell Welcome Center" = Welcome Center "WildTangent packardbell Master Uninstall" = Packard Bell Games "WinLiveSuite" = Windows Live Essentials "WT088216" = Agatha Christie - Death on the Nile "WT088226" = Bejeweled 2 Deluxe "WT088228" = Build-a-lot 2 "WT088235" = Chuzzle Deluxe "WT088238" = Diner Dash 2 Restaurant Rescue "WT088260" = Farm Frenzy "WT088268" = Insaniquarium Deluxe "WT088269" = Jewel Quest Solitaire 2 "WT088283" = Plants vs. Zombies "WT088416" = FATE "WT088420" = Final Drive Nitro "WT088448" = John Deere Drive Green "WT088452" = Penguins! "WT088456" = Polar Bowler "WT088460" = Polar Golfer "WT088508" = Virtual Villagers 4 - The Tree of Life "WT088531" = Zuma's Revenge ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater "Dropbox" = Dropbox ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 30.11.2012 16:27:26 | Computer Name = Anna-PC | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe". Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 30.11.2012 16:27:31 | Computer Name = Anna-PC | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe". Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 30.11.2012 16:27:36 | Computer Name = Anna-PC | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe". Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 30.11.2012 16:27:41 | Computer Name = Anna-PC | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe". Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 30.11.2012 16:27:46 | Computer Name = Anna-PC | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe". Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 30.11.2012 16:27:51 | Computer Name = Anna-PC | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe". Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 30.11.2012 16:27:57 | Computer Name = Anna-PC | Source = MsiInstaller | ID = 11920 Description = Error - 30.11.2012 16:27:59 | Computer Name = Anna-PC | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll". Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 30.11.2012 16:28:02 | Computer Name = Anna-PC | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.dll". Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 03.12.2012 10:26:07 | Computer Name = Anna-PC | Source = .NET Runtime Optimization Service | ID = 1101 Description = [ System Events ] Error - 03.12.2012 10:16:45 | Computer Name = Anna-PC | Source = Service Control Manager | ID = 7023 Description = Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: %%16405 Error - 03.12.2012 10:19:09 | Computer Name = Anna-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80242016 fehlgeschlagen: Sicherheitsupdate für Internet Explorer 8 unter Windows 7 für x64-basierte Systeme (KB2544521) Error - 03.12.2012 10:19:09 | Computer Name = Anna-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80242016 fehlgeschlagen: Update für die Kompatibilitätsansichtsliste für Internet Explorer*8 für Windows 7 für x64-basierte Systeme (KB2598845) Error - 03.12.2012 10:43:08 | Computer Name = Anna-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am ?03.?12.?2012 um 15:41:08 unerwartet heruntergefahren. Error - 03.12.2012 10:45:59 | Computer Name = Anna-PC | Source = WMPNetworkSvc | ID = 866300 Description = Error - 03.12.2012 15:30:14 | Computer Name = Anna-PC | Source = Service Control Manager | ID = 7011 Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Netman erreicht. Error - 09.12.2012 07:42:13 | Computer Name = Anna-PC | Source = NetBT | ID = 4321 Description = Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.2.126 registriert werden. Der Computer mit IP-Adresse 192.168.2.130 hat nicht zugelassen, dass dieser Computer diesen Namen verwendet. Error - 09.12.2012 10:56:47 | Computer Name = Anna-PC | Source = bowser | ID = 8003 Description = Error - 09.12.2012 16:58:41 | Computer Name = Anna-PC | Source = bowser | ID = 8003 Description = Error - 12.12.2012 16:37:27 | Computer Name = Anna-PC | Source = bowser | ID = 8003 Description = < End of report > Ich hoffe mir kann jemand helfen. Danke im Vorraus für jeglichen Rat. Grüße Hubbi |
|
19.12.2012, 02:46
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Laptop scrollt unkontrolliert hin und her Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!
__________________ |
|
19.12.2012, 09:29
| #3 |
| | Laptop scrollt unkontrolliert hin und her Hallo Cosinus,
__________________ich habe noch Avira Antivir, das hat aber nichts gefunden. Außerdem habe ich Norton Internet Security, der hat auch keinen Fund bestätigt! Liebe Grüße, Hubbi |
|
19.12.2012, 22:40
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Laptop scrollt unkontrolliert hin und herZitat:
 Ist dir nicht klar, dass zwei solcher Scanner massive Probleme am PC bereiten können? Du solltest umgehend einen der beiden deinstallieren! 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
20.12.2012, 00:47
| #5 |
| | Laptop scrollt unkontrolliert hin und her Hallo Cosinus, wie du merkst habe ich keine Ahnung von solchen Dingen, weiß garnicht wieso ich Antivir noch installiert habe -.- Ich habe mittlerweile evtl die Lösung meiner Probleme: hatte eine Funkmaus angeschlossen und seit ich sie ausgestöpselt habe scrollt es nicht mehr hin und her. Glaube,dass es daran liegt. Ist das realistisch? Ich hoffe ich habe deine Zeit nicht zu sehr vergeudet  ( Schäme mich für meine Unwissenheit aber trotzdem ganz herzlichen Dank fürs Helfen!Lg Hubbi |
|
20.12.2012, 15:24
| #6 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Laptop scrollt unkontrolliert hin und herZitat:
__________________ --> Laptop scrollt unkontrolliert hin und her |
|
| Themen zu Laptop scrollt unkontrolliert hin und her |
| adobe, antivir, autorun, avg, avira, avira searchfree toolbar, bho, bonjour, canon, diner dash, error, explorer, fehler, firefox, flash player, format, home, install.exe, launch, logfile, mozilla, msiinstaller, nvidia update, nvpciflt.sys, packard bell, realtek, registry, rundll, security, software, svchost.exe, symantec, usb, usb 3.0, windows, wscript.exe |
Linear-Darstellung
