Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Laptop scrollt unkontrolliert hin und her

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 19.12.2012, 00:15   #1
Hubbi234
 
Laptop scrollt unkontrolliert hin und her - Standard

Laptop scrollt unkontrolliert hin und her



Hallo,
mein Laptop scrollt seit heute gelegentlich unkontrolliert nach oben und unten.
Ich bin ein absoluter Computerlaie und bitte um einfache Beschreibungen zur Problemlösung.
Hier die Auswertungen der Scans:

OTL:

OTL logfile created on: 18.12.2012 23:59:04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Anna\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,86 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 56,06% Memory free
7,71 Gb Paging File | 5,89 Gb Available in Paging File | 76,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450,16 Gb Total Space | 313,02 Gb Free Space | 69,54% Space Free | Partition Type: NTFS
Drive E: | 1,88 Gb Total Space | 1,60 Gb Free Space | 85,06% Space Free | Partition Type: FAT
Drive F: | 3,71 Gb Total Space | 3,38 Gb Free Space | 91,07% Space Free | Partition Type: FAT32

Computer Name: ANNA-PC | User Name: Anna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.12.18 23:50:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Anna\Desktop\OTL.exe
PRC - [2012.12.18 23:49:56 | 000,050,477 | ---- | M] () -- C:\Users\Anna\Desktop\Defogger.exe
PRC - [2012.12.04 15:38:05 | 000,565,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
PRC - [2012.12.04 15:36:48 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.12.04 12:13:51 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.12.04 12:04:24 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.10.29 17:33:28 | 001,573,584 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.09.05 16:57:26 | 000,271,808 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
PRC - [2011.08.04 17:08:56 | 000,593,032 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
PRC - [2011.08.04 17:06:12 | 001,612,920 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2011.04.17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
PRC - [2011.02.07 08:56:11 | 000,138,192 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
PRC - [2010.12.22 21:25:02 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.12.22 21:24:58 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.12.12 14:58:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2010.12.09 06:27:50 | 001,025,616 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010.12.09 06:27:50 | 000,311,376 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010.12.09 06:27:50 | 000,287,824 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010.11.12 02:21:52 | 000,257,344 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe
PRC - [2010.11.12 02:21:46 | 000,295,232 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe
PRC - [2010.10.28 18:55:02 | 000,969,824 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
PRC - [2010.09.14 03:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.09.14 03:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.04.27 03:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe
PRC - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe


========== Modules (No Company Name) ==========

MOD - [2012.12.18 23:49:56 | 000,050,477 | ---- | M] () -- C:\Users\Anna\Desktop\Defogger.exe
MOD - [2012.12.07 11:57:24 | 011,824,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\398df77267992efc77df5ef5176a89c6\System.Web.ni.dll
MOD - [2012.12.07 11:57:19 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1430191d067c0f28c3a676d3ecb85b26\System.Runtime.Remoting.ni.dll
MOD - [2012.12.07 11:57:18 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6a68e4c50351a220511a5dfc3e025685\WindowsBase.ni.dll
MOD - [2012.12.07 11:57:18 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\3bd31aaa7f3af438f4a46f2548fef115\IAStorCommon.ni.dll
MOD - [2012.12.07 11:57:16 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\c5ad9f29f560bb09eafc09645159da38\IAStorUtil.ni.dll
MOD - [2012.12.07 11:57:14 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\515c6ffea562bb0f03a1ed8f75279648\System.Windows.Forms.ni.dll
MOD - [2012.12.07 11:57:09 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f4be07261983040b29685575b69085e8\System.Drawing.ni.dll
MOD - [2012.12.07 11:57:04 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2d47118e5da6db054d5676e665f2be2\System.Xml.ni.dll
MOD - [2012.12.07 11:57:01 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2f44dac350b6161a9e9ce7222ae94335\System.Configuration.ni.dll
MOD - [2012.12.07 11:57:00 | 007,973,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c8ebcd93a2b547dc72dee2fcfabcdd50\System.ni.dll
MOD - [2012.12.07 11:56:56 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5530227809880c9b8b1d834e5434e840\mscorlib.ni.dll
MOD - [2012.12.01 04:22:25 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2012.12.01 04:22:22 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2012.11.28 14:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.11.28 14:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010.11.12 02:22:22 | 000,465,640 | ---- | M] () -- C:\Program Files (x86)\NTI\Packard Bell MyBackup\sqlite3.dll


