lena-laura | 13.04.2012 11:26 | Hier das OTL Log....Im Anhang Extras.txt. Ach so, habe die Einstellung genommen, die du ganz am Anfang vorgegeben hast...also das Häckchen bei SafeList Extra Registry)....gib mir Bescheid, falls du es anders benötigst. Code:
OTL logfile created on: 13.04.2012 12:09:06 - Run 5
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\lena-laura\Downloads
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,99 Gb Total Physical Memory | 1,42 Gb Available Physical Memory | 71,25% Memory free
3,98 Gb Paging File | 3,42 Gb Available in Paging File | 85,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 80,00 Gb Total Space | 47,16 Gb Free Space | 58,95% Space Free | Partition Type: NTFS
Drive D: | 59,03 Gb Total Space | 0,01 Gb Free Space | 0,02% Space Free | Partition Type: NTFS
Computer Name: PC | User Name: lena-laura | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\lena-laura\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
========== Win32 Services (SafeList) ==========
SRV - (NMIndexingService) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (WAS) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\System32\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (AsusService) -- C:\Windows\System32\AsusService.exe ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (iprip) -- C:\Windows\System32\iprip.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (USBModem) -- system32\DRIVERS\lgusbmodem.sys File not found
DRV - (UsbDiag) -- system32\DRIVERS\lgusbdiag.sys File not found
DRV - (usbbus) -- system32\DRIVERS\lgusbbus.sys File not found
DRV - (LGVMODEM) -- system32\DRIVERS\lgvmodem.sys File not found
DRV - (lgbusenum) -- system32\DRIVERS\lgbtbus.sys File not found
DRV - (LgBttPort) -- system32\DRIVERS\lgbtport.sys File not found
DRV - (hwusbdev) -- system32\DRIVERS\ewusbdev.sys File not found
DRV - (hwdatacard) -- system32\DRIVERS\ewusbmdm.sys File not found
DRV - (huawei_enumerator) -- system32\DRIVERS\ew_jubusenum.sys File not found
DRV - (ewusbnet) -- system32\DRIVERS\ewusbnet.sys File not found
DRV - (ew_hwusbdev) -- system32\DRIVERS\ew_hwusbdev.sys File not found
DRV - (catchme) -- C:\Users\LENA-L~1\AppData\Local\Temp\catchme.sys File not found
DRV - (btwrchid) -- C:\windows\system32\DRIVERS\btwrchid.sys File not found
DRV - (btwl2cap) -- system32\DRIVERS\btwl2cap.sys File not found
DRV - (btwavdt) -- C:\windows\system32\DRIVERS\btwavdt.sys File not found
DRV - (btwaudio) -- system32\drivers\btwaudio.sys File not found
DRV - (ANDModem) -- system32\DRIVERS\lgandmodem.sys File not found
DRV - (AndGps) -- system32\DRIVERS\lgandgps.sys File not found
DRV - (AndDiag) -- system32\DRIVERS\lganddiag.sys File not found
DRV - (Andbus) -- system32\DRIVERS\lgandbus.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (USB28xxBGA) -- C:\Windows\System32\drivers\emBDA.sys (eMPIA Technology, Inc.)
DRV - (USB28xxOEM) -- C:\Windows\System32\drivers\emOEM.sys (eMPIA Technology, Inc.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.)
