ChrissiNash | 16.04.2013 13:18 | es kommt die Fehlermeldung:
Es befindet sich kein Datenträger im Laufwerk. Legen Sie einen Datenträger in Laufwerk \Device\Harddisk2\DR5 ein.
die Meldung geht nicht mehr weg :heulen:
über X ging es zu, habe auch alle weiteren Meldungen über leere Laufwerke zugemacht, jetzt läuft der scan wieder!
und hier die logs:
OTL Logfile: Code:
OTL Extras logfile created on: 16.04.2013 14:07:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Janine\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,96 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 47,16% Memory free
5,92 Gb Paging File | 4,09 Gb Available in Paging File | 69,06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 135,13 Gb Total Space | 63,82 Gb Free Space | 47,23% Space Free | Partition Type: NTFS
Drive D: | 97,66 Gb Total Space | 97,46 Gb Free Space | 99,80% Space Free | Partition Type: NTFS
Drive E: | 687,65 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: LAPTOP | User Name: Janine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Office 2007\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Office 2007\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\OFFICE~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Office 2007\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Office 2007\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\OFFICE~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01C936CF-BC94-4C12-9975-262028024841}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{03F7FE8F-8A74-4F45-B757-E16B3AEB1BB0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{057E6A2C-F461-481F-88E6-5B0A5246A509}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1175B687-4B47-43B8-B98C-34253DA1C65A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{17AE2DB8-063F-41CA-8EC6-B6C508F2B67B}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{1B9CB1E8-6675-4CAC-A40A-F5A46178AA2B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1E37A435-06F9-4839-AB52-CF1C61F51921}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{238F83AB-DCA6-4B30-950B-BF8122AA1F72}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{323CD390-6227-4660-A4BE-72495D2B8A24}" = rport=137 | protocol=17 | dir=out | app=system |
"{32CBAEDA-06F9-46A1-B280-6B1B372520E9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{37F656BD-B9CA-4B18-AA32-6BC97AC6F31D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3B91559E-6E5F-448E-AF69-07C987BFA51D}" = rport=445 | protocol=6 | dir=out | app=system |
"{4417189B-758F-4837-9836-5F7E1DCBB21D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{460088C0-AE6A-4351-98D9-E7121C9DBC77}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{52867018-106E-48B2-8563-A74FF9931523}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{57FFA438-F23B-439D-A6C3-1A9E5B8F83A4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5989FCA0-798C-4A81-A0BC-464E57F12DE2}" = lport=6004 | protocol=17 | dir=in | app=c:\office 2007\office12\outlook.exe |
"{5E874F6B-D468-4CA6-B1CC-E4BDBBA77E59}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5F491489-1148-4F66-BDC0-9C45BF4C6902}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{71DB02E1-AA9F-477A-B667-2819CC8E84E3}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{77273EFA-EF95-4D50-BBC9-51E40EA21C7B}" = lport=139 | protocol=6 | dir=in | app=system |
"{7BC61BD4-B11E-4F4F-B10B-0BB72D37128B}" = rport=138 | protocol=17 | dir=out | app=system |
"{86CFD314-D87E-4CE5-A53D-3152B2A0CF4D}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{9A6FD918-F206-4AB2-BE47-E2401720B0B3}" = lport=445 | protocol=6 | dir=in | app=system |
"{9AB32541-9C47-432E-B70D-BE324880B083}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9EB859FF-52F8-4253-9E87-53F568A725E6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A017DCC1-D1CA-4C60-81C7-C158D817C2E3}" = rport=139 | protocol=6 | dir=out | app=system |
"{A670CA15-D375-44B7-A8F3-61277621CC45}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B7F94692-D08C-4BF3-9123-A0C80531FEBC}" = lport=137 | protocol=17 | dir=in | app=system |
"{BD28E3B5-BAE1-46D5-B04E-A04A02A9ED8E}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{C1B3CC65-2F52-406F-98F2-ECE06558BC62}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{C2DEFACA-89E2-467F-9B47-F6C1F1FB7586}" = lport=138 | protocol=17 | dir=in | app=system |
