v9.com und adware yontoo.gen
Hallo
Habe mir ein gebrauchtes Netbook gekauft und nachdem ich Avira Antivire und ein paar andere Programme (Malewarebytes, Firefox, Gimp2, secunia psi, everest) installiert habe,
schlug Antivire Alarm, Adware/Yontoo.Gen und Gen 2 entdeckt.
Habe die beiden in Quarantäne geschickt und dann dort gelöscht.
Was noch merkwürdig ist, wenn ich einen kompletten System Suchlauf mit Antivire versuche hängt er sich (der Suchlauf von Antivire) bei 45% auf, bei der Datei:
c:/windows/winset/.../system.workflow.runtime.dll
Dann habe ich im Morzilla Firefox als Startseite diese www.v9.com.
Nach ein bischen googlelei habe ich gelesen das sein ein virus oder doch ein trojaner, ich solle adwCleanern benutzen...
Habe deswegen noch nichts unternommen, dachte mir ich lasse mal leute mit Anhnung einen blick drauf werfen.
Malewarebytes hat nix gefunden.
gemer hat zwischendurch (scan) einen fehler erhalten, programm funktioniet nicht mehr
Hier die logs: Code:
OTL logfile created on: 05.07.2013 22:37:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Besitzer\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16618)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,60 Gb Total Physical Memory | 2,25 Gb Available Physical Memory | 62,40% Memory free
7,20 Gb Paging File | 5,66 Gb Available in Paging File | 78,55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 421,81 Gb Total Space | 394,72 Gb Free Space | 93,58% Space Free | Partition Type: NTFS
Drive D: | 29,00 Gb Total Space | 27,71 Gb Free Space | 95,58% Space Free | Partition Type: NTFS
Computer Name: BESITZER-PC | User Name: Besitzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.07.05 22:35:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Besitzer\Desktop\OTL.exe
PRC - [2013.07.04 16:39:35 | 000,386,112 | ---- | M] (Wsys Co., Ltd.) -- C:\ProgramData\eSafe\eGdpSvc.exe
PRC - [2013.07.04 16:39:22 | 000,424,016 | ---- | M] (337 Technology Limited.) -- C:\Program Files (x86)\Desk 365\deskSvc.exe
PRC - [2013.07.03 15:46:49 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.07.03 15:46:01 | 000,589,368 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
PRC - [2013.07.03 15:45:48 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.07.03 15:45:47 | 000,345,144 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.07.03 00:41:35 | 000,168,400 | ---- | M] (APN LLC.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
PRC - [2013.07.03 00:41:28 | 001,558,480 | ---- | M] (APN) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
PRC - [2013.04.18 15:56:22 | 001,227,800 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe
PRC - [2010.12.24 13:19:36 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
PRC - [2010.01.19 12:44:40 | 000,536,576 | ---- | M] (Vimicro) -- C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV:64bit: - [2011.06.08 03:54:56 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.06.08 00:09:26 | 000,365,568 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2009.12.09 11:52:52 | 000,047,712 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Windows\SysNative\TPHDEXLG64.exe -- (TPHDEXLGSVC)
SRV - [2013.07.04 17:56:33 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.07.04 16:39:35 | 000,386,112 | ---- | M] (Wsys Co., Ltd.) [Auto | Running] -- C:\ProgramData\eSafe\eGdpSvc.exe -- (WsysSvc)
SRV - [2013.07.04 16:39:22 | 000,424,016 | ---- | M] (337 Technology Limited.) [Auto | Running] -- C:\Program Files (x86)\Desk 365\deskSvc.exe -- (desksvc)
SRV - [2013.07.03 15:46:49 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.07.03 15:46:01 | 000,589,368 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2013.07.03 15:45:48 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.07.03 00:41:35 | 000,168,400 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
SRV - [2013.06.18 16:21:21 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.04.18 15:56:22 | 001,227,800 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2013.04.18 15:56:14 | 000,659,992 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2010.09.22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.09.21 16:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.05.10 13:52:34 | 000,907,040 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.07.03 15:47:21 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.07.03 15:47:21 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.07.03 15:47:21 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.04.18 15:55:50 | 000,018,456 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf_amd64.sys -- (PSI)
DRV:64bit: - [2013.02.25 10:12:04 | 002,426,672 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.01 19:25:36 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)
DRV:64bit: - [2011.12.01 19:25:28 | 000,029,792 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2011.12.01 19:07:55 | 000,057,952 | ---- | M] (Lenovo) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fbfmon.sys -- (fbfmon)
DRV:64bit: - [2011.12.01 19:07:55 | 000,013,408 | ---- | M] (Lenovo) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BPntDrv.sys -- (BPntDrv)
