So,...
Die OTL Datei: Code:
OTL logfile created on: 11.04.2013 17:10:17 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\kitte\Downloads
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
749,46 Mb Total Physical Memory | 102,19 Mb Available Physical Memory | 13,64% Memory free
1,73 Gb Paging File | 0,81 Gb Available in Paging File | 46,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 100,00 Gb Total Space | 52,75 Gb Free Space | 52,75% Space Free | Partition Type: NTFS
Drive D: | 183,07 Gb Total Space | 182,52 Gb Free Space | 99,70% Space Free | Partition Type: NTFS
Computer Name: *****-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.04.08 21:07:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\kitte\Downloads\OTL.exe
PRC - [2013.03.30 22:25:55 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2013.03.30 22:25:39 | 000,565,472 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
PRC - [2013.03.30 22:25:39 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013.03.30 22:25:38 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.03.30 22:25:38 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.03.20 12:55:48 | 000,162,856 | ---- | M] (Geek Software GmbH) -- C:\Program Files\PDF24\pdf24.exe
PRC - [2013.02.20 13:35:28 | 000,152,392 | ---- | M] (Apple Inc.) -- D:\iTunesHelper.exe
PRC - [2012.11.30 04:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.08.13 12:08:08 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2012.08.13 12:08:08 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2011.10.01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.08.09 01:49:08 | 001,263,024 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\HotkeyService\HotkeyService.exe
PRC - [2011.08.09 01:49:00 | 000,101,800 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe
PRC - [2011.08.09 01:48:20 | 000,224,680 | ---- | M] () -- C:\Windows\System32\AsusService.exe
PRC - [2011.07.21 09:46:32 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2011.07.20 14:10:10 | 000,401,408 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011.07.20 14:09:40 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011.07.12 23:06:24 | 000,045,448 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
PRC - [2011.06.16 03:37:58 | 000,100,992 | ---- | M] (ASUS) -- C:\Program Files\Common Files\InstantOn\InsOnWMI.exe
PRC - [2011.06.03 00:11:06 | 000,064,128 | ---- | M] (ASUS) -- C:\Program Files\Common Files\InstantOn\InsOnSrv.exe
PRC - [2011.04.14 20:23:12 | 000,419,504 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\Asus\Eee Docking\Eee Docking.exe
PRC - [2011.03.25 18:55:16 | 000,091,464 | ---- | M] () -- C:\ExpressGateUtil\VAWinService.exe
PRC - [2011.02.25 20:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.01.27 03:15:08 | 000,413,112 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\SHE\SuperHybridEngine.exe
PRC - [2010.11.15 22:27:22 | 000,445,344 | ---- | M] (ASUS) -- C:\Program Files\ASUS\CapsHook\CapsHook.exe
PRC - [2010.09.17 10:32:44 | 000,197,968 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
PRC - [2010.09.17 10:32:44 | 000,161,104 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
PRC - [2010.06.10 09:57:18 | 000,548,744 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDCtrl.exe
PRC - [2010.04.07 07:16:52 | 001,599,880 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDCtrlHelper.exe
========== Modules (No Company Name) ==========
MOD - [2013.03.19 17:13:37 | 000,240,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\78967b28f748b8807eaa97c1cb454adc\WindowsFormsIntegration.ni.dll
MOD - [2013.03.19 17:08:07 | 000,368,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013.03.19 17:07:13 | 001,670,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\7366a39c36523a084bc11c230929ff92\Microsoft.VisualBasic.ni.dll
MOD - [2013.03.19 17:06:19 | 014,340,608 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
MOD - [2013.03.19 16:51:48 | 012,237,824 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
MOD - [2013.03.19 16:51:14 | 003,347,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013.03.19 16:50:39 | 002,297,856 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll
MOD - [2013.03.19 16:47:00 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013.03.19 16:46:36 | 011,833,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll
MOD - [2013.03.19 16:45:32 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013.03.19 16:45:01 | 001,592,832 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.03.19 16:44:48 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.03.19 16:44:37 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013.03.19 16:44:24 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.03.19 16:44:00 | 011,493,376 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2013.01.28 14:08:56 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013.01.28 14:08:28 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012.08.10 17:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2011.07.21 09:46:40 | 000,095,232 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
MOD - [2011.07.21 09:35:56 | 000,243,712 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2011.07.12 23:06:24 | 000,045,448 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
