Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
PC scrollt automatisch nach unten

PC scrollt automatisch nach unten


Log-Analyse und Auswertung: PC scrollt automatisch nach unten

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 18.08.2013, 19:09   #1
Terraformer
 
PC scrollt automatisch nach unten - Standard

PC scrollt automatisch nach unten


Hallo Trojaner-Board Team,

mein Windows scrollt automatisch nach unten. Ich habe zwar im Forum nachgeschaut, hatten ja schon einige ein Problem, aber das ist ja wohl individuell, welche Lösungsansätze man verwendet, ich habe deshalb gleich die OTL-Files angehängt.

Ich habe auch nach Viren gescannt und mit der Firewall überprüft, nichts nennenswertes, außer dass die PC-Welt Suite und PC-Welt Tune-Up, beide hatte ich aber nur installiert und noch nicht verwendet, als schädlich erkannt wurde



OTL.exe:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 18.08.2013 19:45:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Eigene Dateien
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,24 Gb Available Physical Memory | 41,25% Memory free
5,99 Gb Paging File | 3,53 Gb Available in Paging File | 58,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 423,60 Gb Total Space | 386,57 Gb Free Space | 91,26% Space Free | Partition Type: NTFS
Drive D: | 507,81 Gb Total Space | 474,12 Gb Free Space | 93,36% Space Free | Partition Type: NTFS
Drive F: | 144,56 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 1863,01 Gb Total Space | 1396,38 Gb Free Space | 74,95% Space Free | Partition Type: NTFS
 
Computer Name: TOM-HOME-PC | User Name: Tom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - D:\Eigene Dateien\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
PRC - C:\Programme\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Gigabyte\SmartRecovery2_x86\RPMDaemon.exe (Gigabyte Technology CO.)
PRC - C:\Programme\SlimDrivers\SlimDrivers.exe (SlimWare Utilities, Inc.)
PRC - C:\Programme\AVG\AVG2013\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG2013\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG2013\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\Splashtop\Splashtop Remote\Server\SRSOOBE.exe (Splashtop Inc.)
PRC - C:\Programme\Splashtop\Splashtop Remote\Server\SRService.exe (Splashtop Inc.)
PRC - C:\Programme\Splashtop\Splashtop Software Updater\SSUService.exe (Splashtop Inc.)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
PRC - C:\Programme\AVG\AVG2013\avgemcx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\Programme\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
PRC - C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe (Check Point Software Technologies)
PRC - C:\Programme\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
PRC - C:\Programme\Canon\DIAS\CnxDIAS.exe (CANON INC.)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Windows\jwpen.exe ()
PRC - C:\Programme\Gigabyte\EasySaver\essvr.exe ()
PRC - C:\Programme\Common Files\microsoft shared\ink\TabTip.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\ink\InputPersonalization.exe (Microsoft Corporation)
PRC - C:\Programme\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
PRC - C:\Programme\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
PRC - C:\Windows\System32\ViakaraokeSrv.exe (VIA Technologies, Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\0c72b4e5c1de77634ec157943074cea4\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d5cfc19d54290dc150dedcc6a58cf6ba\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\f3a0f58fe7c369ad8f3cf7caf9dfe530\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\2a3197ccfb2048adddde6b0db5a0d265\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\f53bcd4c15b40418ee9ddc9eb6c09ea1\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\c9894395c04b955cabd43af3a5f62191\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\7e03172b9abac125616e59e7452ca94b\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\318853f2879d42c73c71220967dee475\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\1a5b3023141843aaaf176b8e63bf78e5\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\6fa468188705932387c89c28c77e3367\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\0bcfa477c2670c4343ffdf576810d81d\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\bff5f538eab1eb8a5c42e9867715de33\System.ni.dll ()
MOD - C:\Programme\Mozilla Thunderbird\mozjs.dll ()
MOD - C:\Programme\Mozilla Thunderbird\nsldap32v60.dll ()
MOD - C:\Programme\Mozilla Thunderbird\nsldappr32v60.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\2f9397ea05512f313f5f21c9d7bc20a3\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\10ac4ed5a22a4882529e01cf7bd8b895\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_32\GBHO\1.0.0.0__709f1911357dc329\GBHO.dll ()
MOD - C:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll ()
MOD - C:\Programme\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Programme\VIA\VIAudioi\VDeck\Dts2ApoApi.dll ()
MOD - C:\Programme\VIA\VIAudioi\VDeck\QsApoApi.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (avgwd) -- C:\Programme\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AVGIDSAgent) -- C:\Programme\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (SplashtopRemoteService) -- C:\Programme\Splashtop\Splashtop Remote\Server\SRService.exe (Splashtop Inc.)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (SSUService) -- C:\Programme\Splashtop\Splashtop Software Updater\SSUService.exe (Splashtop Inc.)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV - (vsmon) -- C:\Programme\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)
SRV - (IswSvc) -- C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe (Check Point Software Technologies)
SRV - (ICCS) -- C:\Programme\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
SRV - (Canon Driver Information Assist Service) -- C:\Programme\Canon\DIAS\CnxDIAS.exe (CANON INC.)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (AppleChargerSrv) -- C:\Windows\System32\AppleChargerSrv.exe ()
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (PSI_SVC_2) -- c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (HWSuperPowerTablet) -- C:\Windows\jwpen.exe ()
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (ES lite Service) -- C:\Programme\Gigabyte\EasySaver\essvr.exe ()
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (KMService) -- C:\Windows\System32\srvany.exe ()
SRV - (VIAKaraokeService) -- C:\Windows\System32\ViakaraokeSrv.exe (VIA Technologies, Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (PciSPorts) -- system32\DRIVERS\PciSPorts.sys File not found
DRV - (PciPPorts) -- system32\DRIVERS\PciPPorts.sys File not found
DRV - (amdiox86) -- system32\DRIVERS\amdiox86.sys File not found
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) 2000 DDK provider)
DRV - (SWDUMon) -- C:\Windows\System32\drivers\SWDUMon.sys ()
DRV - (Avglogx) -- C:\Windows\System32\drivers\avglogx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSHX) -- C:\Windows\System32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AODDriver) -- C:\Programme\Gigabyte\ET6\i386\AODDriver.sys (Advanced Micro Devices)
DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (GVTDrv) -- C:\Windows\System32\drivers\GVTDrv.sys ()
DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AtiHDAudioService) -- C:\Windows\System32\drivers\AtihdW73.sys (Advanced Micro Devices)
DRV - (ISWKL) -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies)
DRV - (AODDriver4.2) -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys (Advanced Micro Devices)
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
DRV - (KL1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV - (kl2) -- C:\Windows\System32\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV - (AppleCharger) -- C:\Windows\System32\drivers\AppleCharger.sys ()
DRV - (RTVLANPT) -- C:\Windows\System32\drivers\RtVlan620.sys (Realtek Corporation)
DRV - (TEAM) -- C:\Windows\System32\drivers\RtTeam60.sys (Realtek Corporation)
DRV - (RTTEAMPT) -- C:\Windows\System32\drivers\RtTeam60.sys (Realtek Corporation)
DRV - (RtNdPt60) -- C:\Windows\System32\drivers\RtNdPt60.sys (Realtek )
DRV - (Vsdatant) -- C:\Windows\System32\drivers\vsdatant.sys (Check Point Software Technologies LTD)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (NmPar) -- C:\Windows\System32\drivers\NmPar.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (mf) -- C:\Windows\System32\drivers\mf.sys (Microsoft Corporation)
DRV - (VHWDrawing) -- C:\Windows\System32\drivers\HWDrawing.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (VIAHdAudAddService) -- C:\Windows\System32\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV - (RSUSBSTOR) -- C:\Windows\System32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (EtronXHCI) -- C:\Windows\System32\drivers\EtronXHCI.sys (Etron Technology Inc)
DRV - (EtronHub3) -- C:\Windows\System32\drivers\EtronHub3.sys (Etron Technology Inc)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2076123036-2307069962-1632283144-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.zonealarm.com/?Source=Homepage&oemCode=ZLN118841381293619-1001&toolbarId=base&affiliateId=1001&Lan=de&utid=e4daa385000000000000902b34a84031
IE - HKU\S-1-5-21-2076123036-2307069962-1632283144-1000\..\SearchScopes,DefaultScope = {8DFC250F-A969-4610-9432-E073A61436CC}
IE - HKU\S-1-5-21-2076123036-2307069962-1632283144-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-2076123036-2307069962-1632283144-1000\..\SearchScopes\{8DFC250F-A969-4610-9432-E073A61436CC}: "URL" = hxxp://search.zonealarm.com/search?Source=Browser&oemCode=ZLN118841381293619-1001&toolbarId=base&affiliateId=1001&Lan=de&utid=e4daa385000000000000902b34a84031&q={searchTerms}&r=793
IE - HKU\S-1-5-21-2076123036-2307069962-1632283144-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: youtube2mp3%40mondayx.de:1.2.3
FF - prefs.js..extensions.enabledAddons: %7BB17C1C5A-04B1-11DB-9804-B622A1EF5492%7D:1.2.1
FF - prefs.js..extensions.enabledAddons: stealthyextension%40gmail.com:2.5
FF - prefs.js..extensions.enabledAddons: %7Bef62e1ce-d2a4-4cdd-b7ec-92b120366b66%7D:2.7.8
FF - prefs.js..extensions.enabledAddons: groovesharkProxy%40DannieDarko:1.3.2
FF - prefs.js..extensions.enabledAddons: SciLorsGrooveUnlocker%40scilor.com:0.3.3
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:3.9.3
FF - prefs.js..extensions.enabledAddons: groovesharkUnlocker%40overlord1337:1.3.5
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.5.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - prefs.js..network.proxy.ftp: "91.121.84.128"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.http: "91.121.84.128"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "91.121.84.128"
FF - prefs.js..network.proxy.socks_port: 3128
FF - prefs.js..network.proxy.ssl: "91.121.84.128"
FF - prefs.js..network.proxy.ssl_port: 3128
FF - prefs.js..network.proxy.type: 1
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2013.07.10 20:10:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013.08.15 10:05:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013.08.15 10:05:51 | 000,000,000 | ---D | M]
 