DRV:64bit: - [2011.06.08 04:42:26 | 009,360,896 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.06.08 03:16:14 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.12.24 13:19:56 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010.12.08 08:44:28 | 001,574,016 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2010.11.30 08:40:04 | 000,307,304 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2010.11.29 10:50:38 | 000,044,672 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.19 18:20:58 | 000,234,960 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vm332avs.sys -- (vm332avs)
DRV:64bit: - [2010.11.17 14:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.10.26 05:08:08 | 000,406,632 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.10.21 12:47:40 | 001,396,784 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.10.11 16:21:56 | 000,135,776 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsX64.sys -- (Shockprf)
DRV:64bit: - [2010.09.22 00:04:54 | 000,015,056 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vm2uvcflt.sys -- (vm2uvcflt)
DRV:64bit: - [2010.04.08 18:11:12 | 000,054,824 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2010.04.07 07:57:08 | 000,073,784 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.04.07 07:57:08 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.02.18 11:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010.01.15 08:23:20 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.01.15 08:23:14 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.01.15 08:23:10 | 000,021,288 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.12.09 11:52:28 | 000,023,648 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsHM64.sys -- (TPDIGIMN)
DRV:64bit: - [2009.07.21 16:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.04.07 09:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://en.v9.com/?utm_source=b&utm_medium=stk&from=stk&uid=TOSHIBAXMK5065GSX_71GZT0FRTXX71GZT0FRT&ts=1372948753
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://en.v9.com/?utm_source=b&utm_medium=stk&from=stk&uid=TOSHIBAXMK5065GSX_71GZT0FRTXX71GZT0FRT&ts=1372948753
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = hxxp://search.v9.com/web/?utm_source=b&utm_medium=stk&from=stk&uid=TOSHIBAXMK5065GSX_71GZT0FRTXX71GZT0FRT&ts=4325433
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://en.v9.com/?utm_source=b&utm_medium=stk&from=stk&uid=TOSHIBAXMK5065GSX_71GZT0FRTXX71GZT0FRT&ts=1372948753
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://en.v9.com/?utm_source=b&utm_medium=stk&from=stk&uid=TOSHIBAXMK5065GSX_71GZT0FRTXX71GZT0FRT&ts=1372948753
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = hxxp://search.v9.com/web/?utm_source=b&utm_medium=stk&from=stk&uid=TOSHIBAXMK5065GSX_71GZT0FRTXX71GZT0FRT&ts=4325433
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://en.v9.com/?utm_source=b&utm_medium=stk&from=stk&uid=TOSHIBAXMK5065GSX_71GZT0FRTXX71GZT0FRT&ts=1372948753
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://en.v9.com/?utm_source=b&utm_medium=stk&from=stk&uid=TOSHIBAXMK5065GSX_71GZT0FRTXX71GZT0FRT&ts=1372948753
IE - HKCU\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = hxxp://search.v9.com/web/?utm_source=b&utm_medium=stk&from=stk&uid=TOSHIBAXMK5065GSX_71GZT0FRTXX71GZT0FRT&ts=4325433
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "https://www.google.de/|hxxp://www.greasespot.net/p/welcome.html?1.9"
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.6.7
FF - prefs.js..extensions.enabledAddons: %7B4DC70064-89E2-4a55-8FC6-E8CDEAE3618C%7D:0.7.7
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.9
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2013.07.03 15:38:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Extensions
[2013.07.04 17:34:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\bgvw0tzp.default\extensions
[2013.07.04 15:47:00 | 001,038,782 | ---- | M] () (No name found) -- C:\Users\Besitzer\AppData\Roaming\mozilla\firefox\profiles\bgvw0tzp.default\extensions\antigameorigin@antigame.de.xpi
[2013.07.03 00:42:09 | 000,713,719 | ---- | M] () (No name found) -- C:\Users\Besitzer\AppData\Roaming\mozilla\firefox\profiles\bgvw0tzp.default\extensions\toolbar_AVIRA-V7@apn.ask.com.xpi
[2013.07.03 16:01:46 | 000,013,345 | ---- | M] () (No name found) -- C:\Users\Besitzer\AppData\Roaming\mozilla\firefox\profiles\bgvw0tzp.default\extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi
[2013.07.03 16:01:46 | 000,534,371 | ---- | M] () (No name found) -- C:\Users\Besitzer\AppData\Roaming\mozilla\firefox\profiles\bgvw0tzp.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013.07.04 16:37:46 | 000,221,336 | ---- | M] () (No name found) -- C:\Users\Besitzer\AppData\Roaming\mozilla\firefox\profiles\bgvw0tzp.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2013.07.03 17:21:13 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Besitzer\AppData\Roaming\mozilla\firefox\profiles\bgvw0tzp.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.07.04 17:34:29 | 000,269,448 | ---- | M] () (No name found) -- C:\Users\Besitzer\AppData\Roaming\mozilla\firefox\profiles\bgvw0tzp.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013.07.03 15:38:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.07.03 15:38:20 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [{BA1E422A-80A8-4AA0-B67B-CAA3D04C5162}] C:\Program Files\CapsLK OSD\64\CAPSOSD.EXE (Wistron Corp.)