MOD - [2011.03.15 00:21:10 | 000,016,384 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2011.02.16 17:29:11 | 000,212,992 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2011.02.16 17:29:03 | 000,249,856 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2011.02.16 17:29:03 | 000,110,592 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_de_31bf3856ad364e35\PresentationCore.resources.dll
MOD - [2010.11.13 01:19:05 | 000,434,176 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010.11.13 01:19:04 | 000,315,392 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.09.02 13:08:00 | 000,118,784 | ---- | M] () -- C:\PROGRA~1\ASUS\ASUSWE~1\30102~1.211\ASUSWS~1.DLL
========== Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV - [2013.03.30 22:25:55 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.03.30 22:25:39 | 000,565,472 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2013.03.30 22:25:38 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.03.08 09:50:45 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011.10.01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.08.09 01:48:20 | 000,224,680 | ---- | M] () [Auto | Running] -- C:\Windows\System32\AsusService.exe -- (AsusService)
SRV - [2011.07.21 09:46:32 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2011.07.20 14:09:40 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011.06.03 00:11:06 | 000,064,128 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\Common Files\InstantOn\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2011.03.25 18:55:16 | 000,091,464 | ---- | M] () [Auto | Running] -- C:\ExpressGateUtil\VAWinService.exe -- (VideAceWindowsService)
SRV - [2011.03.02 07:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.02.25 20:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010.09.17 10:32:44 | 000,161,104 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Titanium\TiMiniService.exe -- (TiMiniService)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - [2013.03.30 22:26:06 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2013.03.30 22:26:06 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013.03.30 22:26:06 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.08.27 15:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2011.10.01 09:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2011.10.01 09:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2011.10.01 09:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2011.10.01 09:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2011.07.20 16:39:22 | 007,811,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011.07.20 13:33:12 | 000,245,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010.11.20 12:24:42 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 12:24:42 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010.11.20 11:59:46 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.16 20:34:24 | 000,101,392 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2010.11.04 12:52:50 | 000,064,128 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_sata.sys -- (amd_sata)
DRV - [2010.11.04 12:52:50 | 000,032,384 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_xata.sys -- (amd_xata)
DRV - [2010.09.27 09:23:58 | 000,068,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2010.09.17 10:32:48 | 000,189,520 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2010.09.17 10:32:48 | 000,092,112 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2010.09.17 10:32:48 | 000,080,464 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmactmon.sys -- (tmactmon)
DRV - [2010.09.17 10:32:48 | 000,064,080 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV - [2010.08.03 07:20:56 | 000,011,832 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsUpIO.sys -- (AsUpIO)
DRV - [2010.06.28 07:24:00 | 000,011,456 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO)
DRV - [2010.03.02 17:43:20 | 001,263,104 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2010.02.18 19:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2009.07.20 11:29:40 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP07&src=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://eeepc.asus.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://eeepc.asus.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP07&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{F8419A54-D119-4E1B-BC5A-E9DFB14125B4}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10267&src=kw&q={searchTerms}&locale=de_NL&apn_ptnrs=^AGY&apn_dtid=^YYYYYY^YY^NL&apn_uid=275d5fe8-4042-47cc-bca4-3bda82c2747b&apn_sauid=104383A4-0504-4694-BEE5-2DFB27E76722
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ [2011.11.10 01:03:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013.03.29 10:09:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2013.04.04 13:43:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files\ASUS\ASUS WebStorage\3.0.102.211\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [CapsHook] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [HotkeyMon] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HotkeyService] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [iTunesHelper] D:\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LiveUpdate] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SuperHybridEngine] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe ()
O4 - HKLM..\Run: [VizorHtmlDialog.exe] C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe (Trend Micro Inc.)