[2013.07.10 12:11:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tom\AppData\Roaming\mozilla\Extensions
[2013.08.15 15:33:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tom\AppData\Roaming\mozilla\Firefox\Profiles\611hehdm.default\extensions
[2013.07.12 16:54:06 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Users\Tom\AppData\Roaming\mozilla\Firefox\Profiles\611hehdm.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2013.07.12 16:53:59 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\Tom\AppData\Roaming\mozilla\Firefox\Profiles\611hehdm.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2013.07.10 20:10:18 | 000,000,000 | ---D | M] (zonealarm.com) -- C:\Users\Tom\AppData\Roaming\mozilla\Firefox\Profiles\611hehdm.default\extensions\ffxtlbr@zonealarm.com
[2013.07.10 12:32:29 | 000,000,000 | ---D | M] (Grooveshark Proxy) -- C:\Users\Tom\AppData\Roaming\mozilla\Firefox\Profiles\611hehdm.default\extensions\groovesharkProxy@DannieDarko
[2013.08.15 15:33:12 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Tom\AppData\Roaming\mozilla\Firefox\Profiles\611hehdm.default\extensions\ich@maltegoetz.de
[2013.07.12 18:16:24 | 000,317,252 | ---- | M] () (No name found) -- C:\Users\Tom\AppData\Roaming\mozilla\firefox\profiles\611hehdm.default\extensions\artur.dubovoy@gmail.com.xpi
[2013.08.15 15:33:12 | 000,050,777 | ---- | M] () (No name found) -- C:\Users\Tom\AppData\Roaming\mozilla\firefox\profiles\611hehdm.default\extensions\groovesharkUnlocker@overlord1337.xpi
[2013.07.10 12:33:25 | 000,129,384 | ---- | M] () (No name found) -- C:\Users\Tom\AppData\Roaming\mozilla\firefox\profiles\611hehdm.default\extensions\SciLorsGrooveUnlocker@scilor.com.xpi
[2013.02.09 10:14:26 | 000,185,839 | ---- | M] () (No name found) -- C:\Users\Tom\AppData\Roaming\mozilla\firefox\profiles\611hehdm.default\extensions\stealthyextension@gmail.com.xpi
[2012.02.17 18:51:06 | 000,011,510 | ---- | M] () (No name found) -- C:\Users\Tom\AppData\Roaming\mozilla\firefox\profiles\611hehdm.default\extensions\youtube2mp3@mondayx.de.xpi
[2011.10.16 01:23:18 | 000,089,442 | ---- | M] () (No name found) -- C:\Users\Tom\AppData\Roaming\mozilla\firefox\profiles\611hehdm.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi
[2012.12.27 20:34:34 | 000,010,506 | ---- | M] () -- C:\Users\Tom\AppData\Roaming\mozilla\firefox\profiles\611hehdm.default\searchplugins\gmx-suche.xml
[2012.12.27 20:34:34 | 000,005,489 | ---- | M] () -- C:\Users\Tom\AppData\Roaming\mozilla\firefox\profiles\611hehdm.default\searchplugins\webde-suche.xml
[2013.07.10 19:58:13 | 000,001,498 | ---- | M] () -- C:\Users\Tom\AppData\Roaming\mozilla\firefox\profiles\611hehdm.default\searchplugins\zonealarm.xml
[2013.08.18 15:41:36 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.08.18 15:41:40 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Programme\Check Point Software Technologies LTD\zonealarm\1.6.7.4\bh\zonealarm.dll (Montera Technologeis LTD)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Programme\Check Point Software Technologies LTD\zonealarm\1.6.7.4\zonealarmTlbr.dll (Montera Technologeis LTD)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKU\S-1-5-21-2076123036-2307069962-1632283144-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-21-2076123036-2307069962-1632283144-1000\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Smart File Advisor] C:\Program Files\Smart File Advisor\sfa.exe (Filefacts.net)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKLM..\RunOnce: [RPMKickstart] C:\Programme\Gigabyte\SmartRecovery2_x86\RPMKickstart.exe (Gigabyte Technology CO., LTD.)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{116B09DE-7451-41F3-BEF3-74FC61EFD1C5}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2007.09.25 22:00:00 | 000,000,064 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{6dee1b91-e81e-11e2-966a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{6dee1b91-e81e-11e2-966a-806e6f6e6963}\Shell\AutoRun\command - "" = F:\setup.exe -- [2009.10.09 13:42:10 | 000,103,816 | R--- | M] (CANON INC.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.08.18 18:11:48 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Roaming\AVG2013
[2013.08.18 18:10:55 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Roaming\TuneUp Software
[2013.08.18 18:10:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013.08.18 18:09:52 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013.08.18 18:09:51 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2013.08.18 18:09:23 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2013.08.18 18:07:49 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013.08.18 18:07:49 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Local\MFAData
[2013.08.18 18:07:49 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2013.08.18 18:07:49 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Local\Avg2013
[2013.08.18 15:41:36 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.08.15 17:02:50 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.08.15 17:02:49 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.08.15 17:02:49 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.08.15 17:02:48 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.08.15 17:02:48 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.08.15 17:02:48 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013.08.15 17:02:48 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.08.15 17:02:48 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.08.15 17:02:48 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.08.15 17:02:47 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.08.15 12:23:03 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Local\jZip
[2013.08.15 12:21:47 | 000,000,000 | ---D | C] -- C:\Program Files\jZip
[2013.08.15 12:15:40 | 000,000,000 | ---D | C] -- C:\Program Files\Smart File Advisor
[2013.08.15 10:05:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2013.08.15 09:27:47 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.08.15 09:27:47 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.08.15 09:27:44 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2013.08.15 09:27:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2013.07.20 01:51:00 | 000,246,072 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avglogx.sys
[2013.07.20 01:50:56 | 000,208,184 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidsdriverx.sys
[2013.07.20 01:50:56 | 000,060,216 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidshx.sys
[2013.07.20 01:50:50 | 000,171,320 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
 