"{C9129C36-ACDE-4B00-93A4-18561F7882F2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CCDAED6D-624C-487C-A255-94B9C46CBD2A}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{E19DCEF6-AD23-44CC-AE8A-1A9AA5576069}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{E4A86073-61A0-41E0-903F-7DE2F8CA32EF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{121A6A6E-8E55-4764-9EBE-4683627D926F}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\networkprinterdiscovery.exe |
"{220C4127-C7B9-4CC3-8F96-64E90CC7292D}" = protocol=6 | dir=in | app=c:\office 2007\office12\onenote.exe |
"{29FA81F1-34EB-4156-BD15-340DB885D827}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2DADBFB3-DBEF-40C9-AE42-E08695EA8261}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{2DDC3460-3856-417F-AA96-6532C4AC0C81}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\networkprinterdiscovery.exe |
"{35170712-5292-4C01-A981-6D74BCEE158D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3DB55FF8-F7CE-42F6-89BD-8BF190662509}" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"{44AD7E98-8E63-4675-A0F6-7CBB618BA8B4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{48ED5C35-D26F-4245-80AA-27A5F66620DC}" = protocol=17 | dir=in | app=c:\office 2007\office12\onenote.exe |
"{5DE279E0-F105-49B2-9155-E675B71A6104}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{682F5717-E260-466E-95A5-965AD4E7BFFC}" = protocol=17 | dir=in | app=c:\program files (x86)\die siedler - aufstieg eines königreichs - silver edition\base\bin\settlers6.exe |
"{69FDD781-2633-4C52-8A85-E5EAEE83FF0C}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{6CE7A276-9CD6-4BDA-A05C-A678B272C151}" = protocol=6 | dir=in | app=c:\office 2007\office12\groove.exe |
"{71A8EC12-B315-4F98-A562-4ACEF60AB451}" = protocol=6 | dir=in | app=c:\program files (x86)\die siedler - aufstieg eines königreichs - silver edition\base\bin\settlers6.exe |
"{75321078-60D2-4B5D-A04C-0C71551BEAE0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{75D25755-58B0-47C9-83C3-E63A6C731743}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7C857511-611D-4D95-9296-2CC4B8B01FC7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{843FAB44-453C-4FE8-AD10-BB736C0806F8}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8EA8039E-9066-4A36-AEB2-41AE8E637EF4}" = protocol=6 | dir=in | app=c:\program files (x86)\die siedler - aufstieg eines königreichs - silver edition\extra1\bin\settlers6.exe |
"{96FF0634-E571-484A-BBDD-6A05316E0836}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{AA02210D-268C-4B2C-A649-804E48787893}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B403781E-1201-4806-9474-7EDF77B21930}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B7A3D401-6069-40AA-8A2C-EFC0E4FECD7E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BAB316E9-ECB2-4311-8923-8F048A398AF2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C802AD5F-8A56-4811-B144-72EC48B393DC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D9FE538D-4572-4470-B9EB-002C2B4B03C4}" = protocol=6 | dir=out | app=system |
"{DCD3411E-9846-4E9C-9F45-E1063A222769}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E8549E98-BAE0-472B-92D5-2DBC587C494C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{EE621DC4-E802-460E-B4D1-978A296FA7EA}" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"{F3C5F8F7-0C0B-4E13-8EC4-1774113253CB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F479299B-3970-4A6B-912F-3D7952DA7246}" = protocol=17 | dir=in | app=c:\program files (x86)\die siedler - aufstieg eines königreichs - silver edition\extra1\bin\settlers6.exe |
"{F6846385-1CEC-4BE0-AD9E-F375235497E5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F73640C3-FF36-443C-B122-7FDB8E5D0E0F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FA1076C8-FD94-4C9A-BCA8-67AC1F00264F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FB9272D9-2EB3-4DE5-91EB-D23AE14D3968}" = protocol=17 | dir=in | app=c:\office 2007\office12\groove.exe |
"TCP Query User{31EFABD3-8876-47E4-8C3C-0803C2E5A9C5}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{4BEA3155-3509-4756-AD00-C659281E685D}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{89CB5E95-EC2F-47ED-8E53-B5CBF45037CA}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{D778EDFF-25D2-4EAD-B943-E99043E217E2}C:\program files (x86)\spellforce 2\spellforce2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spellforce 2\spellforce2.exe |
"TCP Query User{FB7B78C3-D3D8-4C77-94CB-A9CBF6A40539}C:\program files (x86)\die siedler - aufstieg eines königreichs - silver edition\extra1\bin\settlers6.exe" = protocol=6 | dir=in | app=c:\program files (x86)\die siedler - aufstieg eines königreichs - silver edition\extra1\bin\settlers6.exe |