O4 - HKLM..\RunOnce: [*ForceDelete] C:\Users\kitte\Downloads\adwcleaner.exe ()
O4 - HKLM..\RunOnce: [Z1] C:\windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [DeleteOnReboot] C:\Windows\DeleteOnReboot.bat ()
O4 - HKCU..\RunOnce: [JRTcleanup] C:\JRT\JRT.bat ()
O4 - HKCU..\RunOnce: [Report] \AdwCleaner[S1].txt ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5DE7592A-F969-490A-806E-24783E17EE4A}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O20 - AppInit_DLLs: (c:\progra~2\browse~1\261125~1.80\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.04.11 12:48:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.04.11 09:24:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2013.04.11 09:23:36 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP
[2013.04.11 09:19:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
[2013.04.11 09:18:17 | 000,000,000 | ---D | C] -- C:\Program Files\PDF24
[2013.04.11 09:17:45 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Programs
[2013.04.11 07:46:07 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013.04.11 07:34:41 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2013.04.11 07:34:37 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2013.04.11 07:34:35 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2013.04.11 07:34:34 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
[2013.04.11 07:34:33 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2013.04.11 07:34:28 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
[2013.04.11 07:34:28 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll
[2013.04.11 07:34:23 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
[2013.04.10 19:29:10 | 002,347,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2013.04.08 21:16:43 | 000,000,000 | ---D | C] -- C:\windows\ERUNT
[2013.04.08 21:14:07 | 000,000,000 | ---D | C] -- C:\JRT
[2013.04.04 20:12:44 | 000,000,000 | ---D | C] -- C:\TEMP
[2013.04.04 13:43:52 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserProtect
[2013.04.04 13:43:32 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.03.29 10:12:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
[2013.03.29 10:12:43 | 000,000,000 | ---D | C] -- C:\Program Files\MozBackup
[2013.03.29 10:09:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013.03.29 10:09:38 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013.03.29 10:09:13 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2013.03.27 11:48:42 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\RadiantViewer
[2013.03.27 11:48:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RadiAnt DICOM Viewer
[2013.03.27 11:48:35 | 000,000,000 | ---D | C] -- C:\ProgramData\RadiAntViewer
[2013.03.25 01:27:28 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.03.24 21:38:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BewerbungsMaster
[2013.03.24 19:49:18 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\SoftGrid Client
[2013.03.24 19:49:07 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\SoftGrid Client
[2013.03.22 22:29:23 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2013.03.22 14:17:18 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\BewerbungsMaster
[2013.03.22 14:17:18 | 000,000,000 | ---D | C] -- C:\ProgramData\BewerbungsMaster
[2013.03.22 14:16:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BewerbungsMaster
[2013.03.22 14:10:30 | 000,000,000 | ---D | C] -- C:\Program Files\BEWERBUNGSMASTER
[2013.03.22 14:10:11 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\windows\Setup1.exe
[2013.03.22 14:09:53 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\windows\ST6UNST.EXE
[2013.03.22 14:04:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch)
[2013.03.22 13:57:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013.03.22 13:57:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Application Virtualization Client
[2013.03.22 13:54:15 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\TP
[2013.03.21 16:01:23 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.03.21 15:57:54 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Apple Computer
[2013.03.21 15:57:28 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium
[2013.03.21 15:55:34 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\VirtualStore
[2013.03.18 15:56:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013.03.18 15:56:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013.03.18 15:54:07 | 000,861,088 | ---- | C] (Oracle Corporation) -- C:\windows\System32\npDeployJava1.dll
[2013.03.18 15:54:07 | 000,782,240 | ---- | C] (Oracle Corporation) -- C:\windows\System32\deployJava1.dll
[2013.03.18 15:54:07 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\windows\System32\javaws.exe
[2013.03.18 15:53:08 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\windows\System32\javaw.exe