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe (Lenovo)
O4:64bit: - HKLM..\Run: [TpShocks] C:\Windows\SysNative\TpShocks.exe (Lenovo.)
O4 - HKLM..\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332_STI.EXE (Vimicro)
O4 - HKLM..\Run: [ApnTBMon] C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BCB4EC7D-BE98-41DC-B8C8-7580630EA69D}: DhcpNameServer = 172.168.117.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D10A01F5-5959-4F51-93B6-D246620C9677}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.07.05 22:35:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Besitzer\Desktop\OTL.exe
[2013.07.04 21:51:44 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.07.04 21:32:07 | 000,000,000 | ---D | C] -- C:\windows\pss
[2013.07.04 17:15:46 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\Malwarebytes
[2013.07.04 17:15:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.07.04 17:15:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.07.04 17:15:33 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2013.07.04 17:15:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.07.04 16:57:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013.07.04 16:57:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.07.04 16:57:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013.07.04 16:39:35 | 000,000,000 | ---D | C] -- C:\ProgramData\eSafe
[2013.07.04 16:39:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365
[2013.07.04 16:39:24 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\Desk 365
[2013.07.04 16:39:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Desk 365
[2013.07.04 16:38:50 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\eIntaller
[2013.07.03 23:13:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2013.07.03 21:55:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.07.03 21:52:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.07.03 21:52:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013.07.03 19:29:46 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Local\gtk-2.0
[2013.07.03 19:29:46 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\.thumbnails
[2013.07.03 18:44:38 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Local\gegl-0.2
[2013.07.03 18:44:38 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\.gimp-2.8
[2013.07.03 18:41:56 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2013.07.03 18:41:48 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Local\Programs
[2013.07.03 17:52:25 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2013.07.03 17:52:02 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\Documents\Youcam
[2013.07.03 17:51:57 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\CyberLink
[2013.07.03 17:51:56 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Local\CyberLink
[2013.07.03 17:08:46 | 000,000,000 | R--D | C] -- C:\Users\Besitzer\Desktop\Meins
[2013.07.03 16:29:21 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\Macromedia
[2013.07.03 16:29:21 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Local\Macromedia
[2013.07.03 16:25:12 | 000,000,000 | ---D | C] -- C:\windows\SysNative\Macromed
[2013.07.03 16:19:45 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Local\Secunia PSI
[2013.07.03 16:18:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia
[2013.07.03 16:15:38 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\Adobe
[2013.07.03 16:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013.07.03 16:01:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
[2013.07.03 16:01:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavalys
[2013.07.03 15:57:32 | 000,083,672 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\windows\SysNative\drivers\avnetflt.sys
[2013.07.03 15:55:38 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\Avira
[2013.07.03 15:53:29 | 000,000,000 | R--D | C] -- C:\Users\Besitzer\Desktop\°
[2013.07.03 15:52:00 | 000,000,000 | ---D | C] -- C:\ProgramData\AskPartnerNetwork
[2013.07.03 15:52:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AskPartnerNetwork
[2013.07.03 15:51:20 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2013.07.03 15:49:49 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\windows\SysNative\drivers\avipbb.sys
[2013.07.03 15:49:49 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\windows\SysNative\drivers\avgntflt.sys