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (sscdmdm) -- C:\Windows\System32\drivers\sscdmdm.sys (MCCI)
DRV - (sscdmdfl) -- C:\Windows\System32\drivers\sscdmdfl.sys (MCCI)
DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\Windows\System32\drivers\sscdbus.sys (MCCI)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{6AE1C493-DB3D-410C-8219-6ACFC715776A}: "URL" = hxxp://suche.t-online.de/fast-cgi/tsc?q={searchTerms}&sr=searchbar
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 87 01 1B 1A FE F0 CC 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=gppc&s={searchTerms}&f=4
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=10588
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SUNC_de
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.update: false
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\lena-laura\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\lena-laura\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\lena-laura\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.06.17 20:24:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.03.18 17:22:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.11 02:31:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\lena-laura\AppData\Roaming\11012 [2012.04.12 22:53:19 | 000,000,000 | ---D | M]
[2011.05.12 19:36:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lena-laura\AppData\Roaming\mozilla\Extensions
[2012.02.29 02:14:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lena-laura\AppData\Roaming\mozilla\Firefox\Profiles\ztgpl636.default\extensions
[2012.02.29 02:14:29 | 000,000,000 | ---D | M] (Softonic Toolbar) -- C:\Users\lena-laura\AppData\Roaming\mozilla\Firefox\Profiles\ztgpl636.default\extensions\ffxtlbra@softonic.com
[2011.11.10 02:17:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.11.13 04:42:42 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.04.12 22:53:19 | 000,000,000 | ---D | M] (Java String Helper) -- C:\USERS\LENA-LAURA\APPDATA\ROAMING\11012
() (No name found) -- C:\USERS\LENA-LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZTGPL636.DEFAULT\EXTENSIONS\DIVXWEBPLAYER@DIVX.COM.XPI
[2012.03.18 17:22:47 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.01.23 12:50:38 | 000,170,080 | ---- | M] (Tracker Software Products (Canada) Ltd.) -- C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
[2012.02.12 17:09:48 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.04.23 16:07:10 | 000,002,047 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
[2012.02.12 17:09:48 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: Yahoo! Deutschland (Enabled)
CHR - default_search_provider: search_url = hxxp://de.search.yahoo.com/search?ei={inputEncoding}&fr=crmas&p={searchTerms}
CHR - default_search_provider: suggest_url = hxxp://de-sayt.ff.search.yahoo.com/gossip-de-sayt?output=fxjson&command={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\lena-laura\AppData\Local\Google\Chrome\Application\18.0.1025.151\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\lena-laura\AppData\Local\Google\Chrome\Application\18.0.1025.151\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\lena-laura\AppData\Local\Google\Chrome\Application\18.0.1025.151\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\lena-laura\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\lena-laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: PDF-XChange Viewer (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Java(TM) Platform SE 7 U2 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\lena-laura\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\lena-laura\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - Extension: AT_Porsche = C:\Users\lena-laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkclphmapdcppbmekmbkcjfanpmoidpg\3_1\
CHR - Extension: Skype Click to Call = C:\Users\lena-laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\lena-laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0\
O1 HOSTS File: ([2012.02.07 18:04:15 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [FILSHtray] C:\Program Files\FILSHtray\FILSHtray.exe (FILSH Media GmbH)