========== Services (SafeList) ==========

SRV - [2012.12.12 14:45:54 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.12.04 15:38:05 | 000,565,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2012.12.04 12:13:51 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.12.04 12:04:24 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.11.30 19:59:26 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012.11.29 09:26:17 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.11.09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.09.05 16:56:44 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe -- (McComponentHostService)
SRV - [2011.04.17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe -- (NIS)
SRV - [2011.02.07 08:56:11 | 000,138,192 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC)
SRV - [2010.12.22 21:25:02 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010.12.22 21:24:58 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.12.12 14:58:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010.12.10 13:55:28 | 000,868,224 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Packard Bell\Packard Bell Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2010.12.09 06:27:50 | 000,311,376 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010.11.12 02:21:52 | 000,257,344 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010.10.08 02:24:16 | 000,150,016 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.09.21 14:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.09.14 03:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.06.02 00:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010.04.04 00:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe -- (Updater Service)
SRV - [2010.01.15 23:08:38 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009.10.09 05:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.12.03 15:36:36 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.12.03 15:36:35 | 000,099,912 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.12.01 11:56:26 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012.11.16 20:17:15 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.03.01 07:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.04.21 02:37:49 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symnets.sys -- (SymNetS)
DRV:64bit: - [2011.03.31 04:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011.03.31 04:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2011.03.15 03:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011.03.11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.27 07:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symds64.sys -- (SymDS)
DRV:64bit: - [2011.01.27 06:07:06 | 000,171,128 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010.12.23 18:44:22 | 012,260,000 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010.12.15 19:42:08 | 000,035,368 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiMSa.sys -- (bScsiMSa)
DRV:64bit: - [2010.12.12 14:58:00 | 000,025,576 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2010.12.11 20:43:54 | 000,085,544 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiSDa.sys -- (bScsiSDa)
DRV:64bit: - [2010.12.11 08:12:54 | 000,019,496 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdmp.sys -- (b57xdmp)
DRV:64bit: - [2010.12.11 08:12:50 | 000,067,112 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdbd.sys -- (b57xdbd)
DRV:64bit: - [2010.12.01 22:36:04 | 000,411,688 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2010.11.12 07:23:40 | 000,138,024 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010.11.09 11:26:46 | 002,377,216 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.10.20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.15 09:28:18 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010.10.08 02:23:38 | 000,019,192 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010.09.30 06:00:06 | 000,180,736 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.09.30 06:00:06 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.09.14 03:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.07.17 20:25:24 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.06 01:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009.05.06 01:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2008.06.16 03:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV - [2012.11.30 23:19:38 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20121218.002\ex64.sys -- (NAVEX15)
DRV - [2012.11.30 23:19:38 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012.11.30 23:19:38 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012.11.30 23:19:38 | 000,126,112 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20121218.002\eng64.sys -- (NAVENG)
DRV - [2012.11.30 16:26:08 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20121215.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012.11.06 23:54:56 | 001,384,608 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20121130.005\BHDrvx64.sys -- (BHDrvx64)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10267&gct=hp&dc=EU&locale=de_NL
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{48EBBE69-3ADF-4199-A5C9-91B553C0F414}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10267&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGY&apn_dtid=^YYYYYY^YY^NL&apn_uid=a427c328-45a7-4197-808e-c3dab6c14551&apn_sauid=39CD1021-176C-4876-960E-CFA832C9249F
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "hxxp://search.avira.com/?l=dis&o=APN10267&gct=hp&dc=EU&locale=de_NL"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10267&locale=de_NL&apn_uid=a427c328-45a7-4197-808e-c3dab6c14551&apn_ptnrs=%5EAGY&apn_sauid=39CD1021-176C-4876-960E-CFA832C9249F&apn_dtid=%5EYYYYYY%5EYY%5ENL&&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\IPSFFPlgn\ [2012.12.18 23:51:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\coFFPlgn_2011_7_13_2 [2012.12.18 23:51:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.30 20:58:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012.11.30 20:59:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anna\AppData\Roaming\mozilla\Extensions
[2012.12.18 23:25:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anna\AppData\Roaming\mozilla\Firefox\Profiles\0fzp4tru.default\extensions
[2012.12.18 23:25:10 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Users\Anna\AppData\Roaming\mozilla\Firefox\Profiles\0fzp4tru.default\extensions\toolbar@ask.com
[2012.12.18 23:25:10 | 000,002,344 | ---- | M] () -- C:\Users\Anna\AppData\Roaming\mozilla\firefox\profiles\0fzp4tru.default\searchplugins\askcom.xml
[2012.11.30 20:58:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.11.29 09:26:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.11.29 10:19:31 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.11.29 10:19:31 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.11.29 10:19:31 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.11.29 10:19:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.11.29 10:19:31 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.11.29 10:19:31 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - Startup: C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Anna\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D3E57560-C482-45C1-B706-15E7A01B4AD4}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012.12.18 23:54:21 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Anna\Desktop\OTL.exe
[2012.12.18 23:30:37 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\Avira
[2012.12.18 23:25:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.12.18 23:25:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2012.12.18 23:24:52 | 000,129,216 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.12.18 23:24:52 | 000,099,912 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012.12.18 23:24:52 | 000,027,800 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2012.12.18 23:24:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.12.18 23:24:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2012.12.14 13:36:18 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\SNS
[2012.12.07 12:40:07 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEGV
[2012.12.07 12:30:07 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJSolutionMenuEX
[2012.12.07 12:30:03 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEPPEX2