[2013.07.03 15:49:49 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\windows\SysNative\drivers\avkmgr.sys
[2013.07.03 15:49:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013.07.03 15:49:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2013.07.03 15:38:37 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\Mozilla
[2013.07.03 15:38:37 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Local\Mozilla
[2013.07.03 15:38:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013.07.03 15:38:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013.07.03 15:38:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.07.03 14:34:32 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Local\Google
[2013.06.06 15:16:08 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2013.06.06 15:16:06 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Local\AMD
[2013.06.06 15:15:39 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Local\Broadcom
[2013.06.06 15:15:39 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\Documents\Bluetooth-Exchange-Ordner
[2013.06.06 15:15:39 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\ATI
[2013.06.06 15:15:39 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Local\ATI
[2013.06.06 15:14:57 | 000,000,000 | R--D | C] -- C:\Users\Besitzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013.06.06 15:14:57 | 000,000,000 | R--D | C] -- C:\Users\Besitzer\Searches
[2013.06.06 15:14:57 | 000,000,000 | R--D | C] -- C:\Users\Besitzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013.06.06 15:14:26 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\Identities
[2013.06.06 15:14:21 | 000,000,000 | R--D | C] -- C:\Users\Besitzer\Contacts
[2013.06.06 15:14:20 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.06.06 15:14:17 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Local\VirtualStore
[2013.06.06 15:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Besitzer\Vorlagen
[2013.06.06 15:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Besitzer\AppData\Local\Verlauf
[2013.06.06 15:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Besitzer\AppData\Local\Temporary Internet Files
[2013.06.06 15:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Besitzer\Startmenü
[2013.06.06 15:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Besitzer\SendTo
[2013.06.06 15:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Besitzer\Recent
[2013.06.06 15:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Besitzer\Netzwerkumgebung
[2013.06.06 15:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Besitzer\Lokale Einstellungen
[2013.06.06 15:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Besitzer\Documents\Eigene Videos
[2013.06.06 15:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Besitzer\Documents\Eigene Musik
[2013.06.06 15:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Besitzer\Eigene Dateien
[2013.06.06 15:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Besitzer\Documents\Eigene Bilder
[2013.06.06 15:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Besitzer\Druckumgebung
[2013.06.06 15:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Besitzer\Cookies
[2013.06.06 15:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Besitzer\AppData\Local\Anwendungsdaten
[2013.06.06 15:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Besitzer\Anwendungsdaten
[2013.06.06 15:13:52 | 000,000,000 | --SD | C] -- C:\Users\Besitzer\AppData\Roaming\Microsoft
[2013.06.06 15:13:52 | 000,000,000 | R--D | C] -- C:\Users\Besitzer\Videos
[2013.06.06 15:13:52 | 000,000,000 | R--D | C] -- C:\Users\Besitzer\Saved Games
[2013.06.06 15:13:52 | 000,000,000 | R--D | C] -- C:\Users\Besitzer\Pictures
[2013.06.06 15:13:52 | 000,000,000 | R--D | C] -- C:\Users\Besitzer\Music
[2013.06.06 15:13:52 | 000,000,000 | R--D | C] -- C:\Users\Besitzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013.06.06 15:13:52 | 000,000,000 | R--D | C] -- C:\Users\Besitzer\Links
[2013.06.06 15:13:52 | 000,000,000 | R--D | C] -- C:\Users\Besitzer\Favorites
[2013.06.06 15:13:52 | 000,000,000 | R--D | C] -- C:\Users\Besitzer\Downloads
[2013.06.06 15:13:52 | 000,000,000 | R--D | C] -- C:\Users\Besitzer\Documents
[2013.06.06 15:13:52 | 000,000,000 | R--D | C] -- C:\Users\Besitzer\Desktop
[2013.06.06 15:13:52 | 000,000,000 | R--D | C] -- C:\Users\Besitzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013.06.06 15:13:52 | 000,000,000 | -H-D | C] -- C:\Users\Besitzer\AppData