[2013.03.18 15:53:08 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\windows\System32\java.exe
[2013.03.18 15:53:08 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\windows\System32\WindowsAccessBridge.dll
[2013.03.18 15:52:09 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.03.18 10:38:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.03.18 10:36:31 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.03.18 10:36:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013.03.18 10:36:26 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013.03.18 10:32:00 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Apple
[2013.03.18 10:31:48 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2013.03.18 10:29:18 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013.03.18 10:28:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013.03.18 10:28:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013.03.18 09:59:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2013.03.17 19:05:50 | 000,000,000 | -H-D | C] -- C:\windows\System32\CanonIJ Uninstaller Information
[2013.03.17 19:05:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP540 series
[2013.03.17 19:05:36 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2013.03.17 19:02:19 | 000,230,912 | ---- | C] (CANON INC.) -- C:\windows\System32\CNMLM9E.DLL
[2013.03.17 19:01:32 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2013.03.17 19:01:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2013.03.17 19:01:28 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2013.03.16 19:58:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.03.16 19:57:53 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Google
[2013.03.16 19:57:53 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013.03.16 19:50:27 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Vorlagen
[2013.03.16 19:50:27 | 000,000,000 | -HSD | C] -- C:\Users\Admin\AppData\Local\Verlauf
[2013.03.16 19:50:27 | 000,000,000 | -HSD | C] -- C:\Users\Admin\AppData\Local\Temporary Internet Files
[2013.03.16 19:50:27 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Startmenü
[2013.03.16 19:50:27 | 000,000,000 | -HSD | C] -- C:\Users\Admin\SendTo
[2013.03.16 19:50:27 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Recent
[2013.03.16 19:50:27 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Lokale Einstellungen
[2013.03.16 19:50:27 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Druckumgebung
[2013.03.16 19:50:27 | 000,000,000 | -HSD | C] -- C:\Users\Admin\AppData\Local\Anwendungsdaten
[2013.03.16 19:50:26 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Netzwerkumgebung
[2013.03.16 19:50:26 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Documents\Eigene Videos
[2013.03.16 19:50:26 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Documents\Eigene Musik
[2013.03.16 19:50:26 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Eigene Dateien
[2013.03.16 19:50:26 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Documents\Eigene Bilder
[2013.03.16 19:50:26 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Cookies
[2013.03.16 19:50:26 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Anwendungsdaten
[2013.03.16 19:50:16 | 000,000,000 | --SD | C] -- C:\Users\Admin\AppData\Roaming\Microsoft
[2013.03.16 19:50:16 | 000,000,000 | R--D | C] -- C:\Users\Admin\Videos
[2013.03.16 19:50:16 | 000,000,000 | R--D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013.03.16 19:50:16 | 000,000,000 | R--D | C] -- C:\Users\Admin\Searches
[2013.03.16 19:50:16 | 000,000,000 | R--D | C] -- C:\Users\Admin\Saved Games
[2013.03.16 19:50:16 | 000,000,000 | R--D | C] -- C:\Users\Admin\Pictures
[2013.03.16 19:50:16 | 000,000,000 | R--D | C] -- C:\Users\Admin\Music
[2013.03.16 19:50:16 | 000,000,000 | R--D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013.03.16 19:50:16 | 000,000,000 | R--D | C] -- C:\Users\Admin\Links
[2013.03.16 19:50:16 | 000,000,000 | R--D | C] -- C:\Users\Admin\Favorites
[2013.03.16 19:50:16 | 000,000,000 | R--D | C] -- C:\Users\Admin\Downloads
[2013.03.16 19:50:16 | 000,000,000 | R--D | C] -- C:\Users\Admin\Documents
[2013.03.16 19:50:16 | 000,000,000 | R--D | C] -- C:\Users\Admin\Desktop
[2013.03.16 19:50:16 | 000,000,000 | R--D | C] -- C:\Users\Admin\Contacts
[2013.03.16 19:50:16 | 000,000,000 | R--D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013.03.16 19:50:16 | 000,000,000 | R--D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013.03.16 19:50:16 | 000,000,000 | -H-D | C] -- C:\Users\Admin\AppData
[2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Windows Live
[2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Temp
[2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Microsoft