[2012.12.07 12:30:03 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonEPP
[2012.12.07 12:29:59 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJMyPrinter
[2012.12.07 12:29:58 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\Canon
[2012.12.07 12:26:13 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJPLM
[2012.12.07 12:24:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG3100 series Benutzerregistrierung
[2012.12.07 12:24:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2012.12.07 12:24:00 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJWSpt
[2012.12.07 12:21:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2012.12.07 12:21:54 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2012.12.07 12:21:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG3100 series Manual
[2012.12.07 12:21:04 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2012.12.07 12:20:58 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
[2012.12.07 12:20:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG3100 series
[2012.12.07 12:20:25 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2012.12.07 12:20:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\STRING
[2012.12.07 12:18:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2012.12.03 18:08:12 | 000,000,000 | R--D | C] -- C:\Users\Anna\Dropbox
[2012.12.03 18:06:45 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2012.12.03 18:06:21 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\Dropbox
[2012.12.03 15:46:44 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\CyberLink
[2012.12.03 15:46:44 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2012.12.03 15:46:35 | 000,000,000 | ---D | C] -- C:\Users\Anna\Documents\Youcam
[2012.12.03 15:20:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012.12.01 14:55:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012.12.01 04:23:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer
[2012.12.01 04:23:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\de-DE
[2012.12.01 04:23:26 | 000,000,000 | ---D | C] -- C:\Windows\de-DE
[2012.12.01 04:23:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\de
[2012.12.01 04:23:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0407
[2012.12.01 04:23:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE
[2012.12.01 04:23:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\de
[2012.12.01 04:23:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0407
[2012.12.01 04:22:35 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui
[2012.12.01 04:22:35 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui
[2012.12.01 04:22:34 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui
[2012.12.01 04:22:34 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui
[2012.12.01 04:17:50 | 000,000,000 | ---D | C] -- C:\Windows\NAPP_Dism_Log
[2012.12.01 01:34:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2012.11.30 23:27:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2012.11.30 23:18:48 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Local\Microsoft Games
[2012.11.30 22:58:11 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Local\Macromedia
[2012.11.30 22:57:53 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2012.11.30 22:57:53 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012.11.30 22:57:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan
[2012.11.30 22:57:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012.11.30 22:48:14 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Local\Apple Computer
[2012.11.30 22:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012.11.30 22:45:15 | 000,174,200 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012.11.30 22:45:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2012.11.30 22:45:15 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012.11.30 22:43:48 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\Apple Computer
[2012.11.30 21:18:44 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Local\Diagnostics
[2012.11.30 21:11:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.11.30 21:10:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012.11.30 21:09:14 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Local\Adobe
[2012.11.30 21:08:25 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.11.30 21:08:05 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.11.30 21:08:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012.11.30 21:08:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012.11.30 21:07:07 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Local\Apple
[2012.11.30 21:07:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012.11.30 21:05:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012.11.30 21:05:31 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012.11.30 21:05:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012.11.30 21:04:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012.11.30 21:04:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012.11.30 20:58:56 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Local\Mozilla
[2012.11.30 20:58:55 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\Mozilla
[2012.11.30 20:58:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012.11.30 20:58:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.11.30 20:58:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.11.30 20:56:01 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\Skype
[2012.11.30 20:55:54 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012.11.30 20:55:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.11.30 20:54:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.11.30 20:48:05 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\Adobe
[2012.11.30 20:42:49 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\Intel Corporation
[2012.11.30 20:42:38 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\Macromedia
[2012.11.30 20:42:26 | 000,000,000 | R--D | C] -- C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.11.30 20:42:26 | 000,000,000 | R--D | C] -- C:\Users\Anna\Searches
[2012.11.30 20:42:26 | 000,000,000 | R--D | C] -- C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.11.30 20:42:18 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\Identities
[2012.11.30 20:42:17 | 000,000,000 | R--D | C] -- C:\Users\Anna\Contacts
[2012.11.30 20:42:03 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Local\VirtualStore
[2012.11.30 20:41:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OEM
[2012.11.30 20:41:15 | 000,000,000 | ---D | C] -- C:\Program Files\PB Accessory Store
[2012.11.30 20:41:02 | 000,000,000 | --SD | C] -- C:\Users\Anna\AppData\Roaming\Microsoft
[2012.11.30 20:41:02 | 000,000,000 | R--D | C] -- C:\Users\Anna\Videos
[2012.11.30 20:41:02 | 000,000,000 | R--D | C] -- C:\Users\Anna\Saved Games
[2012.11.30 20:41:02 | 000,000,000 | R--D | C] -- C:\Users\Anna\Pictures
[2012.11.30 20:41:02 | 000,000,000 | R--D | C] -- C:\Users\Anna\Music
[2012.11.30 20:41:02 | 000,000,000 | R--D | C] -- C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.11.30 20:41:02 | 000,000,000 | R--D | C] -- C:\Users\Anna\Links
[2012.11.30 20:41:02 | 000,000,000 | R--D | C] -- C:\Users\Anna\Favorites
[2012.11.30 20:41:02 | 000,000,000 | R--D | C] -- C:\Users\Anna\Downloads
[2012.11.30 20:41:02 | 000,000,000 | R--D | C] -- C:\Users\Anna\Documents
[2012.11.30 20:41:02 | 000,000,000 | R--D | C] -- C:\Users\Anna\Desktop
[2012.11.30 20:41:02 | 000,000,000 | R--D | C] -- C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\Vorlagen
[2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\AppData\Local\Verlauf
[2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\AppData\Local\Temporary Internet Files
[2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\Startmenü
[2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\SendTo
[2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\Recent
[2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\Netzwerkumgebung
[2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\Lokale Einstellungen
[2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\Documents\Eigene Videos
[2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\Documents\Eigene Musik
[2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\Eigene Dateien
[2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\Documents\Eigene Bilder
[2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\Druckumgebung
