Hier das LOG: Code:
OTL logfile created on: 11.05.2013 11:12:34 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Florian\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.190)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,93 Gb Total Physical Memory | 1,70 Gb Available Physical Memory | 57,93% Memory free
6,08 Gb Paging File | 4,64 Gb Available in Paging File | 76,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223,12 Gb Total Space | 88,20 Gb Free Space | 39,53% Space Free | Partition Type: NTFS
Computer Name: FLORIAN-PC | User Name: Florian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Florian\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Users\Florian\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
PRC - C:\Programme\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Programme\Acer\Acer PowerSmart Manager\ePowerTray.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Acer PowerSmart Manager\ePowerEvent.exe (Acer Incorporated)
PRC - C:\Programme\EgisTec\MyWinLocker 3\x86\MWLService.exe (Egis Technology Inc.)
PRC - C:\Programme\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
PRC - C:\Programme\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
PRC - C:\Programme\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
PRC - C:\Programme\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Programme\Apoint2K\Hidfind.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
PRC - C:\Programme\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
PRC - C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
PRC - C:\Programme\AAVUpdateManager\aavus.exe ()
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
========== Modules (No Company Name) ==========
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Programme\NewTech Infosystems\Acer Backup Manager\sqlite3.dll ()
MOD - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMediaLibrary.dll ()
MOD - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvcPS.dll ()
MOD - C:\Programme\Launch Manager\PowerUtl.dll ()
========== Services (SafeList) ==========
SRV - (AntiVirWebService) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirMailService) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated)
SRV - (MWLService) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
SRV - (NTI IScheduleSvc) -- C:\Programme\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (CLHNService) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
SRV - (AAV UpdateService) -- C:\Programme\AAVUpdateManager\aavus.exe ()
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (catchme) -- C:\ComboFix\catchme.sys File not found
DRV - (br3gmdm) -- system32\DRIVERS\br3gmdm.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (Netaapl) -- C:\Windows\System32\drivers\netaapl.sys (Apple Inc.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (mwlPSDVDisk) -- C:\Windows\System32\drivers\mwlPSDVDisk.sys (Egis Incorporated.)
DRV - (mwlPSDFilter) -- C:\Windows\System32\drivers\mwlPSDFilter.sys (Egis Incorporated.)
DRV - (mwlPSDNServ) -- C:\Windows\System32\drivers\mwlPSDNserv.sys (Egis Incorporated.)
DRV - (IntcHdmiAddService) -- C:\Windows\System32\drivers\IntcHdmi.sys (Intel(R) Corporation)
DRV - (k57nd60x) -- C:\Windows\System32\drivers\k57nd60x.sys (Broadcom Corporation)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0809&m=aspire_5738
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1562104533-1425964517-2432584623-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKU\S-1-5-21-1562104533-1425964517-2432584623-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1562104533-1425964517-2432584623-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-1562104533-1425964517-2432584623-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1562104533-1425964517-2432584623-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1562104533-1425964517-2432584623-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1562104533-1425964517-2432584623-1000\..\SearchScopes\{0BF62C0F-3C93-48E8-914A-F46B7E52E96B}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=0ca55c19-1330-42b3-acf1-300643c595de&apn_sauid=C79D57AF-3061-42DF-8309-3DDD80D44EE6
IE - HKU\S-1-5-21-1562104533-1425964517-2432584623-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE346
IE - HKU\S-1-5-21-1562104533-1425964517-2432584623-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1562104533-1425964517-2432584623-1000\..\SearchScopes\{D8A6DDF2-780A-4FBB-8D9D-3866C5BBFF62}: "URL" = hxxp://start.funmoods.com/results.php?f=4&a=ironto&q={searchTerms}
IE - HKU\S-1-5-21-1562104533-1425964517-2432584623-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1562104533-1425964517-2432584623-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.14
