Trojaner-Board - Ukash Virus eingefangen

otl log
Code:
TL logfile created on: 23.10.2012 18:18:45 - Run 

OTLPE by OldTimer - Version 3.1.48.0     Folder = C:\Users\lenny\Desktop

64bit-Windows 7 Home Premium  (Version = 6.1.7601) - Type = System

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,00% Memory free

8,00 Gb Paging File | 6,00 Gb Available in Paging File | 75,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 647,54 Gb Total Space | 594,79 Gb Free Space | 91,85% Space Free | Partition Type: NTFS

Drive D: | 50,00 Gb Total Space | 17,50 Gb Free Space | 35,00% Space Free | Partition Type: NTFS

Drive E: | 436,59 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

 

Computer Name: LENNY-PC | User Name: lenny

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

Using ControlSet: ControlSet001

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2012.03.29 16:57:36 | 002,669,840 | ---- | M] (Intel® Corporation) [Auto] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService) Intel(R)

SRV:64bit: - [2012.03.29 16:57:24 | 000,273,168 | ---- | M] () [On_Demand] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)

SRV:64bit: - [2012.03.29 16:57:14 | 000,626,960 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)

SRV:64bit: - [2012.03.29 16:57:10 | 000,148,752 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)

SRV:64bit: - [2012.02.03 07:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) Capability Licensing Service Interface) Intel(R)

SRV:64bit: - [2012.01.18 01:12:28 | 000,135,952 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr) Intel(R) Centrino(R) Wireless Bluetooth(R)

SRV:64bit: - [2012.01.09 21:39:44 | 000,659,968 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)

SRV:64bit: - [2010.09.23 03:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

SRV:64bit: - [2010.08.19 18:43:22 | 000,386,344 | ---- | M] () [Auto] -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64) Cyberlink RichVideo64 Service(CRVS)

SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2012.10.10 17:05:11 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012.09.25 11:00:45 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2012.09.25 10:54:05 | 000,554,784 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)

SRV - [2012.09.25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2012.03.31 00:43:34 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) Intel(R)

SRV - [2012.03.15 12:48:22 | 000,362,840 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)

SRV - [2012.03.15 12:48:20 | 000,276,824 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)

SRV - [2012.03.15 12:48:06 | 000,162,648 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service) Intel(R)

SRV - [2012.02.22 04:55:24 | 001,104,208 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)

SRV - [2012.02.22 04:55:22 | 001,304,912 | ---- | M] (Intel Corporation) [On_Demand] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)

SRV - [2012.02.22 04:55:18 | 001,014,096 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)

SRV - [2012.01.31 11:24:02 | 000,070,144 | ---- | M] () [Disabled] -- C:\Program Files (x86)\watchmi\TvdService.exe -- (watchmi)

SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2011.11.30 05:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)

SRV - [2011.10.13 23:38:46 | 000,156,672 | ---- | M] () [Auto] -- C:\Program Files (x86)\PHotkey\GFNEXSrv.exe -- (GFNEXSrv)

SRV - [2011.10.01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)

SRV - [2011.10.01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)

SRV - [2011.09.28 02:47:38 | 000,025,824 | ---- | M] (Memeo) [Auto] -- C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)

SRV - [2011.04.14 00:37:06 | 000,312,616 | ---- | M] (CyberLink) [Auto] -- C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe -- (CyberLink PowerDVD 10 MS Service)

SRV - [2011.04.14 00:37:04 | 000,070,952 | ---- | M] (CyberLink) [Auto] -- C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe -- (CyberLink PowerDVD 10 MS Monitor Service)

SRV - [2010.03.18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010.03.10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Disabled] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)

SRV - [2009.12.19 00:40:48 | 000,104,968 | ---- | M] () [Auto] -- C:\Program Files (x86)\PHotkey\ASLDRSrv.exe -- (ASLDRService)

SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - [2009.09.11 23:11:46 | 000,014,344 | ---- | M] (PEGATRON) [Kernel | Auto] -- C:\Program Files (x86)\PHotkey\PEGAGFN.sys -- (PEGAGFN)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-2050888484-3562365198-1758703879-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com

IE - HKU\S-1-5-21-2050888484-3562365198-1758703879-1000\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKU\S-1-5-21-2050888484-3562365198-1758703879-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.goggle.de/

IE - HKU\S-1-5-21-2050888484-3562365198-1758703879-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

IE - HKU\S-1-5-21-2050888484-3562365198-1758703879-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

 

 

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

O3:64bit: - HKU\S-1-5-21-2050888484-3562365198-1758703879-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O4:64bit: - HKLM..\Run: [BLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)

O4:64bit: - HKLM..\Run: [HotKeysCmds]  File not found

O4:64bit: - HKLM..\Run: [Persistence]  File not found

O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)

O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Dolby Laboratories Inc.)