[2013.06.06 15:13:52 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Local\Temp
[2013.06.06 15:13:52 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Local\Microsoft
[2013.06.06 15:13:52 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\Media Center Programs
[2013.06.06 15:13:52 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
[2013.06.06 15:13:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2013.06.06 15:13:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2013.06.06 15:13:18 | 000,000,000 | -HSD | C] -- C:\Recovery
[2013.06.06 15:13:18 | 000,000,000 | -HSD | C] -- C:\Programme
[2013.06.06 15:13:18 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2013.06.06 15:13:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2013.06.06 15:13:18 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2013.06.06 15:13:18 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2013.06.06 15:13:18 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2013.06.06 15:13:18 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2013.06.06 15:13:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2013.06.06 15:13:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
========== Files - Modified Within 30 Days ==========
[2013.07.05 22:38:52 | 000,021,072 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.05 22:38:52 | 000,021,072 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.05 22:36:20 | 001,498,506 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013.07.05 22:36:20 | 000,654,166 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2013.07.05 22:36:20 | 000,616,008 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013.07.05 22:36:20 | 000,130,006 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2013.07.05 22:36:20 | 000,106,388 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013.07.05 22:35:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Besitzer\Desktop\OTL.exe
[2013.07.05 22:29:36 | 000,100,958 | ---- | M] () -- C:\windows\SysNative\fastboot.set
[2013.07.05 22:28:32 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.07.05 22:28:16 | 2900,889,600 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.05 21:55:10 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013.07.03 19:33:29 | 000,001,938 | ---- | M] () -- C:\Users\Besitzer\AppData\Local\recently-used.xbel
[2013.07.03 18:25:23 | 000,283,104 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013.07.03 17:57:52 | 000,025,185 | ---- | M] () -- C:\windows\SysWow64\ieuinit.inf
[2013.07.03 17:57:51 | 000,025,185 | ---- | M] () -- C:\windows\SysNative\ieuinit.inf
[2013.07.03 17:45:54 | 000,007,602 | ---- | M] () -- C:\Users\Besitzer\AppData\Local\Resmon.ResmonCfg
[2013.07.03 15:57:32 | 000,083,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\SysNative\drivers\avnetflt.sys
[2013.07.03 15:47:21 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\SysNative\drivers\avipbb.sys
[2013.07.03 15:47:21 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\SysNative\drivers\avgntflt.sys
[2013.07.03 15:47:21 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\SysNative\drivers\avkmgr.sys
[2013.06.06 17:12:41 | 000,159,772 | ---- | M] () -- C:\windows\SysWow64\license.rtf
[2013.06.06 17:12:41 | 000,159,772 | ---- | M] () -- C:\windows\SysNative\license.rtf
========== Files Created - No Company Name ==========
[2013.07.03 19:33:29 | 000,001,938 | ---- | C] () -- C:\Users\Besitzer\AppData\Local\recently-used.xbel
[2013.07.03 18:44:03 | 000,000,892 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2013.07.03 17:57:52 | 000,025,185 | ---- | C] () -- C:\windows\SysWow64\ieuinit.inf
[2013.07.03 17:57:51 | 000,025,185 | ---- | C] () -- C:\windows\SysNative\ieuinit.inf
[2013.07.03 17:45:54 | 000,007,602 | ---- | C] () -- C:\Users\Besitzer\AppData\Local\Resmon.ResmonCfg
[2013.07.03 17:03:27 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013.07.03 16:43:35 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013.07.03 16:25:18 | 000,000,884 | ---- | C] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013.07.03 15:38:29 | 000,001,387 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.06.06 15:15:05 | 000,001,661 | ---- | C] () -- C:\Users\Besitzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.12.01 19:06:01 | 002,086,240 | ---- | C] () -- C:\windows\SysWow64\LenovoVeriface.Interface.dll