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.2
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.05.01 16:05:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.05.01 16:12:28 | 000,000,000 | ---D | M]
[2009.09.25 16:55:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Florian\AppData\Roaming\mozilla\Extensions
[2013.05.06 18:48:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\slez9yyp.default\extensions
[2010.08.14 11:09:04 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\slez9yyp.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2013.02.24 21:59:55 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\slez9yyp.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013.05.01 16:05:52 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\Florian\AppData\Roaming\mozilla\firefox\profiles\slez9yyp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2013.04.20 17:21:36 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.05.01 16:05:17 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013.05.01 16:05:13 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.05.01 16:05:13 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013.05.01 16:05:13 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2013.05.01 16:05:13 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.05.01 16:05:13 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.05.01 16:05:13 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2013.04.22 17:15:45 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O3 - HKU\S-1-5-21-1562104533-1425964517-2432584623-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [mwlDaemon] C:\Programme\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-1562104533-1425964517-2432584623-1000..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1562104533-1425964517-2432584623-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1562104533-1425964517-2432584623-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx (WRC Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74C569A7-3346-4FE3-B0DE-ACAF57F8B329}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img18.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img18.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MpfService - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 360 Days ==========
[2013.05.11 11:08:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Florian\Desktop\OTL.exe
[2013.05.10 09:11:26 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Florian\Desktop\tdsskiller.exe
[2013.05.10 09:09:06 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Florian\Desktop\aswMBR.exe
[2013.05.09 08:15:21 | 000,000,000 | ---D | C] -- C:\Users\Florian\Desktop\mbar-1.05.0.1001
[2013.05.09 07:54:46 | 000,354,299 | ---- | C] (Farbar) -- C:\Users\Florian\Desktop\FSS.exe
[2013.05.06 19:09:35 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Avira
[2013.05.06 19:08:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013.05.06 19:08:42 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2013.05.06 19:08:40 | 000,135,136 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2013.05.06 19:08:40 | 000,084,744 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2013.05.06 19:08:40 | 000,037,352 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2013.05.06 19:08:19 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2013.05.01 16:20:21 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\Macromedia
[2013.05.01 16:11:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013.05.01 16:11:16 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013.05.01 16:05:24 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013.05.01 16:05:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013.05.01 16:01:19 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.05.01 10:22:16 | 000,000,000 | ---D | C] -- C:\6752125179c0fb3bece9642ddb5c508a
[2013.05.01 10:21:58 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2013.04.30 19:17:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2013.04.30 19:16:17 | 000,000,000 | ---D | C] -- C:\234d9d863bd674208df9d5f0
[2013.04.30 18:33:11 | 365,230,920 | ---- | C] (Microsoft Corporation) -- C:\Users\Florian\Desktop\Windows6.0-KB948465-X86.exe
[2013.04.26 07:46:44 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJSolutionMenuEX
[2013.04.26 07:46:13 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEPPEX2
[2013.04.26 07:46:13 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonEPP
[2013.04.26 07:45:11 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJMyPrinter
[2013.04.24 20:05:36 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJPLM
[2013.04.24 20:04:31 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJMSetup
[2013.04.24 20:04:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5100 series Benutzerregistrierung
[2013.04.24 20:04:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2013.04.24 20:04:12 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJWSpt
[2013.04.24 20:02:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2013.04.24 20:01:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5100 series Manual
[2013.04.24 20:01:45 | 000,000,000 | -H-D | C] -- C:\Windows\System32\CanonIJ Uninstaller Information
[2013.04.24 20:01:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5100 series
[2013.04.24 19:57:29 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2013.04.24 19:56:28 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2013.04.23 17:56:13 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013.04.23 17:45:24 | 002,347,384 | ---- | C] (ESET) -- C:\Users\Florian\Desktop\esetsmartinstaller_enu.exe
[2013.04.22 17:23:05 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.04.22 17:23:05 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\temp
[2013.04.22 17:15:49 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013.04.22 17:01:04 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.04.22 17:01:04 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.04.22 17:01:04 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.04.22 17:00:53 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.04.22 17:00:29 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.04.22 16:58:29 | 005,058,971 | R--- | C] (Swearware) -- C:\Users\Florian\Desktop\ComboFix.exe
[2013.04.20 17:26:48 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Florian\Desktop\dds.scr
[2013.04.19 19:50:27 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Malwarebytes
[2013.04.19 19:50:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.04.19 19:50:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.04.19 19:50:16 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.04.19 19:50:16 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.04.02 21:45:30 | 000,000,000 | ---D | C] -- C:\Users\Florian\Documents\Steuerfälle
[2013.04.02 21:45:30 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\AAV
[2013.04.02 21:44:34 | 000,000,000 | ---D | C] -- C:\Program Files\AAVUpdateManager
[2013.04.02 21:44:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BILD-Steuer 2013
[2013.04.02 21:41:34 | 000,000,000 | ---D | C] -- C:\Program Files\BILDSteuer
[2013.04.02 21:39:30 | 000,000,000 | ---D | C] -- C:\ProgramData\AAV
[2013.01.19 19:06:21 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\mquadr.at
[2013.01.19 19:06:21 | 000,000,000 | ---D | C] -- C:\ProgramData\mquadr.at
[2013.01.19 19:06:02 | 000,243,197 | ---- | C] (mquadr.at software engineering & consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at) -- C:\Windows\System32\SSDPDiscovery.dll
[2013.01.19 19:06:01 | 002,475,456 | ---- | C] (mquadr.at software engineering und consulting GmbH) -- C:\Windows\System32\M2ElevatedCalls.dll
[2013.01.19 19:06:00 | 000,948,608 | ---- | C] (mquadr.at software engineering) -- C:\Windows\System32\M2ElevatedNetworkAdapters.dll
[2013.01.19 19:06:00 | 000,238,080 | ---- | C] (Nicomsoft Ltd.) -- C:\Windows\System32\WiFiMan.dll
[2013.01.19 19:05:12 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\DTAG
[2013.01.06 20:05:27 | 000,000,000 | ---D | C] -- C:\e3325eb776f235f14eea34d9
[2012.12.17 22:40:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.12.17 22:39:36 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.12.17 22:38:36 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.12.17 22:38:36 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2012.12.17 22:24:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2012.12.17 22:22:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012.12.17 22:22:27 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012.12.17 22:16:26 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012.06.14 10:41:10 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012.06.06 08:49:52 | 001,070,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCTL.OCX
========== Files - Modified Within 360 Days ==========
[2013.05.11 11:10:55 | 001,294,040 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.05.11 11:10:55 | 000,792,336 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.05.11 11:10:55 | 000,342,776 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.05.11 11:10:55 | 000,292,154 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.05.11 11:08:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Florian\Desktop\OTL.exe