O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)

O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin]  File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin]  File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O9:64bit: - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} -  File not found

O9:64bit: - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} -  File not found

O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} -  File not found

O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} -  File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O13:64bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16:64bit: - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)

O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.0)

O16:64bit: - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)

O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.0)

O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\System32\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. -  File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006.03.24 13:06:41 | 000,000,053 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
 64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
 64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.10.23 18:18:31 | 002,237,440 | ---- | C] (OldTimer Tools) -- C:\Users\lenny\Desktop\OTLPE.exe

[2012.10.19 17:17:24 | 000,000,000 | ---D | C] -- C:\Windows\pss

[2012.10.19 16:49:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012.10.19 16:49:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2012.10.19 15:27:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2012.10.19 15:04:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

[2012.10.19 15:03:59 | 000,000,000 | ---D | C] -- C:\Users\lenny\AppData\Local\AskToolbar

[2012.10.19 15:03:47 | 000,000,000 | ---D | C] -- C:\Firefox

[2012.10.19 15:03:47 | 000,000,000 | ---D | C] -- \Firefox

[2012.10.19 15:03:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com

[2012.10.19 15:03:43 | 000,000,000 | ---D | C] -- C:\Users\lenny\AppData\Local\APN

[2012.10.19 15:03:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira

[2012.10.19 15:03:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira

[2012.10.19 14:34:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012.10.10 17:18:12 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe

[2012.10.10 17:18:12 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2012.10.10 17:18:11 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe

[2012.10.10 17:18:11 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2012.10.10 17:18:04 | 001,114,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll

[2012.10.10 17:18:04 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll

[2012.10.10 17:18:03 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe

[2012.10.10 17:18:03 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setup16.exe

[2012.10.10 17:18:03 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll

[2012.10.10 17:18:03 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntvdm64.dll

[2012.10.10 17:18:03 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe

[2012.10.10 17:18:03 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\instnm.exe

[2012.10.10 17:18:03 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

[2012.10.10 17:18:03 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll

[2012.10.10 17:18:03 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll

[2012.10.10 17:18:03 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll

[2012.10.10 17:18:03 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll

[2012.10.10 17:18:03 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll

[2012.10.10 17:18:03 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

[2012.10.10 17:18:03 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll

[2012.10.10 17:18:03 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll

[2012.10.10 17:18:03 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll

[2012.10.10 17:18:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll

[2012.10.10 17:18:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll

[2012.10.10 17:18:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll

[2012.10.10 17:18:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll

[2012.10.10 17:18:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll

[2012.10.10 17:18:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll

[2012.10.10 17:18:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll

[2012.10.10 17:18:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll

[2012.10.10 17:18:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll

[2012.10.10 17:18:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll

[2012.10.10 17:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll

[2012.10.10 17:18:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe

[2012.10.10 17:18:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\user.exe

[2012.10.10 17:17:59 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll

[2012.10.10 17:17:59 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wintrust.dll

[2012.10.10 17:17:49 | 001,159,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\crypt32.dll

[2012.10.10 17:17:49 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptnet.dll

[2012.10.03 09:26:42 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2012.10.03 09:26:42 | 000,000,000 | -HSD | C] -- \Config.Msi

[2012.10.03 09:25:37 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2012.10.03 09:25:37 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll

[2012.10.03 09:25:36 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll

[2012.10.03 09:25:36 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2012.10.03 09:25:36 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2012.10.03 09:25:35 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2012.10.03 09:25:35 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2012.10.03 09:25:35 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll

[2012.10.03 09:25:35 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2012.10.03 09:25:35 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2012.10.03 09:25:35 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2012.10.03 09:25:35 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2012.10.03 09:25:35 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2012.10.03 09:25:34 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll

[2012.10.03 09:25:34 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2012.10.03 09:25:33 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2012.10.03 09:25:33 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll

[2012.10.02 09:18:00 | 000,000,000 | RH-D | C] -- C:\MSOCache

[2012.10.02 09:18:00 | 000,000,000 | RH-D | C] -- \MSOCache

[2012.10.02 09:11:10 | 000,000,000 | ---D | C] -- C:\Users\lenny\AppData\Local\Microsoft Help

[2012.10.02 09:11:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help

[2012.10.01 09:08:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch)

[2012.09.26 19:07:38 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications

[2012.09.26 16:56:28 | 000,000,000 | ---D | C] -- C:\Users\lenny\AppData\Local\SoftGrid Client

[2012.09.26 16:55:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office

[2012.09.26 16:55:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Application Virtualization Client

[2012.09.26 16:55:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.10.23 18:15:09 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012.10.23 18:15:07 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012.10.23 18:15:06 | 000,067,584 | -H-- | M] () -- C:\Windows\bootstat.dat

[2012.10.22 17:17:46 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012.10.22 17:17:11 | 3138,514,944 | -HS- | M] () -- C:\hiberfil.sys

[2012.10.19 17:17:24 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

[2012.10.19 16:51:02 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.10.19 16:51:02 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012.10.19 15:04:15 | 000,002,074 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk

[2012.10.19 15:04:15 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

[2012.10.19 15:01:11 | 102,500,872 | ---- | M] () -- C:\Users\lenny\Desktop\avira_free_antivirus_de.exe