"TCP Query User{FF648421-39F4-4E60-B631-D06427443B21}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{1CDA5C73-2D8C-4C34-A593-6C0D66CBF039}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{26E2AA73-1E57-4C36-8922-D724B69370D7}C:\program files (x86)\spellforce 2\spellforce2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spellforce 2\spellforce2.exe |
"UDP Query User{A4842C22-BA23-41C0-A119-C0EBC20644AA}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{CAF9C1B4-A587-4749-86C3-3D66D372904D}C:\program files (x86)\die siedler - aufstieg eines königreichs - silver edition\extra1\bin\settlers6.exe" = protocol=17 | dir=in | app=c:\program files (x86)\die siedler - aufstieg eines königreichs - silver edition\extra1\bin\settlers6.exe |
"UDP Query User{CEAD5EC7-0224-4096-B108-1C700ACC5CF7}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{E85F6C1E-62CD-4559-B05D-DEE3A32D5DD0}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0645A454-AD44-4F0D-99CF-6B762735AD1F}" = aioprnt
"{26A24AE4-039D-4CA4-87B4-2F86417017FF}" = Java 7 Update 17 (64-bit)
"{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"VLC media player" = VLC media player 2.0.2
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{077A7810-A937-4465-AD08-ACED9807995F}" = ANNO 1602 Königs-Edition
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
"{48B41C3A-9A92-4B81-B653-C97FEB85C910}" = C4USelfUpdater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{66FF4C48-0083-4E60-8556-B883AB200091}" = Heroes of Might & Magic V: Hammers of Fate
"{66FF4C48-0083-4E60-8556-B883AB200092}" = Heroes of Might and Magic V - Tribes of the East
"{746F49C9-3789-4F8E-AF3A-3A4B42ACFAF8}" = Spellforce 2 Gold
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{91120000-002E-0000-0000-0000000FF1CE}" = Microsoft Office Ultimate 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials
"{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr
"{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}" = DIE SIEDLER - Aufstieg eines Königreichs (Alle Produkte)
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{DB833EF9-A198-49BE-970A-BD46F30BFBB4}" = ANNO 1503 GOLD
"{E08DE897-B6AF-4DFF-9E90-131E80C876B4}" = DIE SIEDLER - Das Erbe der Könige - Gold Edition
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK All-in-One Software
"{E12C6653-1FF0-4686-ADB8-589C13AE761F}" = Citavi
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FE24086F-3B0C-4C47-A874-97A7B8E2FBBE}" = aioscnnr
"Avira AntiVir Desktop" = Avira Free Antivirus
"CloneDVD2" = CloneDVD2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.32.918
"Huawei Modems" = Huawei modem
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"SpellForce" = SpellForce
"ULTIMATER" = Microsoft Office Ultimate 2007
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 02.11.2012 17:33:10 | Computer Name = Laptop | Source = Windows Search Service | ID = 3028
Description =
Error - 02.11.2012 17:33:10 | Computer Name = Laptop | Source = Windows Search Service | ID = 3058
Description =
Error - 02.11.2012 17:33:10 | Computer Name = Laptop | Source = Windows Search Service | ID = 7010
Description =
Error - 05.11.2012 05:54:13 | Computer Name = Laptop | Source = ESENT | ID = 455
Description = Windows (3084) Windows: Fehler -1811 beim Öffnen von Protokolldatei
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00019.log.
Error - 05.11.2012 05:54:14 | Computer Name = Laptop | Source = Windows Search Service | ID = 9000
Description =
Error - 05.11.2012 05:54:14 | Computer Name = Laptop | Source = Windows Search Service | ID = 7040
Description =
Error - 05.11.2012 05:54:14 | Computer Name = Laptop | Source = Windows Search Service | ID = 7042
Description =
Error - 05.11.2012 05:54:14 | Computer Name = Laptop | Source = Windows Search Service | ID = 9002
Description =
Error - 05.11.2012 05:54:14 | Computer Name = Laptop | Source = Windows Search Service | ID = 3029
Description =
Error - 05.11.2012 05:54:16 | Computer Name = Laptop | Source = Windows Search Service | ID = 3029
Description =
Error - 05.11.2012 05:54:16 | Computer Name = Laptop | Source = Windows Search Service | ID = 3028
Description =
Error - 05.11.2012 05:54:16 | Computer Name = Laptop | Source = Windows Search Service | ID = 3058
Description =
Error - 05.11.2012 05:54:16 | Computer Name = Laptop | Source = Windows Search Service | ID = 7010
Description =
[ System Events ]
Error - 15.04.2013 03:17:25 | Computer Name = Laptop | Source = Application Popup | ID = 875
Description = Treiber atksgt.sys konnte nicht geladen werden.