[2013.05.11 11:06:17 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.11 11:04:42 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.11 11:04:42 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.11 11:04:42 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.11 11:04:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.11 11:03:50 | 3146,604,544 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.11 10:55:15 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.10 09:11:31 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Florian\Desktop\tdsskiller.exe
[2013.05.10 09:10:30 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Florian\Desktop\aswMBR.exe
[2013.05.09 07:58:20 | 012,917,756 | R--- | M] () -- C:\Users\Florian\Desktop\mbar-1.05.0.1001.zip
[2013.05.09 07:54:48 | 000,354,299 | ---- | M] (Farbar) -- C:\Users\Florian\Desktop\FSS.exe
[2013.05.09 07:51:12 | 000,007,052 | ---- | M] () -- C:\Users\Florian\AppData\Local\d3d9caps.dat
[2013.05.06 19:08:54 | 000,001,851 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.05.06 19:02:11 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2013.05.06 19:02:11 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2013.05.06 19:02:11 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2013.05.06 19:02:11 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2013.05.06 18:52:28 | 002,083,256 | ---- | M] () -- C:\Users\Florian\Desktop\avira_antivirus_premium.exe
[2013.05.06 18:43:22 | 000,227,096 | ---- | M] () -- C:\Users\Florian\Desktop\avira_registry_cleaner_de.exe
[2013.05.02 02:06:08 | 000,238,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013.05.01 16:12:28 | 000,001,896 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2013.05.01 10:21:19 | 135,507,981 | R--- | M] () -- C:\Users\Florian\Desktop\Windows6.0-KB947821-v26-x86.msu
[2013.04.30 18:37:17 | 365,230,920 | ---- | M] (Microsoft Corporation) -- C:\Users\Florian\Desktop\Windows6.0-KB948465-X86.exe
[2013.04.24 20:04:14 | 000,001,860 | ---- | M] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
[2013.04.24 20:02:19 | 000,002,137 | ---- | M] () -- C:\Users\Public\Desktop\Canon MG5100 series Online-Handbuch.lnk
[2013.04.23 17:46:01 | 000,890,815 | ---- | M] () -- C:\Users\Florian\Desktop\SecurityCheck.exe
[2013.04.23 17:45:37 | 002,347,384 | ---- | M] (ESET) -- C:\Users\Florian\Desktop\esetsmartinstaller_enu.exe
[2013.04.22 17:15:45 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013.04.22 16:58:46 | 005,058,971 | R--- | M] (Swearware) -- C:\Users\Florian\Desktop\ComboFix.exe
[2013.04.20 17:34:18 | 000,002,617 | ---- | M] () -- C:\Users\Florian\Desktop\Microsoft Word 2010.lnk
[2013.04.20 17:26:49 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Florian\Desktop\dds.scr
[2013.04.20 17:25:38 | 000,613,083 | ---- | M] () -- C:\Users\Florian\Desktop\adw22cleaner.exe
[2013.04.19 19:50:17 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.04.19 19:12:36 | 000,003,994 | ---- | M] () -- C:\Users\Florian\Documents\cc_20130419_191226.reg
[2013.04.13 15:35:01 | 000,113,152 | ---- | M] () -- C:\Users\Florian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.04.02 21:44:06 | 000,001,846 | ---- | M] () -- C:\Users\Public\Desktop\BILD-Steuer 2013.lnk
[2013.02.27 21:07:21 | 000,019,856 | ---- | M] () -- C:\Users\Florian\Desktop\5homerava.jpg
[2013.02.27 21:07:15 | 000,069,586 | ---- | M] () -- C:\Users\Florian\Desktop\5homerbanner.jpg
[2013.02.24 22:39:04 | 000,128,024 | ---- | M] () -- C:\Users\Florian\Desktop\film_050112.jpg
[2013.02.24 22:01:53 | 000,008,740 | ---- | M] () -- C:\Users\Florian\Desktop\BBava.jpg
[2013.02.24 22:01:53 | 000,002,690 | ---- | M] () -- C:\Users\Florian\.recently-used.xbel
[2013.02.24 22:01:14 | 000,025,917 | ---- | M] () -- C:\Users\Florian\Desktop\BBsig.jpg
[2013.02.24 16:46:55 | 000,956,153 | ---- | M] () -- C:\Users\Florian\Desktop\bb2.jpg
[2013.02.24 16:46:08 | 000,081,360 | ---- | M] () -- C:\Users\Florian\Desktop\bb1.jpg
[2013.02.11 20:37:53 | 000,072,910 | ---- | M] () -- C:\Users\Florian\Documents\cc_20130211_193742.reg
[2013.02.09 13:07:06 | 000,680,003 | ---- | M] () -- C:\Users\Florian\Desktop\vlcsnap-2012-02-09-00h28m13s59.png
[2013.02.09 13:06:08 | 000,055,789 | ---- | M] () -- C:\Users\Florian\Desktop\19868243.jpg-r_640_600-b_1_D6D6D6-f_jpg-q_x-xxyxx.jpg
[2013.02.09 12:48:28 | 000,160,355 | ---- | M] () -- C:\Users\Florian\Desktop\hdfg.jpg
[2013.01.21 18:13:33 | 000,112,386 | ---- | M] () -- C:\Users\Florian\Desktop\tKzun.jpg
[2012.12.21 01:53:24 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_netaapl_01009.Wdf
[2012.12.21 01:53:18 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012.12.20 08:08:17 | 000,000,670 | ---- | M] () -- C:\Users\Florian\Desktop\Neuer Ordner (3) - Verknüpfung.lnk