O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
O4 - HKLM..\Run: [HotKeyMon] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HotkeyService] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [SuperHybridEngine] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4 - Startup: C:\Users\lena-laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 10.2.0)
O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10D8D06D-13E7-46A5-AEC4-38C5609E3260}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{18A4EB30-28E1-4E04-8664-4351C9AD8B76}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - File not found
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012.04.13 01:53:23 | 000,000,000 | ---D | C] -- C:\windows\System32\DBBK
[2012.04.12 22:58:38 | 000,000,000 | ---D | C] -- C:\Users\lena-laura\AppData\Roaming\UAs
[2012.04.12 22:57:33 | 000,000,000 | ---D | C] -- C:\Users\lena-laura\AppData\Roaming\xmldm
[2012.04.12 22:53:05 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.04.12 13:15:24 | 000,000,000 | ---D | C] -- C:\Users\lena-laura\AppData\Roaming\11012
[2012.04.12 03:30:59 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2012.04.12 03:30:54 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
[2012.04.12 03:30:52 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2012.04.12 03:30:51 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll
[2012.04.12 03:30:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2012.04.12 03:30:48 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
[2012.04.12 03:01:45 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe
[2012.04.12 03:01:43 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe
[2012.04.12 02:15:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012.04.12 02:15:11 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012.04.11 15:17:25 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2012.04.11 01:02:45 | 000,000,000 | ---D | C] -- C:\Users\lena-laura\AppData\Local\{F863156E-F87C-496F-B226-C7DDAE68E633}
[2012.04.11 01:02:32 | 000,000,000 | ---D | C] -- C:\Users\lena-laura\AppData\Local\{F025FC7C-40A5-4051-AAA9-E0C028AE904A}
[2012.04.11 01:00:43 | 000,000,000 | ---D | C] -- C:\Users\lena-laura\AppData\Local\{EE6A1AB8-9E47-4E9F-9169-AC4A88785E2A}
[2012.04.11 01:00:29 | 000,000,000 | ---D | C] -- C:\Users\lena-laura\AppData\Local\{D581E52F-86D8-4DD7-AF56-E656EEECC13C}
[2012.04.08 05:27:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2012.04.08 05:27:23 | 000,000,000 | ---D | C] -- C:\Users\lena-laura\AppData\Roaming\HpUpdate
[2012.04.08 05:27:15 | 000,000,000 | ---D | C] -- C:\windows\Hewlett-Packard
[2012.04.07 18:07:53 | 000,000,000 | ---D | C] -- C:\Users\lena-laura\AppData\Local\{0F687047-71DC-499C-9399-34C7414D9952}
[2012.04.07 03:51:34 | 000,000,000 | ---D | C] -- C:\Users\lena-laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012.04.07 03:51:33 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012.04.07 03:44:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.04.07 03:44:41 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.04.06 12:39:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Mediafour
[2012.04.06 12:37:50 | 000,000,000 | ---D | C] -- C:\Program Files\Mediafour
[2012.04.04 21:36:09 | 000,000,000 | ---D | C] -- C:\Users\lena-laura\AppData\Local\{1A7B5EB3-7759-41FE-AA09-79525CBC2E2D}
[2012.04.04 21:35:00 | 000,000,000 | ---D | C] -- C:\Users\lena-laura\AppData\Local\{81A290BE-954A-4168-806C-81CA377D7DE2}
[2012.04.04 21:25:37 | 000,000,000 | ---D | C] -- C:\Users\lena-laura\AppData\Local\{02F6304D-037F-4A4C-8003-5437EE5FA85D}
[2012.04.03 20:10:31 | 000,000,000 | R--D | C] -- C:\Users\lena-laura\AppData\Roaming\Brother
[2012.03.31 02:09:10 | 000,000,000 | ---D | C] -- C:\Users\lena-laura\AppData\Local\{4CB2A80D-8224-4701-B414-6843804829AD}
[2012.03.24 23:14:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixMeister
[2012.03.24 23:14:13 | 000,000,000 | ---D | C] -- C:\Program Files\MixMeister BPM Analyzer
[2012.03.14 17:33:42 | 002,343,424 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2012.03.14 17:33:38 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DWrite.dll