========== Files - Modified Within 30 Days ==========
 
[2013.08.18 19:36:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.08.18 19:31:35 | 000,015,968 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.08.18 19:31:35 | 000,015,968 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.08.18 19:27:45 | 000,001,136 | ---- | M] () -- C:\Users\Tom\Desktop\Continue Open It! - Zip Extractor Installation.lnk
[2013.08.18 19:24:52 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\Windows\gdrv.sys
[2013.08.18 19:24:39 | 000,000,382 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2013.08.18 19:24:33 | 000,013,464 | ---- | M] () -- C:\Windows\System32\drivers\SWDUMon.sys
[2013.08.18 19:24:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.08.18 19:24:12 | 2413,748,224 | -HS- | M] () -- C:\hiberfil.sys
[2013.08.18 19:20:13 | 000,698,688 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.08.18 19:20:13 | 000,653,526 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.08.18 19:20:13 | 000,148,828 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.08.18 19:20:13 | 000,121,398 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.08.18 18:10:55 | 000,000,951 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013.08.15 15:36:20 | 335,308,934 | ---- | M] () -- C:\Users\Tom\Documents\Thunderbird 17.0.7 (de) - 2013-08-15.pcv
[2013.08.15 12:25:53 | 000,000,943 | ---- | M] () -- C:\Users\Tom\Desktop\jZip.lnk
[2013.07.26 05:13:37 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.07.26 05:12:22 | 000,493,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.07.26 05:12:05 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.07.26 05:12:04 | 002,877,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.07.26 05:12:00 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.07.26 05:12:00 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.07.26 05:12:00 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.07.26 05:11:59 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.07.26 04:49:14 | 002,706,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.07.26 03:59:38 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013.07.25 10:57:27 | 001,620,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2013.07.20 01:51:00 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avglogx.sys
[2013.07.20 01:50:56 | 000,208,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidsdriverx.sys
[2013.07.20 01:50:56 | 000,060,216 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidshx.sys
[2013.07.20 01:50:50 | 000,171,320 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
 
