Böni 24.04.2014 11:21

Leider nicht! Alles so ausgeführt wie beschrieben....

Gruß Böni

schrauber 25.04.2014 08:25

Eigentlich unmöglich. Chrome nochmal komplett deinstallieren, mit Revo. Reste entfernen lassen. Nicht neu installieren!

Frisches FRST log bitte.

Böni 25.04.2014 12:24

FRST Logfile:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2014
Ran by Power (ATTENTION: The logged in user is not administrator) on B-AZO-N on 25-04-2014 13:22:12
Running from C:\Users\Power\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(ashampoo GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo Snap 5\ashsnap.exe
(Secure Banking) C:\Program Files (x86)\Secure Banking\SecureBanking.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Dropbox, Inc.) C:\Users\Power\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\Secure Banking\sbservice.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-27] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9955872 2010-01-12] (Realtek Semiconductor)
HKLM\...\Run: [OOTag] => C:\Program Files (x86)\Acer\OOBEOffer\ootag.exe [13856 2010-02-23] (Microsoft)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-27] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [611872 2010-08-04] ()
HKLM-x32\...\Run: [OOTag] => C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe [13856 2010-02-23] (Microsoft)
HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe [124136 2010-06-29] (CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2691480 2014-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Ulead AutoDetector v2] => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe [90112 2005-05-23] (Ulead Systems, Inc.)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-03] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039240 2013-12-26] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\RunOnce: [20131224] - C:\Program Files\AVAST Software\Avast\setup\emupdate\cdc62424-c9f9-4a3d-82f6-b4920eeae39f.exe /check [181136 2014-04-25] (AVAST Software)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3047158342-991607282-2163248425-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3047158342-991607282-2163248425-1001\...\Run: [AshSnap] => C:\Program Files (x86)\Ashampoo\Ashampoo Snap 5\ashsnap.exe [3400600 2012-08-03] (ashampoo GmbH & Co. KG)
HKU\S-1-5-21-3047158342-991607282-2163248425-1001\...\Run: [SecureBanking] => C:\Program Files (x86)\Secure Banking\SecureBanking.exe [507904 2013-06-30] (Secure Banking)
HKU\S-1-5-21-3047158342-991607282-2163248425-1001\...\MountPoints2: {159ba231-0fcd-11e3-b75e-d02788687d15} - M:\pushinst.exe
HKU\S-1-5-21-3047158342-991607282-2163248425-1001\...\MountPoints2: {2406cd66-259f-11e3-bbef-246511c0671c} - K:\iStudio.exe
HKU\S-1-5-21-3047158342-991607282-2163248425-1001\...\MountPoints2: {7e344821-a9e6-11e3-b8dc-246511c0671c} - K:\.\autorun.exe
Startup: C:\Users\Power\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Power\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://{partner_id}&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://{partner_id}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://{partner_id}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://{partner_id}&p={searchTerms}
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://{partner_id}&p={searchTerms}
SearchScopes: HKCU - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://{partner_id}&p={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://{partner_id}&p={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Tcpip\Parameters: [DhcpNameServer]

FF ProfilePath: C:\Users\Power\AppData\Roaming\Mozilla\Firefox\Profiles\6p6z0btk.default-1398166762451
FF Homepage:
FF Plugin: - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin:,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin:,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin:,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin:,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32:,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32:,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32:,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32:,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32:,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32:,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32:,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32:;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32:,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32:,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32:,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32:,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\Power\AppData\Roaming\Mozilla\Firefox\Profiles\6p6z0btk.default-1398166762451\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-04-25]
FF Extension: DownloadHelper - C:\Users\Power\AppData\Roaming\Mozilla\Firefox\Profiles\6p6z0btk.default-1398166762451\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-04-24]

Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (avast! Online Security) - C:\Users\Power\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-04-23]
CHR Extension: (Google Wallet) - C:\Users\Power\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-23]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-03]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-03] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-04-03] (AVAST Software)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-03-29] (SurfRight B.V.)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [244904 2010-05-13] ()

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-04-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-03] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [445304 2014-04-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-03] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-03] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
S3 Sriomgr2aotv; No ImagePath
S3 tmnsusbser; C:\Windows\System32\DRIVERS\tmnsusbser.sys [124416 2010-04-21] (Wireless Device)
S3 tmusbnet; C:\Windows\System32\DRIVERS\tmusbnet.sys [129024 2010-04-20] (QUALCOMM Incorporated)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-04-25 08:59 - 2014-04-25 08:59 - 00000000 ____D () C:\Windows\de
2014-04-25 08:56 - 2014-04-25 08:56 - 00000000 ____D () C:\Program Files\Windows Live
2014-04-25 06:28 - 2014-04-25 06:28 - 47479641 _____ () C:\Users\Power\Downloads\
2014-04-25 06:03 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-25 06:03 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-25 06:03 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-25 06:03 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-25 06:02 - 2014-04-25 06:03 - 00004161 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-25 05:57 - 2014-04-25 05:57 - 00921512 _____ (Oracle Corporation) C:\Users\Power\Downloads\jxpiinstall.exe
2014-04-24 18:13 - 2014-04-24 18:13 - 04968079 _____ (Tim Kosse) C:\Users\Power\Downloads\FileZilla_3.8.0_win32-setup.exe
2014-04-23 16:15 - 2014-04-23 16:15 - 00000000 ____D () C:\Users\Power\Downloads\keycaptcha_UNZIPFIRST(1)
2014-04-23 16:14 - 2014-04-23 16:14 - 00000000 ____D () C:\Users\Power\Downloads\For Joomla 2.5
2014-04-23 16:14 - 2014-04-23 16:14 - 00000000 ____D () C:\Users\Power\Downloads\For Joomla 1.6-1.7
2014-04-23 16:14 - 2014-04-23 16:14 - 00000000 ____D () C:\Users\Power\Downloads\For Joomla 1.5
2014-04-23 16:14 - 2013-04-18 07:07 - 00000529 ____N () C:\Users\Power\Downloads\readme.txt
2014-04-23 16:13 - 2014-04-23 16:13 - 00054918 _____ () C:\Users\Power\Downloads\keycaptcha_UNZIPFIRST(1).zip
2014-04-23 15:59 - 2014-04-23 15:59 - 00884680 _____ (Google Inc.) C:\Users\Power\Downloads\ChromeSetup(4).exe
2014-04-23 15:28 - 2014-04-23 15:28 - 00543816 _____ () C:\Users\Power\Downloads\
2014-04-23 11:08 - 2014-04-23 11:08 - 01035097 _____ () C:\Users\Power\Downloads\
2014-04-23 10:39 - 2014-04-23 10:39 - 00518864 _____ () C:\Users\Power\Downloads\
2014-04-23 10:37 - 2014-04-23 10:37 - 00017617 _____ () C:\Users\Power\Downloads\
2014-04-23 08:56 - 2014-04-23 08:56 - 00782045 _____ () C:\Users\Power\Downloads\
2014-04-23 08:56 - 2014-04-23 08:56 - 00218103 _____ () C:\Users\Power\Downloads\
2014-04-23 01:42 - 2014-04-23 01:42 - 00000000 ____D () C:\Users\Bernd\AppData\Roaming\Mozilla
2014-04-22 14:22 - 2014-04-22 14:23 - 46314673 _____ () C:\Users\Power\Downloads\
2014-04-22 13:46 - 2014-04-22 13:46 - 00884680 _____ (Google Inc.) C:\Users\Power\Downloads\ChromeSetup(3).exe
2014-04-22 13:39 - 2014-04-22 13:39 - 00000000 ____D () C:\Users\Power\Desktop\Alte Firefox-Daten
2014-04-22 13:27 - 2014-04-22 13:27 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-22 13:27 - 2014-04-22 13:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-22 13:26 - 2014-04-22 13:26 - 00283192 _____ (Mozilla) C:\Users\Power\Downloads\Firefox Setup Stub 28.0 (2).exe
2014-04-22 13:14 - 2014-04-22 13:14 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Power\Downloads\revosetup95(1).exe
2014-04-21 12:35 - 2014-04-21 12:35 - 00716987 _____ () C:\Users\Power\Downloads\
2014-04-21 10:43 - 2014-04-21 10:43 - 00002952 _____ () C:\Users\Power\Desktop\eset.txt
2014-04-20 23:52 - 2014-04-20 23:52 - 02347384 _____ (ESET) C:\Users\Power\Downloads\esetsmartinstaller_enu.exe
2014-04-20 20:22 - 2014-04-20 20:22 - 00884680 _____ (Google Inc.) C:\Users\Power\Downloads\ChromeSetup(2).exe
2014-04-20 09:08 - 2014-04-20 09:08 - 00283192 _____ (Mozilla) C:\Users\Power\Downloads\Firefox Setup Stub 28.0 (1).exe
2014-04-19 17:03 - 2014-04-22 14:00 - 00000000 ____D () C:\Users\Power\Downloads\FRST-OlderVersion
2014-04-19 16:53 - 2014-04-19 16:53 - 01258805 _____ () C:\Users\Power\Downloads\adwcleaner(1).exe
2014-04-19 16:41 - 2014-04-19 16:57 - 00000000 ____D () C:\AdwCleaner
2014-04-19 16:40 - 2014-04-19 16:40 - 01258805 _____ () C:\Users\Power\Downloads\adwcleaner.exe
2014-04-19 15:35 - 2014-04-19 15:35 - 00000000 ____D () C:\Windows\ERUNT
2014-04-19 15:34 - 2014-04-19 15:34 - 01016261 _____ (Thisisu) C:\Users\Power\Downloads\JRT.exe
2014-04-19 15:32 - 2014-04-19 15:32 - 00001141 _____ () C:\Users\Power\Desktop\mbam.txt
2014-04-18 20:04 - 2014-04-18 20:04 - 00027630 _____ () C:\ComboFix.txt
2014-04-18 19:27 - 2014-04-18 20:05 - 00000000 ____D () C:\ComboFix
2014-04-18 19:27 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-18 19:27 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-18 19:27 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-18 19:27 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-18 19:27 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-18 19:27 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-18 19:27 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-18 19:27 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-18 19:21 - 2014-04-18 20:05 - 00000000 ____D () C:\Qoobox
2014-04-18 19:20 - 2014-04-18 20:02 - 00000000 ____D () C:\Windows\erdnt
2014-04-18 19:19 - 2014-04-18 19:19 - 05195154 ____R (Swearware) C:\Users\Power\Desktop\ComboFix.exe
2014-04-18 19:15 - 2014-04-25 13:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-18 19:14 - 2014-04-18 19:15 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Power\Downloads\revosetup95.exe
2014-04-18 14:41 - 2014-04-18 14:41 - 00000000 ____D () C:\Users\Power\Documents\Any Video Converter
2014-04-18 14:41 - 2014-04-18 14:41 - 00000000 ____D () C:\Users\Power\AppData\Roaming\AnvSoft
2014-04-18 14:39 - 2014-04-18 14:39 - 00000000 ____D () C:\Program Files (x86)\AnvSoft
2014-04-18 14:38 - 2014-04-18 14:39 - 31429160 _____ ( ) C:\Users\Power\Downloads\avc-558-free.exe
2014-04-18 14:34 - 2014-04-18 14:34 - 00000000 ____D () C:\ProgramData\Freemake
2014-04-18 14:34 - 2014-04-18 14:34 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-04-18 14:32 - 2014-04-18 14:32 - 01308144 _____ (Ellora Assets Corporation ) C:\Users\Power\Downloads\FreemakeVideoConverterSetup_4.1.3.15.exe
2014-04-18 12:14 - 2014-04-18 12:14 - 01301184 _____ () C:\Users\Power\Downloads\
2014-04-16 08:20 - 2014-04-16 08:20 - 40115247 _____ () C:\Users\Power\Downloads\
2014-04-15 17:54 - 2014-04-15 17:54 - 01949807 _____ () C:\Users\Power\Downloads\
2014-04-15 17:51 - 2014-04-15 17:51 - 01401211 _____ () C:\Users\Power\Downloads\
2014-04-15 17:42 - 2014-04-15 17:42 - 00044038 _____ () C:\Users\Power\Downloads\
2014-04-15 17:38 - 2014-04-15 17:38 - 01644568 _____ () C:\Users\Power\Downloads\
2014-04-15 17:31 - 2014-04-15 17:31 - 00053759 _____ () C:\Users\Power\Downloads\
2014-04-15 13:27 - 2014-04-15 13:27 - 00332484 _____ () C:\Users\Power\Downloads\
2014-04-15 12:56 - 2014-04-15 12:56 - 02473215 _____ () C:\Users\Power\Downloads\
2014-04-13 17:42 - 2014-04-19 16:48 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-13 17:42 - 2014-04-13 17:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-13 17:42 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-13 17:42 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-13 17:41 - 2014-04-13 17:41 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Power\Downloads\mbam-setup-
2014-04-12 17:13 - 2014-04-12 17:14 - 47759038 _____ () C:\Users\Power\Downloads\Fantasiebild- -Rumpelstilzchen- - Die Entstehung.mp4
2014-04-12 15:31 - 2014-04-12 15:31 - 00116224 ___SH () C:\Users\Power\Thumbs.db
2014-04-11 12:28 - 2014-03-16 17:38 - 00001173 _____ () C:\Users\Power\Desktop\Free M4a to MP3 Converter.lnk
2014-04-09 08:20 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-09 08:20 - 2014-03-31 03:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-09 08:20 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-09 08:20 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-09 08:20 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 08:20 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 08:20 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 08:20 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 08:20 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 08:20 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 08:20 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 08:20 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 08:20 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 08:20 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 08:20 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 08:20 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 08:20 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 08:20 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 08:20 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 08:20 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 08:20 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-05 12:41 - 2014-04-09 15:25 - 00000033 _____ () C:\Users\Power\Desktop\ApoPluginSrc.dat
2014-04-05 12:41 - 2013-07-28 00:24 - 06220800 _____ (Apophysis Developers) C:\Users\Power\Desktop\Apophysis7X64.exe
2014-04-05 00:52 - 2014-04-05 00:52 - 00003078 _____ () C:\Users\Power\renders7X.flame
2014-04-05 00:46 - 2014-04-05 00:48 - 00000000 ____D () C:\Users\Power\Downloads\Apophysis.7X16.x86_amd64
2014-04-05 00:45 - 2014-04-05 00:45 - 06232625 _____ () C:\Users\Power\Downloads\
2014-04-04 00:25 - 2013-10-18 11:12 - 00001462 _____ () C:\Users\Power\Desktop\Windows Live Mail.lnk
2014-04-04 00:01 - 2014-04-18 14:13 - 00000000 ____D () C:\Users\Power\AppData\Local\Windows Live
2014-04-03 23:09 - 2014-04-03 23:09 - 00002090 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-04-03 23:09 - 2014-04-03 23:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-03 23:08 - 2014-04-03 23:08 - 21987424 _____ (Mozilla) C:\Users\Power\Downloads\Thunderbird Setup 24.4.0(1).exe
2014-04-03 23:04 - 2014-04-03 23:04 - 00283192 _____ (Mozilla) C:\Users\Power\Downloads\Firefox Setup Stub 28.0.exe
2014-04-03 20:26 - 2014-04-03 20:26 - 00000000 ____D () C:\Users\Power\AppData\Roaming\Thunderbird
2014-04-03 20:26 - 2014-04-03 20:26 - 00000000 ____D () C:\Users\Power\AppData\Local\Thunderbird
2014-04-03 20:25 - 2014-04-03 20:25 - 21987424 _____ (Mozilla) C:\Users\Power\Downloads\Thunderbird Setup 24.4.0.exe
2014-04-03 08:17 - 2014-04-03 08:17 - 00445304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-04-03 08:17 - 2014-04-03 08:17 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-31 21:41 - 2014-03-31 21:41 - 00058568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sirenacm.dll
2014-03-31 21:34 - 2014-03-31 21:34 - 00322248 _____ (Microsoft Corporation) C:\Windows\WLXPGSS.SCR
2014-03-31 10:38 - 2014-03-31 10:38 - 00002023 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk

==================== One Month Modified Files and Folders =======

2014-04-25 13:22 - 2014-03-21 00:46 - 00019913 _____ () C:\Users\Power\Downloads\FRST.txt
2014-04-25 13:22 - 2014-03-21 00:45 - 00000000 ____D () C:\FRST
2014-04-25 13:19 - 2013-08-28 13:44 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-25 13:16 - 2014-04-18 19:15 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-25 13:14 - 2013-08-08 13:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-25 11:38 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-25 11:38 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-25 11:32 - 2013-08-28 00:13 - 00000000 ___RD () C:\Users\Power\Dropbox
2014-04-25 11:32 - 2013-08-28 00:11 - 00000000 ____D () C:\Users\Power\AppData\Roaming\Dropbox
2014-04-25 11:32 - 2013-08-08 13:25 - 00000000 ____D () C:\Users\Power\AppData\Local\Adobe
2014-04-25 11:31 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-25 11:31 - 2009-07-14 06:51 - 00113900 _____ () C:\Windows\setupact.log
2014-04-25 09:05 - 2013-04-15 07:54 - 01760520 _____ () C:\Windows\WindowsUpdate.log
2014-04-25 09:00 - 2013-10-18 11:14 - 00000000 ____D () C:\Users\Power\Tracing
2014-04-25 08:59 - 2014-04-25 08:59 - 00000000 ____D () C:\Windows\de
2014-04-25 08:56 - 2014-04-25 08:56 - 00000000 ____D () C:\Program Files\Windows Live
2014-04-25 08:56 - 2013-04-15 08:13 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-04-25 08:54 - 2013-04-15 08:14 - 00236470 _____ () C:\Windows\DirectX.log
2014-04-25 06:28 - 2014-04-25 06:28 - 47479641 _____ () C:\Users\Power\Downloads\
2014-04-25 06:04 - 2013-10-17 17:45 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-25 06:04 - 2013-08-28 10:58 - 00000000 ____D () C:\Users\Power\AppData\Roaming\FileZilla
2014-04-25 06:03 - 2014-04-25 06:02 - 00004161 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-25 06:03 - 2014-02-06 04:07 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-25 05:57 - 2014-04-25 05:57 - 00921512 _____ (Oracle Corporation) C:\Users\Power\Downloads\jxpiinstall.exe
2014-04-25 05:50 - 2013-04-15 07:51 - 00383726 _____ () C:\Windows\PFRO.log
2014-04-24 19:48 - 2013-08-28 08:01 - 00000806 _____ () C:\Windows\ulead32.ini
2014-04-24 19:48 - 2013-08-28 08:01 - 00000000 ____D () C:\Windows\ulead.dat
2014-04-24 19:34 - 2014-02-13 19:09 - 00000000 ____D () C:\Users\Power\dwhelper
2014-04-24 18:13 - 2014-04-24 18:13 - 04968079 _____ (Tim Kosse) C:\Users\Power\Downloads\FileZilla_3.8.0_win32-setup.exe
2014-04-24 18:13 - 2013-08-28 10:59 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-04-24 18:13 - 2013-08-28 10:58 - 00002004 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2014-04-24 15:41 - 2014-02-12 09:52 - 00000000 ____D () C:\Users\Power\AppData\Local\CrashDumps
2014-04-23 16:15 - 2014-04-23 16:15 - 00000000 ____D () C:\Users\Power\Downloads\keycaptcha_UNZIPFIRST(1)
2014-04-23 16:14 - 2014-04-23 16:14 - 00000000 ____D () C:\Users\Power\Downloads\For Joomla 2.5
2014-04-23 16:14 - 2014-04-23 16:14 - 00000000 ____D () C:\Users\Power\Downloads\For Joomla 1.6-1.7
2014-04-23 16:14 - 2014-04-23 16:14 - 00000000 ____D () C:\Users\Power\Downloads\For Joomla 1.5
2014-04-23 16:14 - 2013-12-09 18:09 - 00000000 ____D () C:\Users\Power\Downloads\For Joomla 3.0
2014-04-23 16:13 - 2014-04-23 16:13 - 00054918 _____ () C:\Users\Power\Downloads\keycaptcha_UNZIPFIRST(1).zip
2014-04-23 15:59 - 2014-04-23 15:59 - 00884680 _____ (Google Inc.) C:\Users\Power\Downloads\ChromeSetup(4).exe
2014-04-23 15:28 - 2014-04-23 15:28 - 00543816 _____ () C:\Users\Power\Downloads\
2014-04-23 11:08 - 2014-04-23 11:08 - 01035097 _____ () C:\Users\Power\Downloads\
2014-04-23 10:39 - 2014-04-23 10:39 - 00518864 _____ () C:\Users\Power\Downloads\
2014-04-23 10:37 - 2014-04-23 10:37 - 00017617 _____ () C:\Users\Power\Downloads\
2014-04-23 08:56 - 2014-04-23 08:56 - 00782045 _____ () C:\Users\Power\Downloads\
2014-04-23 08:56 - 2014-04-23 08:56 - 00218103 _____ () C:\Users\Power\Downloads\
2014-04-23 01:42 - 2014-04-23 01:42 - 00000000 ____D () C:\Users\Bernd\AppData\Roaming\Mozilla
2014-04-22 22:52 - 2013-08-08 13:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-22 14:23 - 2014-04-22 14:22 - 46314673 _____ () C:\Users\Power\Downloads\
2014-04-22 14:00 - 2014-04-19 17:03 - 00000000 ____D () C:\Users\Power\Downloads\FRST-OlderVersion
2014-04-22 14:00 - 2014-03-21 00:44 - 02061312 _____ (Farbar) C:\Users\Power\Downloads\FRST64.exe
2014-04-22 13:46 - 2014-04-22 13:46 - 00884680 _____ (Google Inc.) C:\Users\Power\Downloads\ChromeSetup(3).exe
2014-04-22 13:39 - 2014-04-22 13:39 - 00000000 ____D () C:\Users\Power\Desktop\Alte Firefox-Daten
2014-04-22 13:27 - 2014-04-22 13:27 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-22 13:27 - 2014-04-22 13:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-22 13:26 - 2014-04-22 13:26 - 00283192 _____ (Mozilla) C:\Users\Power\Downloads\Firefox Setup Stub 28.0 (2).exe
2014-04-22 13:17 - 2013-08-08 11:06 - 00000000 ___RD () C:\Users\Power\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-22 13:14 - 2014-04-22 13:14 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Power\Downloads\revosetup95(1).exe
2014-04-22 09:15 - 2013-08-28 10:36 - 00000000 ____D () C:\Users\Power\AppData\Local\CutePDF Writer
2014-04-21 12:35 - 2014-04-21 12:35 - 00716987 _____ () C:\Users\Power\Downloads\
2014-04-21 10:43 - 2014-04-21 10:43 - 00002952 _____ () C:\Users\Power\Desktop\eset.txt
2014-04-20 23:52 - 2014-04-20 23:52 - 02347384 _____ (ESET) C:\Users\Power\Downloads\esetsmartinstaller_enu.exe
2014-04-20 20:22 - 2014-04-20 20:22 - 00884680 _____ (Google Inc.) C:\Users\Power\Downloads\ChromeSetup(2).exe
2014-04-20 09:08 - 2014-04-20 09:08 - 00283192 _____ (Mozilla) C:\Users\Power\Downloads\Firefox Setup Stub 28.0 (1).exe
2014-04-19 16:57 - 2014-04-19 16:41 - 00000000 ____D () C:\AdwCleaner
2014-04-19 16:53 - 2014-04-19 16:53 - 01258805 _____ () C:\Users\Power\Downloads\adwcleaner(1).exe
2014-04-19 16:48 - 2014-04-13 17:42 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-19 16:40 - 2014-04-19 16:40 - 01258805 _____ () C:\Users\Power\Downloads\adwcleaner.exe
2014-04-19 15:35 - 2014-04-19 15:35 - 00000000 ____D () C:\Windows\ERUNT
2014-04-19 15:34 - 2014-04-19 15:34 - 01016261 _____ (Thisisu) C:\Users\Power\Downloads\JRT.exe
2014-04-19 15:32 - 2014-04-19 15:32 - 00001141 _____ () C:\Users\Power\Desktop\mbam.txt
2014-04-19 09:27 - 2014-02-09 13:28 - 00011264 _____ () C:\Users\Power\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-18 20:05 - 2014-04-18 19:27 - 00000000 ____D () C:\ComboFix
2014-04-18 20:05 - 2014-04-18 19:21 - 00000000 ____D () C:\Qoobox
2014-04-18 20:04 - 2014-04-18 20:04 - 00027630 _____ () C:\ComboFix.txt
2014-04-18 20:02 - 2014-04-18 19:20 - 00000000 ____D () C:\Windows\erdnt
2014-04-18 19:59 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-18 19:19 - 2014-04-18 19:19 - 05195154 ____R (Swearware) C:\Users\Power\Desktop\ComboFix.exe
2014-04-18 19:15 - 2014-04-18 19:14 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Power\Downloads\revosetup95.exe
2014-04-18 14:41 - 2014-04-18 14:41 - 00000000 ____D () C:\Users\Power\Documents\Any Video Converter
2014-04-18 14:41 - 2014-04-18 14:41 - 00000000 ____D () C:\Users\Power\AppData\Roaming\AnvSoft
2014-04-18 14:39 - 2014-04-18 14:39 - 00000000 ____D () C:\Program Files (x86)\AnvSoft
2014-04-18 14:39 - 2014-04-18 14:38 - 31429160 _____ ( ) C:\Users\Power\Downloads\avc-558-free.exe
2014-04-18 14:34 - 2014-04-18 14:34 - 00000000 ____D () C:\ProgramData\Freemake
2014-04-18 14:34 - 2014-04-18 14:34 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-04-18 14:32 - 2014-04-18 14:32 - 01308144 _____ (Ellora Assets Corporation ) C:\Users\Power\Downloads\FreemakeVideoConverterSetup_4.1.3.15.exe
2014-04-18 14:26 - 2013-10-17 18:34 - 00000000 ____D () C:\Users\Power\AppData\Roaming\vlc
2014-04-18 14:13 - 2014-04-04 00:01 - 00000000 ____D () C:\Users\Power\AppData\Local\Windows Live
2014-04-18 12:14 - 2014-04-18 12:14 - 01301184 _____ () C:\Users\Power\Downloads\
2014-04-16 14:20 - 2013-09-08 11:48 - 00000030 _____ () C:\Windows\Iedit_.INI
2014-04-16 08:20 - 2014-04-16 08:20 - 40115247 _____ () C:\Users\Power\Downloads\
2014-04-15 17:54 - 2014-04-15 17:54 - 01949807 _____ () C:\Users\Power\Downloads\
2014-04-15 17:51 - 2014-04-15 17:51 - 01401211 _____ () C:\Users\Power\Downloads\
2014-04-15 17:42 - 2014-04-15 17:42 - 00044038 _____ () C:\Users\Power\Downloads\
2014-04-15 17:38 - 2014-04-15 17:38 - 01644568 _____ () C:\Users\Power\Downloads\
2014-04-15 17:31 - 2014-04-15 17:31 - 00053759 _____ () C:\Users\Power\Downloads\
2014-04-15 13:27 - 2014-04-15 13:27 - 00332484 _____ () C:\Users\Power\Downloads\
2014-04-15 12:56 - 2014-04-15 12:56 - 02473215 _____ () C:\Users\Power\Downloads\
2014-04-15 11:14 - 2013-09-13 19:11 - 00000132 _____ () C:\Users\Power\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2014-04-15 10:59 - 2014-03-22 10:53 - 00000304 _____ () C:\Windows\system32\.crusader
2014-04-14 20:13 - 2014-04-25 06:03 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-04-25 06:03 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-04-25 06:03 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-04-25 06:03 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-14 09:25 - 2013-12-11 18:56 - 00000000 ____D () C:\Users\Power\Downloads\breezingforms_lite_UNZIP_FIRST
2014-04-13 19:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Cursors
2014-04-13 17:42 - 2014-04-13 17:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-13 17:42 - 2013-08-28 13:07 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-13 17:42 - 2013-08-28 13:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-13 17:41 - 2014-04-13 17:41 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Power\Downloads\mbam-setup-
2014-04-12 17:14 - 2014-04-12 17:13 - 47759038 _____ () C:\Users\Power\Downloads\Fantasiebild- -Rumpelstilzchen- - Die Entstehung.mp4
2014-04-12 15:31 - 2014-04-12 15:31 - 00116224 ___SH () C:\Users\Power\Thumbs.db
2014-04-12 15:31 - 2013-08-08 11:05 - 00000000 ____D () C:\Users\Power
2014-04-12 14:30 - 2013-08-08 13:26 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-12 14:30 - 2013-08-08 13:26 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-11 21:29 - 2013-12-03 17:45 - 00000000 ____D () C:\Program Files (x86)\phase5
2014-04-11 17:46 - 2013-11-28 18:42 - 00025608 _____ () C:\Users\Power\Documents\capella.log
2014-04-11 12:28 - 2013-08-28 15:31 - 00000034 _____ () C:\Windows\cdplayer.ini
2014-04-09 17:53 - 2013-08-28 15:46 - 00000000 ____D () C:\Users\Power\AppData\Roaming\Audacity
2014-04-09 15:25 - 2014-04-05 12:41 - 00000033 _____ () C:\Users\Power\Desktop\ApoPluginSrc.dat
2014-04-09 09:17 - 2013-08-08 13:16 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 08:23 - 2013-08-27 13:51 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 08:19 - 2013-08-27 13:51 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-09 08:15 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-04-05 00:52 - 2014-04-05 00:52 - 00003078 _____ () C:\Users\Power\renders7X.flame
2014-04-05 00:48 - 2014-04-05 00:46 - 00000000 ____D () C:\Users\Power\Downloads\Apophysis.7X16.x86_amd64
2014-04-05 00:45 - 2014-04-05 00:45 - 06232625 _____ () C:\Users\Power\Downloads\
2014-04-04 18:37 - 2014-03-04 20:48 - 00001456 _____ () C:\Users\Power\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-04-04 18:34 - 2013-08-28 09:17 - 00000000 ____D () C:\ProgramData\
2014-04-04 00:01 - 2013-10-18 11:17 - 00000000 ____D () C:\Users\Power\AppData\Roaming\Windows Live Writer
2014-04-03 23:09 - 2014-04-03 23:09 - 00002090 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-04-03 23:09 - 2014-04-03 23:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-03 23:08 - 2014-04-03 23:08 - 21987424 _____ (Mozilla) C:\Users\Power\Downloads\Thunderbird Setup 24.4.0(1).exe
2014-04-03 23:04 - 2014-04-03 23:04 - 00283192 _____ (Mozilla) C:\Users\Power\Downloads\Firefox Setup Stub 28.0.exe
2014-04-03 20:26 - 2014-04-03 20:26 - 00000000 ____D () C:\Users\Power\AppData\Roaming\Thunderbird
2014-04-03 20:26 - 2014-04-03 20:26 - 00000000 ____D () C:\Users\Power\AppData\Local\Thunderbird
2014-04-03 20:25 - 2014-04-03 20:25 - 21987424 _____ (Mozilla) C:\Users\Power\Downloads\Thunderbird Setup 24.4.0.exe
2014-04-03 09:51 - 2014-04-13 17:42 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-13 17:42 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2013-08-28 13:07 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-03 09:45 - 2013-04-15 17:46 - 00699092 _____ () C:\Windows\system32\perfh007.dat
2014-04-03 09:45 - 2013-04-15 17:46 - 00149232 _____ () C:\Windows\system32\perfc007.dat
2014-04-03 09:45 - 2009-07-14 07:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-03 08:18 - 2014-01-26 16:14 - 00001976 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-04-03 08:17 - 2014-04-03 08:17 - 00445304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-04-03 08:17 - 2014-04-03 08:17 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-03 08:17 - 2014-01-26 16:14 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-04-03 08:17 - 2014-01-03 11:16 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-04-03 08:17 - 2013-08-28 13:53 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-03 08:17 - 2013-08-28 13:53 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-03 08:17 - 2013-08-28 13:53 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-03 08:17 - 2013-08-28 13:53 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-03 08:17 - 2013-08-28 13:53 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-03 08:17 - 2013-08-28 13:53 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-03 08:17 - 2013-08-28 13:53 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-03-31 21:41 - 2014-03-31 21:41 - 00058568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sirenacm.dll
2014-03-31 21:34 - 2014-03-31 21:34 - 00322248 _____ (Microsoft Corporation) C:\Windows\WLXPGSS.SCR
2014-03-31 10:38 - 2014-03-31 10:38 - 00002023 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-03-31 10:38 - 2011-01-21 19:33 - 00000000 ____D () C:\ProgramData\Adobe
2014-03-31 10:38 - 2011-01-21 19:32 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-03-31 09:35 - 2013-08-08 13:13 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-03-31 03:16 - 2014-04-09 08:20 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-31 03:13 - 2014-04-09 08:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-31 02:13 - 2014-04-09 08:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-31 01:57 - 2014-04-09 08:20 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-29 14:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-26 12:32 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

--- --- ---

schrauber 26.04.2014 08:09


Ran by Power (ATTENTION: The logged in user is not administrator) on B-AZO-N on 25-04-2014 13:22:12
Unsere Tools brauchen immer Adminrechte. Läuft Revo auch immer ohne Adminpower?