[2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\Cookies
[2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\AppData\Local\Anwendungsdaten
[2012.11.30 20:41:02 | 000,000,000 | -HSD | C] -- C:\Users\Anna\Anwendungsdaten
[2012.11.30 20:41:02 | 000,000,000 | -H-D | C] -- C:\Users\Anna\AppData
[2012.11.30 20:41:02 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Local\Temp
[2012.11.30 20:41:02 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Local\Microsoft
[2012.11.30 20:41:02 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\Media Center Programs
[2012.11.30 20:40:56 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.11.30 20:40:56 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.11.30 20:40:56 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012.11.30 20:40:56 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.11.30 20:40:56 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.11.30 20:40:56 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.11.30 20:40:56 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.11.30 20:40:56 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.11.30 20:40:56 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.11.30 20:40:56 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.11.30 20:40:56 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.11.30 20:40:56 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2012.11.30 20:06:42 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012.11.30 20:06:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NV
[2012.11.30 20:06:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NV
[2012.11.30 20:03:17 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Web Camera
[2012.11.30 20:03:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Video Web Camera
[2012.11.30 20:02:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeMedia
[2012.11.30 20:02:02 | 000,000,000 | ---D | C] -- C:\Windows\de
[2012.11.30 20:01:52 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2012.11.30 20:01:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2012.11.30 20:01:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2012.11.30 20:01:18 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012.11.30 20:01:16 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2012.11.30 20:00:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2012.11.30 19:59:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared
[2012.11.30 19:57:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2012.11.30 19:57:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2012.11.30 19:56:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012.11.30 19:55:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2012.11.30 19:55:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bing Bar Installer
[2012.11.30 19:51:51 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012.11.30 19:51:29 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012.11.30 19:51:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012.11.30 19:51:17 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012.11.30 19:51:17 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012.11.30 19:51:11 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012.11.30 19:50:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2012.11.30 19:49:52 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech
[2012.11.30 19:49:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Launch Manager
[2012.11.30 19:44:02 | 002,578,576 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2012.11.30 19:44:01 | 001,868,944 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2012.11.30 19:42:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
[2012.11.30 19:42:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Renesas Electronics
[2012.11.30 19:41:44 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012.11.30 19:34:48 | 000,000,000 | ---D | C] -- C:\book
[2012.11.30 19:34:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012.11.30 19:31:20 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.11.30 19:30:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2012.11.30 19:30:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2012.11.30 19:28:29 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2012.12.18 23:59:04 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.18 23:59:04 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.18 23:50:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Anna\Desktop\OTL.exe
[2012.12.18 23:50:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.18 23:50:42 | 3104,722,944 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.18 23:49:56 | 000,050,477 | ---- | M] () -- C:\Users\Anna\Desktop\Defogger.exe
[2012.12.18 23:40:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.18 23:36:37 | 000,000,000 | ---- | M] () -- C:\Users\Anna\defogger_reenable
[2012.12.18 23:25:16 | 001,994,480 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1207020.003\Cat.DB
[2012.12.18 23:25:16 | 000,002,078 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.12.14 11:51:45 | 000,289,144 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.12.13 19:22:13 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.12.13 19:22:13 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.12.13 19:22:13 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.12.13 19:22:13 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.12.13 19:22:13 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.12.07 12:52:12 | 000,002,031 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2012.12.07 12:24:00 | 000,002,087 | ---- | M] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
[2012.12.07 12:21:35 | 000,002,368 | ---- | M] () -- C:\Users\Public\Desktop\Canon MG3100 series Online-Handbuch.lnk
[2012.12.05 15:15:38 | 000,002,492 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2012.12.03 18:08:12 | 000,001,012 | ---- | M] () -- C:\Users\Anna\Desktop\Dropbox.lnk
[2012.12.03 18:06:53 | 000,001,022 | ---- | M] () -- C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012.12.03 17:24:59 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.12.03 15:36:36 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.12.03 15:36:35 | 000,099,912 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012.12.01 14:45:05 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.12.01 14:45:05 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012.12.01 11:56:26 | 000,174,200 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012.12.01 11:56:26 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012.12.01 11:56:26 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2012.12.01 04:23:15 | 000,295,922 | ---- | M] () -- C:\Windows\SysNative\perfi007.dat
[2012.12.01 04:23:15 | 000,038,104 | ---- | M] () -- C:\Windows\SysNative\perfd007.dat
[2012.12.01 04:22:35 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui
[2012.12.01 04:22:35 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui
[2012.12.01 04:22:34 | 000,004,096 | ---- | M] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui
[2012.12.01 04:22:34 | 000,002,560 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui
[2012.12.01 04:17:50 | 000,011,453 | ---- | M] () -- C:\Windows\ChangeLang_Done.tag
[2012.11.30 23:27:32 | 000,002,058 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2012.11.30 23:27:32 | 000,002,058 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2012.11.30 22:48:08 | 000,001,795 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.11.30 20:58:45 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.30 20:55:55 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.11.30 20:41:16 | 000,001,958 | ---- | M] () -- C:\Users\Public\Desktop\PB Zubehör Shop.lnk
[2012.11.30 20:39:40 | 000,052,953 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012.11.30 20:39:39 | 000,052,953 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012.11.30 20:03:17 | 000,001,953 | ---- | M] () -- C:\Users\Public\Desktop\Video Web Camera.lnk
[2012.11.30 19:59:17 | 000,001,225 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Photoshop Elements 8.0.lnk
[2012.11.30 19:49:06 | 000,000,184 | ---- | M] () -- C:\Windows\LMv4.UNI
[2012.11.30 19:34:22 | 000,015,906 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2012.11.30 19:32:22 | 000,000,006 | ---- | M] () -- C:\Windows\SysNative\PLD_Framework.cmd