Error - 15.04.2013 03:17:25 | Computer Name = Laptop | Source = Service Control Manager | ID = 7000
Description = Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error - 15.04.2013 03:18:27 | Computer Name = Laptop | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-1073473535.
Error - 15.04.2013 03:18:30 | Computer Name = Laptop | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt:
Neustart des Diensts.
Error - 15.04.2013 03:37:43 | Computer Name = Laptop | Source = Application Popup | ID = 875
Description = Treiber atksgt.sys konnte nicht geladen werden.
Error - 15.04.2013 03:37:43 | Computer Name = Laptop | Source = Service Control Manager | ID = 7000
Description = Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error - 15.04.2013 11:21:40 | Computer Name = Laptop | Source = Application Popup | ID = 875
Description = Treiber atksgt.sys konnte nicht geladen werden.
Error - 15.04.2013 11:21:40 | Computer Name = Laptop | Source = Service Control Manager | ID = 7000
Description = Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error - 16.04.2013 04:40:23 | Computer Name = Laptop | Source = Application Popup | ID = 875
Description = Treiber atksgt.sys konnte nicht geladen werden.
Error - 16.04.2013 04:40:23 | Computer Name = Laptop | Source = Service Control Manager | ID = 7000
Description = Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
< End of report > --- --- ---
OTL Logfile: Code:
OTL logfile created on: 16.04.2013 14:07:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Janine\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,96 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 47,16% Memory free
5,92 Gb Paging File | 4,09 Gb Available in Paging File | 69,06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 135,13 Gb Total Space | 63,82 Gb Free Space | 47,23% Space Free | Partition Type: NTFS
Drive D: | 97,66 Gb Total Space | 97,46 Gb Free Space | 99,80% Space Free | Partition Type: NTFS
Drive E: | 687,65 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: LAPTOP | User Name: Janine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Janine\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Citavi\bin\Citavi.exe (Swiss Academic Software)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe (Eastman Kodak Company)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\7366a39c36523a084bc11c230929ff92\Microsoft.VisualBasic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\01c6cb58745f397c9b7ccf3ab7bfc9cd\System.EnterpriseServices.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\536d704e93ffec9b54e4a0312fb5b996\System.Transactions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d908c91e24616e6b8d38c9da61038b25\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\3abd733e8fa28fafbfc99458fdf691da\System.Security.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\9d2a9fc04e660079633eb74b37a1d77c\Microsoft.VisualC.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Citavi\bin\System.Data.SQLite.dll ()
MOD - C:\Program Files (x86)\Citavi\bin\SwissAcademic.RegularExpressions.dll ()
MOD - C:\Program Files (x86)\Citavi\bin\Hunspell.dll ()
MOD - C:\Program Files (x86)\Citavi\bin\AxInterop.WMPLib.dll ()
MOD - C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()
========== Services (SafeList) ==========
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Kodak AiO Network Discovery Service) -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe (Eastman Kodak Company)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (sprtsvc_DellSupportCenter) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (Microsoft Office Groove Audit Service) -- C:\Office 2007\Office12\GrooveAuditService.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (AnyDVD) -- C:\Windows\SysNative\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation)
DRV:64bit: - (ssadbus) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation)
DRV:64bit: - (ssadserd) -- C:\Windows\SysNative\drivers\ssadserd.sys (MCCI Corporation)
DRV:64bit: - (ssadmdfl) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation)
DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\ssadadb.sys (Google Inc)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (lvpopf64) -- C:\Windows\SysNative\drivers\lvpopf64.sys (Logitech Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV - (AnyDVD) -- C:\Windows\SysWOW64\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1110527559-201205940-1175240766-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.freemail.de/
IE - HKU\S-1-5-21-1110527559-201205940-1175240766-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1110527559-201205940-1175240766-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-1110527559-201205940-1175240766-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 89 1F CE B1 78 CF CB 01 [binary data]
IE - HKU\S-1-5-21-1110527559-201205940-1175240766-1001\..\SearchScopes,DefaultScope = {081EDB05-CF54-4D64-97EC-8F4C38EDBB41}
IE - HKU\S-1-5-21-1110527559-201205940-1175240766-1001\..\SearchScopes\{081EDB05-CF54-4D64-97EC-8F4C38EDBB41}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKU\S-1-5-21-1110527559-201205940-1175240766-1001\..\SearchScopes\{576FFF45-E126-4CC6-A3AB-674BFD27188D}: "URL" = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms}