========== Files Created - No Company Name ==========
 
[2013.08.18 19:27:45 | 000,001,136 | ---- | C] () -- C:\Users\Tom\Desktop\Continue Open It! - Zip Extractor Installation.lnk
[2013.08.18 18:10:55 | 000,000,951 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013.08.15 15:35:08 | 335,308,934 | ---- | C] () -- C:\Users\Tom\Documents\Thunderbird 17.0.7 (de) - 2013-08-15.pcv
[2013.08.15 12:25:53 | 000,000,973 | ---- | C] () -- C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jZip.lnk
[2013.08.15 12:25:53 | 000,000,943 | ---- | C] () -- C:\Users\Tom\Desktop\jZip.lnk
[2013.07.17 17:43:57 | 000,159,744 | ---- | C] () -- C:\Windows\System32\HWPenOE.dll
[2013.07.17 17:35:56 | 000,212,696 | ---- | C] () -- C:\Windows\System32\HWMouseSet.exe
[2013.07.17 17:35:56 | 000,077,016 | ---- | C] () -- C:\Windows\jwpen.exe
[2013.07.17 17:35:56 | 000,061,144 | ---- | C] () -- C:\Windows\System32\jwusbchk.dll
[2013.07.17 17:35:56 | 000,017,624 | ---- | C] () -- C:\Windows\DevInst.exe
[2013.07.17 17:35:56 | 000,015,064 | ---- | C] () -- C:\Windows\HWDevInst.exe
[2013.07.17 16:52:50 | 000,008,192 | ---- | C] () -- C:\Windows\System32\srvany.exe
[2013.07.12 17:50:43 | 000,013,464 | ---- | C] () -- C:\Windows\System32\drivers\SWDUMon.sys
[2013.07.11 09:59:46 | 000,000,439 | ---- | C] () -- C:\Windows\System32\CNCMFP42.INI
[2013.07.09 23:08:23 | 000,024,944 | ---- | C] () -- C:\Windows\System32\drivers\GVTDrv.sys
[2013.07.09 23:03:46 | 000,031,272 | ---- | C] () -- C:\Windows\System32\AppleChargerSrv.exe
[2013.07.09 23:03:46 | 000,019,056 | ---- | C] () -- C:\Windows\System32\drivers\AppleCharger.sys
[2013.07.09 22:57:18 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2013.07.09 01:26:40 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.07.09 01:23:55 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2013.07.09 01:23:55 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2013.07.09 01:23:55 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2013.03.29 04:13:20 | 000,180,224 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2013.03.29 04:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\System32\amdocl_ld32.exe
[2013.03.29 04:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\System32\amdocl_as32.exe
[2013.03.12 07:38:22 | 000,695,006 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2013.03.04 20:52:52 | 000,230,836 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik.dat
[2013.02.01 02:14:10 | 000,075,600 | ---- | C] () -- C:\Windows\System32\ativce02.dat
[2012.11.27 01:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll
[2012.11.22 17:14:26 | 000,230,064 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik_nd.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013.08.18 18:11:48 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\AVG2013
[2013.07.11 11:11:23 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Canon
[2013.07.10 20:10:23 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\CheckPoint
[2013.07.17 16:55:59 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\MAGIX
[2013.07.09 23:39:19 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Splashtop Remote Client
[2013.07.12 16:38:19 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Thunderbird
[2013.08.18 18:10:55 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\TuneUp Software
 
========== Purity Check ==========
 
 
 
< End of report >
--- --- ---







Extras.txt:OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 18.08.2013 19:45:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Eigene Dateien
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,24 Gb Available Physical Memory | 41,25% Memory free
5,99 Gb Paging File | 3,53 Gb Available in Paging File | 58,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 423,60 Gb Total Space | 386,57 Gb Free Space | 91,26% Space Free | Partition Type: NTFS
Drive D: | 507,81 Gb Total Space | 474,12 Gb Free Space | 93,36% Space Free | Partition Type: NTFS
Drive F: | 144,56 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 1863,01 Gb Total Space | 1396,38 Gb Free Space | 74,95% Space Free | Partition Type: NTFS
 