Böni 26.04.2014 08:52

Ich habe Revo zumindest nicht auf dem Administratorkonto gestartet. Ob Revo während der Deinstallationsroutine den Zugang zu Adminrechten gefordert hatte, weiß ich jetzt nicht. Wenn ja, hatte ich die Rechte gegeben.
Grüße von

schrauber 26.04.2014 18:24

Dann jetzt mal bitte FRST mit ADminrechten.

FRST öffnen, Haken setzen bei Additional und scannen, poste bitte beide Logfiles.

Böni 26.04.2014 18:45

FRST Logfile:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2014 03
Ran by Bernd (administrator) on B-AZO-N on 26-04-2014 19:37:30
Running from L:\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(ashampoo GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo Snap 5\ashsnap.exe
(Secure Banking) C:\Program Files (x86)\Secure Banking\SecureBanking.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Dropbox, Inc.) C:\Users\Power\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\Secure Banking\sbservice.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\HitmanPro.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Reader_sl.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-27] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9955872 2010-01-12] (Realtek Semiconductor)
HKLM\...\Run: [OOTag] => C:\Program Files (x86)\Acer\OOBEOffer\ootag.exe [13856 2010-02-23] (Microsoft)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-27] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [611872 2010-08-04] ()
HKLM-x32\...\Run: [OOTag] => C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe [13856 2010-02-23] (Microsoft)
HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe [124136 2010-06-29] (CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2691480 2014-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Ulead AutoDetector v2] => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe [90112 2005-05-23] (Ulead Systems, Inc.)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-03] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039240 2013-12-26] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3047158342-991607282-2163248425-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3047158342-991607282-2163248425-1001\...\Run: [AshSnap] => C:\Program Files (x86)\Ashampoo\Ashampoo Snap 5\ashsnap.exe [3400600 2012-08-03] (ashampoo GmbH & Co. KG)
HKU\S-1-5-21-3047158342-991607282-2163248425-1001\...\Run: [SecureBanking] => C:\Program Files (x86)\Secure Banking\SecureBanking.exe [507904 2013-06-30] (Secure Banking)
HKU\S-1-5-21-3047158342-991607282-2163248425-1001\...\MountPoints2: {159ba231-0fcd-11e3-b75e-d02788687d15} - M:\pushinst.exe
HKU\S-1-5-21-3047158342-991607282-2163248425-1001\...\MountPoints2: {2406cd66-259f-11e3-bbef-246511c0671c} - K:\iStudio.exe
HKU\S-1-5-21-3047158342-991607282-2163248425-1001\...\MountPoints2: {7e344821-a9e6-11e3-b8dc-246511c0671c} - K:\.\autorun.exe
Startup: C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
Startup: C:\Users\Power\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Bernd\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0120EC90DE5BCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://{partner_id}&p={searchTerms}
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://{partner_id}&p={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Tcpip\Parameters: [DhcpNameServer]

FF Plugin: - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin:,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin:,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin:,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin:,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32:,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32:,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32:,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32:,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32:,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32:,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32:,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32:,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32:;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32:,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32:,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32:,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32:,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: - C:\Program Files (x86)\Adobe\Adobe Extension Manager CC\npAdobeExManCCDetect32.dll (Adobe Systems)
FF Plugin HKCU: - C:\Program Files (x86)\Adobe\Adobe Extension Manager CC\npAdobeExManCCDetect64.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-03] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-04-03] (AVAST Software)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-03-29] (SurfRight B.V.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.)
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [244904 2010-05-13] ()

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-04-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-03] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [445304 2014-04-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-03] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-03] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)
R3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-04-26] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-26] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
S3 Sriomgr2aotv; No ImagePath
S3 tmnsusbser; C:\Windows\System32\DRIVERS\tmnsusbser.sys [124416 2010-04-21] (Wireless Device)
S3 tmusbnet; C:\Windows\System32\DRIVERS\tmusbnet.sys [129024 2010-04-20] (QUALCOMM Incorporated)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-04-26 19:36 - 2014-04-26 19:36 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-04-26 14:17 - 2014-04-26 14:17 - 00000000 ____D () C:\Users\Power\AppData\Local\Apple
2014-04-26 09:54 - 2014-04-26 09:54 - 00000000 ____D () C:\Users\Bernd\AppData\Roaming\Apple Computer
2014-04-25 15:39 - 2014-04-25 15:39 - 00000000 ____D () C:\Users\Power\AppData\Roaming\Apple Computer
2014-04-25 15:39 - 2014-04-25 15:39 - 00000000 ____D () C:\Users\Power\AppData\Local\Apple Computer
2014-04-25 15:38 - 2014-04-25 15:38 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-04-25 15:38 - 2014-04-25 15:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-04-25 15:38 - 2014-04-25 15:38 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-04-25 15:38 - 2014-04-25 15:38 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-25 15:38 - 2014-04-25 15:38 - 00000000 ____D () C:\Program Files\iTunes
2014-04-25 15:38 - 2014-04-25 15:38 - 00000000 ____D () C:\Program Files\iPod
2014-04-25 15:38 - 2014-04-25 15:38 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-25 15:38 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-04-25 15:36 - 2014-04-25 15:36 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-04-25 15:36 - 2014-04-25 15:36 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-04-25 15:36 - 2014-04-25 15:36 - 00000000 ____D () C:\Users\Bernd\AppData\Local\Apple
2014-04-25 15:36 - 2014-04-25 15:36 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-04-25 15:36 - 2014-04-25 15:36 - 00000000 ____D () C:\Program Files\Bonjour
2014-04-25 15:36 - 2014-04-25 15:36 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-04-25 15:36 - 2014-04-25 15:36 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-04-25 15:35 - 2014-04-25 15:36 - 00000000 ____D () C:\ProgramData\Apple
2014-04-25 15:26 - 2014-04-25 15:27 - 148885840 _____ (Apple Inc.) C:\Users\Power\Downloads\iTunes64Setup.exe
2014-04-25 08:59 - 2014-04-25 08:59 - 00000000 ____D () C:\Windows\de
2014-04-25 08:58 - 2014-04-25 08:58 - 00001309 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-04-25 08:58 - 2014-04-25 08:58 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-04-25 08:56 - 2014-04-25 08:56 - 00000000 ____D () C:\Program Files\Windows Live
2014-04-25 06:28 - 2014-04-25 06:28 - 47479641 _____ () C:\Users\Power\Downloads\
2014-04-25 06:03 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-25 06:03 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-25 06:03 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-25 06:03 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-25 06:02 - 2014-04-25 06:03 - 00004161 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-25 05:57 - 2014-04-25 05:57 - 00921512 _____ (Oracle Corporation) C:\Users\Power\Downloads\jxpiinstall.exe
2014-04-24 18:13 - 2014-04-24 18:13 - 04968079 _____ (Tim Kosse) C:\Users\Power\Downloads\FileZilla_3.8.0_win32-setup.exe
2014-04-23 16:15 - 2014-04-23 16:15 - 00000000 ____D () C:\Users\Power\Downloads\keycaptcha_UNZIPFIRST(1)
2014-04-23 16:14 - 2014-04-23 16:14 - 00000000 ____D () C:\Users\Power\Downloads\For Joomla 2.5
2014-04-23 16:14 - 2014-04-23 16:14 - 00000000 ____D () C:\Users\Power\Downloads\For Joomla 1.6-1.7
2014-04-23 16:14 - 2014-04-23 16:14 - 00000000 ____D () C:\Users\Power\Downloads\For Joomla 1.5
2014-04-23 16:14 - 2013-04-18 07:07 - 00000529 ____N () C:\Users\Power\Downloads\readme.txt
2014-04-23 16:13 - 2014-04-23 16:13 - 00054918 _____ () C:\Users\Power\Downloads\keycaptcha_UNZIPFIRST(1).zip
2014-04-23 15:59 - 2014-04-23 15:59 - 00884680 _____ (Google Inc.) C:\Users\Power\Downloads\ChromeSetup(4).exe