IE - HKU\S-1-5-21-1110527559-201205940-1175240766-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2013.01.04 20:50:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Firefox\components [2013.03.16 18:33:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Firefox\plugins
[2013.02.21 16:30:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Janine\AppData\Roaming\mozilla\Extensions
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Office 2007\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [EKAIO2StatusMonitor] C:\Windows\SysNative\spool\drivers\x64\3\EKAiO2MUI.exe (Eastman Kodak Company)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Conime] %windir%\system32\conime.exe File not found
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [EKAiO2StatusMonitor] C:\Windows\System32\spool\drivers\x64\3\EKAiO2MUI.exe File not found
O4 - HKLM..\Run: [GrooveMonitor] C:\Office 2007\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1110527559-201205940-1175240766-1001..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\S-1-5-21-1110527559-201205940-1175240766-1001..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Janine\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Office 2007\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Janine\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Office 2007\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Office 2007\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Office 2007\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Office 2007\Office12\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.102.15 10.0.1.3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{43495467-B1DE-4B94-914D-F7370F5A0146}: DhcpNameServer = 192.168.102.15 10.0.1.3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6C7CE985-7A94-4C11-8980-73255F4B713A}: NameServer = 193.189.244.206 193.189.244.225
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Office 2007\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Office 2007\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [1999.08.31 05:52:00 | 000,598,016 | R--- | M] (MAX DESIGN) - E:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [1999.08.31 05:52:00 | 000,000,766 | R--- | M] () - E:\Autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2001.09.06 01:04:00 | 000,000,283 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{07ff3afd-6c9e-11e2-b8b6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{07ff3afd-6c9e-11e2-b8b6-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{07ff3b3f-6c9e-11e2-b8b6-a4badbb4fcb1}\Shell - "" = AutoRun
O33 - MountPoints2\{07ff3b3f-6c9e-11e2-b8b6-a4badbb4fcb1}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{151a383e-acb6-11e0-aa7c-a4badbb4fcb1}\Shell - "" = AutoRun
O33 - MountPoints2\{151a383e-acb6-11e0-aa7c-a4badbb4fcb1}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{151a384c-acb6-11e0-aa7c-a4badbb4fcb1}\Shell - "" = AutoRun
O33 - MountPoints2\{151a384c-acb6-11e0-aa7c-a4badbb4fcb1}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{3c0175c4-703f-11e1-88a8-001e101fb681}\Shell - "" = AutoRun
O33 - MountPoints2\{3c0175c4-703f-11e1-88a8-001e101fb681}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{4ce687fb-810b-11e2-b8a6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4ce687fb-810b-11e2-b8a6-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{4ce68833-810b-11e2-b8a6-a4badbb4fcb1}\Shell - "" = AutoRun
O33 - MountPoints2\{4ce68833-810b-11e2-b8a6-a4badbb4fcb1}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{4ce6883f-810b-11e2-b8a6-a4badbb4fcb1}\Shell - "" = AutoRun
O33 - MountPoints2\{4ce6883f-810b-11e2-b8a6-a4badbb4fcb1}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{5af07fac-6d53-11e2-950b-a4badbb4fcb1}\Shell - "" = AutoRun
O33 - MountPoints2\{5af07fac-6d53-11e2-950b-a4badbb4fcb1}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{5af07fb8-6d53-11e2-950b-a4badbb4fcb1}\Shell - "" = AutoRun
O33 - MountPoints2\{5af07fb8-6d53-11e2-950b-a4badbb4fcb1}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{5af07fec-6d53-11e2-950b-001e101f8924}\Shell - "" = AutoRun
O33 - MountPoints2\{5af07fec-6d53-11e2-950b-001e101f8924}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{692310a2-6c96-11e2-af0d-a4badbb4fcb1}\Shell - "" = AutoRun
O33 - MountPoints2\{692310a2-6c96-11e2-af0d-a4badbb4fcb1}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{692310b1-6c96-11e2-af0d-a4badbb4fcb1}\Shell - "" = AutoRun
O33 - MountPoints2\{692310b1-6c96-11e2-af0d-a4badbb4fcb1}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{692310d8-6c96-11e2-af0d-a4badbb4fcb1}\Shell - "" = AutoRun
O33 - MountPoints2\{692310d8-6c96-11e2-af0d-a4badbb4fcb1}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{837e513d-0558-11e1-a615-a4badbb4fcb1}\Shell - "" = AutoRun
O33 - MountPoints2\{837e513d-0558-11e1-a615-a4badbb4fcb1}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{91d7eb7a-ef5b-11e0-aaeb-a4badbb4fcb1}\Shell - "" = AutoRun
O33 - MountPoints2\{91d7eb7a-ef5b-11e0-aaeb-a4badbb4fcb1}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{91d7ec8e-ef5b-11e0-aaeb-a4badbb4fcb1}\Shell - "" = AutoRun
O33 - MountPoints2\{91d7ec8e-ef5b-11e0-aaeb-a4badbb4fcb1}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{9f19e9cd-6c93-11e2-9d4f-a4badbb4fcb1}\Shell - "" = AutoRun