[2012.03.14 17:32:43 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpcorekmts.dll
[2012.03.14 17:32:43 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdrmemptylst.exe
[2012.03.14 17:32:42 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpwsx.dll
[2012.03.14 17:32:37 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpcore.dll
[1 C:\Users\lena-laura\AppData\Roaming\*.tmp files -> C:\Users\lena-laura\AppData\Roaming\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.04.13 12:07:43 | 000,065,536 | ---- | M] () -- C:\windows\System32\Ikeext.etl
[2012.04.13 12:07:36 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012.04.13 11:47:52 | 000,001,140 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3837843822-382491344-1778226907-1000UA.job
[2012.04.13 11:47:50 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012.04.13 09:14:50 | 000,704,072 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2012.04.13 09:14:50 | 000,655,402 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012.04.13 09:14:50 | 000,145,342 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2012.04.13 09:14:50 | 000,118,952 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012.04.13 09:01:27 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.13 09:01:27 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.13 03:22:00 | 000,001,088 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3837843822-382491344-1778226907-1000Core.job
[2012.04.13 00:43:02 | 000,000,016 | ---- | M] () -- C:\Users\lena-laura\AppData\Roaming\blckdom.res
[2012.04.12 23:03:52 | 000,001,027 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.04.12 12:23:24 | 000,226,792 | ---- | M] () -- C:\Users\lena-laura\AppData\Roaming\AcroIEHelpe102.dll
[2012.04.12 12:23:24 | 000,007,368 | ---- | M] () -- C:\Users\lena-laura\AppData\Roaming\BAcroIEHelpe102.dll
[2012.04.12 02:18:46 | 000,003,860 | ---- | M] () -- C:\Users\lena-laura\Documents\Documents.zip
[2012.04.12 02:18:13 | 000,003,517 | ---- | M] () -- C:\Users\lena-laura\Documents\Documents.7z
[2012.04.12 02:17:03 | 000,001,366 | ---- | M] () -- C:\Users\lena-laura\Documents\gmer.7z
[2012.04.12 02:16:49 | 000,002,347 | ---- | M] () -- C:\Users\lena-laura\Documents\Attach.7z
[2012.04.12 00:25:21 | 000,000,000 | ---- | M] () -- C:\Users\lena-laura\defogger_reenable
[2012.04.11 17:19:05 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2012.04.11 17:19:05 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2012.04.09 17:33:37 | 000,007,384 | ---- | M] () -- C:\Users\lena-laura\AppData\Roaming\BAcroIEHelpe099.dll
[2012.04.08 02:47:58 | 000,000,000 | ---- | M] () -- C:\windows\Path.idx
[2012.04.08 02:09:31 | 000,014,741 | ---- | M] () -- C:\Users\lena-laura\Documents\singding.odt
[2012.04.07 16:25:05 | 000,434,880 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2012.04.07 03:51:34 | 000,001,182 | ---- | M] () -- C:\Users\lena-laura\Desktop\Revo Uninstaller.lnk
[2012.04.07 03:44:44 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.04.05 16:07:28 | 000,034,799 | ---- | M] () -- C:\Users\lena-laura\Documents\AA EKS.pdf
[2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2012.03.31 02:31:00 | 000,059,345 | ---- | M] () -- C:\Users\lena-laura\Desktop\IMG_4428.JPG
[2012.03.31 01:50:33 | 000,014,016 | ---- | M] () -- C:\Users\lena-laura\Documents\blog.odt
[2012.03.30 06:55:19 | 000,012,652 | ---- | M] () -- C:\Users\lena-laura\Documents\anfart.odt
[2012.03.26 20:30:17 | 000,003,215 | ---- | M] () -- C:\Users\lena-laura\Documents\yam-win.zip.torrent
[2012.03.26 20:30:17 | 000,000,000 | ---- | M] () -- C:\Users\lena-laura\Documents\yam-win.zip
[2012.03.25 05:28:16 | 000,029,205 | ---- | M] () -- C:\Users\lena-laura\Documents\mama.odt
[2012.03.24 21:35:35 | 000,005,120 | ---- | M] () -- C:\Users\lena-laura\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.03.22 03:09:49 | 000,013,949 | ---- | M] () -- C:\Users\lena-laura\Documents\diary22.märz2.odt
[2012.03.22 03:09:33 | 000,020,816 | ---- | M] () -- C:\Users\lena-laura\Documents\diary22.märz.odt