Computer Name: TOM-HOME-PC | User Name: Tom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-2076123036-2307069962-1632283144-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files\Smart File Advisor\sfa.exe" /unknown "%1" (Filefacts.net)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{015F1334-A022-43CA-B714-7D4EDA11A6E7}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | 
"{01F653B8-9F39-4178-8F27-E00F5B7A87FC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{128E7F9A-0D7E-46D5-BA5F-3F395F346C01}" = lport=138 | protocol=17 | dir=in | app=system | 
"{16307A6C-29C6-4DE6-A2F8-99E446C9A449}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{3612A0FD-3D0A-4889-B6CD-D6EAA763BFDF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{41FD6D21-023C-4F31-A0B0-E0D7A1BA2333}" = rport=138 | protocol=17 | dir=out | app=system | 
"{469C079B-9E97-43A3-876A-BC7F2A0E0430}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{4E92999D-038B-45E1-B835-2AE760AB378D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{5B0799E0-30CF-48D6-9972-F2228BCE71F5}" = lport=139 | protocol=6 | dir=in | app=system | 
"{5B32D88D-55E6-4A93-88FE-CFE1573EAB2F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{6B725A1B-ACB2-4E88-AA0B-63D38B320A81}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{75A76EA5-4D90-4AD3-A313-DAA9958846DB}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{9EF42413-CEDB-46AE-8AD6-C261567E14F3}" = rport=139 | protocol=6 | dir=out | app=system | 
"{A67DB801-7253-49C2-B688-0E5A8EB0EA7E}" = rport=137 | protocol=17 | dir=out | app=system | 
"{B06CF49D-FC41-4389-95AD-2E7B235B3232}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{B510A399-4D10-4BA6-95D2-18BE053FB52C}" = rport=445 | protocol=6 | dir=out | app=system | 
"{B61398C5-88DE-4553-BCF7-4DA4CA5B5A44}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{BFD716E7-9ED0-4313-8A99-41B52C2B6852}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{C70737E8-BFBC-4A6E-950F-9CB10F4CE4E4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{CC59AFDF-F384-415A-85F9-8C6A4F2213C1}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{D3C92DB5-20AC-4571-9AB9-61A88908779D}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{DC520DF0-D0CA-4E1F-88F5-F8B0640F5A74}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{DC8C1E41-9E94-491B-9D01-743C65CA6A41}" = lport=445 | protocol=6 | dir=in | app=system | 
"{E2B9ABF8-B17E-48FA-81B5-22356875F8CE}" = lport=137 | protocol=17 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01B6B920-C9AB-4DBD-85E4-87DFBD95FBCF}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe | 
"{0D4955EF-D8A7-426B-9545-D7ADA6DAA657}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{126265AF-AA66-4B8B-A973-32AD14E5C295}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{1310401D-B477-40CB-B877-7CCBDAEEC2A5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{1535A17E-2174-4E4B-91B2-6769DA823BF7}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe | 
"{2BE42523-A719-49EA-9D43-05CE84525710}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe | 
"{42057F0C-3B83-4C05-AC90-F04CD229D14D}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe | 
"{46CCE0DA-6EF1-4F96-AF82-F54537566F4B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{66BF9F3C-E152-414B-9F8C-B3CAB06DEC63}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{7021D21C-C6CA-4D38-BD05-32698B594403}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe | 
"{79016B9B-D7C6-42FF-8566-B5E17114DF1F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{83D45EE7-B149-4C71-8EA1-552A7589463B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{9181085C-35A5-4409-B737-C7AE71AAD33E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{A7F59905-CE13-4B92-8919-42971A041F47}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{B3A3B7D5-D807-4C01-92F0-4BCC3DC85EE7}" = protocol=6 | dir=out | app=system | 
"{B40F8E3F-EE1B-4A91-85A8-CBF739878188}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{B819F8B5-A41E-4EF6-BA0E-1F9BA7D2F7D8}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd9.exe | 
"{BB113821-F211-4B8B-A50B-578BE95583EB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{BB7C4074-FA94-45B8-BA6D-0EC1C238A871}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe | 
"{C0586423-0669-4113-A73B-78EFF800327D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{C32BD6D5-79AD-44CB-99FE-B7AE80183555}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{CAE0F387-F342-44B1-A79A-9BD986760B68}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe | 
"{CE2E8AE0-DB96-4273-B0A4-94DD692D14F0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{D5AB810D-74FA-4AFF-B631-22A9FA802F67}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{DC3A9985-69FD-481B-BC4D-EBAB35787C9F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{DDCE3337-656E-4409-84CD-F8AE5AFF8ECC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{E70E7034-3A0F-46B1-843B-E6399F4EECB4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{F65E5ED3-144E-4F7B-B882-535F59297D9D}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe | 