========== Files Created - No Company Name ==========

[2012.12.18 23:54:21 | 000,050,477 | ---- | C] () -- C:\Users\Anna\Desktop\Defogger.exe
[2012.12.18 23:36:37 | 000,000,000 | ---- | C] () -- C:\Users\Anna\defogger_reenable
[2012.12.18 23:25:16 | 000,002,078 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.12.07 12:52:12 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2012.12.07 12:52:12 | 000,002,031 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2012.12.07 12:24:00 | 000,002,087 | ---- | C] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
[2012.12.07 12:21:35 | 000,002,368 | ---- | C] () -- C:\Users\Public\Desktop\Canon MG3100 series Online-Handbuch.lnk
[2012.12.07 12:20:54 | 000,063,744 | ---- | C] () -- C:\Windows\SysWow64\CNC1752D.TBL
[2012.12.07 12:20:54 | 000,063,744 | ---- | C] () -- C:\Windows\SysNative\CNC1752D.TBL
[2012.12.03 18:08:12 | 000,001,012 | ---- | C] () -- C:\Users\Anna\Desktop\Dropbox.lnk
[2012.12.03 18:06:53 | 000,001,022 | ---- | C] () -- C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012.12.03 17:24:59 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.12.01 14:57:48 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.12.01 14:45:05 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.12.01 14:45:05 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012.12.01 14:38:36 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.12.01 04:26:52 | 000,011,453 | ---- | C] () -- C:\Windows\ChangeLang_Done.tag
[2012.12.01 04:23:51 | 000,654,166 | ---- | C] () -- C:\Windows\SysNative\perfh007.dat
[2012.12.01 04:23:51 | 000,295,922 | ---- | C] () -- C:\Windows\SysNative\perfi007.dat
[2012.12.01 04:23:51 | 000,130,006 | ---- | C] () -- C:\Windows\SysNative\perfc007.dat
[2012.12.01 04:23:51 | 000,038,104 | ---- | C] () -- C:\Windows\SysNative\perfd007.dat
[2012.11.30 22:57:53 | 000,002,058 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2012.11.30 22:57:52 | 000,002,058 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2012.11.30 22:57:51 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.30 22:45:15 | 000,007,488 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012.11.30 22:45:15 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2012.11.30 21:11:29 | 000,001,795 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.11.30 21:07:06 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012.11.30 20:58:45 | 000,001,171 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.11.30 20:58:45 | 000,001,159 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.30 20:42:31 | 000,001,417 | ---- | C] () -- C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012.11.30 20:42:27 | 000,001,451 | ---- | C] () -- C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.11.30 20:41:16 | 000,001,958 | ---- | C] () -- C:\Users\Public\Desktop\PB Zubehör Shop.lnk
[2012.11.30 20:41:02 | 000,001,354 | ---- | C] () -- C:\Users\Anna\Desktop\User's Guide.lnk
[2012.11.30 20:03:17 | 000,001,953 | ---- | C] () -- C:\Users\Public\Desktop\Video Web Camera.lnk
[2012.11.30 20:01:51 | 000,001,317 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2012.11.30 20:01:47 | 000,001,386 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2012.11.30 20:01:41 | 000,001,470 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2012.11.30 20:01:37 | 000,002,498 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2012.11.30 19:59:17 | 000,001,237 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 8.0.lnk
[2012.11.30 19:59:17 | 000,001,225 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Photoshop Elements 8.0.lnk
[2012.11.30 19:56:34 | 000,002,435 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
[2012.11.30 19:51:16 | 000,007,621 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012.11.30 19:50:34 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2012.11.30 19:49:06 | 000,000,184 | ---- | C] () -- C:\Windows\LMv4.UNI
[2012.11.30 19:34:22 | 000,015,906 | ---- | C] () -- C:\Windows\SysNative\results.xml
[2012.11.30 19:28:29 | 3104,722,944 | -HS- | C] () -- C:\hiberfil.sys
[2011.01.06 05:09:23 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.01.06 05:09:21 | 000,207,376 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.01.06 05:09:18 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012.12.07 12:29:58 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\Canon
[2012.12.18 23:52:53 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\Dropbox
[2012.12.14 13:36:22 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\SNS

========== Purity Check ==========



< End of report >


EXTRAS:

OTL Extras logfile created on: 18.12.2012 23:59:04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Anna\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,86 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 56,06% Memory free
7,71 Gb Paging File | 5,89 Gb Available in Paging File | 76,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450,16 Gb Total Space | 313,02 Gb Free Space | 69,54% Space Free | Partition Type: NTFS
Drive E: | 1,88 Gb Total Space | 1,60 Gb Free Space | 85,06% Space Free | Partition Type: FAT
Drive F: | 3,71 Gb Total Space | 3,38 Gb Free Space | 91,07% Space Free | Partition Type: FAT32