[2012.03.21 14:11:39 | 000,038,090 | ---- | M] () -- C:\Users\lena-laura\Documents\01.2012.pdf
[2012.03.21 13:49:13 | 000,031,801 | ---- | M] () -- C:\Users\lena-laura\Documents\untermiete neu.pdf
[1 C:\Users\lena-laura\AppData\Roaming\*.tmp files -> C:\Users\lena-laura\AppData\Roaming\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.04.12 22:57:42 | 000,000,016 | ---- | C] () -- C:\Users\lena-laura\AppData\Roaming\blckdom.res
[2012.04.12 12:23:24 | 000,226,792 | ---- | C] () -- C:\Users\lena-laura\AppData\Roaming\AcroIEHelpe102.dll
[2012.04.12 12:23:24 | 000,007,368 | ---- | C] () -- C:\Users\lena-laura\AppData\Roaming\BAcroIEHelpe102.dll
[2012.04.12 02:18:46 | 000,003,860 | ---- | C] () -- C:\Users\lena-laura\Documents\Documents.zip
[2012.04.12 02:18:13 | 000,003,517 | ---- | C] () -- C:\Users\lena-laura\Documents\Documents.7z
[2012.04.12 02:17:03 | 000,001,366 | ---- | C] () -- C:\Users\lena-laura\Documents\gmer.7z
[2012.04.12 02:16:49 | 000,002,347 | ---- | C] () -- C:\Users\lena-laura\Documents\Attach.7z
[2012.04.12 00:25:21 | 000,000,000 | ---- | C] () -- C:\Users\lena-laura\defogger_reenable
[2012.04.11 15:17:27 | 000,000,884 | ---- | C] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012.04.09 17:33:37 | 000,007,384 | ---- | C] () -- C:\Users\lena-laura\AppData\Roaming\BAcroIEHelpe099.dll
[2012.04.08 02:47:58 | 000,000,000 | ---- | C] () -- C:\windows\Path.idx
[2012.04.08 02:09:28 | 000,014,741 | ---- | C] () -- C:\Users\lena-laura\Documents\singding.odt
[2012.04.07 16:24:46 | 000,434,880 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2012.04.07 03:51:34 | 000,001,182 | ---- | C] () -- C:\Users\lena-laura\Desktop\Revo Uninstaller.lnk
[2012.04.07 03:44:44 | 000,000,925 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.04.05 16:07:25 | 000,034,799 | ---- | C] () -- C:\Users\lena-laura\Documents\AA EKS.pdf
[2012.03.31 01:50:29 | 000,014,016 | ---- | C] () -- C:\Users\lena-laura\Documents\blog.odt
[2012.03.30 06:55:15 | 000,012,652 | ---- | C] () -- C:\Users\lena-laura\Documents\anfart.odt
[2012.03.26 20:30:17 | 000,003,215 | ---- | C] () -- C:\Users\lena-laura\Documents\yam-win.zip.torrent
[2012.03.26 20:30:17 | 000,000,000 | ---- | C] () -- C:\Users\lena-laura\Documents\yam-win.zip
[2012.03.25 03:11:22 | 000,029,205 | ---- | C] () -- C:\Users\lena-laura\Documents\mama.odt
[2012.03.24 21:35:33 | 000,005,120 | ---- | C] () -- C:\Users\lena-laura\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.03.22 03:09:47 | 000,013,949 | ---- | C] () -- C:\Users\lena-laura\Documents\diary22.märz2.odt
[2012.03.22 03:09:31 | 000,020,816 | ---- | C] () -- C:\Users\lena-laura\Documents\diary22.märz.odt
[2012.03.21 14:11:36 | 000,038,090 | ---- | C] () -- C:\Users\lena-laura\Documents\01.2012.pdf
[2012.03.21 13:49:10 | 000,031,801 | ---- | C] () -- C:\Users\lena-laura\Documents\untermiete neu.pdf
[2012.02.07 17:40:22 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2012.02.07 17:40:22 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2012.02.07 17:40:22 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2012.02.07 17:40:22 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2012.02.07 17:40:22 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2012.02.02 19:46:43 | 000,000,425 | ---- | C] () -- C:\windows\BRWMARK.INI
[2012.02.02 19:46:43 | 000,000,027 | ---- | C] () -- C:\windows\BRPP2KA.INI
[2011.10.20 14:30:59 | 000,000,000 | ---- | C] () -- C:\Users\lena-laura\AppData\Roaming\wklnhst.dat
[2011.03.20 12:12:35 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.10.05 01:59:32 | 000,005,632 | ---- | C] () -- C:\windows\System32\StarOpen.sys
========== Files - Unicode (All) ==========
[2012.03.09 17:28:17 | 000,030,044 | ---- | M] ()(C:\Users\lena-laura\Documents\Capital+M+Artists_K+�+N+S+T+L+E+R+P+R+O+F+I+L_Formular_Akt�.pdf) -- C:\Users\lena-laura\Documents\Capital+M+Artists_K+Ü+N+S+T+L+E+R+P+R+O+F+I+L_Formular_Akt….pdf
[2012.03.09 17:28:17 | 000,030,044 | ---- | C] ()(C:\Users\lena-laura\Documents\Capital+M+Artists_K+�+N+S+T+L+E+R+P+R+O+F+I+L_Formular_Akt�.pdf) -- C:\Users\lena-laura\Documents\Capital+M+Artists_K+Ü+N+S+T+L+E+R+P+R+O+F+I+L_Formular_Akt….pdf
< End of report > |