2014-04-23 15:28 - 2014-04-23 15:28 - 00543816 _____ () C:\Users\Power\Downloads\
2014-04-23 11:08 - 2014-04-23 11:08 - 01035097 _____ () C:\Users\Power\Downloads\
2014-04-23 10:39 - 2014-04-23 10:39 - 00518864 _____ () C:\Users\Power\Downloads\
2014-04-23 10:37 - 2014-04-23 10:37 - 00017617 _____ () C:\Users\Power\Downloads\
2014-04-23 08:56 - 2014-04-23 08:56 - 00782045 _____ () C:\Users\Power\Downloads\
2014-04-23 08:56 - 2014-04-23 08:56 - 00218103 _____ () C:\Users\Power\Downloads\
2014-04-23 01:42 - 2014-04-23 01:42 - 00000000 ____D () C:\Users\Bernd\AppData\Roaming\Mozilla
2014-04-22 14:22 - 2014-04-22 14:23 - 46314673 _____ () C:\Users\Power\Downloads\
2014-04-22 13:46 - 2014-04-22 13:46 - 00884680 _____ (Google Inc.) C:\Users\Power\Downloads\ChromeSetup(3).exe
2014-04-22 13:27 - 2014-04-22 13:27 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-22 13:27 - 2014-04-22 13:27 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-22 13:27 - 2014-04-22 13:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-22 13:26 - 2014-04-22 13:26 - 00283192 _____ (Mozilla) C:\Users\Power\Downloads\Firefox Setup Stub 28.0 (2).exe
2014-04-22 13:14 - 2014-04-22 13:14 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Power\Downloads\revosetup95(1).exe
2014-04-21 12:35 - 2014-04-21 12:35 - 00716987 _____ () C:\Users\Power\Downloads\
2014-04-20 23:52 - 2014-04-20 23:52 - 02347384 _____ (ESET) C:\Users\Power\Downloads\esetsmartinstaller_enu.exe
2014-04-20 20:22 - 2014-04-20 20:22 - 00884680 _____ (Google Inc.) C:\Users\Power\Downloads\ChromeSetup(2).exe
2014-04-20 09:08 - 2014-04-20 09:08 - 00283192 _____ (Mozilla) C:\Users\Power\Downloads\Firefox Setup Stub 28.0 (1).exe
2014-04-19 17:03 - 2014-04-22 14:00 - 00000000 ____D () C:\Users\Power\Downloads\FRST-OlderVersion
2014-04-19 16:53 - 2014-04-19 16:53 - 01258805 _____ () C:\Users\Power\Downloads\adwcleaner(1).exe
2014-04-19 16:41 - 2014-04-19 16:57 - 00000000 ____D () C:\AdwCleaner
2014-04-19 16:40 - 2014-04-19 16:40 - 01258805 _____ () C:\Users\Power\Downloads\adwcleaner.exe
2014-04-19 15:56 - 2014-04-19 15:56 - 00001172 _____ () C:\Users\Bernd\Desktop\JRT.txt
2014-04-19 15:35 - 2014-04-19 15:35 - 00000000 ____D () C:\Windows\ERUNT
2014-04-19 15:34 - 2014-04-19 15:34 - 01016261 _____ (Thisisu) C:\Users\Power\Downloads\JRT.exe
2014-04-18 20:04 - 2014-04-18 20:04 - 00027630 _____ () C:\ComboFix.txt
2014-04-18 19:27 - 2014-04-18 20:05 - 00000000 ____D () C:\ComboFix
2014-04-18 19:27 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-18 19:27 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-18 19:27 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-18 19:27 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-18 19:27 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-18 19:27 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-18 19:27 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-18 19:27 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-18 19:21 - 2014-04-18 20:05 - 00000000 ____D () C:\Qoobox
2014-04-18 19:20 - 2014-04-18 20:02 - 00000000 ____D () C:\Windows\erdnt
2014-04-18 19:19 - 2014-04-18 19:19 - 05195154 ____R (Swearware) C:\Users\Power\Desktop\ComboFix.exe
2014-04-18 19:15 - 2014-04-25 13:16 - 00001268 _____ () C:\Users\Bernd\Desktop\Revo Uninstaller.lnk
2014-04-18 19:15 - 2014-04-25 13:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-18 19:14 - 2014-04-18 19:15 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Power\Downloads\revosetup95.exe
2014-04-18 14:41 - 2014-04-18 14:41 - 00000000 ____D () C:\Users\Power\Documents\Any Video Converter
2014-04-18 14:41 - 2014-04-18 14:41 - 00000000 ____D () C:\Users\Power\AppData\Roaming\AnvSoft
2014-04-18 14:40 - 2014-04-18 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
2014-04-18 14:39 - 2014-04-18 14:39 - 00000000 ____D () C:\Program Files (x86)\AnvSoft
2014-04-18 14:38 - 2014-04-18 14:39 - 31429160 _____ ( ) C:\Users\Power\Downloads\avc-558-free.exe
2014-04-18 14:34 - 2014-04-18 14:34 - 00000000 ____D () C:\Users\Bernd\Documents\Freemake
2014-04-18 14:34 - 2014-04-18 14:34 - 00000000 ____D () C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2014-04-18 14:34 - 2014-04-18 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2014-04-18 14:34 - 2014-04-18 14:34 - 00000000 ____D () C:\ProgramData\Freemake
2014-04-18 14:34 - 2014-04-18 14:34 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-04-18 14:32 - 2014-04-18 14:32 - 01308144 _____ (Ellora Assets Corporation ) C:\Users\Power\Downloads\FreemakeVideoConverterSetup_4.1.3.15.exe
2014-04-18 12:14 - 2014-04-18 12:14 - 01301184 _____ () C:\Users\Power\Downloads\
2014-04-16 08:20 - 2014-04-16 08:20 - 40115247 _____ () C:\Users\Power\Downloads\
2014-04-15 17:54 - 2014-04-15 17:54 - 01949807 _____ () C:\Users\Power\Downloads\
2014-04-15 17:51 - 2014-04-15 17:51 - 01401211 _____ () C:\Users\Power\Downloads\
2014-04-15 17:42 - 2014-04-15 17:42 - 00044038 _____ () C:\Users\Power\Downloads\
2014-04-15 17:38 - 2014-04-15 17:38 - 01644568 _____ () C:\Users\Power\Downloads\
2014-04-15 17:31 - 2014-04-15 17:31 - 00053759 _____ () C:\Users\Power\Downloads\
2014-04-15 13:27 - 2014-04-15 13:27 - 00332484 _____ () C:\Users\Power\Downloads\
2014-04-15 12:56 - 2014-04-15 12:56 - 02473215 _____ () C:\Users\Power\Downloads\
2014-04-13 17:42 - 2014-04-26 19:36 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-13 17:42 - 2014-04-13 17:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-13 17:42 - 2014-04-13 17:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-13 17:42 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-13 17:42 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-13 17:41 - 2014-04-13 17:41 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Power\Downloads\mbam-setup-
2014-04-12 17:13 - 2014-04-12 17:14 - 47759038 _____ () C:\Users\Power\Downloads\Fantasiebild- -Rumpelstilzchen- - Die Entstehung.mp4
2014-04-12 15:31 - 2014-04-12 15:31 - 00116224 ___SH () C:\Users\Power\Thumbs.db
2014-04-11 12:28 - 2014-03-16 17:38 - 00001173 _____ () C:\Users\Power\Desktop\Free M4a to MP3 Converter.lnk
2014-04-09 08:20 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-09 08:20 - 2014-03-31 03:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-09 08:20 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-09 08:20 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-09 08:20 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 08:20 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 08:20 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 08:20 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 08:20 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 08:20 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 08:20 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 08:20 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 08:20 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 08:20 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 08:20 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 08:20 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 08:20 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 08:20 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 08:20 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 08:20 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 08:20 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-05 12:41 - 2014-04-09 15:25 - 00000033 _____ () C:\Users\Power\Desktop\ApoPluginSrc.dat
2014-04-05 12:41 - 2013-07-28 00:24 - 06220800 _____ (Apophysis Developers) C:\Users\Power\Desktop\Apophysis7X64.exe
2014-04-05 00:52 - 2014-04-05 00:52 - 00003078 _____ () C:\Users\Power\renders7X.flame
2014-04-05 00:46 - 2014-04-05 00:48 - 00000000 ____D () C:\Users\Power\Downloads\Apophysis.7X16.x86_amd64
2014-04-05 00:45 - 2014-04-05 00:45 - 06232625 _____ () C:\Users\Power\Downloads\
2014-04-04 00:25 - 2013-10-18 11:12 - 00001462 _____ () C:\Users\Power\Desktop\Windows Live Mail.lnk
2014-04-04 00:01 - 2014-04-26 09:45 - 00000000 ____D () C:\Users\Power\AppData\Local\Windows Live
2014-04-03 23:09 - 2014-04-03 23:09 - 00002090 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-04-03 23:09 - 2014-04-03 23:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-03 23:08 - 2014-04-03 23:08 - 21987424 _____ (Mozilla) C:\Users\Power\Downloads\Thunderbird Setup 24.4.0(1).exe
2014-04-03 23:04 - 2014-04-03 23:04 - 00283192 _____ (Mozilla) C:\Users\Power\Downloads\Firefox Setup Stub 28.0.exe
2014-04-03 20:26 - 2014-04-03 20:26 - 00000000 ____D () C:\Users\Power\AppData\Roaming\Thunderbird
2014-04-03 20:26 - 2014-04-03 20:26 - 00000000 ____D () C:\Users\Power\AppData\Local\Thunderbird
2014-04-03 20:25 - 2014-04-03 20:25 - 21987424 _____ (Mozilla) C:\Users\Power\Downloads\Thunderbird Setup 24.4.0.exe
2014-04-03 08:17 - 2014-04-03 08:17 - 00445304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-04-03 08:17 - 2014-04-03 08:17 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-31 21:41 - 2014-03-31 21:41 - 00058568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sirenacm.dll
2014-03-31 21:34 - 2014-03-31 21:34 - 00322248 _____ (Microsoft Corporation) C:\Windows\WLXPGSS.SCR
2014-03-31 10:38 - 2014-03-31 10:38 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-03-31 10:38 - 2014-03-31 10:38 - 00002023 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk

==================== One Month Modified Files and Folders =======

2014-04-26 19:37 - 2014-03-21 00:45 - 00000000 ____D () C:\FRST
2014-04-26 19:36 - 2014-04-26 19:36 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-04-26 19:36 - 2014-04-13 17:42 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-26 19:09 - 2013-08-08 13:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-26 18:50 - 2013-04-15 07:54 - 01822800 _____ () C:\Windows\WindowsUpdate.log
2014-04-26 18:38 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-26 18:38 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-26 18:37 - 2013-08-28 00:11 - 00000000 ____D () C:\Users\Power\AppData\Roaming\Dropbox
2014-04-26 18:34 - 2013-08-28 00:13 - 00000000 ___RD () C:\Users\Power\Dropbox
2014-04-26 18:34 - 2013-08-08 13:25 - 00000000 ____D () C:\Users\Power\AppData\Local\Adobe
2014-04-26 18:30 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-26 18:30 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-26 18:30 - 2009-07-14 06:51 - 00114180 _____ () C:\Windows\setupact.log
2014-04-26 14:17 - 2014-04-26 14:17 - 00000000 ____D () C:\Users\Power\AppData\Local\Apple
2014-04-26 10:22 - 2013-11-28 18:42 - 00189988 _____ () C:\Users\Power\Documents\capella.log
2014-04-26 09:54 - 2014-04-26 09:54 - 00000000 ____D () C:\Users\Bernd\AppData\Roaming\Apple Computer
2014-04-26 09:54 - 2013-08-28 15:33 - 00000000 ____D () C:\Users\Bernd
2014-04-26 09:45 - 2014-04-04 00:01 - 00000000 ____D () C:\Users\Power\AppData\Local\Windows Live
2014-04-25 21:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-25 15:46 - 2013-08-28 15:46 - 00000000 ____D () C:\Users\Power\AppData\Roaming\Audacity
2014-04-25 15:39 - 2014-04-25 15:39 - 00000000 ____D () C:\Users\Power\AppData\Roaming\Apple Computer
2014-04-25 15:39 - 2014-04-25 15:39 - 00000000 ____D () C:\Users\Power\AppData\Local\Apple Computer
2014-04-25 15:38 - 2014-04-25 15:38 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-04-25 15:38 - 2014-04-25 15:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-04-25 15:38 - 2014-04-25 15:38 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-04-25 15:38 - 2014-04-25 15:38 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-25 15:38 - 2014-04-25 15:38 - 00000000 ____D () C:\Program Files\iTunes
2014-04-25 15:38 - 2014-04-25 15:38 - 00000000 ____D () C:\Program Files\iPod
2014-04-25 15:38 - 2014-04-25 15:38 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-25 15:37 - 2013-04-15 17:46 - 00699092 _____ () C:\Windows\system32\perfh007.dat
2014-04-25 15:37 - 2013-04-15 17:46 - 00149232 _____ () C:\Windows\system32\perfc007.dat
2014-04-25 15:37 - 2009-07-14 07:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-25 15:36 - 2014-04-25 15:36 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-04-25 15:36 - 2014-04-25 15:36 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-04-25 15:36 - 2014-04-25 15:36 - 00000000 ____D () C:\Users\Bernd\AppData\Local\Apple
2014-04-25 15:36 - 2014-04-25 15:36 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-04-25 15:36 - 2014-04-25 15:36 - 00000000 ____D () C:\Program Files\Bonjour
2014-04-25 15:36 - 2014-04-25 15:36 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-04-25 15:36 - 2014-04-25 15:36 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-04-25 15:36 - 2014-04-25 15:35 - 00000000 ____D () C:\ProgramData\Apple
2014-04-25 15:27 - 2014-04-25 15:26 - 148885840 _____ (Apple Inc.) C:\Users\Power\Downloads\iTunes64Setup.exe
2014-04-25 15:16 - 2013-08-28 13:53 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-25 13:23 - 2014-03-21 00:46 - 00050501 _____ () C:\Users\Power\Downloads\FRST.txt
2014-04-25 13:19 - 2013-09-17 08:16 - 00000000 ____D () C:\Users\Bernd\AppData\Local\Google
2014-04-25 13:19 - 2013-08-28 13:44 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-25 13:16 - 2014-04-18 19:15 - 00001268 _____ () C:\Users\Bernd\Desktop\Revo Uninstaller.lnk
2014-04-25 13:16 - 2014-04-18 19:15 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-25 09:00 - 2013-10-18 11:14 - 00000000 ____D () C:\Users\Power\Tracing
2014-04-25 08:59 - 2014-04-25 08:59 - 00000000 ____D () C:\Windows\de
2014-04-25 08:58 - 2014-04-25 08:58 - 00001309 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-04-25 08:58 - 2014-04-25 08:58 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-04-25 08:58 - 2013-10-18 11:13 - 00001378 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-04-25 08:57 - 2013-10-18 11:12 - 00002538 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2014-04-25 08:57 - 2013-10-18 11:12 - 00001494 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-04-25 08:56 - 2014-04-25 08:56 - 00000000 ____D () C:\Program Files\Windows Live
2014-04-25 08:56 - 2013-04-15 08:13 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-04-25 08:54 - 2013-04-15 08:14 - 00236470 _____ () C:\Windows\DirectX.log
2014-04-25 06:28 - 2014-04-25 06:28 - 47479641 _____ () C:\Users\Power\Downloads\
2014-04-25 06:04 - 2013-10-17 17:45 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-25 06:04 - 2013-08-28 10:58 - 00000000 ____D () C:\Users\Power\AppData\Roaming\FileZilla
2014-04-25 06:03 - 2014-04-25 06:02 - 00004161 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-25 06:03 - 2014-02-06 04:07 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-25 05:57 - 2014-04-25 05:57 - 00921512 _____ (Oracle Corporation) C:\Users\Power\Downloads\jxpiinstall.exe
2014-04-25 05:50 - 2013-04-15 07:51 - 00383726 _____ () C:\Windows\PFRO.log
2014-04-24 19:48 - 2013-08-28 08:01 - 00000806 _____ () C:\Windows\ulead32.ini
2014-04-24 19:48 - 2013-08-28 08:01 - 00000000 ____D () C:\Windows\ulead.dat
2014-04-24 19:34 - 2014-02-13 19:09 - 00000000 ____D () C:\Users\Power\dwhelper
2014-04-24 18:13 - 2014-04-24 18:13 - 04968079 _____ (Tim Kosse) C:\Users\Power\Downloads\FileZilla_3.8.0_win32-setup.exe
2014-04-24 18:13 - 2013-08-28 10:59 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-04-24 18:13 - 2013-08-28 10:58 - 00002004 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2014-04-24 18:13 - 2013-08-28 10:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-04-24 15:41 - 2014-02-12 09:52 - 00000000 ____D () C:\Users\Power\AppData\Local\CrashDumps
2014-04-23 16:15 - 2014-04-23 16:15 - 00000000 ____D () C:\Users\Power\Downloads\keycaptcha_UNZIPFIRST(1)
2014-04-23 16:14 - 2014-04-23 16:14 - 00000000 ____D () C:\Users\Power\Downloads\For Joomla 2.5
2014-04-23 16:14 - 2014-04-23 16:14 - 00000000 ____D () C:\Users\Power\Downloads\For Joomla 1.6-1.7
2014-04-23 16:14 - 2014-04-23 16:14 - 00000000 ____D () C:\Users\Power\Downloads\For Joomla 1.5
2014-04-23 16:14 - 2013-12-09 18:09 - 00000000 ____D () C:\Users\Power\Downloads\For Joomla 3.0
2014-04-23 16:13 - 2014-04-23 16:13 - 00054918 _____ () C:\Users\Power\Downloads\keycaptcha_UNZIPFIRST(1).zip
2014-04-23 15:59 - 2014-04-23 15:59 - 00884680 _____ (Google Inc.) C:\Users\Power\Downloads\ChromeSetup(4).exe
2014-04-23 15:28 - 2014-04-23 15:28 - 00543816 _____ () C:\Users\Power\Downloads\
2014-04-23 11:08 - 2014-04-23 11:08 - 01035097 _____ () C:\Users\Power\Downloads\
2014-04-23 10:39 - 2014-04-23 10:39 - 00518864 _____ () C:\Users\Power\Downloads\
2014-04-23 10:37 - 2014-04-23 10:37 - 00017617 _____ () C:\Users\Power\Downloads\
2014-04-23 08:56 - 2014-04-23 08:56 - 00782045 _____ () C:\Users\Power\Downloads\
2014-04-23 08:56 - 2014-04-23 08:56 - 00218103 _____ () C:\Users\Power\Downloads\
2014-04-23 01:42 - 2014-04-23 01:42 - 00000000 ____D () C:\Users\Bernd\AppData\Roaming\Mozilla
2014-04-22 22:52 - 2013-08-08 13:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-22 14:23 - 2014-04-22 14:22 - 46314673 _____ () C:\Users\Power\Downloads\
2014-04-22 14:00 - 2014-04-19 17:03 - 00000000 ____D () C:\Users\Power\Downloads\FRST-OlderVersion
2014-04-22 14:00 - 2014-03-21 00:44 - 02061312 _____ (Farbar) C:\Users\Power\Downloads\FRST64.exe
2014-04-22 13:46 - 2014-04-22 13:46 - 00884680 _____ (Google Inc.) C:\Users\Power\Downloads\ChromeSetup(3).exe
2014-04-22 13:27 - 2014-04-22 13:27 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-22 13:27 - 2014-04-22 13:27 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-22 13:27 - 2014-04-22 13:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-22 13:26 - 2014-04-22 13:26 - 00283192 _____ (Mozilla) C:\Users\Power\Downloads\Firefox Setup Stub 28.0 (2).exe
2014-04-22 13:17 - 2013-08-08 11:06 - 00000000 ___RD () C:\Users\Power\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-22 13:14 - 2014-04-22 13:14 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Power\Downloads\revosetup95(1).exe
2014-04-22 09:15 - 2013-08-28 10:36 - 00000000 ____D () C:\Users\Power\AppData\Local\CutePDF Writer
2014-04-21 12:35 - 2014-04-21 12:35 - 00716987 _____ () C:\Users\Power\Downloads\
2014-04-20 23:52 - 2014-04-20 23:52 - 02347384 _____ (ESET) C:\Users\Power\Downloads\esetsmartinstaller_enu.exe
2014-04-20 20:22 - 2014-04-20 20:22 - 00884680 _____ (Google Inc.) C:\Users\Power\Downloads\ChromeSetup(2).exe
2014-04-20 09:08 - 2014-04-20 09:08 - 00283192 _____ (Mozilla) C:\Users\Power\Downloads\Firefox Setup Stub 28.0 (1).exe