"{F775E047-DBFB-46F5-A74A-CF3D170C7B5C}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe | 
"{F9F8701A-6DAB-4323-81B2-27DA8364C765}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"TCP Query User{2E98E2C3-8626-4593-BBC8-298DF0DF49D8}C:\program files\gigabyte\updmanager\gbtupd.exe" = protocol=6 | dir=in | app=c:\program files\gigabyte\updmanager\gbtupd.exe | 
"TCP Query User{668D4031-2975-4A40-87A6-81182CE6840A}C:\program files\gigabyte\updmanager\gbtupd.exe" = protocol=6 | dir=in | app=c:\program files\gigabyte\updmanager\gbtupd.exe | 
"TCP Query User{8A919811-42DF-431D-A94A-72D81AE163BE}C:\program files\gigabyte\updmanager\runupd.exe" = protocol=6 | dir=in | app=c:\program files\gigabyte\updmanager\runupd.exe | 
"UDP Query User{68781E72-AE45-4EB9-A448-AB34D6D220D4}C:\program files\gigabyte\updmanager\gbtupd.exe" = protocol=17 | dir=in | app=c:\program files\gigabyte\updmanager\gbtupd.exe | 
"UDP Query User{744ADD6C-1834-46E7-B9C2-B15B957150EA}C:\program files\gigabyte\updmanager\gbtupd.exe" = protocol=17 | dir=in | app=c:\program files\gigabyte\updmanager\gbtupd.exe | 
"UDP Query User{82EAA738-4F08-46EC-A66F-EA082A74F367}C:\program files\gigabyte\updmanager\runupd.exe" = protocol=17 | dir=in | app=c:\program files\gigabyte\updmanager\runupd.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{1E964D62-3397-45B7-A9D2-F27C22D9D4BA}" = Corel Painter 12
"_{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}" = CorelDRAW Graphics Suite X6
"_{761B6C00-A23A-4F17-9D23-CB7E48307314}" = Corel Graphics - Windows Shell Extension
"{0084B0C3-F376-42E3-804A-885D249282BD}" = CorelDRAW Graphics Suite X6 - IPM
"{00DAA13A-EA2A-4142-AEB6-FFA6B124985D}" = HWTablet
"{07300F01-89CA-4CF8-92BD-2A605EB83C95}" = EasySaver B9.1214.1 
"{075A7877-02CA-4B15-8534-1211712A8E79}" = ZoneAlarm Firewall
"{11F2C5EC-35AA-7237-B62B-A4F041859C2A}" = CCC Help Spanish
"{15971B11-14DA-873C-1ACD-188603C38889}" = AMD Catalyst Install Manager
"{169ADA4A-8079-4CD8-8E20-030B1A54E552}" = CorelDRAW Graphics Suite X6 - DE
"{1AED4ABF-0852-4B3F-9F87-00CF88F25CE0}" = IconHandler 32 bit
"{1BD9E24B-DB16-491C-8092-F158664BB9F6}" = ZoneAlarm Security
"{1E964D62-3397-45B7-A9D2-F27C22D9D4BA}" = Painter 12 - Setup Files
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 9
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{229EDE35-4677-BDE6-70ED-A5A4C711DDC3}" = CCC Help Norwegian
"{2333E82C-E577-4982-B60F-80C74BA69A07}" = Corel Painter 12 - IPM
"{2470F2F2-8491-5A0B-B8F5-8B72A8D74597}" = Catalyst Control Center InstallProxy
"{25D69CEE-3EE2-47FD-9A0E-5013240EC953}" = CorelDRAW Graphics Suite X6 - Common
"{27B56E28-94B2-BDF8-D209-EC8D2FF4838E}" = Catalyst Control Center Graphics Previews Common
"{2913C8E7-612B-47DA-B18D-A23E1A1B16E3}" = Update Manager B12.0418.1
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{318FF3D7-0C40-483B-AF92-AF36416B0AC6}" = CorelDRAW Graphics Suite X6 - Writing Tools
"{33ABEC18-41FB-4558-A245-BEED47897D0C}" = Painter 12 - FR
"{33D4FA83-02C0-93B3-08ED-5D7378930CFA}" = CCC Help Turkish
"{36B01464-5050-4492-BAA3-46E62551EEAB}_is1" = PC-WELT-TuneUpSuite 1.0
"{37D0F3C2-8FFD-134D-FBDF-2D711E169D78}" = AMD VISION Engine Control Center
"{3CF3DEF4-ED15-4F7B-9320-C3E1081EA4DA}" = SlimDrivers
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.1102.1
"{3EE1008C-11A1-4F4F-8DB7-27573924DE78}" = DMIView Ver.1.5 B12.0314.1
"{42FECCEF-63CD-DF98-D6BC-DDBB27E4A580}" = CCC Help Japanese
"{4461B49E-E20D-422B-A507-698446FE2AC8}" = Painter 12 - IT
"{44FDF3F0-9DEF-46A6-A552-404BBF55451B}" = Painter 12 - Core
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B12.0509.1
"{46594DA4-2D0A-B2D4-C0E0-A5CCA3260025}" = CCC Help Hungarian
"{485B8152-C59F-8569-15BC-46BDA2A1E4A9}" = CCC Help Polish
"{490F47E6-585C-531A-1BF8-4DE44ED9AED7}" = CCC Help Russian
"{4E90A19D-D345-2F69-4B71-2503B5C10FE7}" = AMD Fuel
"{50F87176-7DB3-4C75-D9DC-25CB4561D0F8}" = CCC Help Danish
"{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}" = CorelDRAW Graphics Suite X6 - Setup Files
"{52E706AA-B4E9-423A-1651-62E61E06DF9A}" = CCC Help Greek
"{579CA850-B2C3-43F3-A3F6-3A0AE42E8225}" = CorelDRAW Graphics Suite X6 - FontNav
"{5FB51C12-62AE-0990-E419-C6F62B776E5C}" = CCC Help Portuguese
"{5FF27D65-35E5-4855-B7ED-59BCFBC85776}" = AVG 2013
"{603C6570-2BA1-4FC6-8735-7EFA6D1F6F61}" = CorelDRAW Graphics Suite X6 - Custom Data
"{62BEC144-7029-4BF4-B3F2-FA231FB9F84B}" = CorelDRAW Graphics Suite X6 - Redist
"{66B46617-A156-F25B-3CC0-5E46343AEA95}" = CCC Help Thai
"{6F53FB68-6620-423E-B7CD-B8205655B421}" = CorelDRAW Graphics Suite X6 - PHOTO-PAINT
"{73BD1CE5-F278-4540-B667-7F7D86488236}" = Hanvon Soft 3.0
"{74FA94F1-9566-4252-9372-E7EAFFEFE209}" = CorelDRAW Graphics Suite X6 - Capture
"{761B6C00-A23A-4F17-9D23-CB7E48307314}" = Corel Graphics - Windows Shell Extension
"{76DAEC83-AF7B-333C-8A53-83D7C7D39199}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU
"{776DC020-024F-4C19-AB2B-B526164136F8}" = Painter 12 - DE