O33 - MountPoints2\{9f19e9cd-6c93-11e2-9d4f-a4badbb4fcb1}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{9f19e9da-6c93-11e2-9d4f-a4badbb4fcb1}\Shell - "" = AutoRun
O33 - MountPoints2\{9f19e9da-6c93-11e2-9d4f-a4badbb4fcb1}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{b47321e7-6c5b-11e2-a61a-001e101f7f74}\Shell - "" = AutoRun
O33 - MountPoints2\{b47321e7-6c5b-11e2-a61a-001e101f7f74}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{bc120277-6de4-11e2-a2e3-001e101f3315}\Shell - "" = AutoRun
O33 - MountPoints2\{bc120277-6de4-11e2-a2e3-001e101f3315}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{de16ce55-3b5e-11e0-aea5-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{de16ce55-3b5e-11e0-aea5-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autoRcd.exe
O33 - MountPoints2\{ea24385d-f7cf-11e0-86df-a4badbb4fcb1}\Shell - "" = AutoRun
O33 - MountPoints2\{ea24385d-f7cf-11e0-86df-a4badbb4fcb1}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 60 Days ==========
[2013.04.16 14:04:09 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Janine\Desktop\OTL.exe
[2013.04.15 10:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.04.15 09:52:04 | 000,310,688 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.04.15 09:51:56 | 000,188,832 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.04.15 09:51:56 | 000,188,320 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.04.15 09:51:56 | 000,108,448 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013.04.11 21:52:09 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.04.11 21:52:09 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.04.11 21:52:08 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.04.11 21:52:08 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.04.11 21:52:08 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.04.11 21:52:08 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.04.11 21:52:08 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.04.11 21:52:08 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.04.11 21:52:07 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.04.11 21:52:07 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.04.11 21:52:07 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.04.11 21:52:07 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.04.11 21:52:05 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.04.11 21:52:05 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.04.11 21:52:05 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.04.11 20:02:12 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013.04.11 20:02:11 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013.04.11 20:02:11 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013.04.11 20:02:11 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013.04.11 20:02:11 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013.04.11 20:02:11 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013.04.11 20:02:04 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.04.11 20:02:03 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.04.11 20:02:03 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.04.11 20:02:02 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013.04.11 20:02:02 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.04.11 20:02:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013.03.30 14:13:33 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.03.30 14:13:33 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.03.30 14:13:33 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.03.15 19:17:01 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013.03.01 22:56:59 | 000,691,568 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.01 22:56:59 | 000,071,024 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.02.28 21:48:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.02.28 21:48:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.02.22 10:38:06 | 000,000,000 | ---D | C] -- C:\Users\Janine\Documents\samsung
[2013.02.21 22:04:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2013.02.21 21:56:23 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Roaming\pdfforge
[2013.02.21 21:56:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2013.02.21 21:56:21 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCT2.OCX
[2013.02.21 21:56:21 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMAPI32.OCX
[2013.02.21 21:56:21 | 000,103,936 | ---- | C] (pdfforge GbR) -- C:\Windows\SysNative\pdfcmon.dll
[2013.02.21 21:56:19 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCMCDE.DLL
[2013.02.21 21:56:19 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6DE.DLL
[2013.02.21 21:56:19 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCC2DE.DLL
[2013.02.21 21:56:19 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPIDE.DLL
[2013.02.21 21:56:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2013.02.21 16:29:38 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Roaming\Mozilla
[2013.02.21 16:29:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013.02.18 13:25:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013.02.18 13:25:53 | 000,000,000 | ---D | C] -- C:\Users\Janine\AppData\Roaming\Babylon
[2013.02.18 13:25:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
========== Files - Modified Within 60 Days ==========
[2013.04.16 14:04:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Janine\Desktop\OTL.exe
[2013.04.16 10:53:28 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.16 10:53:28 | 000,643,866 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.04.16 10:53:28 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.16 10:53:28 | 000,126,394 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.04.16 10:53:28 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.16 10:48:16 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.16 10:48:16 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.16 10:40:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.16 10:40:11 | 2384,744,448 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.15 09:51:47 | 000,108,448 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013.04.15 09:51:45 | 001,085,344 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2013.04.15 09:51:45 | 000,963,488 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013.04.15 09:51:45 | 000,310,688 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.04.15 09:51:45 | 000,188,832 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.04.15 09:51:45 | 000,188,320 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.04.12 15:06:46 | 000,411,928 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.03.30 14:13:28 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.03.30 14:13:28 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.03.30 14:13:28 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.03.19 08:04:06 | 005,550,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.03.19 07:46:56 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.03.19 07:04:13 | 003,968,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.03.19 07:04:10 | 003,913,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.03.19 06:47:50 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013.03.01 22:56:59 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.01 22:56:59 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.02.22 08:27:49 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.02.22 08:19:37 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.02.22 08:18:42 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.02.22 08:15:48 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.02.22 08:15:23 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.02.22 08:15:22 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.02.22 08:14:22 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.02.22 08:13:02 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.02.22 08:09:21 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.02.22 05:37:50 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.02.22 05:36:35 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.02.22 05:34:18 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.02.22 05:34:17 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.02.22 05:31:55 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.02.22 05:28:48 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
========== Files Created - No Company Name ==========
[2013.02.21 16:29:28 | 000,001,113 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.02.18 13:26:56 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.10.07 16:22:42 | 000,076,360 | ---- | C] () -- C:\ProgramData\hpaongphdqeedjp
[2011.11.13 22:45:43 | 000,003,584 | ---- | C] () -- C:\Users\Janine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.10.05 16:27:12 | 000,071,259 | ---- | C] () -- C:\Windows\Huawei ModemsUninstall.exe
[2011.07.06 14:33:07 | 000,000,083 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.06.16 11:08:40 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2011.06.07 11:13:38 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.06.07 11:13:38 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.06.07 11:13:38 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.06.07 11:13:38 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.05.03 20:08:25 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.02.18 13:25:53 | 000,000,000 | ---D | M] -- C:\Users\Janine\AppData\Roaming\Babylon
[2012.01.23 20:14:12 | 000,000,000 | ---D | M] -- C:\Users\Janine\AppData\Roaming\calibre
[2012.10.05 17:18:52 | 000,000,000 | ---D | M] -- C:\Users\Janine\AppData\Roaming\Duibh
[2012.09.24 19:14:57 | 000,000,000 | ---D | M] -- C:\Users\Janine\AppData\Roaming\DVDVideoSoft
[2012.09.24 19:14:19 | 000,000,000 | ---D | M] -- C:\Users\Janine\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.05.03 20:22:20 | 000,000,000 | ---D | M] -- C:\Users\Janine\AppData\Roaming\Leadertech
[2012.10.05 09:40:01 | 000,000,000 | ---D | M] -- C:\Users\Janine\AppData\Roaming\Ozrewe
[2013.02.21 21:56:23 | 000,000,000 | ---D | M] -- C:\Users\Janine\AppData\Roaming\pdfforge
[2011.07.01 21:56:01 | 000,000,000 | ---D | M] -- C:\Users\Janine\AppData\Roaming\Samsung
[2013.01.04 21:00:50 | 000,000,000 | ---D | M] -- C:\Users\Janine\AppData\Roaming\Swiss Academic Software
[2013.02.03 12:10:51 | 000,000,000 | ---D | M] -- C:\Users\Janine\AppData\Roaming\Telefónica
[2011.07.03 09:06:41 | 000,000,000 | ---D | M] -- C:\Users\Janine\AppData\Roaming\Temp
[2012.10.03 19:03:40 | 000,000,000 | ---D | M] -- C:\Users\Janine\AppData\Roaming\Ziwo
========== Purity Check ==========
< End of report > --- --- ---
[/CODE]
[/CODE] |