2014-04-19 16:57 - 2014-04-19 16:41 - 00000000 ____D () C:\AdwCleaner
2014-04-19 16:53 - 2014-04-19 16:53 - 01258805 _____ () C:\Users\Power\Downloads\adwcleaner(1).exe
2014-04-19 16:48 - 2013-08-28 15:33 - 00000000 ___RD () C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-19 16:40 - 2014-04-19 16:40 - 01258805 _____ () C:\Users\Power\Downloads\adwcleaner.exe
2014-04-19 15:56 - 2014-04-19 15:56 - 00001172 _____ () C:\Users\Bernd\Desktop\JRT.txt
2014-04-19 15:35 - 2014-04-19 15:35 - 00000000 ____D () C:\Windows\ERUNT
2014-04-19 15:34 - 2014-04-19 15:34 - 01016261 _____ (Thisisu) C:\Users\Power\Downloads\JRT.exe
2014-04-19 09:27 - 2014-02-09 13:28 - 00011264 _____ () C:\Users\Power\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-18 20:05 - 2014-04-18 19:27 - 00000000 ____D () C:\ComboFix
2014-04-18 20:05 - 2014-04-18 19:21 - 00000000 ____D () C:\Qoobox
2014-04-18 20:04 - 2014-04-18 20:04 - 00027630 _____ () C:\ComboFix.txt
2014-04-18 20:02 - 2014-04-18 19:20 - 00000000 ____D () C:\Windows\erdnt
2014-04-18 19:59 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-18 19:19 - 2014-04-18 19:19 - 05195154 ____R (Swearware) C:\Users\Power\Desktop\ComboFix.exe
2014-04-18 19:15 - 2014-04-18 19:14 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Power\Downloads\revosetup95.exe
2014-04-18 14:41 - 2014-04-18 14:41 - 00000000 ____D () C:\Users\Power\Documents\Any Video Converter
2014-04-18 14:41 - 2014-04-18 14:41 - 00000000 ____D () C:\Users\Power\AppData\Roaming\AnvSoft
2014-04-18 14:40 - 2014-04-18 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
2014-04-18 14:39 - 2014-04-18 14:39 - 00000000 ____D () C:\Program Files (x86)\AnvSoft
2014-04-18 14:39 - 2014-04-18 14:38 - 31429160 _____ ( ) C:\Users\Power\Downloads\avc-558-free.exe
2014-04-18 14:34 - 2014-04-18 14:34 - 00000000 ____D () C:\Users\Bernd\Documents\Freemake
2014-04-18 14:34 - 2014-04-18 14:34 - 00000000 ____D () C:\Users\Bernd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2014-04-18 14:34 - 2014-04-18 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2014-04-18 14:34 - 2014-04-18 14:34 - 00000000 ____D () C:\ProgramData\Freemake
2014-04-18 14:34 - 2014-04-18 14:34 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-04-18 14:32 - 2014-04-18 14:32 - 01308144 _____ (Ellora Assets Corporation ) C:\Users\Power\Downloads\FreemakeVideoConverterSetup_4.1.3.15.exe
2014-04-18 14:26 - 2013-10-17 18:34 - 00000000 ____D () C:\Users\Power\AppData\Roaming\vlc
2014-04-18 12:14 - 2014-04-18 12:14 - 01301184 _____ () C:\Users\Power\Downloads\
2014-04-16 14:20 - 2013-09-08 11:48 - 00000030 _____ () C:\Windows\Iedit_.INI
2014-04-16 08:20 - 2014-04-16 08:20 - 40115247 _____ () C:\Users\Power\Downloads\
2014-04-15 17:54 - 2014-04-15 17:54 - 01949807 _____ () C:\Users\Power\Downloads\
2014-04-15 17:51 - 2014-04-15 17:51 - 01401211 _____ () C:\Users\Power\Downloads\
2014-04-15 17:42 - 2014-04-15 17:42 - 00044038 _____ () C:\Users\Power\Downloads\
2014-04-15 17:38 - 2014-04-15 17:38 - 01644568 _____ () C:\Users\Power\Downloads\
2014-04-15 17:31 - 2014-04-15 17:31 - 00053759 _____ () C:\Users\Power\Downloads\
2014-04-15 13:27 - 2014-04-15 13:27 - 00332484 _____ () C:\Users\Power\Downloads\
2014-04-15 12:56 - 2014-04-15 12:56 - 02473215 _____ () C:\Users\Power\Downloads\
2014-04-15 11:14 - 2013-09-13 19:11 - 00000132 _____ () C:\Users\Power\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2014-04-15 10:59 - 2014-03-22 10:53 - 00000304 _____ () C:\Windows\system32\.crusader
2014-04-14 20:13 - 2014-04-25 06:03 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-04-25 06:03 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-04-25 06:03 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-04-25 06:03 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-14 09:25 - 2013-12-11 18:56 - 00000000 ____D () C:\Users\Power\Downloads\breezingforms_lite_UNZIP_FIRST
2014-04-13 19:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Cursors
2014-04-13 17:42 - 2014-04-13 17:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-13 17:42 - 2014-04-13 17:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-13 17:42 - 2013-08-28 13:07 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-13 17:42 - 2013-08-28 13:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-13 17:41 - 2014-04-13 17:41 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Power\Downloads\mbam-setup-
2014-04-12 17:14 - 2014-04-12 17:13 - 47759038 _____ () C:\Users\Power\Downloads\Fantasiebild- -Rumpelstilzchen- - Die Entstehung.mp4
2014-04-12 15:31 - 2014-04-12 15:31 - 00116224 ___SH () C:\Users\Power\Thumbs.db
2014-04-12 15:31 - 2013-08-08 11:05 - 00000000 ____D () C:\Users\Power
2014-04-12 14:38 - 2013-08-28 15:34 - 00000000 ____D () C:\Users\Bernd\AppData\Local\Adobe
2014-04-12 14:30 - 2013-08-08 13:26 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-12 14:30 - 2013-08-08 13:26 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-12 14:30 - 2013-08-08 13:26 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-11 21:29 - 2013-12-03 17:45 - 00000000 ____D () C:\Program Files (x86)\phase5
2014-04-11 12:28 - 2013-08-28 15:31 - 00000034 _____ () C:\Windows\cdplayer.ini
2014-04-09 15:25 - 2014-04-05 12:41 - 00000033 _____ () C:\Users\Power\Desktop\ApoPluginSrc.dat
2014-04-09 09:17 - 2013-08-08 13:16 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 08:23 - 2013-08-27 13:51 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 08:19 - 2013-08-27 13:51 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-09 08:15 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-04-05 00:52 - 2014-04-05 00:52 - 00003078 _____ () C:\Users\Power\renders7X.flame
2014-04-05 00:48 - 2014-04-05 00:46 - 00000000 ____D () C:\Users\Power\Downloads\Apophysis.7X16.x86_amd64
2014-04-05 00:45 - 2014-04-05 00:45 - 06232625 _____ () C:\Users\Power\Downloads\
2014-04-04 18:37 - 2014-03-04 20:48 - 00001456 _____ () C:\Users\Power\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-04-04 18:34 - 2013-08-28 09:17 - 00000000 ____D () C:\ProgramData\
2014-04-04 00:01 - 2013-10-18 11:17 - 00000000 ____D () C:\Users\Power\AppData\Roaming\Windows Live Writer
2014-04-03 23:09 - 2014-04-03 23:09 - 00002090 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-04-03 23:09 - 2014-04-03 23:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-03 23:08 - 2014-04-03 23:08 - 21987424 _____ (Mozilla) C:\Users\Power\Downloads\Thunderbird Setup 24.4.0(1).exe
2014-04-03 23:04 - 2014-04-03 23:04 - 00283192 _____ (Mozilla) C:\Users\Power\Downloads\Firefox Setup Stub 28.0.exe
2014-04-03 20:26 - 2014-04-03 20:26 - 00000000 ____D () C:\Users\Power\AppData\Roaming\Thunderbird
2014-04-03 20:26 - 2014-04-03 20:26 - 00000000 ____D () C:\Users\Power\AppData\Local\Thunderbird
2014-04-03 20:25 - 2014-04-03 20:25 - 21987424 _____ (Mozilla) C:\Users\Power\Downloads\Thunderbird Setup 24.4.0.exe
2014-04-03 09:51 - 2014-04-13 17:42 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-13 17:42 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2013-08-28 13:07 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-03 08:18 - 2014-01-26 16:14 - 00001976 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-04-03 08:17 - 2014-04-03 08:17 - 00445304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-04-03 08:17 - 2014-04-03 08:17 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-03 08:17 - 2014-01-26 16:14 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-04-03 08:17 - 2014-01-03 11:16 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-04-03 08:17 - 2013-08-28 13:53 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-03 08:17 - 2013-08-28 13:53 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-03 08:17 - 2013-08-28 13:53 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-03 08:17 - 2013-08-28 13:53 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-03 08:17 - 2013-08-28 13:53 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-03 08:17 - 2013-08-28 13:53 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-03 08:17 - 2013-08-28 13:53 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-03-31 21:41 - 2014-03-31 21:41 - 00058568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sirenacm.dll
2014-03-31 21:34 - 2014-03-31 21:34 - 00322248 _____ (Microsoft Corporation) C:\Windows\WLXPGSS.SCR
2014-03-31 10:38 - 2014-03-31 10:38 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-03-31 10:38 - 2014-03-31 10:38 - 00002023 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-03-31 10:38 - 2011-01-21 19:33 - 00000000 ____D () C:\ProgramData\Adobe
2014-03-31 10:38 - 2011-01-21 19:32 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-03-31 09:35 - 2013-08-08 13:13 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-03-31 03:16 - 2014-04-09 08:20 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-31 03:13 - 2014-04-09 08:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-31 02:13 - 2014-04-09 08:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-31 01:57 - 2014-04-09 08:20 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-29 14:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF

Some content of TEMP:

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-04-21 10:37

==================== End Of Log ============================

--- --- ---


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-04-2014 03
Ran by Bernd at 2014-04-26 19:38:45
Running from L:\Downloads
Boot Mode: Normal

==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: - Igor Pavlov)
ABBYY FineReader 8.0 Professional Edition (HKLM-x32\...\{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 8.00.1095.4743 - ABBYY Software House)
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 4.5.7828 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 4.5.7828 - CyberLink Corp.) Hidden
Acer Arcade Movie (x32 Version: 9.0.6629 - CyberLink Corp.) Hidden
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1) (Version: - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0825.2010 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated) (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: - Adobe Systems Incorporated)
Adobe AIR (x32 Version: - Adobe Systems Incorporated) Hidden
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: - Adobe Systems Incorporated)
Adobe Edge Animate CC (HKLM-x32\...\{00603DFF-6EC5-4E9E-AB3A-AD4C7D61FF13}) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Edge Code CC (HKLM-x32\...\{55D49B2B-6211-A705-FFDF-2F65E664EA0B}) (Version: 0.95 - Adobe Systems Incorporated)
Adobe Edge Inspect CC (HKLM-x32\...\{67D22EA0-4601-4450-9C99-042DABB0A315}) (Version: 1.0.408 - Adobe Systems Incorporated)
Adobe Edge Reflow CC Preview (HKLM-x32\...\{3EF53B20-D3C1-44B1-8DD9-CD51654EB20A}) (Version: 0.27.12254 - Adobe Systems Incorporated)
Adobe Exchange Panel (HKLM-x32\...\{41A12FFC-89E9-4743-A51E-00975CA31F40}) (Version: 1 - Adobe Systems Incorporated)
Adobe ExtendScript Toolkit CC (HKLM-x32\...\{6297487E-3778-4F72-B458-55690418DB98}) (Version: - Adobe Systems Incorporated)
Adobe Extension Manager CC (HKLM-x32\...\{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}) (Version: 7.1.1 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: - Adobe Systems Incorporated)
Adobe Gaming SDK 1.2 (HKLM-x32\...\{323D371C-CD65-43E2-9E42-BC643F2D4D81}) (Version: 1.2 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Scout CC (HKLM\...\{24CFD7EF-32B7-4FFD-B5A8-B0F129C92D0A}) (Version: - Adobe Systems Incorporated)
Adobe Touch App Plugins (HKLM-x32\...\{1EC083EE-5B76-4A2A-B95A-CAF460AA29D6}) (Version: 1.0 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 2.5.793.1 - Advanced Micro Devices Inc.) Hidden
AMD AVIVO64 Codecs (Version: - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: - Advanced Micro Devices, Inc.) Hidden
Any Video Converter 5.5.8 (HKLM-x32\...\Any Video Converter_is1) (Version:  -
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: - Apple Inc.)
Ashampoo Burning Studio 6 FREE v.6.83 (HKLM-x32\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.3 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 5 v.5.1.5 (HKLM-x32\...\{C92AB6F1-DF43-1F74-81AF-9BE56BF1D67F}_is1) (Version: 5.1.5 - Ashampoo GmbH & Co. KG)
Atlas 0.3.0 (HKLM-x32\...\Atlas_is1) (Version:  - The Atlas Project)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Audiograbber 1.83 SE  (HKLM-x32\...\Audiograbber) (Version: 1.83 SE  - Audiograbber)
Audiograbber MP3-Plugin (HKLM-x32\...\Audiograbber-Lame) (Version: 1.0 - AG)
avast! Internet Security (HKLM-x32\...\avast) (Version: 9.0.2016 - Avast Software)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: - Apple Inc.)
Camtasia Studio 8 (HKLM-x32\...\{F5C9BE9A-04C3-4A72-8CD0-BB67C722D608}) (Version: - TechSmith Corporation)
Canon Easy-PhotoPrint EX - Weiteres Material DL_ST7 (HKLM-x32\...\Easy-PhotoPrint EX - DL_ST7) (Version:  - )
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.1.6 - Canon Inc.)
Canon iP4800 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4800_series) (Version:  - Canon Inc.)
capella 7 (HKLM-x32\...\{D3873CF8-9608-402B-88AD-D73B5FFAAED8}) (Version: 7.1.21 - capella software AG)
capella melody trainer 1.0 (HKLM-x32\...\{5E46EEBD-257B-4ADE-B7CC-77911364FF70}) (Version: 1.0.6 - capella-software AG)
capella-scan 8.0 (HKLM-x32\...\{776B5EBF-72E9-4FBB-9CAB-F029F7500FFF}) (Version: 8.0.14 - capella-software AG)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5971CA1F-6BDE-498F-952C-9F2BF94070A4}) (Version:  - Microsoft)
Direct MIDI to MP3 Converter Version (HKLM-x32\...\Direct MIDI to MP3 Converter_is1) (Version: - Piston Software)
DriverEasy 4.6.3 (HKLM\...\DriverEasy_is1) (Version: - Easeware)
eReg (x32 Version: - Logitech, Inc.) Hidden
EtikettenAssistent 4.2 (HKLM-x32\...\{9AEF64B1-79A5-4E2F-8FBC-4CA89ECD3595}) (Version: 4.2.1 - HERMA)
FileZilla Client 3.8.0 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
FlightGear v2.12.0 (HKLM\...\FlightGear_is1) (Version:  - The FlightGear Team)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free M4a to MP3 Converter 8.1 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  -
Free Video Flip and Rotate version (HKLM-x32\...\Free Video Flip and Rotate_is1) (Version: - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
HERMA Label Designer plus 1.1 (HKLM-x32\...\{7DA64485-2CEE-4F7B-84AB-B287236703B6}) (Version: 1.00.0000 - HERMA GmbH)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: - SurfRight B.V.)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3009 - Acer Incorporated)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
ImagXpress (x32 Version: - Nero AG) Hidden
InfoBibliothek (HKLM-x32\...\{F5FB4B71-6301-11D4-9AD1-00A0C9B0C5F6}) (Version:  - Akademische Arbeitsgemeinschaft)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Malwarebytes Anti-Malware Version (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: - Malwarebytes Corporation)
MediaShow Espresso (x32 Version: 5.5.1713_26701 - CyberLink Corp.) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Flight Simulator X (HKLM-x32\...\InstallShield_{F535B2CF-C9BB-4162-B03A-02D6971F32CC}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft Flight Simulator X (x32 Version: 10.0.60905 - Microsoft Game Studios) Hidden
Microsoft Flight Simulator X Demo (HKLM-x32\...\InstallShield_{B98A34C0-A6A2-4087-B272-557C1C6D0A07}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft Flight Simulator X Demo (x32 Version: 10.0.60905 - Microsoft Game Studios) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Müller Foto (HKLM-x32\...\Müller Foto) (Version: 5.1.3 - CEWE Stiftung u Co. KGaA)
MyWinLocker (x32 Version: - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: - Egis Technology Inc.) Hidden
NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.5 - Notepad++ Team)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: - Tracker Software Products Ltd)
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: - Systemberatung Schommer)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Secure Banking Version 1.5.2 (HKLM-x32\...\{0BEE0AF9-79F3-4C4F-B374-90C0A16BF294}_is1) (Version: 1.5.2 - Hopfgartner Niklas)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002) (HKLM-x32\...\{09959E11-AD5D-408E-96AF-E3346954D6B8}) (Version: 1.0.0 - Microsoft)
Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) (HKLM-x32\...\{64F3B15C-24C7-4B2B-9B72-65CCBBD7F06B}) (Version: 1.0.0 - Microsoft)
Shredder (Version: - Egis Technology Inc.) Hidden
Shredder (x32 Version: - Egis Technology Inc.) Hidden
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Ulead COOL 360 1.0 (HKLM-x32\...\{3CEA4CA8-CDD4-451C-B673-E8F17BE01B15}) (Version:  - )
Ulead Photo Explorer 8.6 (HKLM-x32\...\{025C3792-E9C6-432A-92C1-661F99D021CA}) (Version: 8.6 - Ulead Systems, Inc.)
Ulead PhotoImpact 11 (HKLM-x32\...\{C8550C86-A712-4219-AD4C-038C9FD1D149}) (Version: 11.0 - Ulead System)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{9B1DEEA3-B4ED-49F0-9EF7-4A820EEEA7F1}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{799005D3-9B70-4219-AFE0-BC479614CC4D}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Visitenkarten in 2 Minuten (HKLM-x32\...\Visitenkarten in 2 Minuten) (Version:  - )
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3004 - Acer Incorporated)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
XSBoxGO (HKLM-x32\...\XSBoxGO (Version: - )