[2011.12.01 19:06:01 | 001,500,512 | ---- | C] () -- C:\windows\SysWow64\Apblend.dll
[2011.12.01 19:06:01 | 001,171,456 | ---- | C] () -- C:\windows\SysWow64\PicNotify.dll
[2011.12.01 19:06:01 | 000,472,416 | ---- | C] () -- C:\windows\SysWow64\Lenovo.VerifaceStub.dll
[2011.12.01 19:05:45 | 001,044,480 | ---- | C] () -- C:\windows\SysWow64\3DImageRenderer.dll
[2011.12.01 18:48:36 | 000,001,823 | ---- | C] () -- C:\windows\vm332Rmv.ini
[2011.12.01 18:48:36 | 000,001,823 | ---- | C] () -- C:\windows\SysWow64\vm332Rmv.ini
[2011.12.01 18:38:44 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2011.08.11 03:24:12 | 000,003,929 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.07.04 21:22:43 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\Desk 365
[2013.07.04 16:38:50 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\eIntaller
========== Purity Check ==========
< End of report >
Code:
OTL Extras logfile created on: 05.07.2013 22:37:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Besitzer\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16618)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,60 Gb Total Physical Memory | 2,25 Gb Available Physical Memory | 62,40% Memory free
7,20 Gb Paging File | 5,66 Gb Available in Paging File | 78,55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 421,81 Gb Total Space | 394,72 Gb Free Space | 93,58% Space Free | Partition Type: NTFS
Drive D: | 29,00 Gb Total Space | 27,71 Gb Free Space | 95,58% Space Free | Partition Type: NTFS
Computer Name: BESITZER-PC | User Name: Besitzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0631B7A4-B24D-4A7E-A5DD-103DE9A66F3E}" = rport=139 | protocol=6 | dir=out | app=system |
"{07871764-0530-4548-AC44-80AA74D06777}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0BF5C819-2408-4F10-AFCD-F6B6D0B619EC}" = rport=138 | protocol=17 | dir=out | app=system |
"{0F10F29C-8CE8-4357-8A75-6C850946DE49}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1F7FAB4D-F97B-4B80-A925-B62BBB9C2DFF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{38676216-9687-4199-8112-76BD94E2BD76}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4F970D61-AF19-48C1-821D-E494723EA6C0}" = lport=138 | protocol=17 | dir=in | app=system |
"{5A71D5F6-E59C-46BE-ACE2-BD76CB85375B}" = lport=10243 | protocol=6 | dir=in | app=system |
"{68F7AD8B-3911-4821-B3BD-6FA281D9259C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{711BCD55-3722-4DAA-A5D6-CE861D31AB18}" = lport=139 | protocol=6 | dir=in | app=system |
"{72A8519F-4D48-4786-B20A-8253815ACAD8}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{781F346C-3C53-4E78-AD31-5FE8302478BE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7CA16EAD-1F7A-419A-BA7E-F97C1829ED0D}" = rport=445 | protocol=6 | dir=out | app=system |
"{82FA5B2A-F489-4FF4-B3AD-57ABF42CC5AC}" = lport=445 | protocol=6 | dir=in | app=system |
"{85210294-2F7D-4B8C-BF6B-6B88222FBA85}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9149EAC0-8CEE-46CE-9751-BA55DA67BF5A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{A1753044-7DBE-45B7-9751-ABEA8F3C484E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B5F2811F-60D6-45FF-ACD3-46743828C35A}" = lport=137 | protocol=17 | dir=in | app=system |
"{C34AF4D3-A560-41DE-9C61-8107D68CC334}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D194CA52-B3B8-4BDC-AFAE-C6EFCD7AA27C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D30088EA-117D-4CB4-8CFE-16B4AFAD1819}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{ED6555C4-C969-4EEA-90A7-0BC10DE2CBB2}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F50C9A08-3EEF-4870-AE5A-C3EDE1679EC6}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0366859B-B874-4A81-BA86-924A256D35B2}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{04671A5C-33F1-4853-A794-B751791E5F92}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0BCAE626-E148-4823-8F7B-F6CCDCA66E49}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{161AF271-EFE2-4FA7-8606-65393F39C8AC}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{195CE8F5-5D9C-4E6C-843D-3F99551CCDC8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2237DAEB-C9EE-4251-836F-1108B014020C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{276CF172-C033-4D4A-83DD-0BE0436D1A4E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{40827E00-BFAC-460B-87D4-7B2F2125E82A}" = protocol=6 | dir=out | app=system |