"{7A2FF332-E4F6-4D87-9EBD-EDFF1216490F}" = CorelDRAW Graphics Suite X6 - Filters
"{7CCD75BD-5528-4FE1-90D2-392D661A2BF1}" = CorelDRAW Graphics Suite X6 - VSTA
"{7F9F6864-8CAB-440C-AF44-030D0135666D}" = CorelDRAW Graphics Suite X6
"{7FAEAEC0-9E27-492F-AFB9-9D905B2779BE}" = MAGIX Web Designer 6
"{81543139-18AE-703B-D3B1-F6B3A0CB2EAC}" = CCC Help English
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85494707-8DE1-3F79-9B74-A619BA2188A4}" = AMD Media Foundation Decoders
"{879E2460-18F9-48F2-B736-4E814A699504}" = CorelDRAW Graphics Suite X6 - VBA
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8E87B944-4815-3C5E-947F-5035C9F64362}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
"{8FA20FAC-719F-7CCD-5790-6B59D691C370}" = CCC Help Chinese Traditional
"{90120000-0070-0000-0000-4000000FF1CE}" = Microsoft Visual Basic for Applications 7.1 (x86)
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{936BAF9D-CE07-467E-B5B0-F0BC5B5E6EDB}" = Splashtop Remote Client
"{940B28E7-320B-5AC8-0A8A-32D6A7B404A1}" = CCC Help Swedish
"{9532F6E0-ED0A-41A4-87F9-49478E44E8C1}" = ZoneAlarm Antivirus
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{99C382AB-CA1D-8577-66D3-AA850DB5FD00}" = CCC Help Korean
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9EF200A3-1CAC-462E-990B-EC902279BAAA}" = Microsoft Visual Basic for Applications 7.1 (x86) German
"{9F612429-4A00-3D44-88CF-146DA2EE1F92}" = Microsoft .NET Framework 4.5
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A5CB0BC7-9553-420D-A3CD-D3C59FB99872}" = Painter 12 - EN
"{A68C4D16-8046-5333-CB64-5E622C795785}" = CCC Help Dutch
"{A7581B61-C9F9-4fea-B845-E7733C17EC19}" = Canon MF8000C Series
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{B0B6E3AF-093D-9B5C-040D-D3BBB90CE757}" = AMD Accelerated Video Transcoding
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B4B8D818-7027-1744-8A21-DD53509E041A}" = ccc-utility
"{B7C5EA94-B96A-41F5-BE95-25D78B486678}" = Splashtop Streamer
"{BE0B654E-FC60-40AE-F60B-06526508B5FD}" = CCC Help Italian
"{BE0E1491-B2DC-6447-217C-342D8F7100EA}" = CCC Help Czech
"{C5262276-0075-498B-B80F-7D997482E4DB}" = CorelDRAW Graphics Suite X6 - Draw
"{C5EADF55-3B49-B545-E16F-402B443DDC77}" = CCC Help German
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B12.0206.1
"{CBBB226E-2289-4D29-8E5C-1331E7D71ED9}" = AVG 2013
"{CBDFF724-E925-2964-E647-0A83D2F9165C}" = CCC Help French
"{D4A17D31-2F7B-4682-AD57-467021452909}" = CorelDRAW Graphics Suite X6 - Photozoom Plugin
"{D4EFC6B7-3DA5-400D-9682-9BE287A5440E}" = CorelDRAW Graphics Suite X6 - Connect
"{D5341564-7B93-ADAC-E737-C24AA85CC5FF}" = CCC Help Chinese Standard
"{D9941688-1BEF-79EF-0FD9-E0A67E2CFE0F}" = AMD Drag and Drop Transcoding
"{DADC7AB0-E554-4705-9F6A-83EA82ED708E}" = Realtek Ethernet Diagnostic Utility
"{DDFEB503-D662-4224-82C9-37A5698FDC25}" = CorelDRAW Graphics Suite X6 - VideoBrowser
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E36C13C4-C802-4A57-8B7C-3D9DF80F3E95}" = Smart Recovery 2 B12.0417.1 (x86)
"{E3FB1E5A-1C24-D581-6BC8-6F8AC2D343AD}" = CCC Help Finnish
"{E76FCE6B-9999-4250-8C75-B2DA4AD41268}" = Face_Wizard B12.0531.01
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E79BE5-20F5-82F4-6579-2A91AED3F066}" = Catalyst Control Center Localization All
"{F2776738-1A97-45F2-BE5A-DBBC66ACB9D4}" = Painter 12 - Painter
"{F308B531-AB20-4A79-8F5E-83071FE5BE60}" = Q-Share Ver.1.2
"{FBAAC4C8-D5ED-4308-9FC6-84E44E392395}" = Painter 12 - Content
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AVG" = AVG 2013
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"DPP" = Canon Utilities Digital Photo Professional 3.8
"EOS Utility" = Canon Utilities EOS Utility
"InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 9
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B12.0509.1
"InstallShield_{936BAF9D-CE07-467E-B5B0-F0BC5B5E6EDB}" = Splashtop Remote Client
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B12.0206.1
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"MAGIX_MSI_Web_Designer_6" = MAGIX Web Designer 6
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 23.0.1 (x86 de)" = Mozilla Firefox 23.0.1 (x86 de)
"Mozilla Thunderbird 17.0.8 (x86 de)" = Mozilla Thunderbird 17.0.8 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Original Data Security Tools" = Canon Utilities Original Data Security Tools
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"Smart File Advisor_is1" = Smart File Advisor 1.1.1
"Splashtop Software Updater" = Splashtop Software Updater
"WFTK" = Canon Utilities WFT Utility
"ZoneAlarm Free Antivirus + Firewall" = ZoneAlarm Free Antivirus + Firewall
"ZoneAlarm Security Toolbar" = ZoneAlarm Security Toolbar 
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2076123036-2307069962-1632283144-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"jZip" = jZip
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 17.07.2013 13:53:14 | Computer Name = Tom-Home-PC | Source = Software Protection Platform Service | ID = 8200
Description = Lizenzerwerb-Fehlerdetails. hr=0xC004C008
 
Error - 17.07.2013 13:53:14 | Computer Name = Tom-Home-PC | Source = Software Protection Platform Service | ID = 1014
Description = Fehler beim Erwerb der Endbenutzerlizenz. hr=0xC004C008 SKU-ID=586bc076-c93d-429a-afe5-a69fbc644e88
 
Error - 18.07.2013 04:15:55 | Computer Name = Tom-Home-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: taskhost.exe, Version: 6.1.7601.18010,
Zeitstempel: 0x50aee407 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0x508 Startzeit der fehlerhaften Anwendung: 0x01ce838f04265e51 Pfad der
fehlerhaften Anwendung: C:\Windows\system32\taskhost.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: 44390c38-ef82-11e2-b1cb-902b34a84031
 
Error - 18.07.2013 04:38:20 | Computer Name = Tom-Home-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Die Anwendung oder der Dienst "TrueVector Internet Monitor" konnte
nicht heruntergefahren werden.
 
Error - 18.07.2013 04:38:20 | Computer Name = Tom-Home-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Die Anwendung oder der Dienst "TrueVector Internet Monitor" konnte
nicht heruntergefahren werden.
 
Error - 18.07.2013 11:10:50 | Computer Name = Tom-Home-PC | Source = .NET Runtime | ID = 1026
Description = 
 
Error - 18.07.2013 11:10:50 | Computer Name = Tom-Home-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: CorelDRW.exe, Version: 16.1.0.843,
Zeitstempel: 0x4fff8124 Name des fehlerhaften Moduls: Wintab32.dll, Version: 3.0.0.1,
Zeitstempel: 0x4ae66b46 Ausnahmecode: 0xc0000094 Fehleroffset: 0x00001189 ID des fehlerhaften
Prozesses: 0x1488 Startzeit der fehlerhaften Anwendung: 0x01ce83c7c613de25 Pfad der
fehlerhaften Anwendung: C:\Program Files\Corel\CorelDRAW Graphics Suite X6\Programs\CorelDRW.exe
Pfad
des fehlerhaften Moduls: C:\Windows\system32\Wintab32.dll Berichtskennung: 3b1463a5-efbc-11e2-a1fc-902b34a84031
 
Error - 18.07.2013 15:30:14 | Computer Name = Tom-Home-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Die Anwendung oder der Dienst "TrueVector Internet Monitor" konnte
nicht heruntergefahren werden.
 
Error - 18.07.2013 15:30:14 | Computer Name = Tom-Home-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Die Anwendung oder der Dienst "TrueVector Internet Monitor" konnte
nicht heruntergefahren werden.
 
Error - 15.08.2013 12:23:09 | Computer Name = Tom-Home-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description = 
 
[ System Events ]
Error - 15.08.2013 06:11:50 | Computer Name = Tom-Home-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.
 
Error - 15.08.2013 06:11:50 | Computer Name = Tom-Home-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.
 
Error - 15.08.2013 06:11:51 | Computer Name = Tom-Home-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.
 
Error - 15.08.2013 12:21:48 | Computer Name = Tom-Home-PC | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Windows-Bilderfassung (WIA)" wurde nicht richtig gestartet.
 
Error - 18.08.2013 09:49:57 | Computer Name = Tom-Home-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 18.08.2013 09:49:58 | Computer Name = Tom-Home-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 18.08.2013 09:49:59 | Computer Name = Tom-Home-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 18.08.2013 09:49:59 | Computer Name = Tom-Home-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 18.08.2013 13:05:53 | Computer Name = Tom-Home-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
 
Error - 18.08.2013 13:23:03 | Computer Name = Tom-Home-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
 
 
< End of report >
--- --- ---


Sollte noch was fehlen, reiche ichs natürlich gerne nach.

Ich hoffe ihr könnt mir helfen, das ist mein Geschäfts PC und so kann ich nicht arbeiten und meine Termine nicht einhalten. In meinem Business kann mich das ruinieren...

Liebe Grüße,
Tom

 

Themen zu PC scrollt automatisch nach unten
7-zip, autorun, browser, canon, continue, desktop, error, firefox, firefox 23.0.1, flash player, helper, home, homepage, install.exe, kaspersky, logfile, mozilla, mp3, object, problem, realtek, registry, rundll, scrollen, security, senden, server, software, svchost.exe, taskhost.exe, viren, windows


« WIN 7 Deltasearch als Suchmaschine lässt sich nicht entfernen | Windows XP: Weiterleitung auf ominöse Webseiten bei der Benutzung von Google »


Ähnliche Themen: PC scrollt automatisch nach unten


  1. Windows startet ers nach einem reset und scrollt in allen Dokumenten dauerhaft nach unten
    Alles rund um Windows - 17.07.2015 (2)
  2. Unkontroliertes Mousescrolling nach unten
    Plagegeister aller Art und deren Bekämpfung - 09.04.2014 (7)
  3. Scrollt automatisch runter - nur in Installationsprogrammen
    Plagegeister aller Art und deren Bekämpfung - 03.04.2014 (7)
  4. Windows 8 macht nichts mehr & Werbung links,unten-rechts,unten-mitte
    Plagegeister aller Art und deren Bekämpfung - 21.02.2014 (11)
  5. Popup rechts unten im Browser, nervende Werbung, schiebt sich von unten rein
    Plagegeister aller Art und deren Bekämpfung - 18.06.2012 (16)
  6. Popup rechts unten im Browser, nervende Werbung auch als Flash, schiebt sich von unten rein
    Plagegeister aller Art und deren Bekämpfung - 06.06.2012 (15)
  7. Popup rechts unten im Browser, nervende Werbung auch als Flash, schiebt sich von unten rein
    Plagegeister aller Art und deren Bekämpfung - 05.06.2012 (36)
  8. rechner scrollt automatisch runter im browser bei spielen im media player überall...
    Plagegeister aller Art und deren Bekämpfung - 04.01.2012 (19)
  9. Laptop Samsung R700 scrollt einfach nach unten!
    Log-Analyse und Auswertung - 08.08.2011 (3)
  10. Seite Scrollt automatisch ein Stück runter / Hoch ohne Maus Bewegung
    Plagegeister aller Art und deren Bekämpfung - 04.06.2011 (3)
  11. Maus scrollt Automatisch hoch und runter!
    Netzwerk und Hardware - 04.11.2010 (1)
  12. laptop scrollt von alleine nach unten
    Log-Analyse und Auswertung - 17.11.2009 (5)
  13. fenster scrollt immer nach unten
    Log-Analyse und Auswertung - 01.05.2008 (1)
  14. Seiten scrollen nach unten.....
    Plagegeister aller Art und deren Bekämpfung - 16.09.2007 (14)
  15. Wenn ich nach unten oder oben scrolle dauert es die seite zieht in quer streifen nach
    Antiviren-, Firewall- und andere Schutzprogramme - 01.09.2007 (21)
  16. Mein PC scrollt seiten automatisch nach unten!
    Log-Analyse und Auswertung - 21.02.2006 (2)
  17. rechner scrollt seiten automatisch nach unten
    Plagegeister aller Art und deren Bekämpfung - 01.02.2005 (14)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema PC scrollt automatisch nach unten - Hallo Trojaner-Board Team, mein Windows scrollt automatisch nach unten. Ich habe zwar im Forum nachgeschaut, hatten ja schon einige ein Problem, aber das ist ja wohl individuell, welche Lösungsansätze man - PC scrollt automatisch nach unten...
Archiv
Du betrachtest: PC scrollt automatisch nach unten auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19