[2012.10.19 13:24:27 | 083,023,306 | ---- | M] () -- C:\ProgramData\emorhc.pad

[2012.10.12 12:55:51 | 000,002,712 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2012.10.10 17:05:10 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2012.10.10 17:05:10 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe

[2012.10.10 17:05:10 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2012.10.10 17:05:10 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2012.10.03 09:26:46 | 001,526,948 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2012.10.03 09:24:48 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

[2012.10.02 09:47:15 | 000,039,379 | ---- | M] () -- C:\Users\lenny\Documents\Lebenslauf_Timo Beuchert.rtf

[2012.10.01 09:08:53 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch)

[2012.09.28 16:27:50 | 000,001,143 | ---- | M] () -- C:\Users\lenny\Documents\klassenliste.rtf

 
 ========== Files Created - No Company Name ==========

 

[2012.10.19 16:49:15 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.10.19 15:04:15 | 000,002,074 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk

[2012.10.19 14:47:12 | 102,500,872 | ---- | C] () -- C:\Users\lenny\Desktop\avira_free_antivirus_de.exe

[2012.10.18 19:07:36 | 083,023,306 | ---- | C] () -- C:\ProgramData\emorhc.pad

[2012.10.02 09:47:14 | 000,039,379 | ---- | C] () -- C:\Users\lenny\Documents\Lebenslauf_Timo Beuchert.rtf

[2012.09.28 16:27:50 | 000,001,143 | ---- | C] () -- C:\Users\lenny\Documents\klassenliste.rtf

[2012.09.26 16:55:41 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2012.06.20 09:33:09 | 000,000,089 | ---- | C] () -- C:\Users\lenny\AppData\Local\msmathematics.qat.lenny

[2012.06.15 00:56:13 | 3138,514,944 | -HS- | C] () -- \hiberfil.sys

[2012.06.14 17:13:28 | 000,017,408 | ---- | C] () -- C:\Users\lenny\AppData\Local\WebpageIcons.db

[2012.04.11 09:57:27 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin

[2012.04.11 09:57:25 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin

[2012.04.11 09:57:23 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll

[2012.04.11 09:57:22 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

[2012.04.11 09:57:20 | 013,212,672 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll

[2012.04.11 07:05:37 | 000,072,017 | ---- | C] () -- C:\Windows\SysWow64\Uninstall ALDI SÜD Mah Jong.exe

[2012.02.03 07:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

[2009.07.14 07:38:36 | 000,067,584 | -H-- | C] () -- C:\Windows\bootstat.dat

[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009.07.13 23:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin

[2009.07.13 23:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin

[2009.07.13 23:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin

[2009.07.13 23:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin

[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

 
 ========== LOP Check ==========

 

[2012.06.14 16:18:16 | 000,000,000 | -HSD | M] -- \$RECYCLE.BIN

[2012.10.19 15:16:31 | 000,000,000 | -HSD | M] -- \Config.Msi

[2012.06.14 16:09:22 | 000,000,000 | -HSD | M] -- \Documents and Settings

[2012.10.19 15:03:47 | 000,000,000 | ---D | M] -- \Firefox

[2012.10.02 09:18:00 | 000,000,000 | RH-D | M] -- \MSOCache

[2012.09.26 16:55:35 | 000,000,000 | R--D | M] -- \Program Files

[2012.10.19 16:49:14 | 000,000,000 | R--D | M] -- \Program Files (x86)

[2012.10.19 15:16:31 | 000,000,000 | -H-D | M] -- \ProgramData

[2012.06.14 16:09:22 | 000,000,000 | -HSD | M] -- \Recovery

[2012.10.19 15:06:55 | 000,000,000 | -HSD | M] -- \System Volume Information

[2012.06.14 16:18:00 | 000,000,000 | R--D | M] -- \Users

[2012.10.19 17:17:24 | 000,000,000 | ---D | M] -- \Windows

[2012.06.14 16:16:18 | 000,000,000 | ---D | M] -- C:\ProgramData\Aldi_Foto

[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data

[2012.07.02 18:05:17 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonBJ

[2012.04.11 07:18:32 | 000,000,000 | ---D | M] -- C:\ProgramData\CLSK

[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop

[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents

[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites

[2012.04.11 07:22:03 | 000,000,000 | ---D | M] -- C:\ProgramData\install_clap

[2012.06.14 16:17:41 | 000,000,000 | ---D | M] -- C:\ProgramData\Kaspersky Rescue Disk 10

[2012.06.14 16:16:18 | 000,000,000 | ---D | M] -- C:\ProgramData\Medion_Services

[2012.04.11 11:56:40 | 000,000,000 | ---D | M] -- C:\ProgramData\Roaming

[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu

[2012.04.11 07:23:55 | 000,000,000 | ---D | M] -- C:\ProgramData\Temp

[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates

[2012.06.14 16:12:35 | 000,000,000 | ---D | M] -- C:\ProgramData\TvdPersonal

[2012.10.01 09:06:54 | 000,000,000 | ---D | M] -- C:\ProgramData\VirtualizedApplications

[2009.07.14 07:08:49 | 000,026,492 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 

< End of report >