"{4931365E-82AC-4DF4-BDFF-679240EDB7FE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5031F5B3-F6D5-4B64-AC4B-BA821D82968C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{53274A53-70D3-45C0-A2B3-E7AD6CB85666}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{64DBC517-DD46-4505-AFCD-F91B48289DF1}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{66BAE779-7802-4B32-B4DA-249AA4D61808}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6FC3AF19-0725-4694-9D5B-4715D1532BFF}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{7A4A1AD4-1668-4A78-AC5D-D2BCF2DA5A4E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{82BB5F22-5BEC-4DE1-ACE1-83DC41BA62AE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{885B4B14-F4D2-4320-8D1A-938638FB6F21}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{94158FFB-F0BA-4A4D-B671-A75B9FCD81E7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A38CF1CD-39F6-47E7-B1D7-9C512A08DB38}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A6110064-5429-488C-B4D6-AC8C33CC4204}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{B0220391-6218-47F0-9EA7-8407B35B6DB4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BB05DA37-44F2-4568-93A0-1FF712A8395D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C532A830-0519-440A-9096-7B30EAB665BD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E5A1DE39-DB7F-443E-9A0C-5EE3E14B85CE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{247DC663-8C19-AF97-13B4-56C113B48631}" = ccc-utility64
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{83E198D6-F0DB-FC52-D3B7-C131C53356E6}" = AMD Fuel
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Lenovo Bluetooth with Enhanced Data Rate Software
"{BE422014-ABDB-01EB-5E76-92FEE6476929}" = ATI AVIVO64 Codecs
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D119A8C4-21EE-9FE3-F63F-2A18FFA66B02}" = ATI Catalyst Install Manager
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E8F838B2-21E2-D6B9-34BE-453FEE7E5F11}" = AMD Media Foundation Decoders
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"CNXT_AUDIO_HDA" = Conexant HD Audio
"DE7217D2A8B057F15EC6E52329FDAB84231521E8" = Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430)
"EA12B1FB53CE4E387C31A85236C41EF559B5E392" = Windows-Treiberpaket - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1)
"GIMP-2_is1" = GIMP 2.8.6
"Lenovo EE Boot Optimizer" = Lenovo EE Boot Optimizer
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
"{03DBD331-3B99-63BB-7C7F-742905F2BB3A}" = Catalyst Control Center Localization All
"{097E024D-BE30-4D95-B5F3-B6AE9C1568D4}" = PowerXpressHybrid
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{17B22CEC-41F3-BCDB-C8B6-169A8BABD435}" = CCC Help Finnish
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{28ABE740-47F3-441B-9437-852F6A64EFF8}" = Lenovo_Wireless_Driver
"{2E1939D4-5B77-5A56-9162-FD67006E45E0}" = AMD VISION Engine Control Center
"{30755F85-0FC1-C72B-2F48-3A41B99EA46C}" = CCC Help Danish
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{400C239A-BE90-C8AC-1E42-EF0FCAD0CE52}" = CCC Help Chinese Standard
"{41564952-412D-5637-00A7-A758B70C0201}" = Avira SearchFree Toolbar plus Web Protection
"{48052BE2-70BD-9BF8-B516-1B8BA94607F1}" = CCC Help Chinese Traditional
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A9E79C2-18DB-CBCB-6949-3FA1122FAD42}" = Catalyst Control Center Graphics Previews Common
"{4E396741-EAF9-4E21-9B4F-B16DEFA531A6}" = Catalyst Control Center - Branding
"{4E39C7C1-DF0C-B33D-98B5-6DEF133A7987}" = CCC Help French
"{54FAAC74-75CA-95D0-5B75-BCF680CC95E9}" = CCC Help Russian
"{57FFA83D-5264-02C6-D418-226D066B6D43}" = CCC Help Greek
"{5C929F95-5B3A-DA3F-8E6E-DD49D5B662D7}" = Catalyst Control Center Profiles Mobile
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D29B8FC-C40D-69DA-D663-602E7858E5E5}" = CCC Help Hungarian
"{6DD38FB3-98C5-A504-1761-75A9338DF1BA}" = CCC Help Czech
"{6F7ECDE7-894D-7A94-AC32-BAE0AF13AC6C}" = CCC Help Korean
"{6FED8283-F73E-042D-5013-38A5BF7488A5}" = CCC Help Swedish
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72D13A8A-5D91-3B26-A6F1-F8848310B711}" = CCC Help Japanese
"{838AB498-9AB6-242C-5EED-14B98E65E5F0}" = Catalyst Control Center InstallProxy
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A119FE0-D74C-6E6D-F2B7-F3FE80B7D356}" = CCC Help Portuguese
"{9AC326E6-650B-4287-6A8E-C4B2A41C8FE3}" = CCC Help Italian
