Firefox Öffnet in Google falsche Links + Spotan Werbeseiten

drama-queen

Und hier noch der andere...kam aber nur einer?!

OTL logfile created on: 5/14/2010 9:03:24 PM - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\Mandy\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 57.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 100.00 Gb Total Space | 77.06 Gb Free Space | 77.06% Space Free | Partition Type: NTFS
Drive D: | 122.87 Gb Total Space | 69.40 Gb Free Space | 56.48% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MANDY-PC
Current User Name: Mandy
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\Mandy\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\EeePC\HotkeyService\HotkeyService.exe (ASUSTeK Computer Inc.)
PRC - C:\Programme\EeePC\HotkeyService\HotKeyMon.exe (ASUSTeK Computer Inc.)
PRC - C:\Windows\System32\AsusService.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
PRC - c:\Programme\Windows Defender\MpCmdRun.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Lexmark 3400 Series\ezprint.exe (Lexmark International Inc.)
PRC - C:\Programme\Lexmark 3400 Series\lxcymon.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Windows\System32\ASTSRV.EXE (Nalpeiron Ltd.)
PRC - C:\Windows\System32\lxcycoms.exe ( )


========== Modules (SafeList) ==========

MOD - C:\Users\Mandy\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AsusService) -- C:\Windows\System32\AsusService.exe ()
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (astcc) -- C:\Windows\System32\ASTSRV.EXE (Nalpeiron Ltd.)
SRV - (lxcy_device) -- C:\Windows\System32\lxcycoms.exe ( )


========== Driver Services (SafeList) ==========

DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (igd) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics Incorporated)
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\system32\DRIVERS\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwififlt) -- C:\Windows\System32\drivers\vwififlt.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://eeepc.asus.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://eeepc.asus.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/24 15:30:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/30 21:36:20 | 000,000,000 | ---D | M]

[2010/03/09 17:43:49 | 000,000,000 | ---D | M] -- C:\Users\Mandy\AppData\Roaming\mozilla\Extensions
[2010/03/09 17:43:49 | 000,000,000 | ---D | M] -- C:\Users\Mandy\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2010/05/14 20:55:48 | 000,000,000 | ---D | M] -- C:\Users\Mandy\AppData\Roaming\mozilla\Firefox\Profiles\80pg0fzy.default\extensions
[2010/04/14 19:37:22 | 000,000,000 | ---D | M] -- C:\Users\Mandy\AppData\Roaming\mozilla\Firefox\Profiles\80pg0fzy.default\extensions\personas@christopher.beard
[2010/03/09 17:40:02 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010/03/26 10:17:00 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010/03/26 10:17:00 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010/03/26 10:17:00 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010/03/26 10:17:00 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010/03/26 10:17:01 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 3400 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [HotKeyMon] C:\Windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HotkeyService] C:\Windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [IgfxExt] C:\Windows\System32\IgfxExt.exe (Intel Corporation)
O4 - HKLM..\Run: [LXCYCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXCYtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [lxcymon.exe] C:\Program Files\Lexmark 3400 Series\lxcymon.exe ()
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SynAsusAcpi] C:\Programme\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Mandy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Programme\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Mandy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Programme\LimeWire\LimeWire.exe (Lime Wire, LLC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/05/14 21:02:00 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Users\Mandy\Desktop\OTL.exe
[2010/05/13 22:03:03 | 000,019,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ivtvnbdu.sys
[2010/05/13 20:23:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\MpEngineStore
[2010/05/11 15:37:27 | 000,000,000 | ---D | C] -- C:\Users\Mandy\Desktop\Lila USB Stick
[2010/05/10 00:15:54 | 000,000,000 | ---D | C] -- C:\Programme\Trend Micro
[2010/05/06 16:42:37 | 000,000,000 | ---D | C] -- C:\ProgramData\PixelPlanet
[2010/05/06 16:42:21 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\XpressUpdate
[2010/05/06 16:42:21 | 000,000,000 | ---D | C] -- C:\Users\Mandy\AppData\Roaming\PixelPlanet
[2010/05/06 16:42:21 | 000,000,000 | ---D | C] -- C:\Programme\PixelPlanet
[2010/05/06 16:42:21 | 000,000,000 | ---D | C] -- C:\Users\Mandy\Documents\PdfGrabber
[2010/05/06 16:40:58 | 000,000,000 | ---D | C] -- C:\Users\Mandy\AppData\Local\Downloaded Installations
[2010/05/06 12:05:38 | 000,000,000 | ---D | C] -- C:\Programme\Sigel
[2010/05/04 16:31:42 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/05/04 16:31:39 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/05/04 16:26:05 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010/05/02 18:52:06 | 000,000,000 | ---D | C] -- C:\Users\Mandy\AppData\Roaming\Malwarebytes
[2010/05/02 18:51:43 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010/05/02 18:51:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/04/30 22:01:56 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010/04/30 22:00:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2010/04/30 16:57:17 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010/04/30 16:57:17 | 000,133,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecpkg.sys
[2010/04/30 13:10:49 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010/04/26 21:13:45 | 000,000,000 | ---D | C] -- C:\Users\Mandy\AppData\Local\EWPLAAWK
[2010/04/24 15:33:53 | 000,000,000 | ---D | C] -- C:\Users\Mandy\AppData\Roaming\Apple Computer
[2010/04/24 15:33:53 | 000,000,000 | ---D | C] -- C:\Users\Mandy\AppData\Local\Apple Computer
[2010/04/24 15:33:23 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2010/04/24 15:33:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010/04/24 15:32:28 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010/04/24 15:32:25 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2010/04/24 15:32:25 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/04/24 15:30:14 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime
[2010/04/24 15:30:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/04/24 15:29:51 | 000,000,000 | ---D | C] -- C:\Users\Mandy\AppData\Local\Apple
[2010/04/24 15:29:47 | 000,000,000 | ---D | C] -- C:\Programme\Apple Software Update
[2010/04/24 15:29:04 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2010/04/24 15:28:42 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Apple
[2010/04/24 15:28:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010/04/14 22:18:11 | 003,899,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/04/14 22:18:10 | 003,954,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/04/14 22:18:09 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010/04/13 11:05:32 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxcyserv.dll
[2010/04/13 11:05:32 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxcyusb1.dll
[2010/04/13 11:05:32 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxcypmui.dll
[2010/04/13 11:05:32 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxcylmpm.dll
[2010/04/13 11:05:32 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxcyinpa.dll
[2010/04/13 11:05:32 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcyiesc.dll
[2010/04/13 11:05:32 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\lxcyhcp.dll
[2010/04/13 11:05:32 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxcyprox.dll
[2010/04/13 11:05:32 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxcypplc.dll
[2010/04/13 11:05:31 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxcyhbn3.dll
[2010/04/13 11:05:31 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxcycomc.dll
[2010/04/13 11:05:31 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxcycomm.dll
[2010/03/12 20:33:30 | 000,013,880 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys

========== Files - Modified Within 30 Days ==========

[2010/05/14 21:08:09 | 001,835,008 | -HS- | M] () -- C:\Users\Mandy\NTUSER.DAT
[2010/05/14 21:02:15 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Mandy\Desktop\OTL.exe
[2010/05/14 19:52:14 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/05/14 19:52:14 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/05/14 19:44:15 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/05/14 19:43:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/05/14 19:43:49 | 1602,691,072 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/14 13:30:10 | 002,753,613 | -H-- | M] () -- C:\Users\Mandy\AppData\Local\IconCache.db
[2010/05/13 22:03:03 | 000,019,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ivtvnbdu.sys
[2010/05/13 17:35:09 | 000,000,175 | ---- | M] () -- C:\Windows\System32\MRT.INI
[2010/05/13 12:28:28 | 000,031,749 | ---- | M] () -- C:\Windows\Ascd_tmp.ini
[2010/05/13 12:27:44 | 000,047,537 | ---- | M] () -- C:\Windows\Ascd_log.ini
[2010/05/13 09:48:02 | 000,524,288 | -HS- | M] () -- C:\Users\Mandy\NTUSER.DAT{e09b8ae9-5e62-11df-ae36-90e6ba25c646}.TMContainer00000000000000000002.regtrans-ms
[2010/05/13 09:48:02 | 000,065,536 | -HS- | M] () -- C:\Users\Mandy\NTUSER.DAT{e09b8ae9-5e62-11df-ae36-90e6ba25c646}.TM.blf
[2010/05/13 09:48:01 | 000,524,288 | -HS- | M] () -- C:\Users\Mandy\NTUSER.DAT{e09b8ae9-5e62-11df-ae36-90e6ba25c646}.TMContainer00000000000000000001.regtrans-ms
[2010/05/12 18:34:39 | 001,472,002 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/05/12 18:34:39 | 000,643,866 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010/05/12 18:34:39 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/05/12 18:34:39 | 000,126,394 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010/05/12 18:34:39 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/05/10 00:15:54 | 000,002,047 | ---- | M] () -- C:\Users\Mandy\Desktop\HijackThis.lnk
[2010/05/06 16:42:28 | 000,002,305 | ---- | M] () -- C:\Users\Mandy\Desktop\PdfGrabber 6.0.lnk
[2010/05/06 12:05:41 | 000,001,165 | ---- | M] () -- C:\Users\Mandy\Desktop\Visitenkarten In 2 Minuten.lnk
[2010/05/06 10:36:38 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/05/04 16:31:45 | 000,000,987 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/04 16:26:08 | 000,001,839 | ---- | M] () -- C:\Users\Mandy\Desktop\CCleaner.lnk
[2010/04/29 12:19:24 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/29 12:19:14 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/24 15:33:38 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/04/24 15:30:32 | 000,001,819 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

========== Files Created - No Company Name ==========

[2010/05/13 17:35:09 | 000,000,175 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010/05/13 12:27:36 | 000,047,537 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2010/05/13 12:27:00 | 000,031,749 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2010/05/13 10:40:41 | 000,010,296 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
[2010/05/13 09:41:34 | 000,524,288 | -HS- | C] () -- C:\Users\Mandy\NTUSER.DAT{e09b8ae9-5e62-11df-ae36-90e6ba25c646}.TMContainer00000000000000000002.regtrans-ms
[2010/05/13 09:41:34 | 000,524,288 | -HS- | C] () -- C:\Users\Mandy\NTUSER.DAT{e09b8ae9-5e62-11df-ae36-90e6ba25c646}.TMContainer00000000000000000001.regtrans-ms
[2010/05/13 09:41:34 | 000,065,536 | -HS- | C] () -- C:\Users\Mandy\NTUSER.DAT{e09b8ae9-5e62-11df-ae36-90e6ba25c646}.TM.blf
[2010/05/10 00:15:54 | 000,002,047 | ---- | C] () -- C:\Users\Mandy\Desktop\HijackThis.lnk
[2010/05/06 16:42:28 | 000,002,305 | ---- | C] () -- C:\Users\Mandy\Desktop\PdfGrabber 6.0.lnk
[2010/05/06 12:05:41 | 000,001,165 | ---- | C] () -- C:\Users\Mandy\Desktop\Visitenkarten In 2 Minuten.lnk
[2010/05/04 16:31:45 | 000,000,987 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/04 16:26:08 | 000,001,839 | ---- | C] () -- C:\Users\Mandy\Desktop\CCleaner.lnk
[2010/04/24 15:33:38 | 000,002,429 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/04/24 15:30:32 | 000,001,819 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/04/13 11:05:33 | 000,274,432 | ---- | C] () -- C:\Windows\System32\lxcyinst.dll
[2010/03/24 20:16:17 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/03/24 19:25:18 | 000,015,602 | ---- | C] () -- C:\Windows\System32\SELF32.INI
[2010/03/18 11:46:46 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010/03/12 20:42:29 | 000,012,854 | ---- | C] () -- C:\Windows\System32\lpgun.ini
[2010/03/12 20:39:01 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010/03/10 11:53:02 | 000,021,864 | ---- | C] () -- C:\Windows\AsAcpiSvrLang.ini
[2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2006/11/07 12:30:48 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxcycoin.dll
[2006/08/14 17:07:04 | 000,065,536 | ---- | C] () -- C:\Windows\System32\lxcycaps.dll
[2006/08/08 15:58:04 | 000,692,224 | ---- | C] () -- C:\Windows\System32\lxcydrs.dll
[2006/03/23 04:33:20 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxcyvs.dll
[2006/01/25 18:11:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxcycnv4.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:CB0AACC9
< End of report >