[2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Macromedia
[2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\InstallShield
[2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Identities
[2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\E-Cam
[2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\ATI
[2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\ATI
[2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Asus WebStorage
[2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\ASUS WebStorage
[2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\ASUS
[2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\AMD
[2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Adobe
[2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Adobe
[2013.03.15 22:48:29 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\atmfd.dll
[2013.03.15 22:48:29 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\System32\atmlib.dll
[2013.03.15 22:04:06 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\WdfLdr.sys
[2013.03.15 22:04:06 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Wdfres.dll
[2013.03.15 21:45:47 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WUDFPlatform.dll
[2013.03.15 21:45:44 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WUDFCoinstaller.dll
[2013.03.15 21:45:43 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WUDFx.dll
[2013.03.15 21:39:52 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\browserchoice.exe
[2013.03.15 21:11:27 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\usb8023.sys
[2013.03.15 21:10:56 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\RNDISMP.sys
[2013.03.15 21:09:42 | 000,187,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\FWPKCLNT.SYS
[2013.03.14 22:58:04 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dpnet.dll
[2013.03.14 22:50:07 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\OxpsConverter.exe
[2013.03.14 22:49:35 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\timedate.cpl
[2013.03.14 22:48:39 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe
[2013.03.14 22:48:33 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe
[2013.03.14 22:48:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msxml3r.dll
[2013.03.14 22:46:18 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ncsi.dll
[2013.03.14 22:46:17 | 000,240,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\netio.sys
[2013.03.14 22:46:14 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\netcorehc.dll
[2013.03.14 22:46:08 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\netevent.dll
[2013.03.14 22:40:30 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\packager.dll
[2013.03.14 22:34:03 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\conhost.exe
[2013.03.14 22:33:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.03.14 22:33:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2013.03.14 22:33:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2013.03.14 22:33:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.03.14 22:33:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2013.03.14 22:33:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.03.14 22:33:29 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2013.03.14 22:33:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.03.14 22:33:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.03.14 22:33:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2013.03.14 22:33:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2013.03.14 22:33:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2013.03.14 22:33:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2013.03.14 22:33:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2013.03.14 22:33:23 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-security-base-l1-1-0.dll
[2013.03.14 22:33:23 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-file-l1-1-0.dll
[2013.03.14 22:33:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-util-l1-1-0.dll
[2013.03.14 22:33:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-string-l1-1-0.dll
[2013.03.14 22:33:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2013.03.14 22:33:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-io-l1-1-0.dll
[2013.03.14 22:33:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2013.03.14 22:33:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2013.03.14 22:33:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.03.14 22:33:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2013.03.14 22:33:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2013.03.14 22:33:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2013.03.14 22:33:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2013.03.14 22:33:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-console-l1-1-0.dll
[2013.03.14 22:27:18 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\cdosys.dll
[2013.03.14 22:26:30 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\srcore.dll
[2013.03.14 22:26:23 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\EncDec.dll
[2013.03.14 22:26:14 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\browcli.dll
[2013.03.14 22:25:33 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\quartz.dll
[2013.03.14 22:25:31 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\qdvd.dll
[2013.03.14 22:25:24 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\csrsrv.dll
[2013.03.14 22:22:58 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\System32\oflc-nz.rs
[2013.03.14 22:22:57 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\System32\fpb.rs
[2013.03.14 22:22:57 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\System32\csrr.rs
[2013.03.14 22:22:57 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\System32\cob-au.rs
[2013.03.14 22:22:57 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\System32\djctq.rs
[2013.03.14 22:22:56 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\System32\pegibbfc.rs
[2013.03.14 22:22:56 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\System32\usk.rs
[2013.03.14 22:22:56 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\System32\grb.rs
[2013.03.14 22:22:56 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\System32\pegi.rs
[2013.03.14 22:22:55 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\gameux.dll
[2013.03.14 22:22:55 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Wpc.dll
[2013.03.14 22:22:55 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\System32\pegi-pt.rs
[2013.03.14 22:22:40 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\System32\cero.rs
[2013.03.14 22:22:40 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\System32\esrb.rs
[2013.03.14 22:22:40 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\System32\oflc.rs
[2013.03.14 22:22:40 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\System32\pegi-fi.rs
[2013.03.14 22:21:32 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ncrypt.dll
[2013.03.14 22:21:22 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\webio.dll
[2013.03.14 22:21:20 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sspisrv.dll
[2013.03.14 22:21:14 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpcorekmts.dll
[2013.03.14 22:21:14 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdrmemptylst.exe
[2013.03.14 22:21:13 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpwsx.dll
[2013.03.14 22:20:51 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\synceng.dll
[2013.03.14 22:20:19 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\taskhost.exe
[2013.03.14 22:20:14 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DWrite.dll
[2013.03.14 22:19:59 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dhcpcore6.dll
[2013.03.14 22:19:59 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dhcpcsvc6.dll
[2013.03.14 22:16:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tzres.dll
[2013.03.14 22:14:04 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winsrv.dll
[2013.03.14 21:06:51 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
[2013.03.14 21:00:25 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2013.03.14 20:00:20 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\dxgmms1.sys
[2013.03.14 19:37:16 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpcore.dll
[2013.03.14 18:57:39 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups2.dll
[2013.03.14 18:57:37 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wucltux.dll
[2013.03.14 18:54:42 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups.dll
[2013.03.14 18:54:41 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapi.dll
[2013.03.14 18:54:41 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wudriver.dll
[2013.03.14 18:53:35 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuwebv.dll
[2013.03.14 18:53:35 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapp.exe
[2013.03.14 18:46:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013.03.14 18:43:42 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\ssmdrv.sys
[2013.03.14 18:42:59 | 000,037,352 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\windows\System32\drivers\avkmgr.sys
[2013.03.14 18:42:58 | 000,135,136 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\windows\System32\drivers\avipbb.sys
[2013.03.14 18:42:56 | 000,084,744 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\windows\System32\drivers\avgntflt.sys
[2013.03.14 18:42:26 | 000,232,336 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MpSigStub.exe
[2013.03.14 18:42:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013.03.14 18:42:01 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2013.03.14 18:37:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013.03.14 18:37:42 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013.03.14 16:15:01 | 000,000,000 | ---D | C] -- C:\windows\ConfigSetRoot
[2013.03.14 16:14:40 | 000,000,000 | -H-D | C] -- C:\ExpressGateUtil
[2013.03.14 16:12:42 | 001,263,104 | ---- | C] (Atheros Communications, Inc.) -- C:\windows\System32\drivers\athr.sys
[2013.03.14 16:12:42 | 001,263,104 | ---- | C] (Atheros Communications, Inc.) -- C:\windows\System32\athr.sys
[2013.03.14 16:12:42 | 000,000,000 | ---D | C] -- C:\Program Files\Atheros
[2013.03.14 16:12:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2013.03.14 16:12:23 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech
[2013.03.14 16:09:20 | 000,000,000 | -HSD | C] -- C:\Recovery
[1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.04.11 17:14:04 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.11 17:14:04 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.11 17:04:44 | 000,001,092 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.11 17:04:31 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.04.11 17:04:21 | 589,393,920 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.11 17:03:02 | 000,001,096 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.11 17:02:34 | 000,000,097 | ---- | M] () -- C:\windows\DeleteOnReboot.bat
[2013.04.11 15:51:22 | 000,000,512 | ---- | M] () -- C:\Users\Admin\Desktop\MBR.dat
[2013.04.11 11:50:05 | 000,286,232 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2013.04.11 09:23:47 | 000,001,899 | ---- | M] () -- C:\Users\Admin\Desktop\CDBurnerXP.lnk
[2013.04.11 09:19:11 | 000,001,803 | ---- | M] () -- C:\Users\Public\Desktop\PDF24 Fax.lnk
[2013.04.08 20:04:18 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
[2013.04.04 18:31:15 | 000,666,022 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2013.04.04 18:31:15 | 000,627,864 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2013.04.04 18:31:15 | 000,133,944 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2013.04.04 18:31:15 | 000,110,326 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2013.03.30 22:26:06 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\System32\drivers\avipbb.sys
[2013.03.30 22:26:06 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\System32\drivers\avgntflt.sys
[2013.03.30 22:26:06 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\System32\drivers\avkmgr.sys
[2013.03.29 10:12:45 | 000,000,989 | ---- | M] () -- C:\Users\Public\Desktop\MozBackup.lnk
[2013.03.29 10:09:45 | 000,002,036 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2013.03.24 21:38:11 | 000,335,872 | ---- | M] (Microsoft Corporation) -- C:\windows\Setup1.exe
[2013.03.24 21:38:06 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\windows\ST6UNST.EXE
[2013.03.24 21:36:57 | 000,000,626 | ---- | M] () -- C:\windows\ST6UNST0.MIF
[2013.03.22 14:09:14 | 009,887,744 | ---- | M] () -- C:\Users\Admin\Desktop\master_3.8.exe
[2013.03.21 15:57:28 | 000,001,503 | ---- | M] () -- C:\Users\Admin\Desktop\Trend Micro Titanium.lnk
[2013.03.21 15:56:41 | 000,002,205 | ---- | M] () -- C:\Users\Admin\Desktop\Google Chrome.lnk
[2013.03.21 15:56:07 | 000,001,754 | ---- | M] () -- C:\Users\Public\Desktop\Browserwahl.lnk
[2013.03.18 15:52:43 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\windows\System32\WindowsAccessBridge.dll
[2013.03.18 15:52:39 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\windows\System32\javaws.exe
[2013.03.18 15:52:39 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\windows\System32\javaw.exe
[2013.03.18 15:52:38 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\windows\System32\npDeployJava1.dll
[2013.03.18 15:52:38 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\windows\System32\deployJava1.dll
[2013.03.18 15:52:38 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\windows\System32\java.exe
[2013.03.18 10:38:33 | 000,001,353 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.03.17 19:01:55 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\Canon Solution Menu.lnk
[2013.03.16 21:09:05 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013.03.15 08:05:00 | 000,150,011 | ---- | M] () -- C:\windows\System32\license.rtf
[2013.03.14 21:06:58 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2013.03.14 18:46:42 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.03.14 16:14:45 | 000,001,514 | ---- | M] () -- C:\Users\Public\Desktop\OS Switch.lnk
[2013.03.14 16:13:24 | 000,001,108 | ---- | M] () -- C:\Users\Public\Desktop\E-Manual.lnk
[1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.04.11 17:01:31 | 000,000,097 | ---- | C] () -- C:\windows\DeleteOnReboot.bat