Computer Name: ANNA-PC | User Name: Anna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E3C6304-4054-4595-9F5C-7FD69A77C84E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{121A8432-68AC-459B-9170-EC96980FF0EB}" = lport=10243 | protocol=6 | dir=in | app=system |
"{21D09B81-C3FF-4035-9673-3C7DCE5D7C4D}" = lport=138 | protocol=17 | dir=in | app=system |
"{25F7A9BA-B643-4360-BBE3-2F853B74AEB7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{28D1FC6D-83D1-4369-9B7B-D492FEA9A591}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3B972797-9E96-4598-BF9E-5890DE380C7B}" = lport=445 | protocol=6 | dir=in | app=system |
"{4642EB33-49FA-48D8-AEEA-28CC93F6A57F}" = lport=137 | protocol=17 | dir=in | app=system |
"{49404C52-8B3B-431D-BE0D-FE8130E05E2F}" = rport=139 | protocol=6 | dir=out | app=system |
"{52329914-8A01-4A04-9C6B-AD2FA23ABAC4}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{64800BEA-AF44-478B-95AE-940DAC0426F9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7054BC95-07DF-424D-A38D-4637BFF9AC53}" = rport=138 | protocol=17 | dir=out | app=system |
"{77B49F87-AAC3-482A-9B6B-BB366FD10B4E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{85E1052A-6889-4A48-8BA1-D8E44ACEE1F0}" = rport=137 | protocol=17 | dir=out | app=system |
"{93E86964-E13C-47B6-9340-F30552713CCC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9DF624A0-5AAE-49D5-AF59-F179C22826D7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9EF79073-2C66-4842-B921-EE4CE09BBF46}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{AA629380-7F26-45A1-AEB8-0BBDDA43D056}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B0FA0925-40E6-4667-9A08-66805DCC0012}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C5525E66-E07B-4965-9240-C37125DEC705}" = lport=139 | protocol=6 | dir=in | app=system |
"{D3061038-052A-4E3E-A1F7-85BD4FEDC724}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{D88008C7-8B9A-4E14-9412-076722340CFA}" = rport=10243 | protocol=6 | dir=out | app=system |
"{EE9260C0-65C6-4672-A068-6441E18C9847}" = rport=445 | protocol=6 | dir=out | app=system |
"{F73B8F2C-E5C7-4CA6-A871-37C97C999BE3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06AAF4CB-2AD9-4F65-A25B-2C174FF9DF81}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1AA4B6AA-856C-432D-A00B-88333624DAAD}" = dir=in | app=c:\program files (x86)\cyberlink\homemedia\homemedia.exe |
"{1D9FAC4C-1606-434E-A535-D35D5B758ED7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1F5A9691-4474-4D32-AFF5-8963D7F4A21B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{224F0AB6-F53C-4CBE-B4BE-FB7DFA55AFB8}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{23E725B0-FC64-4ECB-924B-85883B671218}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{27EB6342-C747-44C0-839A-1B834368D7C0}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{3237EF3E-5036-4B6B-9110-93ABBAAB324F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3AB490B4-DF94-4418-9BF6-FF64604D2C40}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{40FA2FCC-4905-4A6B-AF58-C910B2672A61}" = protocol=6 | dir=in | app=c:\users\anna\appdata\roaming\dropbox\bin\dropbox.exe |
"{41DF1854-673B-418B-85A2-0FEF4DD92E0D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{44E7ADA2-8B86-4479-899C-117A6EA8CFF8}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{51B30B12-F995-40BA-A804-0C589C6C4ABC}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5C806DDA-3C58-432C-BE1B-8DD01D5CD16E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6F3B546F-980C-4670-BDBC-1F804C4449AC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6F59DDC3-4D67-434B-9D1B-8340FAF4ABE1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{70618C2F-6BC6-440D-BE3C-C3F68AA7C789}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{73334823-B238-4392-BF19-E7B22298244B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{78F21811-27C4-4B0A-9B4E-68D19A6717DF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8F9B603D-106C-4E42-AB5B-C6723A68DA41}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8FD3F76D-5AD0-4B19-87DF-43CB976A3BF6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A0B3F7AD-27C6-4316-AC7F-CE6ED7961969}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{B38DEDF3-FC25-43D8-B33A-B5105617FC45}" = protocol=17 | dir=in | app=c:\users\anna\appdata\roaming\dropbox\bin\dropbox.exe |
"{BCC913D1-AA41-4042-AA23-35DACB827D69}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C1E93A0F-1B86-4F21-9AD1-72F93A2EAE25}" = protocol=6 | dir=out | app=system |
"{C32B83C1-7C6C-4A09-861D-16F157CAA4E8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CCE465D5-9935-4F69-8FF1-840C66B1790E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CF4B0AB5-96BD-4748-939A-4A5273748D4D}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{D26ECADA-A53F-470A-9FE7-67253703FBA9}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{D6F330AC-E9F9-4C2F-9837-CCD1DB37A758}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D9C3CEEE-7F87-44C2-8F07-AD78CB7839D9}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{F9DFDAFF-A2EC-46DD-BC7B-BAD2E3DC3152}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{029A4933-3F36-4E4F-AEC3-2207AB26463D}" = Broadcom Gigabit NetLink Controller
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series" = Canon MG3100 series MP Drivers
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{22D8AE6F-3C6B-47E8-8F04-629F23DBE978}" = iTunes
"{4710662C-8204-4334-A977-B1AC9E547819}" = Broadcom Card Reader Driver Installer
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 266.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 266.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.0
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Elantech" = ETDWare PS/2-X64 8.0.6.0_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Video Web Camera
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Backup Manager V3
"{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Packard Bell Power Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Packard Bell Social Networks
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = HomeMedia
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Packard Bell Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f3b75363-fa28-46b2-9d9f-112252157a7b}" = Nero 9 Essentials
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0
"Avira AntiVir Desktop" = Avira Free Antivirus
"Canon MG3100 series Benutzerregistrierung" = Canon MG3100 series Benutzerregistrierung
"Canon MG3100 series On-screen Manual" = Canon MG3100 series On-screen Manual
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Identity Card" = Identity Card
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Video Web Camera
"InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Packard Bell MyBackup
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Packard Bell Social Networks
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
"LManager" = Launch Manager
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 5.0" = Canon MP Navigator EX 5.0
"NIS" = Norton Internet Security
"Packard Bell Game Console" = Packard Bell Game Console
"Packard Bell Registration" = Packard Bell Registration
"Packard Bell Screensaver" = Packard Bell ScreenSaver
"Packard Bell Welcome Center" = Welcome Center
"WildTangent packardbell Master Uninstall" = Packard Bell Games
"WinLiveSuite" = Windows Live Essentials
"WT088216" = Agatha Christie - Death on the Nile
"WT088226" = Bejeweled 2 Deluxe
"WT088228" = Build-a-lot 2
"WT088235" = Chuzzle Deluxe
"WT088238" = Diner Dash 2 Restaurant Rescue
"WT088260" = Farm Frenzy
"WT088268" = Insaniquarium Deluxe
"WT088269" = Jewel Quest Solitaire 2
"WT088283" = Plants vs. Zombies
"WT088416" = FATE
"WT088420" = Final Drive Nitro
"WT088448" = John Deere Drive Green
"WT088452" = Penguins!
"WT088456" = Polar Bowler
"WT088460" = Polar Golfer
"WT088508" = Virtual Villagers 4 - The Tree of Life
"WT088531" = Zuma's Revenge