[2012.12.17 22:40:49 | 000,001,668 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.12.17 22:22:55 | 000,001,730 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012.09.28 13:52:15 | 002,475,456 | ---- | M] (mquadr.at software engineering und consulting GmbH) -- C:\Windows\System32\M2ElevatedCalls.dll
[2012.08.08 10:02:10 | 000,243,197 | ---- | M] (mquadr.at software engineering & consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at) -- C:\Windows\System32\SSDPDiscovery.dll
[2012.08.07 23:56:45 | 000,031,533 | ---- | M] () -- C:\Users\Florian\Desktop\4591936.jpg
[2012.08.07 23:56:07 | 000,071,259 | ---- | M] () -- C:\Users\Florian\Desktop\2903533.jpg
[2012.08.07 23:55:50 | 000,043,287 | ---- | M] () -- C:\Users\Florian\Desktop\2903540.jpg
[2012.08.07 23:53:58 | 000,675,315 | ---- | M] () -- C:\Users\Florian\Desktop\3845353.jpg
[2012.08.04 17:24:18 | 000,060,356 | ---- | M] () -- C:\Users\Florian\Desktop\6043236.jpg
[2012.08.04 17:16:00 | 000,007,970 | ---- | M] () -- C:\Users\Florian\Desktop\5895490.jpg
[2012.07.23 21:00:37 | 000,027,162 | ---- | M] () -- C:\Users\Florian\Desktop\6000854.jpg
[2012.07.23 20:59:31 | 000,038,969 | ---- | M] () -- C:\Users\Florian\Desktop\6000836.jpg
[2012.07.10 17:21:43 | 000,065,590 | ---- | M] () -- C:\Users\Florian\Desktop\1418812,VFHJJo+VX6IWCwATQu8H7issBkTYv_t71xtKhyDZxTztD_4Z5guq0D7MQ1qewVakZO_IGVlkJ+oYJiimAgrBCA==.jpg
[2012.06.26 14:24:50 | 000,238,080 | ---- | M] (Nicomsoft Ltd.) -- C:\Windows\System32\WiFiMan.dll
[2012.06.23 19:47:19 | 000,190,832 | ---- | M] () -- C:\Users\Florian\Desktop\1266740121_9edb931ee9c89847e572245ecc180ffb.jpg
[2012.06.06 08:49:52 | 001,070,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCTL.OCX
========== Files Created - No Company Name ==========
[2013.05.09 07:58:24 | 012,917,756 | R--- | C] () -- C:\Users\Florian\Desktop\mbar-1.05.0.1001.zip
[2013.05.06 19:08:54 | 000,001,851 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.05.06 18:52:27 | 002,083,256 | ---- | C] () -- C:\Users\Florian\Desktop\avira_antivirus_premium.exe
[2013.05.06 18:43:21 | 000,227,096 | ---- | C] () -- C:\Users\Florian\Desktop\avira_registry_cleaner_de.exe
[2013.05.01 16:15:34 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.01 16:12:28 | 000,001,896 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2013.05.01 16:12:28 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2013.05.01 10:20:09 | 135,507,981 | R--- | C] () -- C:\Users\Florian\Desktop\Windows6.0-KB947821-v26-x86.msu
[2013.04.24 20:04:14 | 000,001,860 | ---- | C] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
[2013.04.24 20:02:19 | 000,002,137 | ---- | C] () -- C:\Users\Public\Desktop\Canon MG5100 series Online-Handbuch.lnk
[2013.04.24 19:59:33 | 000,012,800 | ---- | C] () -- C:\Windows\System32\CNC1748D.TBL
[2013.04.23 17:46:01 | 000,890,815 | ---- | C] () -- C:\Users\Florian\Desktop\SecurityCheck.exe
[2013.04.22 17:01:04 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.04.22 17:01:04 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.04.22 17:01:04 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.04.22 17:01:04 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.04.22 17:01:04 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.04.20 17:25:38 | 000,613,083 | ---- | C] () -- C:\Users\Florian\Desktop\adw22cleaner.exe
[2013.04.20 09:02:50 | 3146,604,544 | -HS- | C] () -- C:\hiberfil.sys
[2013.04.19 19:50:17 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.04.19 19:12:30 | 000,003,994 | ---- | C] () -- C:\Users\Florian\Documents\cc_20130419_191226.reg
[2013.04.02 21:44:06 | 000,001,846 | ---- | C] () -- C:\Users\Public\Desktop\BILD-Steuer 2013.lnk
[2013.02.27 21:07:21 | 000,019,856 | ---- | C] () -- C:\Users\Florian\Desktop\5homerava.jpg
[2013.02.27 21:07:14 | 000,069,586 | ---- | C] () -- C:\Users\Florian\Desktop\5homerbanner.jpg
[2013.02.24 22:39:03 | 000,128,024 | ---- | C] () -- C:\Users\Florian\Desktop\film_050112.jpg
[2013.02.24 22:01:53 | 000,008,740 | ---- | C] () -- C:\Users\Florian\Desktop\BBava.jpg
[2013.02.24 22:01:53 | 000,002,690 | ---- | C] () -- C:\Users\Florian\.recently-used.xbel
[2013.02.24 22:01:14 | 000,025,917 | ---- | C] () -- C:\Users\Florian\Desktop\BBsig.jpg
[2013.02.24 16:46:54 | 000,956,153 | ---- | C] () -- C:\Users\Florian\Desktop\bb2.jpg
[2013.02.24 16:45:45 | 000,081,360 | ---- | C] () -- C:\Users\Florian\Desktop\bb1.jpg
[2013.02.11 20:37:44 | 000,072,910 | ---- | C] () -- C:\Users\Florian\Documents\cc_20130211_193742.reg
[2013.02.09 13:07:06 | 000,680,003 | ---- | C] () -- C:\Users\Florian\Desktop\vlcsnap-2012-02-09-00h28m13s59.png
[2013.02.09 13:06:08 | 000,055,789 | ---- | C] () -- C:\Users\Florian\Desktop\19868243.jpg-r_640_600-b_1_D6D6D6-f_jpg-q_x-xxyxx.jpg
[2013.02.09 12:48:05 | 000,160,355 | ---- | C] () -- C:\Users\Florian\Desktop\hdfg.jpg