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A4DE1B70-4A3F-0B79-036E-D56D794B8D11}" = CCC Help Spanish
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}" = Lenovo EasyCamera
"{AFDE6AB3-BFFD-1411-262E-E7E364D6424D}" = CCC Help Norwegian
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B1646873-447F-F477-CEEF-8F0A4BD59BF2}" = CCC Help Turkish
"{BA1E422A-80A8-4AA0-B67B-CAA3D04C5162}" = CapsLK OSD
"{BBD1BADF-F0DC-DA01-A774-A555F20907AD}" = CCC Help Dutch
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CEE173E5-F9A6-1657-EF62-8E7679D5B05F}" = CCC Help Polish
"{D031A9FA-9B49-C572-B0E6-810EA5C94D10}" = CCC Help German
"{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D26F58B7-92C6-CB25-88CA-B0798494052A}" = CCC Help English
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DEA566C9-30BA-FB13-D443-4E3D0AB8EB01}" = CCC Help Thai
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = Benutzerhandbuch
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F493761C-E465-4B9E-9FC1-A312F161DE0A}" = Active Protection System
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Desk 365" = Desk 365
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide
"Lenovo Games Console" = Lenovo Games Console
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 22.0 (x86 de)" = Mozilla Firefox 22.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Secunia PSI" = Secunia PSI (3.0.0.7009)
"VeriFace" = VeriFace
"WinLiveSuite" = Windows Live Essentials
"WsysControl" = Wsys Control 1.0.0.2539
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 03.07.2013 16:01:09 | Computer Name = Besitzer-PC | Source = WinMgmt | ID = 10
Description =
Error - 04.07.2013 00:13:31 | Computer Name = Besitzer-PC | Source = WinMgmt | ID = 10
Description =
Error - 04.07.2013 09:20:54 | Computer Name = Besitzer-PC | Source = WinMgmt | ID = 10
Description =
Error - 04.07.2013 11:01:40 | Computer Name = Besitzer-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 22.0.0.4917,
Zeitstempel: 0x51c06b1b Name des fehlerhaften Moduls: xul.dll, Version: 22.0.0.4917,
Zeitstempel: 0x51c06a5b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00173668 ID des fehlerhaften
Prozesses: 0x3d4 Startzeit der fehlerhaften Anwendung: 0x01ce78c4e983bb7b Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll Berichtskennung:
a11e5bfc-e4ba-11e2-b97f-e4d53dcdc293
Error - 04.07.2013 15:02:58 | Computer Name = Besitzer-PC | Source = Application Hang | ID = 1002
Description = Programm avscan.exe, Version 13.6.0.1722 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1018 Startzeit:
01ce78e5811cd124 Endzeit: 60000 Anwendungspfad: C:\Program Files (x86)\Avira\AntiVir
Desktop\avscan.exe Berichts-ID: 2041fb56-e4dc-11e2-b97f-e4d53dcdc293
Error - 04.07.2013 15:18:44 | Computer Name = Besitzer-PC | Source = WinMgmt | ID = 10
Description =
Error - 04.07.2013 15:23:20 | Computer Name = Besitzer-PC | Source = WinMgmt | ID = 10
Description =
Error - 04.07.2013 16:22:54 | Computer Name = Besitzer-PC | Source = WinMgmt | ID = 10
Description =
Error - 04.07.2013 16:53:17 | Computer Name = Besitzer-PC | Source = WinMgmt | ID = 10
Description =
Error - 05.07.2013 00:05:31 | Computer Name = Besitzer-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 03.07.2013 12:22:34 | Computer Name = Besitzer-PC | Source = DCOM | ID = 10010
Description =
Error - 03.07.2013 12:25:33 | Computer Name = Besitzer-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 03.07.2013 13:35:10 | Computer Name = Besitzer-PC | Source = DCOM | ID = 10010
Description =
Error - 03.07.2013 14:51:55 | Computer Name = Besitzer-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 03.07.2013 15:58:38 | Computer Name = Besitzer-PC | Source = DCOM | ID = 10010
Description =
Error - 03.07.2013 16:00:10 | Computer Name = Besitzer-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 03.07.2013 18:00:57 | Computer Name = Besitzer-PC | Source = DCOM | ID = 10010
Description =
Error - 04.07.2013 00:12:32 | Computer Name = Besitzer-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 04.07.2013 00:45:28 | Computer Name = Besitzer-PC | Source = DCOM | ID = 10010
Description =
Error - 04.07.2013 09:19:56 | Computer Name = Besitzer-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
< End of report >
Bedanke mich schonmal für jedweilige Hilfe |
AdwCleaner auf deinen Desktop.
SecurityCheck und:
Lesestoff:
