Programme scheinen in Ordner "Program Data" verschoben zu sein - außerdem: Shared key to keep this from being removed with install/uninstall

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by ***** (administrator) on PAPABOOK on 07-04-2014 03:02:46
Running from C:\Users\*****\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(AVM Berlin) C:\Program Files (x86)\FRITZ!Box-Kindersicherung\avmident.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
() C:\ExpressGateUtil\VAWinService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Adobe Systems, Inc.) C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(syncables, LLC) C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
(ScanSoft, Inc.) C:\Program Files (x86)\ScanSoft\OmniPageSE2.0\opwareSE2.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Mozilla Corporation) C:\Users\*****\AppData\Local\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelTBRunOnce] - wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2168424 2010-10-13] (Realtek Semiconductor)
HKLM\...\Run: [IntelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1931024 2010-07-20] (Intel(R) Corporation)
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324096 2010-05-03] (Alcor Micro Corp.)
HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-06-10] (ELAN Microelectronic Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11485800 2010-10-13] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [477600 2013-01-24] (Adobe Systems Incorporated)
HKLM\...\Run: [] - [X]
HKLM\...\Run: [AdAwareTray] - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe [4114264 2014-01-23] ()
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [OpwareSE2] - C:\Program Files (x86)\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [49152 2003-05-08] (ScanSoft, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2013-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2013-12-18] (Adobe Systems Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [FUFAXSTM] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [847872 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [559696 2013-09-27] (Lavasoft)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3379123602-2794455321-361650133-1000\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
HKU\S-1-5-21-3379123602-2794455321-361650133-1000\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-3379123602-2794455321-361650133-1002\...\Run: [EPSON BX305 Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGJE.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3379123602-2794455321-361650133-1002\...\Run: [AdobeBridge] - C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe [12008296 2011-03-02] (Adobe Systems, Inc.)
HKU\S-1-5-21-3379123602-2794455321-361650133-1002\...\Run: [Syncables] - C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [370480 2010-07-19] (syncables, LLC)
HKU\S-1-5-21-3379123602-2794455321-361650133-1002\...\Run: [Epson Stylus Office BX305(Netzwerk)] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGJE.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [226920 2011-03-10] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [192616 2011-03-10] (NVIDIA Corporation)
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyServer: 172.16.0.222:3128
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=protegere
SearchScopes: HKCU - {1DAF3F97-C75E-4784-A109-F652F93AFA20} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=1e26066f-c34e-4c3d-be98-307e5b8da84e&apn_sauid=198F4E44-0F79-4622-B213-63E70AFCDCB8
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=protegere
BHO: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://navigram.com/engine/v1026/Navigram.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\44tqbt53.GYP
FF user.js: detected! => C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\44tqbt53.GYP\user.js
FF SearchEngineOrder.1: Google
FF NetworkProxy: "backup.ftp", "176.16.0.222"
FF NetworkProxy: "backup.ftp_port", 3128
FF NetworkProxy: "backup.socks", "176.16.0.222"
FF NetworkProxy: "backup.socks_port", 3128
FF NetworkProxy: "backup.ssl", "176.16.0.222"
FF NetworkProxy: "backup.ssl_port", 3128
FF NetworkProxy: "ftp", "176.16.0.222"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "176.16.0.222"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "176.16.0.222"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "176.16.0.222"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Ad-Aware Security Add-on - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\44tqbt53.GYP\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c} [2014-04-07]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-08-11]
FF HKLM-x32\...\Firefox\Extensions: [{AD9E4CD8-A6C9-4C51-8F82-2451E24F90B9}] - C:\Windows\Installer\{487065BF-230A-4F46-A96B-2CD88ACCE87E}\{AD9E4CD8-A6C9-4C51-8F82-2451E24F90B9}.xpi
FF Extension: Download Protect - C:\Windows\Installer\{487065BF-230A-4F46-A96B-2CD88ACCE87E}\{AD9E4CD8-A6C9-4C51-8F82-2451E24F90B9}.xpi [2014-04-05]
FF StartMenuInternet: FIREFOX.EXE - C:\Users\*****\AppData\Local\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-08-23]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 avmident; C:\Program Files (x86)\FRITZ!Box-Kindersicherung\avmident.exe [76288 2011-09-27] (AVM Berlin)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe [702744 2014-01-23] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-07-20] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [91464 2011-01-17] ()

==================== Drivers (Whitelisted) ====================

R1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [17536 2011-05-25] (ASUS)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-29] (Avira Operations GmbH & Co. KG)
R1 BdfNdisf; c:\program files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys [93160 2013-10-21] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [102992 2013-10-21] (BitDefender LLC)
R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [50176 2011-01-21] (Fresco Logic)
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\gzflt.sys [138232 2013-07-17] (BitDefender LLC)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-21] ( )
S3 OV550I; C:\Windows\System32\Drivers\ov550ivx.sys [196992 2008-02-21] (Omnivision Technologies, Inc.)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [329800 2013-07-17] (BitDefender S.R.L.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-17] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-07 03:02 - 2014-04-07 03:02 - 02157056 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2014-04-07 03:02 - 2014-04-07 03:02 - 00022592 _____ () C:\Users\*****\Downloads\FRST.txt
2014-04-07 03:02 - 2014-04-07 03:02 - 00000000 ____D () C:\FRST
2014-04-07 03:01 - 2014-04-07 03:01 - 00050477 _____ () C:\Users\*****\Downloads\Defogger.exe
2014-04-07 03:01 - 2014-04-07 03:01 - 00000498 _____ () C:\Users\*****\Downloads\defogger_disable.log
2014-04-07 03:01 - 2014-04-07 03:01 - 00000000 _____ () C:\Users\*****\defogger_reenable
2014-04-07 01:05 - 2014-04-07 01:05 - 00000000 ____D () C:\Users\*****\AppData\Roaming\LavasoftStatistics
2014-04-07 00:46 - 2014-04-07 01:07 - 00002307 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-04-07 00:46 - 2013-08-21 14:32 - 02084072 _____ (Bitdefender) C:\Windows\system32\bdnc.dll
2014-04-07 00:46 - 2013-07-17 17:09 - 01061776 _____ (BitDefender S.R.L.) C:\Windows\system32\bdsmtpp.dll
2014-04-07 00:46 - 2013-07-17 17:09 - 00209984 _____ (BitDefender) C:\Windows\system32\BdFirewallSDK.dll
2014-04-07 00:46 - 2013-07-17 17:09 - 00195016 _____ (BitDefender) C:\Windows\system32\httproxy.dll
2014-04-07 00:46 - 2013-07-17 17:09 - 00156936 _____ () C:\Windows\system32\bdfwcore.dll
2014-04-07 00:46 - 2013-07-17 17:09 - 00155912 _____ (BitDefender S.R.L.) C:\Windows\system32\bdpop3p.dll
2014-04-07 00:46 - 2013-07-17 17:09 - 00122928 _____ (BitDefender) C:\Windows\system32\OEMbdpredir.dll
2014-04-07 00:46 - 2013-07-17 17:09 - 00096160 _____ (BitDefender) C:\Windows\system32\bdpredir.dll
2014-04-07 00:44 - 2014-04-07 00:44 - 01727624 _____ () C:\Users\*****\Downloads\Adaware_Installer_11.1.5354(1).exe
2014-04-07 00:44 - 2014-04-07 00:44 - 00000000 ____D () C:\Users\*****\AppData\Local\adawarebp
2014-04-07 00:44 - 2014-04-07 00:44 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-04-07 00:44 - 2014-04-07 00:44 - 00000000 ____D () C:\Program Files\Lavasoft
2014-04-07 00:43 - 2014-04-07 00:43 - 00000000 ____D () C:\Program Files (x86)\Toolbar Cleaner
2014-04-07 00:43 - 2014-04-07 00:43 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-04-07 00:42 - 2014-04-07 00:42 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Lavasoft
2014-04-07 00:41 - 2014-04-07 00:41 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-04-07 00:41 - 2014-04-07 00:41 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-04-07 00:40 - 2014-04-07 00:41 - 01727624 _____ () C:\Users\*****\Downloads\Adaware_Installer_11.1.5354.exe
2014-04-02 07:52 - 2014-04-02 11:01 - 00000000 ____D () C:\Users\Public\Documents\Delta_plus
2014-04-02 07:44 - 2014-04-02 07:44 - 00000000 ____D () C:\Users\*****\Documents\Fragmente
2014-03-31 17:07 - 2014-04-05 12:54 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-03-30 16:42 - 2014-03-30 16:42 - 00000000 ____D () C:\Users\*****\AppData\Roaming\GeoGebra 4.4
2014-03-29 14:48 - 2014-03-29 14:48 - 00000000 ____D () C:\Users\*****\Documents\Adobe
2014-03-29 10:09 - 2014-03-29 10:10 - 00000000 ____D () C:\Users\*****\AppData\Local\Mozilla Firefox
2014-03-28 19:14 - 2014-03-28 19:14 - 00000000 ____D () C:\Users\*****\AppData\Roaming\GeoGebra
2014-03-27 19:27 - 2014-03-27 19:27 - 00001853 _____ () C:\Users\Public\Desktop\GeoGebra.lnk
2014-03-27 19:27 - 2014-03-27 19:27 - 00000000 ____D () C:\Program Files (x86)\GeoGebra 5.0
2014-03-27 19:24 - 2014-03-27 19:25 - 54719080 _____ (International GeoGebra Institute) C:\Users\*****\Downloads\GeoGebra-Windows-Installer-4-9-256-0.exe
2014-03-27 19:19 - 2014-03-27 19:19 - 00006283 _____ () C:\Users\*****\Downloads\3D_ebene_parameter.ggb
2014-03-27 19:02 - 2014-03-27 19:02 - 00003178 _____ () C:\Windows\System32\Tasks\{C3890ABE-31C0-4FA5-934D-ACA795E5032F}
2014-03-27 18:59 - 2014-03-27 18:59 - 00000000 ____D () C:\Users\*****\.Vektoris3D25
2014-03-27 18:55 - 2014-03-27 18:55 - 00000000 ____D () C:\Program Files (x86)\Vektoris3D25Plus
2014-03-27 18:54 - 2014-03-27 19:03 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Security System 2
2014-03-27 18:54 - 2014-03-27 18:54 - 00118784 _____ () C:\Windows\system32\api-mt-win-core-libraryloader-l1-1-0.exe
2014-03-27 18:52 - 2014-03-27 18:52 - 00000161 _____ () C:\Users\*****\Desktop\Goodgame Empire.url
2014-03-27 18:50 - 2014-03-27 18:50 - 00657808 _____ () C:\Users\*****\Downloads\V3D25Plus_windows_Setup_20111110-Downloader.exe
2014-03-27 18:40 - 2014-03-27 18:41 - 00000000 ____D () C:\Program Files (x86)\GeoGebra 4.4
2014-03-27 18:39 - 2014-03-27 18:40 - 41882152 _____ (International GeoGebra Institute) C:\Users\*****\Downloads\GeoGebra-Windows-Installer-4-4-23-0.exe
2014-03-27 09:47 - 2014-03-27 09:47 - 00126393 _____ () C:\Users\*****\Downloads\lt_kernmodell
2014-03-25 20:17 - 2014-03-25 20:17 - 564624957 _____ () C:\Windows\MEMORY.DMP
2014-03-25 20:17 - 2014-03-25 20:17 - 00302720 _____ () C:\Windows\Minidump\032514-34257-01.dmp
2014-03-18 23:45 - 2014-03-19 17:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-17 02:53 - 2014-03-17 03:37 - 00013051 _____ () C:\Users\*****\Documents\Mappe1.xlsx
2014-03-12 16:32 - 2014-03-12 16:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-03-12 15:53 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 15:53 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 15:53 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 15:53 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 15:53 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 15:53 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 15:53 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 15:53 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 15:53 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 15:53 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 15:53 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 15:53 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 15:53 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 15:53 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 15:53 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 15:53 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 15:53 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 15:53 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 15:53 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 15:53 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-12 15:53 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 15:53 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 15:53 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 15:53 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 15:53 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 15:53 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-12 15:53 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-12 15:53 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 15:53 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 15:53 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 15:53 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 15:53 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 15:53 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 15:53 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-12 15:53 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 15:53 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 15:53 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 15:53 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 15:53 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 15:53 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 15:53 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 15:53 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 15:53 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 15:53 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-12 15:52 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 15:52 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 15:52 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 15:52 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-12 00:24 - 2014-03-12 01:24 - 05777288 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-03-11 20:18 - 2014-03-11 20:18 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Epson

==================== One Month Modified Files and Folders =======

2014-04-07 03:02 - 2014-04-07 03:02 - 02157056 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2014-04-07 03:02 - 2014-04-07 03:02 - 00022592 _____ () C:\Users\*****\Downloads\FRST.txt
2014-04-07 03:02 - 2014-04-07 03:02 - 00000000 ____D () C:\FRST
2014-04-07 03:01 - 2014-04-07 03:01 - 00050477 _____ () C:\Users\*****\Downloads\Defogger.exe
2014-04-07 03:01 - 2014-04-07 03:01 - 00000498 _____ () C:\Users\*****\Downloads\defogger_disable.log
2014-04-07 03:01 - 2014-04-07 03:01 - 00000000 _____ () C:\Users\*****\defogger_reenable
2014-04-07 03:01 - 2012-08-04 18:13 - 00000000 ____D () C:\Users\*****
2014-04-07 02:24 - 2013-02-12 12:45 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-07 02:00 - 2012-08-11 11:19 - 00000000 ____D () C:\Users\*****\AppData\Local\Adobe
2014-04-07 01:46 - 2012-08-11 22:08 - 00000000 ____D () C:\Users\*****\Documents\CCleaner-Sicherung
2014-04-07 01:15 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-07 01:15 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-07 01:13 - 2009-08-04 11:51 - 00711094 _____ () C:\Windows\system32\perfh007.dat
2014-04-07 01:13 - 2009-08-04 11:51 - 00153542 _____ () C:\Windows\system32\perfc007.dat
2014-04-07 01:13 - 2009-07-14 07:13 - 01651444 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-07 01:07 - 2014-04-07 00:46 - 00002307 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-04-07 01:07 - 2012-08-04 18:14 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-04-07 01:07 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-07 01:06 - 2014-02-26 16:18 - 00002029 _____ () C:\Windows\setupact.log
2014-04-07 01:05 - 2014-04-07 01:05 - 00000000 ____D () C:\Users\*****\AppData\Roaming\LavasoftStatistics
2014-04-07 01:05 - 2012-08-03 06:33 - 01524257 _____ () C:\Windows\WindowsUpdate.log
2014-04-07 00:44 - 2014-04-07 00:44 - 01727624 _____ () C:\Users\*****\Downloads\Adaware_Installer_11.1.5354(1).exe
2014-04-07 00:44 - 2014-04-07 00:44 - 00000000 ____D () C:\Users\*****\AppData\Local\adawarebp
2014-04-07 00:44 - 2014-04-07 00:44 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-04-07 00:44 - 2014-04-07 00:44 - 00000000 ____D () C:\Program Files\Lavasoft
2014-04-07 00:43 - 2014-04-07 00:43 - 00000000 ____D () C:\Program Files (x86)\Toolbar Cleaner
2014-04-07 00:43 - 2014-04-07 00:43 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-04-07 00:42 - 2014-04-07 00:42 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Lavasoft
2014-04-07 00:41 - 2014-04-07 00:41 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-04-07 00:41 - 2014-04-07 00:41 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-04-07 00:41 - 2014-04-07 00:40 - 01727624 _____ () C:\Users\*****\Downloads\Adaware_Installer_11.1.5354.exe
2014-04-07 00:17 - 2013-11-14 11:32 - 00000000 ____D () C:\AdwCleaner
2014-04-06 23:55 - 2014-01-01 15:15 - 00113920 _____ () C:\Users\*****\Desktop\OTL.Txt
2014-04-05 12:54 - 2014-03-31 17:07 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-04-02 23:04 - 2012-08-04 20:48 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Adobe
2014-04-02 11:01 - 2014-04-02 07:52 - 00000000 ____D () C:\Users\Public\Documents\Delta_plus
2014-04-02 07:44 - 2014-04-02 07:44 - 00000000 ____D () C:\Users\*****\Documents\Fragmente
2014-03-31 17:07 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-03-30 16:42 - 2014-03-30 16:42 - 00000000 ____D () C:\Users\*****\AppData\Roaming\GeoGebra 4.4
2014-03-29 14:48 - 2014-03-29 14:48 - 00000000 ____D () C:\Users\*****\Documents\Adobe
2014-03-29 10:10 - 2014-03-29 10:09 - 00000000 ____D () C:\Users\*****\AppData\Local\Mozilla Firefox
2014-03-29 01:41 - 2014-02-26 16:17 - 00115060 _____ () C:\Windows\PFRO.log
2014-03-28 19:14 - 2014-03-28 19:14 - 00000000 ____D () C:\Users\*****\AppData\Roaming\GeoGebra
2014-03-27 19:27 - 2014-03-27 19:27 - 00001853 _____ () C:\Users\Public\Desktop\GeoGebra.lnk
2014-03-27 19:27 - 2014-03-27 19:27 - 00000000 ____D () C:\Program Files (x86)\GeoGebra 5.0
2014-03-27 19:25 - 2014-03-27 19:24 - 54719080 _____ (International GeoGebra Institute) C:\Users\*****\Downloads\GeoGebra-Windows-Installer-4-9-256-0.exe
2014-03-27 19:19 - 2014-03-27 19:19 - 00006283 _____ () C:\Users\*****\Downloads\3D_ebene_parameter.ggb
2014-03-27 19:06 - 2013-10-27 11:49 - 00000000 ____D () C:\Users\*****\Desktop\FreeStudio
2014-03-27 19:03 - 2014-03-27 18:54 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Security System 2
2014-03-27 19:02 - 2014-03-27 19:02 - 00003178 _____ () C:\Windows\System32\Tasks\{C3890ABE-31C0-4FA5-934D-ACA795E5032F}
2014-03-27 18:59 - 2014-03-27 18:59 - 00000000 ____D () C:\Users\*****\.Vektoris3D25
2014-03-27 18:55 - 2014-03-27 18:55 - 00000000 ____D () C:\Program Files (x86)\Vektoris3D25Plus
2014-03-27 18:54 - 2014-03-27 18:54 - 00118784 _____ () C:\Windows\system32\api-mt-win-core-libraryloader-l1-1-0.exe
2014-03-27 18:52 - 2014-03-27 18:52 - 00000161 _____ () C:\Users\*****\Desktop\Goodgame Empire.url
2014-03-27 18:50 - 2014-03-27 18:50 - 00657808 _____ () C:\Users\*****\Downloads\V3D25Plus_windows_Setup_20111110-Downloader.exe
2014-03-27 18:41 - 2014-03-27 18:40 - 00000000 ____D () C:\Program Files (x86)\GeoGebra 4.4
2014-03-27 18:40 - 2014-03-27 18:39 - 41882152 _____ (International GeoGebra Institute) C:\Users\*****\Downloads\GeoGebra-Windows-Installer-4-4-23-0.exe
2014-03-27 09:47 - 2014-03-27 09:47 - 00126393 _____ () C:\Users\*****\Downloads\lt_kernmodell
2014-03-25 20:17 - 2014-03-25 20:17 - 564624957 _____ () C:\Windows\MEMORY.DMP
2014-03-25 20:17 - 2014-03-25 20:17 - 00302720 _____ () C:\Windows\Minidump\032514-34257-01.dmp
2014-03-25 20:17 - 2012-12-15 16:11 - 00000000 ____D () C:\Windows\Minidump
2014-03-25 00:02 - 2012-11-11 19:53 - 00000000 ____D () C:\Users\*****\AppData\Roaming\vlc
2014-03-23 16:50 - 2014-02-16 18:48 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Skype
2014-03-20 09:31 - 2012-09-26 21:56 - 00000000 ___SD () C:\Users\*****\Documents\Meine Datenquellen
2014-03-19 23:39 - 2012-08-09 09:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-19 17:52 - 2014-03-18 23:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-19 02:06 - 2013-08-16 09:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 02:04 - 2012-08-09 10:52 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-17 22:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-17 20:13 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-17 03:37 - 2014-03-17 02:53 - 00013051 _____ () C:\Users\*****\Documents\Mappe1.xlsx
2014-03-12 22:47 - 2009-07-14 06:45 - 04982584 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-12 22:44 - 2012-08-09 09:28 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-12 22:44 - 2012-08-09 09:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 19:47 - 2012-08-09 08:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-12 16:32 - 2014-03-12 16:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-03-12 01:24 - 2014-03-12 00:24 - 05777288 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-03-12 01:24 - 2013-02-12 12:45 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 01:24 - 2012-08-11 13:34 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 01:24 - 2012-08-11 13:34 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-11 20:31 - 2014-02-16 18:48 - 00000000 ____D () C:\ProgramData\Skype
2014-03-11 20:24 - 2013-06-01 19:36 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\CyberLink
2014-03-11 20:18 - 2014-03-11 20:18 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Epson
2014-03-09 18:35 - 2013-05-19 12:20 - 00002028 _____ () C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk

Files to move or delete:
====================
C:\ProgramData\dsgsdgdsgdsgw.pad


Some content of TEMP:
====================
C:\Users\*****\AppData\Local\Temp\avgnt.exe
C:\Users\*****\AppData\Local\Temp\da527484-ba88-49c3-89f6-09520d63695b.exe
C:\Users\*****\AppData\Local\Temp\Quarantine.exe
C:\Users\Gast\AppData\Local\Temp\AskSLib.dll
C:\Users\Gast\AppData\Local\Temp\avgnt.exe
C:\Users\Gast\AppData\Local\Temp\COMAP.EXE


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-30 03:35

==================== End Of Log ============================
         

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by ***** at 2014-04-07 03:03:25
Running from C:\Users\*****\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Ad-Aware Antivirus (Enabled - Up to date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AS: Ad-Aware Antivirus (Enabled - Up to date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

Ad-Aware Antivirus (HKLM\...\{6A16ADA5-0B30-4893-84AB-961B1340D14A}_AdAwareUpdater) (Version: 11.1.5354.0 - Lavasoft)
Ad-Aware Security Add-on (HKLM-x32\...\adawaretb) (Version: 3.8.0.10 - Lavasoft)
AdAwareInstaller (Version: 11.1.5354.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.1.5354.0 - Lavasoft) Hidden
AntimalwareEngine (Version: 2.6.0.0 - Lavasoft) Hidden
AntispamEngine (Version: 2.3.29.0 - Lavasoft) Hidden
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.43 - ASUS)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
EPSON BX305 Series Printer Uninstall (HKLM\...\EPSON BX305 Series) (Version:  - SEIKO EPSON Corporation)
ETDWare PS/2-x64 7.0.5.15_WHQL (HKLM\...\Elantech) (Version: 7.0.5.15 - ELAN Microelectronics Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS)
FirewallEngine (Version: 1.6.0.0 - Lavasoft) Hidden
Fresco Logic USB3.0 Host Controller (HKLM\...\{26211D4B-CD06-44C8-BA6E-F937E1692629}) (Version: 3.0.114.13 - Fresco Logic Inc.)
GeoGebra 5.0 (HKLM-x32\...\GeoGebra 5.0) (Version: 4.9.256.0 - International GeoGebra Institute)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{4327107B-E95E-415C-9194-458FCED6BF12}) (Version: 13.03.0000 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.400.4 - Intel)
Intel(R) Wireless Display (HKLM\...\{C298FF86-AB23-4B58-AC53-A23383C07B3A}) (Version: 1.2.20.0 - Intel Corporation)
LEGO MINDSTORMS NXT Driver for x64 (HKLM\...\{89C4C60E-490D-43D1-A4EE-92877306DEC3}) (Version: 1.17.769 - LEGO)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 28.0 (x86 de) (HKCU\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
NVIDIA Control Panel 265.96 (Version: 265.96 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 265.96 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 265.96 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.29.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.0.9 (Version: 1.0.9 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.0.9 - NVIDIA Corporation) Hidden
OnlineThreatsEngine (Version: 2.2.2.0 - Lavasoft) Hidden
VLC media player 2.1.2 (HKLM\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WebFilteringEngine (Version: 2.2.1.0 - Lavasoft) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

19-03-2014 00:04:14 Windows Update
25-03-2014 15:19:50 Windows Update
28-03-2014 15:22:04 Windows Update
01-04-2014 14:16:07 Windows Update
04-04-2014 14:46:07 Windows Update
06-04-2014 22:41:10 AA11

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0A242A82-75B0-4D63-B6EE-7C0FCD78131A} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {0ED35F2C-D486-474C-9F87-1A0574DFA74F} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2010-11-24] (CyberLink)
Task: {0F65361B-58B4-41DC-8722-3DC815659BDB} - System32\Tasks\AdobeAAMUpdater-1.0-PapaBook-***** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-01-24] (Adobe Systems Incorporated)
Task: {11703F1B-0D80-4E0A-8B58-F3BAA83234CF} - System32\Tasks\{B4E47510-B53F-4B43-AAEF-58B8F1755EB7} => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe [2013-12-21] (Adobe Systems Incorporated)
Task: {13DF5B68-BACC-4C87-A45D-973CE7B2253E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {39414D12-AD02-4EBF-A0B8-A70F1751A175} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {3B493D61-B417-4179-B474-1A0F81377887} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {5ADC85BE-F11D-43CB-96B1-B385D1BC2070} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
Task: {6453C52B-D4FB-450C-B45C-D569C2703944} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {7B5B762C-FD33-41A5-B53F-ABADC81D4516} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {7DA7736B-1628-4E14-A32F-B2762F506425} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-12-02] (ASUS)
Task: {87B88478-3489-4D88-B998-89E803BBED66} - System32\Tasks\{65C5A358-D155-4BF0-9CF2-FF93A86FF7FD} => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe [2013-12-21] (Adobe Systems Incorporated)
Task: {8A8FD7EA-A8F4-48B0-9295-5635C4123A7B} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {8D649376-92A8-4284-88DC-CC66FC6B80F8} - \EPUpdater No Task File
Task: {B000B6D9-B8D1-4C8F-B72C-F9424D0F9C8F} - System32\Tasks\{716AB061-20A2-49C8-97B5-6BBD646B71AC} => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe [2013-12-21] (Adobe Systems Incorporated)
Task: {C8395007-7200-4D94-94C1-4BEA0F1C6E51} - System32\Tasks\{FF74903E-B06E-4111-9E97-B7183D03AEDB} => Firefox.exe hxxp://ui.skype.com/ui/0/6.13.0.104/de/eula?source=lightinstaller
Task: {E5566B77-FCEF-4D81-9F18-14F7A90507DD} - System32\Tasks\{94C83D8E-DD71-4A95-92D6-E9FDBE14A668} => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe [2013-12-21] (Adobe Systems Incorporated)
Task: {E56BF523-D99C-4CF8-81A7-254CCABF393D} - System32\Tasks\{8143570B-A881-45A9-AC25-C2C1355087BA} => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe [2013-12-21] (Adobe Systems Incorporated)
Task: {E816935A-9F3F-4E43-9544-6137A2B4848F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {EB3F6D42-72A9-49E9-A4E2-C42EB6EF02A1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {F786FA0E-0FB0-4379-8DEB-F0AD6E8EF663} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2010-07-20 01:48 - 2010-07-20 01:48 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2014-01-23 16:09 - 2014-01-23 16:09 - 00702744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
2014-01-23 16:30 - 2014-01-23 16:30 - 00103800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_thread-vc100-mt-1_55.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00024440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_system-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00033656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_chrono-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00055680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_date_time-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00123776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_filesystem-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 03720040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareServiceKernel.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00685904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\SQLite.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00158032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\pugixml.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 02595144 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\RCF.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00788856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_regex-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00602984 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareActivation.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00291192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareApplicationUpdater.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00142696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareGamingMode.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00098648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareReset.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00120152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTime.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00268152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareDefinitionsUpdater.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00198024 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00417128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareIgnoreList.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00253800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareQuarantine.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00293744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiMalwareEngine.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00212336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiRootkitEngine.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00509808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScannerHistory.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00607584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScanner.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00035192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_timer-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00325488 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScannerScheduler.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00333688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareRealTimeProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00227688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareIncompatibles.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00219488 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiSpam.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00129896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiPhishing.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00599920 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareParentalControl.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 01926504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareWebProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00263536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareEmailProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00650608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareNetworkProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00490848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareInstaller.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00106824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\zlib.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00149840 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\libssh2.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00358744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwarePromo.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00291680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareFeedback.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00154464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\SecurityCenter.dll
2014-04-07 00:46 - 2013-07-17 17:09 - 00156936 _____ () C:\Windows\system32\bdfwcore.dll
2013-07-17 17:10 - 2013-07-17 17:10 - 00777296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\BDSmartDB.dll
2013-08-21 14:32 - 2013-08-21 14:32 - 00824864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.2.0\ashttpbr.mdl
2013-08-21 14:32 - 2013-08-21 14:32 - 00558136 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.2.0\ashttpdsp.mdl
2013-08-21 14:32 - 2013-08-21 14:32 - 02656752 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.2.0\ashttpph.mdl
2013-08-21 14:32 - 2013-08-21 14:32 - 01234816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.2.0\ashttprbl.mdl
2013-08-21 14:32 - 2013-08-21 14:32 - 00824864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\WebFiltering Engine\2.2.1.0\ashttpbr.mdl
2013-08-21 14:32 - 2013-08-21 14:32 - 00558136 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\WebFiltering Engine\2.2.1.0\ashttpdsp.mdl
2013-08-21 14:32 - 2013-08-21 14:32 - 03112000 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\WebFiltering Engine\2.2.1.0\ashttpf.mdl
2013-08-21 14:32 - 2013-08-21 14:32 - 01234816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\WebFiltering Engine\2.2.1.0\ashttprbl.mdl
2012-08-03 07:13 - 2009-04-17 12:01 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2010-03-16 03:48 - 2010-03-16 03:48 - 00148816 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\EcaremeDLL.dll
2011-01-12 18:01 - 2011-01-12 18:01 - 00030032 _____ () C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3726.20828__0d0f4b69e50e559b\SqliteShared.dll
2011-01-12 18:01 - 2011-01-12 18:01 - 00931840 _____ () C:\Windows\assembly\GAC_64\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
2012-08-03 07:02 - 2007-11-30 20:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2010-04-03 04:21 - 2008-10-01 08:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-07-15 01:11 - 2010-07-15 01:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2011-01-17 23:16 - 2011-01-17 23:16 - 00091464 _____ () C:\ExpressGateUtil\VAWinService.exe
2010-07-20 01:48 - 2010-07-20 01:48 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2011-02-12 04:19 - 2011-01-27 02:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 04114264 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
2014-01-23 16:29 - 2014-01-23 16:29 - 00500088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_locale-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00361824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\HtmlFramework.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00066904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\DllStorage.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00788848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTrayDefaultSkin.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00139608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\Localization.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 02141040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareShellExtension.dll
2012-11-05 23:52 - 2013-04-14 20:58 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-10-26 11:10 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-10-26 11:10 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-10-26 11:10 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-10-26 11:10 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-10-26 11:10 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2010-12-25 04:12 - 2010-12-25 04:12 - 00157000 _____ () C:\ExpressGateUtil\libexpat.dll
2011-01-04 02:27 - 2011-01-04 02:27 - 00061768 _____ () C:\ExpressGateUtil\netProfileDatabase.DLL
2011-03-02 21:34 - 2011-03-02 22:34 - 00073728 _____ () C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Symlib.dll
2011-03-02 21:34 - 2011-03-02 22:34 - 02748416 _____ () C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\LIBMYSQLD.dll
2012-08-03 06:51 - 2011-03-10 06:22 - 00004096 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2013-12-18 20:43 - 2013-12-18 20:43 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\locale\de_de\acrotray.deu
2014-03-29 10:09 - 2014-03-29 10:10 - 03642480 _____ () C:\Users\*****\AppData\Local\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\*****\Cookies:9QNjlq7WiKlCt8LHRSBRyI0PBex
AlternateDataStreams: C:\Users\*****\Cookies:Dl7v99tjHQ3lT2kZ3RfhGM
AlternateDataStreams: C:\Users\*****\Lokale Einstellungen:XScmXCwMacfiixoZBCPapKpl
AlternateDataStreams: C:\Users\*****\AppData\Local:XScmXCwMacfiixoZBCPapKpl
AlternateDataStreams: C:\Users\*****\AppData\Local\Anwendungsdaten:XScmXCwMacfiixoZBCPapKpl
AlternateDataStreams: C:\Users\*****\AppData\Local\Temporary Internet Files:347D0y5R4XBJsFosZBxWAGF

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: ASUS WebStorage => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
MSCONFIG\startupreg: Syncables => C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe

==================== Faulty Device Manager Devices =============

Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft Virtual WiFi Miniport Adapter #2
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/07/2014 01:37:40 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.1.7601.18222, Zeitstempel: 0x51f1ddfa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005055a
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3

Error: (04/07/2014 00:31:36 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.1.7601.18222, Zeitstempel: 0x51f1ddfa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005055a
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3

Error: (04/06/2014 08:22:39 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "I:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (04/05/2014 09:29:14 PM) (Source: Application Hang) (User: )
Description: Programm plugin-container.exe, Version 28.0.0.5186 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1040

Startzeit: 01cf51052c36eaa4

Endzeit: 20

Anwendungspfad: C:\Users\*****\AppData\Local\Mozilla Firefox\plugin-container.exe

Berichts-ID: 841a86df-bcf8-11e3-950c-f46d04c20c2c

Error: (04/01/2014 05:07:01 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: api-mt-win-core-libraryloader-l1-1-0.exe, Version: 0.0.0.0, Zeitstempel: 0x529d12e8
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000002415cd
ID des fehlerhaften Prozesses: 0xb2c
Startzeit der fehlerhaften Anwendung: 0xapi-mt-win-core-libraryloader-l1-1-0.exe0
Pfad der fehlerhaften Anwendung: api-mt-win-core-libraryloader-l1-1-0.exe1
Pfad des fehlerhaften Moduls: api-mt-win-core-libraryloader-l1-1-0.exe2
Berichtskennung: api-mt-win-core-libraryloader-l1-1-0.exe3

Error: (04/01/2014 01:39:58 PM) (Source: Application Hang) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.16521 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1bc0

Startzeit: 01cf4d9f01e2aa92

Endzeit: 16

Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Berichts-ID:

Error: (03/31/2014 10:16:17 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FBAgent.exe, Version: 1.0.9.0, Zeitstempel: 0x4d3e6927
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000c4102
ID des fehlerhaften Prozesses: 0x514
Startzeit der fehlerhaften Anwendung: 0xFBAgent.exe0
Pfad der fehlerhaften Anwendung: FBAgent.exe1
Pfad des fehlerhaften Moduls: FBAgent.exe2
Berichtskennung: FBAgent.exe3

Error: (03/30/2014 08:44:03 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "I:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (03/29/2014 06:25:06 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: SDTray.exe, Version: 2.1.21.129, Zeitstempel: 0x51f0ed9e
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x13b4
Startzeit der fehlerhaften Anwendung: 0xSDTray.exe0
Pfad der fehlerhaften Anwendung: SDTray.exe1
Pfad des fehlerhaften Moduls: SDTray.exe2
Berichtskennung: SDTray.exe3

Error: (03/29/2014 04:34:59 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FBAgent.exe, Version: 1.0.9.0, Zeitstempel: 0x4d3e6927
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000c4102
ID des fehlerhaften Prozesses: 0x570
Startzeit der fehlerhaften Anwendung: 0xFBAgent.exe0
Pfad der fehlerhaften Anwendung: FBAgent.exe1
Pfad des fehlerhaften Moduls: FBAgent.exe2
Berichtskennung: FBAgent.exe3


System errors:
=============
Error: (04/05/2014 00:51:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/05/2014 00:51:37 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (04/03/2014 07:37:50 AM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (04/01/2014 05:07:02 PM) (Source: Service Control Manager) (User: )
Description: Dienst "ATKGFNEX msahci Turbo" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/01/2014 03:25:19 PM) (Source: DCOM) (User: PapaBook)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}PapaBookGastS-1-5-21-3379123602-2794455321-361650133-501LocalHost (unter Verwendung von LRPC)

Error: (04/01/2014 03:25:13 PM) (Source: DCOM) (User: PapaBook)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}PapaBookGastS-1-5-21-3379123602-2794455321-361650133-501LocalHost (unter Verwendung von LRPC)

Error: (04/01/2014 01:39:11 PM) (Source: DCOM) (User: PapaBook)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}PapaBookGastS-1-5-21-3379123602-2794455321-361650133-501LocalHost (unter Verwendung von LRPC)

Error: (04/01/2014 01:39:08 PM) (Source: DCOM) (User: PapaBook)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}PapaBookGastS-1-5-21-3379123602-2794455321-361650133-501LocalHost (unter Verwendung von LRPC)

Error: (03/31/2014 10:16:17 PM) (Source: Service Control Manager) (User: )
Description: Dienst "AFBAgent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/31/2014 10:01:04 PM) (Source: DCOM) (User: PapaBook)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}PapaBookGastS-1-5-21-3379123602-2794455321-361650133-501LocalHost (unter Verwendung von LRPC)


Microsoft Office Sessions:
=========================
Error: (04/07/2014 01:37:40 AM) (Source: Application Error)(User: )
Description: explorer.exe6.1.7601.175674d672ee4SHELL32.dll6.1.7601.1822251f1ddfac0000005000000000005055a

Error: (04/07/2014 00:31:36 AM) (Source: Application Error)(User: )
Description: explorer.exe6.1.7601.175674d672ee4SHELL32.dll6.1.7601.1822251f1ddfac0000005000000000005055a

Error: (04/06/2014 08:22:39 PM) (Source: Windows Backup)(User: )
Description: I:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)

Error: (04/05/2014 09:29:14 PM) (Source: Application Hang)(User: )
Description: plugin-container.exe28.0.0.5186104001cf51052c36eaa420C:\Users\*****\AppData\Local\Mozilla Firefox\plugin-container.exe841a86df-bcf8-11e3-950c-f46d04c20c2c

Error: (04/01/2014 05:07:01 PM) (Source: Application Error)(User: )
Description: api-mt-win-core-libraryloader-l1-1-0.exe0.0.0.0529d12e8unknown0.0.0.000000000c000000500000000002415cdb2c01cf4b9a0bcd6ca5C:\Windows\system32\api-mt-win-core-libraryloader-l1-1-0.exeunknown46a633c9-b9af-11e3-a532-f46d04c20c2c

Error: (04/01/2014 01:39:58 PM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.165211bc001cf4d9f01e2aa9216C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (03/31/2014 10:16:17 PM) (Source: Application Error)(User: )
Description: FBAgent.exe1.0.9.04d3e6927ntdll.dll6.1.7601.18247521eaf24c000037400000000000c410251401cf4b9a04056aabC:\Windows\system32\FBAgent.exeC:\Windows\SYSTEM32\ntdll.dll5045e510-b911-11e3-a532-f46d04c20c2c

Error: (03/30/2014 08:44:03 PM) (Source: Windows Backup)(User: )
Description: I:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)

Error: (03/29/2014 06:25:06 PM) (Source: Application Error)(User: )
Description: SDTray.exe2.1.21.12951f0ed9eunknown0.0.0.000000000c00000050000000013b401cf4adf58f3ce64C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exeunknownafa560e4-b75e-11e3-8c67-f46d04c20c2c

Error: (03/29/2014 04:34:59 PM) (Source: Application Error)(User: )
Description: FBAgent.exe1.0.9.04d3e6927ntdll.dll6.1.7601.18247521eaf24c000037400000000000c410257001cf4adf3df852daC:\Windows\system32\FBAgent.exeC:\Windows\SYSTEM32\ntdll.dll4d9295c7-b74f-11e3-8c67-f46d04c20c2c


CodeIntegrity Errors:
===================================
  Date: 2012-08-16 17:32:09.086
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\*****\Documents\boot\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-08-16 17:32:09.008
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\*****\Documents\boot\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-08-16 17:32:08.867
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\*****\Documents\boot\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-08-16 17:32:08.727
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\*****\Documents\boot\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-08-16 17:31:12.333
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\*****\Documents\boot\Windows\System32\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-08-16 17:31:12.224
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\*****\Documents\boot\Windows\System32\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-08-16 17:31:12.083
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\*****\Documents\boot\Windows\System32\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-08-16 17:31:11.959
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\*****\Documents\boot\Windows\System32\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 43%
Total physical RAM: 8102.78 MB
Available physical RAM: 4541.3 MB
Total Pagefile: 16203.74 MB
Available Pagefile: 12834.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:195.35 GB) (Free:91.32 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:245.41 GB) (Free:245.27 GB) NTFS
Drive e: (Schule) (Fixed) (Total:232.88 GB) (Free:224.25 GB) NTFS
Drive f: (Privat) (Fixed) (Total:232.87 GB) (Free:208.36 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: A420BA92)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 466 GB) (Disk ID: B12C75F9)

Partition: GPT Partition Type.

==================== End Of Log ============================
         

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-04-07 03:33:32
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST950032 rev.0003 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\CHRIST~1\AppData\Local\Temp\fxtdapow.sys


---- User code sections - GMER 2.1 ----

.text  C:\Program Files (x86)\FRITZ!Box-Kindersicherung\avmident.exe[2176] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69          0000000075a61465 2 bytes [A6, 75]
.text  C:\Program Files (x86)\FRITZ!Box-Kindersicherung\avmident.exe[2176] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155         0000000075a614bb 2 bytes [A6, 75]
.text  ...                                                                                                                                  * 2
.text  C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[2476] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69   0000000075a61465 2 bytes [A6, 75]
.text  C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[2476] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155  0000000075a614bb 2 bytes [A6, 75]
.text  ...                                                                                                                                  * 2
.text  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2564] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69         0000000075a61465 2 bytes [A6, 75]
.text  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2564] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155        0000000075a614bb 2 bytes [A6, 75]
.text  ...                                                                                                                                  * 2
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[5016] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69       0000000075a61465 2 bytes [A6, 75]
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[5016] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155      0000000075a614bb 2 bytes [A6, 75]
.text  ...                                                                                                                                  * 2
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3456] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69   0000000075a61465 2 bytes [A6, 75]
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3456] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155  0000000075a614bb 2 bytes [A6, 75]
.text  ...                                                                                                                                  * 2

---- Registry - GMER 2.1 ----

Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0015007a2bc2                                                          
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0015007a2bc2 (not active ControlSet)                                      

---- EOF - GMER 2.1 ----