[2013.01.21 18:13:32 | 000,112,386 | ---- | C] () -- C:\Users\Florian\Desktop\tKzun.jpg
[2012.12.21 01:53:24 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_netaapl_01009.Wdf
[2012.12.21 01:53:18 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012.12.17 22:40:49 | 000,001,668 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.12.17 22:22:55 | 000,001,730 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012.08.07 23:56:44 | 000,031,533 | ---- | C] () -- C:\Users\Florian\Desktop\4591936.jpg
[2012.08.07 23:56:06 | 000,071,259 | ---- | C] () -- C:\Users\Florian\Desktop\2903533.jpg
[2012.08.07 23:55:50 | 000,043,287 | ---- | C] () -- C:\Users\Florian\Desktop\2903540.jpg
[2012.08.07 23:53:57 | 000,675,315 | ---- | C] () -- C:\Users\Florian\Desktop\3845353.jpg
[2012.08.04 17:24:17 | 000,060,356 | ---- | C] () -- C:\Users\Florian\Desktop\6043236.jpg
[2012.08.04 17:15:23 | 000,007,970 | ---- | C] () -- C:\Users\Florian\Desktop\5895490.jpg
[2012.07.23 21:00:37 | 000,027,162 | ---- | C] () -- C:\Users\Florian\Desktop\6000854.jpg
[2012.07.23 20:59:29 | 000,038,969 | ---- | C] () -- C:\Users\Florian\Desktop\6000836.jpg
[2012.07.10 17:21:43 | 000,065,590 | ---- | C] () -- C:\Users\Florian\Desktop\1418812,VFHJJo+VX6IWCwATQu8H7issBkTYv_t71xtKhyDZxTztD_4Z5guq0D7MQ1qewVakZO_IGVlkJ+oYJiimAgrBCA==.jpg
[2012.06.23 19:46:57 | 000,190,832 | ---- | C] () -- C:\Users\Florian\Desktop\1266740121_9edb931ee9c89847e572245ecc180ffb.jpg
[2012.04.25 14:43:16 | 000,000,000 | ---- | C] () -- C:\Users\Florian\AppData\Roaming\wklnhst.dat
[2012.03.24 03:29:56 | 000,098,304 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2011.10.23 10:40:44 | 000,042,228 | ---- | C] () -- C:\Users\Florian\AppData\Roaming\UserTile.png
[2010.08.09 11:14:11 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.09.26 12:39:16 | 000,113,152 | ---- | C] () -- C:\Users\Florian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.09.25 16:38:53 | 000,007,052 | ---- | C] () -- C:\Users\Florian\AppData\Local\d3d9caps.dat
========== ZeroAccess Check ==========
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011.01.21 17:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.08.07 01:19:28 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.01.21 04:24:03 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2009.08.06 16:48:06 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Acer GameZone Console
[2009.08.06 16:48:06 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Acer GameZone Console
[2009.08.06 16:48:06 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Acer GameZone Console
[2009.09.26 18:45:14 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\eSobi
[2013.02.24 22:01:53 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\gtk-2.0
[2012.03.24 03:31:43 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\OpenOffice.org
[2010.02.21 18:20:57 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\PowerCinema
[2010.02.14 21:38:45 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\SoftDMA
[2012.04.25 14:43:24 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Template
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2013.04.22 17:15:49 | 000,000,000 | ---D | M] -- C:\$RECYCLE.BIN
[2010.04.15 14:10:18 | 000,000,000 | ---D | M] -- C:\20ce73b0f6f790a6f0
[2013.04.30 19:17:27 | 000,000,000 | ---D | M] -- C:\234d9d863bd674208df9d5f0
[2009.11.12 08:38:04 | 000,000,000 | ---D | M] -- C:\6505939a4898187c176a068b227c
[2013.05.01 10:22:16 | 000,000,000 | ---D | M] -- C:\6752125179c0fb3bece9642ddb5c508a
[2009.09.25 16:36:51 | 000,000,000 | ---D | M] -- C:\Acer
[2010.06.28 07:32:04 | 000,000,000 | ---D | M] -- C:\b2fe30d0abb95a6b1a7403
[2009.08.07 01:23:28 | 000,000,000 | ---D | M] -- C:\Book
[2009.03.12 17:11:31 | 000,000,000 | ---D | M] -- C:\Boot
[2013.05.05 09:40:13 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2010.01.13 17:21:53 | 000,000,000 | ---D | M] -- C:\CTO_WIN
[2009.09.25 16:35:51 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2013.01.06 20:05:30 | 000,000,000 | ---D | M] -- C:\e3325eb776f235f14eea34d9
[2009.09.25 16:39:29 | 000,000,000 | ---D | M] -- C:\Elements
[2009.02.11 22:12:45 | 000,000,000 | ---D | M] -- C:\Intel
[2012.04.27 10:08:38 | 000,000,000 | R--D | M] -- C:\MSOCache
[2008.01.21 04:32:31 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2013.05.06 19:08:19 | 000,000,000 | R--D | M] -- C:\Program Files
[2013.05.06 18:57:57 | 000,000,000 | ---D | M] -- C:\ProgramData
[2009.09.25 16:35:51 | 000,000,000 | -HSD | M] -- C:\Programme
[2013.04.22 17:23:07 | 000,000,000 | ---D | M] -- C:\Qoobox
[2013.05.11 11:14:58 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2009.09.25 16:36:09 | 000,000,000 | R--D | M] -- C:\Users
[2013.05.01 10:51:28 | 000,000,000 | ---D | M] -- C:\Windows
< %SYSTEMDRIVE%\*.* >
[2013.04.20 17:28:59 | 000,013,996 | ---- | M] () -- C:\AdwCleaner[S1].txt
[2006.09.18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2008.01.21 04:24:42 | 000,333,203 | RHS- | M] () -- C:\bootmgr
[2008.02.06 01:25:41 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2013.04.22 17:23:03 | 000,010,328 | ---- | M] () -- C:\ComboFix.txt
[2006.09.18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2013.05.11 11:03:50 | 3146,604,544 | -HS- | M] () -- C:\hiberfil.sys
[2010.01.13 17:21:17 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010.01.13 17:21:17 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2013.05.11 11:03:49 | 3460,395,008 | -HS- | M] () -- C:\pagefile.sys
[2009.07.24 18:35:06 | 000,012,479 | -HS- | M] () -- C:\Patch.rev
[2009.03.12 15:05:01 | 000,000,147 | RHS- | M] () -- C:\Preload.rev
[2009.08.06 16:38:25 | 000,002,498 | ---- | M] () -- C:\RHDSetup.log
[2013.05.10 09:44:16 | 000,122,292 | ---- | M] () -- C:\TDSSKiller.2.8.16.0_10.05.2013_09.43.12_log.txt
< %PROGRAMFILES%\*.* >
[2008.01.21 04:43:21 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
Invalid Environment Variable: PROGRAMFILES(X86)
< %appdata%\*. >
[2009.08.06 16:48:06 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Acer GameZone Console
[2009.09.26 16:08:29 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Adobe
[2013.02.11 17:04:02 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Apple Computer
[2013.05.06 19:09:35 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Avira
[2010.02.14 21:38:31 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\CyberLink
[2011.09.18 15:56:12 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\dvdcss
[2009.09.26 18:45:14 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\eSobi
[2009.09.26 01:01:50 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Google
[2013.02.24 22:01:53 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\gtk-2.0
[2009.09.25 16:36:59 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Identities
[2009.09.25 16:38:00 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Macromedia
[2013.04.19 19:50:27 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Media Center Programs
[2013.05.01 16:20:21 | 000,000,000 | --SD | M] -- C:\Users\Florian\AppData\Roaming\Microsoft
[2009.09.25 16:55:35 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Mozilla
[2012.04.17 19:05:52 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Nero
[2012.03.24 03:31:43 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\OpenOffice.org
[2010.02.21 18:20:57 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\PowerCinema
[2012.04.26 19:48:29 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Skype
[2012.03.14 22:55:05 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\skypePM
[2010.02.14 21:38:45 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\SoftDMA
[2012.04.25 14:43:24 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Template
[2012.03.16 00:12:41 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\vlc
< %appdata%\*.* >
[2011.10.23 10:40:44 | 000,042,228 | ---- | M] () -- C:\Users\Florian\AppData\Roaming\UserTile.png
[2012.04.25 14:43:16 | 000,000,000 | ---- | M] () -- C:\Users\Florian\AppData\Roaming\wklnhst.dat
< %localappdata%\*. >
[2013.04.02 21:45:30 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Local\AAV
[2010.02.14 21:38:31 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Local\Acer Arcade Deluxe
[2009.09.25 16:38:34 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Local\Acer ePower Management V4
[2013.05.01 16:01:22 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Local\Adobe
[2009.09.25 16:36:11 | 000,000,000 | -HSD | M] -- C:\Users\Florian\AppData\Local\Anwendungsdaten
[2010.03.21 17:19:09 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Local\Apple
[2012.04.20 13:04:47 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Local\Apple Computer
[2010.02.14 21:38:44 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Local\CyberLink
[2013.01.19 19:05:12 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Local\DTAG
[2009.09.25 16:38:02 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Local\EgisTec
[2012.04.26 14:12:49 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Local\Google
[2013.05.01 16:20:21 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Local\Macromedia
[2013.05.01 16:20:21 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Local\Microsoft
[2010.01.17 23:26:02 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Local\Microsoft Help
[2009.09.25 16:53:15 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Local\Mozilla