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
"Dropbox" = Dropbox

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 30.11.2012 16:27:26 | Computer Name = Anna-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe". Die
abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".

Error - 30.11.2012 16:27:31 | Computer Name = Anna-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe". Die
abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".

Error - 30.11.2012 16:27:36 | Computer Name = Anna-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe". Die
abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".

Error - 30.11.2012 16:27:41 | Computer Name = Anna-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe". Die
abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".

Error - 30.11.2012 16:27:46 | Computer Name = Anna-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe". Die
abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".

Error - 30.11.2012 16:27:51 | Computer Name = Anna-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe". Die
abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".

Error - 30.11.2012 16:27:57 | Computer Name = Anna-PC | Source = MsiInstaller | ID = 11920
Description =

Error - 30.11.2012 16:27:59 | Computer Name = Anna-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll". Die abhängige
Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".

Error - 30.11.2012 16:28:02 | Computer Name = Anna-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.dll". Die abhängige
Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".

Error - 03.12.2012 10:26:07 | Computer Name = Anna-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

[ System Events ]
Error - 03.12.2012 10:16:45 | Computer Name = Anna-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler
beendet: %%16405

Error - 03.12.2012 10:19:09 | Computer Name = Anna-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80242016 fehlgeschlagen: Sicherheitsupdate für Internet Explorer 8 unter
Windows 7 für x64-basierte Systeme (KB2544521)

Error - 03.12.2012 10:19:09 | Computer Name = Anna-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80242016 fehlgeschlagen: Update für die Kompatibilitätsansichtsliste für
Internet Explorer*8 für Windows 7 für x64-basierte Systeme (KB2598845)

Error - 03.12.2012 10:43:08 | Computer Name = Anna-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?03.?12.?2012 um 15:41:08 unerwartet heruntergefahren.

Error - 03.12.2012 10:45:59 | Computer Name = Anna-PC | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 03.12.2012 15:30:14 | Computer Name = Anna-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst Netman erreicht.

Error - 09.12.2012 07:42:13 | Computer Name = Anna-PC | Source = NetBT | ID = 4321
Description = Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit
IP-Adresse 192.168.2.126 registriert werden. Der Computer mit IP-Adresse 192.168.2.130
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.

Error - 09.12.2012 10:56:47 | Computer Name = Anna-PC | Source = bowser | ID = 8003
Description =

Error - 09.12.2012 16:58:41 | Computer Name = Anna-PC | Source = bowser | ID = 8003
Description =

Error - 12.12.2012 16:37:27 | Computer Name = Anna-PC | Source = bowser | ID = 8003
Description =


< End of report >


Ich hoffe mir kann jemand helfen.
Danke im Vorraus für jeglichen Rat.

Grüße
Hubbi

Alt 19.12.2012, 02:46   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Laptop scrollt unkontrolliert hin und her - Standard

Laptop scrollt unkontrolliert hin und her



Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner?
Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

Zitat:
Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 19.12.2012, 09:29   #3
Hubbi234
 
Laptop scrollt unkontrolliert hin und her - Standard

Laptop scrollt unkontrolliert hin und her



Hallo Cosinus,

ich habe noch Avira Antivir, das hat aber nichts gefunden.
Außerdem habe ich Norton Internet Security, der hat auch keinen Fund bestätigt!