[2013.04.11 15:51:22 | 000,000,512 | ---- | C] () -- C:\Users\Admin\Desktop\MBR.dat
[2013.04.11 09:23:47 | 000,001,899 | ---- | C] () -- C:\Users\Admin\Desktop\CDBurnerXP.lnk
[2013.04.11 09:23:47 | 000,001,849 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2013.04.11 09:19:11 | 000,001,803 | ---- | C] () -- C:\Users\Public\Desktop\PDF24 Fax.lnk
[2013.04.08 20:04:18 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
[2013.03.29 10:12:45 | 000,000,989 | ---- | C] () -- C:\Users\Public\Desktop\MozBackup.lnk
[2013.03.29 10:09:45 | 000,002,036 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2013.03.29 10:09:44 | 000,002,048 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2013.03.24 21:36:42 | 000,000,626 | ---- | C] () -- C:\windows\ST6UNST0.MIF
[2013.03.22 14:09:04 | 009,887,744 | ---- | C] () -- C:\Users\Admin\Desktop\master_3.8.exe
[2013.03.21 15:57:28 | 000,001,503 | ---- | C] () -- C:\Users\Admin\Desktop\Trend Micro Titanium.lnk
[2013.03.21 15:56:51 | 000,001,413 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.03.21 15:56:41 | 000,002,205 | ---- | C] () -- C:\Users\Admin\Desktop\Google Chrome.lnk
[2013.03.21 15:56:07 | 000,001,754 | ---- | C] () -- C:\Users\Public\Desktop\Browserwahl.lnk
[2013.03.18 10:38:33 | 000,001,353 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.03.18 10:31:50 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013.03.17 19:01:55 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\Canon Solution Menu.lnk
[2013.03.16 21:09:05 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013.03.16 19:58:01 | 000,001,096 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.16 19:57:59 | 000,001,092 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.15 22:04:16 | 000,000,003 | ---- | C] () -- C:\windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013.03.15 21:45:42 | 000,000,003 | ---- | C] () -- C:\windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013.03.14 21:06:58 | 000,001,130 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2013.03.14 18:46:42 | 000,002,016 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.03.14 16:15:36 | 000,005,576 | ---- | C] () -- C:\windows\Language.ini
[2013.03.14 16:14:45 | 000,001,514 | ---- | C] () -- C:\Users\Public\Desktop\OS Switch.lnk
[2013.03.14 16:13:24 | 000,001,108 | ---- | C] () -- C:\Users\Public\Desktop\E-Manual.lnk
[2013.03.14 16:12:42 | 000,328,429 | ---- | C] () -- C:\windows\System32\netathr.inf
[2013.03.14 16:12:42 | 000,053,352 | ---- | C] () -- C:\windows\System32\athrext.cat
[2011.11.10 00:44:11 | 000,224,680 | ---- | C] () -- C:\windows\System32\AsusService.exe
[2011.11.10 00:44:11 | 000,025,616 | ---- | C] () -- C:\windows\AsAcpiSvrLang.ini
[2011.11.10 00:42:15 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2011.11.10 00:40:53 | 000,011,832 | ---- | C] () -- C:\windows\System32\drivers\AsUpIO.sys
[2011.11.10 00:40:51 | 000,011,456 | ---- | C] () -- C:\windows\System32\drivers\AsIO.sys
[2011.11.10 00:40:25 | 000,000,873 | ---- | C] () -- C:\windows\Reboot.ini
[2011.11.10 00:39:49 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2011.11.10 00:35:38 | 000,004,692 | ---- | C] () -- C:\windows\System32\drivers\SamSfPa.dat
[2011.11.10 00:35:38 | 000,000,008 | ---- | C] () -- C:\windows\System32\drivers\rtkhdaud.dat
[2011.11.07 11:05:16 | 000,003,929 | ---- | C] () -- C:\windows\System32\atipblag.dat
[2011.11.07 11:05:14 | 000,233,765 | ---- | C] () -- C:\windows\System32\atiicdxx.dat
[2011.11.07 10:39:57 | 000,013,880 | ---- | C] ( ) -- C:\windows\System32\drivers\kbfiltr.sys
[2011.07.21 10:21:00 | 000,059,904 | ---- | C] () -- C:\windows\System32\OVDecode.dll
========== ZeroAccess Check ==========
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Files - Unicode (All) ==========
[2013.03.14 16:16:18 | 000,000,059 | ---- | M] ()(C:\windows\System32\??) -- C:\windows\System32\Ȑ
[2013.03.14 16:16:18 | 000,000,059 | ---- | C] ()(C:\windows\System32\??) -- C:\windows\System32\Ȑ
========== Alternate Data Streams ==========
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:AB689DEA
< End of report >
Die anderen 2 Programme haben wahrscheinlich Logs erstellt und auf dem Desktop gespeichert, aber ich kann diese dort nicht sehen!
Die anderen Logs von heute waren auch nicht sichtbar, aber ich konnte wenn ich das Programm zum 2 Mal öffnete und auf save drückte die Datei sehen und mit rechtsklick öffnen oder Anzeigen drücken und dann den Inhalt kopieren.
Delta Search ist jetzt auch verschwunden.
Wie kann ich die .txt Dateien sehen, wenn diese da sind aber nicht erkennbar ohne Tricks? |
GMER herunter: (Dateiname zufällig) 
Tauchen Probleme auf? 
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
aswMBR.exe und speichere die Datei auf deinem Desktop.
TDSSKiller.exe und speichere diese Datei auf dem Desktop
AdwCleaner auf deinen Desktop.