[2013.01.19 19:06:21 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Local\mquadr.at
[2010.02.14 21:39:38 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Local\PlayMovie
[2013.05.11 11:08:13 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Local\temp
[2009.09.25 16:36:11 | 000,000,000 | -HSD | M] -- C:\Users\Florian\AppData\Local\Temporary Internet Files
[2009.09.25 16:36:11 | 000,000,000 | -HSD | M] -- C:\Users\Florian\AppData\Local\Verlauf
[2010.09.25 00:42:42 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Local\VirtualStore
< %localappdata%\*.* >
[2013.05.09 07:51:12 | 000,007,052 | ---- | M] () -- C:\Users\Florian\AppData\Local\d3d9caps.dat
[2013.04.13 15:35:01 | 000,113,152 | ---- | M] () -- C:\Users\Florian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.04.27 11:43:17 | 000,093,928 | ---- | M] () -- C:\Users\Florian\AppData\Local\GDIPFONTCACHEV1.DAT
[2013.05.11 11:00:58 | 002,056,049 | -H-- | M] () -- C:\Users\Florian\AppData\Local\IconCache.db
< %allusersprofile%\*. >
[2012.12.17 22:40:38 | 000,000,000 | ---D | M] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013.04.09 17:41:11 | 000,000,000 | ---D | M] -- C:\ProgramData\AAV
[2009.08.06 16:48:06 | 000,000,000 | ---D | M] -- C:\ProgramData\Acer GameZone Console
[2013.05.01 16:16:37 | 000,000,000 | ---D | M] -- C:\ProgramData\Adobe
[2009.09.25 16:35:51 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2011.09.01 10:04:45 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple
[2010.03.21 17:26:59 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple Computer
[2013.05.06 19:08:19 | 000,000,000 | ---D | M] -- C:\ProgramData\Avira
[2012.03.24 16:11:24 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonBJ
[2013.04.26 07:46:13 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonEPP
[2013.04.26 07:46:13 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJEPPEX2
[2013.04.24 20:04:31 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonIJMSetup
[2013.04.26 07:45:20 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJMyPrinter
[2013.05.06 18:57:06 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonIJPLM
[2013.04.26 07:46:44 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJSolutionMenuEX
[2013.04.24 20:04:12 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonIJWSpt
[2010.02.21 18:21:01 | 000,000,000 | ---D | M] -- C:\ProgramData\CyberLink
[2009.09.25 16:35:51 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2009.09.25 16:35:51 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2009.09.25 16:38:02 | 000,000,000 | ---D | M] -- C:\ProgramData\EgisTec
[2009.08.06 16:46:46 | 000,000,000 | ---D | M] -- C:\ProgramData\eSobi
[2009.09.25 16:35:51 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2012.04.26 14:12:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Google
[2010.03.29 17:41:58 | 000,000,000 | ---D | M] -- C:\ProgramData\hps
[2013.04.19 19:50:17 | 000,000,000 | ---D | M] -- C:\ProgramData\Malwarebytes
[2012.04.26 11:47:48 | 000,000,000 | ---D | M] -- C:\ProgramData\McAfee
[2012.12.17 22:09:16 | 000,000,000 | --SD | M] -- C:\ProgramData\Microsoft
[2013.04.16 17:30:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft Help
[2013.05.01 16:05:24 | 000,000,000 | ---D | M] -- C:\ProgramData\Mozilla
[2013.01.19 19:06:21 | 000,000,000 | ---D | M] -- C:\ProgramData\mquadr.at
[2010.03.10 21:49:16 | 000,000,000 | ---D | M] -- C:\ProgramData\Nero
[2009.03.12 04:58:48 | 000,000,000 | ---D | M] -- C:\ProgramData\SiteAdvisor
[2012.04.26 19:48:45 | 000,000,000 | ---D | M] -- C:\ProgramData\Skype
[2009.09.25 16:35:51 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2012.03.24 03:23:31 | 000,000,000 | ---D | M] -- C:\ProgramData\Sun
[2009.03.12 05:26:55 | 000,000,000 | ---D | M] -- C:\ProgramData\Temp
[2009.09.25 16:35:51 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2011.10.23 10:48:46 | 000,000,000 | ---D | M] -- C:\ProgramData\WindowsSearch
[2010.08.20 11:21:20 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.03.21 17:28:08 | 000,000,000 | ---D | M] -- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
< %allusersprofile%\*.* >
[2009.08.06 16:47:42 | 000,004,536 | ---- | M] () -- C:\ProgramData\ArcadeDeluxe2.log
[2010.08.09 11:14:11 | 000,000,048 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
< >
[2006.11.02 15:01:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006.11.02 15:01:49 | 000,032,592 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.02.09 20:35:47 | 000,001,094 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2010.02.09 20:35:48 | 000,001,098 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.05.01 16:15:34 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
< End of report > |