Liebe Grüße,
Hubbi
__________________

Alt 19.12.2012, 22:40   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Laptop scrollt unkontrolliert hin und her - Standard

Laptop scrollt unkontrolliert hin und her



Zitat:
Außerdem habe ich Norton Internet Security, der hat auch keinen Fund bestätigt!
Warum hast du NIS und AntiVir installiert? Doppelt hält besser oder warum?!
Ist dir nicht klar, dass zwei solcher Scanner massive Probleme am PC bereiten können?
Du solltest umgehend einen der beiden deinstallieren!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 20.12.2012, 00:47   #5
Hubbi234
 
Laptop scrollt unkontrolliert hin und her - Standard

Laptop scrollt unkontrolliert hin und her



Hallo Cosinus,
wie du merkst habe ich keine Ahnung von solchen Dingen, weiß garnicht wieso ich Antivir noch installiert habe -.-
Ich habe mittlerweile evtl die Lösung meiner Probleme: hatte eine Funkmaus angeschlossen und seit ich sie ausgestöpselt habe scrollt es nicht mehr hin und her. Glaube,dass es daran liegt. Ist das realistisch?
Ich hoffe ich habe deine Zeit nicht zu sehr vergeudet( Schäme mich für meine Unwissenheit aber trotzdem ganz herzlichen Dank fürs Helfen!
Lg Hubbi


Alt 20.12.2012, 15:24   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Laptop scrollt unkontrolliert hin und her - Standard

Laptop scrollt unkontrolliert hin und her



Zitat:
weiß garnicht wieso ich Antivir noch installiert habe -.-
Hast du einen der beiden nun deinstalliert?!
__________________
--> Laptop scrollt unkontrolliert hin und her

Antwort

Themen zu Laptop scrollt unkontrolliert hin und her
adobe, antivir, autorun, avg, avira, avira searchfree toolbar, bho, bonjour, diner dash, error, explorer, fehler, firefox, flash player, format, home, install.exe, launch, logfile, mozilla, msiinstaller, nvidia update, nvpciflt.sys, packard bell, realtek, registry, rundll, security, software, svchost.exe, symantec, usb, usb 3.0, windows, wscript.exe



Ähnliche Themen: Laptop scrollt unkontrolliert hin und her


  1. nach Virenprüfungen (alles ok) läuft mein Laptop recht unkontrolliert und wird immer viel zu heiß.
    Plagegeister aller Art und deren Bekämpfung - 09.05.2015 (19)
  2. Windows 7 / Laptop stürzt unkontrolliert ab / ist langsam
    Log-Analyse und Auswertung - 17.12.2014 (17)
  3. Webseiten öffnen sich unkontrolliert
    Plagegeister aller Art und deren Bekämpfung - 02.06.2014 (2)
  4. Linke Maustaste agiert völlig unkontrolliert
    Plagegeister aller Art und deren Bekämpfung - 26.04.2014 (1)
  5. Google chrom offnet sich unkontrolliert
    Plagegeister aller Art und deren Bekämpfung - 10.12.2013 (92)
  6. Maus scrollt von alleine
    Netzwerk und Hardware - 15.02.2013 (1)
  7. PC startet unkontrolliert neu
    Log-Analyse und Auswertung - 14.08.2011 (1)
  8. Laptop Samsung R700 scrollt einfach nach unten!
    Log-Analyse und Auswertung - 08.08.2011 (3)
  9. Lautstärkeregler(wav) geht auf null,IE öffnet unkontrolliert.Musikeinspielungen
    Plagegeister aller Art und deren Bekämpfung - 19.07.2010 (12)
  10. Webseiten öffnen sich unkontrolliert usw.
    Log-Analyse und Auswertung - 27.03.2010 (1)
  11. laptop scrollt von alleine nach unten
    Log-Analyse und Auswertung - 17.11.2009 (5)
  12. Webseiten öffnen unkontrolliert
    Mülltonne - 20.08.2008 (0)
  13. Pc scrollt von alleine !!
    Netzwerk und Hardware - 27.11.2007 (25)
  14. PC scrollt von selbst
    Plagegeister aller Art und deren Bekämpfung - 17.06.2007 (18)
  15. PC stürzt unkontrolliert ab.
    Netzwerk und Hardware - 06.08.2006 (1)
  16. Mauszeiger fährt unkontrolliert über den Desktop
    Plagegeister aller Art und deren Bekämpfung - 26.02.2006 (4)
  17. PC sendet unkontrolliert: Logfile innen
    Log-Analyse und Auswertung - 18.02.2005 (21)

Zum Thema Laptop scrollt unkontrolliert hin und her - Hallo, mein Laptop scrollt seit heute gelegentlich unkontrolliert nach oben und unten. Ich bin ein absoluter Computerlaie und bitte um einfache Beschreibungen zur Problemlösung. Hier die Auswertungen der Scans: OTL: - Laptop scrollt unkontrolliert hin und her...
Archiv
Du betrachtest: Laptop scrollt unkontrolliert hin und her auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.