==================== Restore Points  =========================

18-04-2014 06:46:35 Windows Update
22-04-2014 11:20:46 Revo Uninstaller's restore point - Mozilla Firefox 28.0 (x86 de)
22-04-2014 11:42:38 Revo Uninstaller's restore point - Google Chrome
22-04-2014 15:49:59 Windows Update
22-04-2014 23:43:16 Revo Uninstaller's restore point - Google Chrome
25-04-2014 04:02:08 Installed Java 7 Update 55
25-04-2014 06:52:48 Windows Live Essentials
25-04-2014 06:53:45 DirectX wurde installiert
25-04-2014 06:54:14 DirectX wurde installiert
25-04-2014 06:55:12 DirectX wurde installiert
25-04-2014 06:55:56 WLSetup
25-04-2014 11:18:05 Revo Uninstaller's restore point - Google Chrome
25-04-2014 13:36:45 Installed iTunes

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {154FA74B-E667-4E0E-B3D6-3E12C08FACDC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-03] (AVAST Software)
Task: {393C5E5A-8BB6-4E6F-BEDA-D2E28F0E81CA} - System32\Tasks\AdobeAAMUpdater-1.0-Power-PC-Power => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {4D93747A-002B-434A-92B6-D73990FFED3F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5A16B89E-1EC3-4A8F-9C55-513953B38E84} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-12] (Adobe Systems Incorporated)
Task: {A64769A7-0A24-4E26-A62C-C1033D14C38A} - System32\Tasks\AdobeAAMUpdater-1.0-Power-PC-Bernd => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {F7656EA0-72F0-417B-A253-3F55B5C80873} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2013-12-23] (Easeware)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe

==================== Loaded Modules (whitelisted) =============

2013-08-28 00:09 - 2012-07-31 11:31 - 00087152 _____ () C:\Windows\System32\cpwmon64.dll
2013-12-06 17:06 - 2013-12-06 17:06 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-04-15 08:09 - 2010-05-13 07:23 - 00244904 ____N () C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
2013-08-28 13:12 - 2012-09-07 17:30 - 00002560 _____ () C:\Program Files (x86)\Secure Banking\sbservice.exe
2010-08-04 14:40 - 2010-08-04 14:40 - 00611872 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
2013-12-06 17:06 - 2013-12-06 17:06 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-03-20 12:24 - 2014-03-20 12:24 - 05288608 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-03-20 12:24 - 2014-03-20 12:24 - 00667808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-04-26 11:06 - 2014-04-26 11:06 - 02252800 _____ () C:\Program Files\AVAST Software\Avast\defs\14042600\algo.dll
2014-04-26 18:31 - 2014-04-26 18:31 - 02252800 _____ () C:\Program Files\AVAST Software\Avast\defs\14042601\algo.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-28 15:01 - 2012-08-03 13:29 - 00042904 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Snap 5\MouseHook.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Power\AppData\Roaming\Dropbox\bin\libcef.dll
2013-08-28 13:12 - 2013-06-30 17:01 - 00017920 _____ () C:\Program Files (x86)\Secure Banking\SecureBanking.dll
2013-08-28 13:12 - 2013-05-26 13:13 - 00008704 _____ () C:\Program Files (x86)\Secure Banking\funcs.dll
2010-08-04 11:47 - 2010-08-04 11:47 - 00144896 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
2014-03-21 18:14 - 2014-03-19 00:22 - 32733088 ____N () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2014-03-28 11:35 - 2014-03-28 11:35 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2013-08-28 08:01 - 2005-01-04 17:05 - 00028672 ____N () C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\DetMethod.dll
2013-11-29 17:22 - 2013-11-29 17:22 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-31 21:35 - 2014-03-31 21:35 - 00282304 _____ () C:\Program Files (x86)\Windows Live\Writer\de\WindowsLive.Writer.Localization.resources.dll
2014-04-22 13:27 - 2014-03-15 10:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-03-21 18:14 - 2014-03-19 00:22 - 00742816 ____N () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libglesv2.dll
2014-03-21 18:14 - 2014-03-19 00:22 - 00136608 ____N () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libegl.dll
2013-03-13 13:42 - 2013-12-26 11:05 - 00071560 _____ () C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\Users\Power\Documents\Bordkarte X3 2278 _ 13JAN _ CGN - FUE für SLAWINSKI_ELISABETH.eml:OECustomProperty
AlternateDataStreams: C:\Users\Power\Documents\Bordkarte X3 2278 _ 13JAN _ CGN - FUE für ZIEGENER_BERND.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is disabled because the firmware of the device did not give it the required resources. (Code 29)
Resolution: Enable the device in the BIOS of the device.

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
Error: (04/26/2014 06:38:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8081

Error: (04/26/2014 06:38:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8081

Error: (04/26/2014 06:38:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/26/2014 06:38:45 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6989

Error: (04/26/2014 06:38:45 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6989

Error: (04/26/2014 06:38:45 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/26/2014 06:38:44 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5990

Error: (04/26/2014 06:38:44 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5990

Error: (04/26/2014 06:38:44 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/26/2014 06:38:43 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4992

System errors:
Error: (04/26/2014 06:38:47 PM) (Source: Microsoft-Windows-HAL) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.

Error: (04/26/2014 02:18:45 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (04/26/2014 02:01:49 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (04/26/2014 02:01:40 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (04/26/2014 02:01:31 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (04/26/2014 00:08:27 PM) (Source: Microsoft-Windows-HAL) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.

Error: (04/25/2014 10:18:26 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (04/25/2014 00:01:49 PM) (Source: Microsoft-Windows-HAL) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.

Error: (04/25/2014 11:33:02 AM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005

Error: (04/24/2014 11:20:16 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Microsoft Office Sessions:

==================== Memory info ===========================

Percentage of memory in use: 27%
Total physical RAM: 8183.76 MB
Available physical RAM: 5936.88 MB
Total Pagefile: 16365.7 MB
Available Pagefile: 12794.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:962.11 GB) (Free:826.33 GB) NTFS
Drive d: (DATA) (Fixed) (Total:887.14 GB) (Free:885.45 GB) NTFS
Drive l: (VERBATIM HD) (Fixed) (Total:465.65 GB) (Free:278.73 GB) FAT32

==================== MBR & Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 6E20CE3B)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=962 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=887 GB) - (Type=07 NTFS)

Disk: 6 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 94A56F94)
Partition 1: (Not Active) - (Size=466 GB) - (Type=0C)

==================== End Of Log ============================

schrauber 27.04.2014 18:11

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


S3 Sriomgr2aotv; No ImagePath

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

Ich sehe in den Logs absolut gar nichts mehr.

Böni 28.04.2014 08:56


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-04-2014 03
Ran by Bernd at 2014-04-28 09:53:25 Run:2
Running from L:\Downloads
Boot Mode: Normal

Content of fixlist:
S3 Sriomgr2aotv; No ImagePath

Sriomgr2aotv => Service deleted successfully.

==== End of Fixlog ====

schrauber 28.04.2014 09:22

Gibt es aktuell immer noch probleme?

Böni 28.04.2014 13:15

Sorry, keine Lösung des Chromebrowsers in Sicht.
Einstellungen können nicht übernommen werden, Fenster mit der Meldung immer noch da.
Wahrscheinlich hilft nur Neuistallation oder mit dem Bug leben....


Also das macht er nur im Nicht-Administrator-Konto, wenn ich als Admin angemeldet bin funktioniert Chrome einwandfrei!

schrauber 28.04.2014 19:35

In welchem Konto deinstallierst du Chrome und setzt ihn zurück?

Böni 28.04.2014 21:59

Habe ich leider vom Nicht-Admin-Konto gemacht, war wahrscheinlich nicht "geschickt"....:headbang:

schrauber 29.04.2014 19:50

ehm...nee :D

Böni 30.04.2014 10:47

Habe nun alles nochmals vom Adminkonto deinstalliert und neuinstalliert, aber bei meinem eigenen Konto hat sich der Fehler dennoch nicht beheben lassen. Wenn ich Chrome als Admin ausführen lasse läuft alles. Sogar im Gast-Konto läuft es ohne die Meldung zu zeigen. Es muss also irgendwie mit meinem Konto zusammenhängen. Scheinbar erkennt er da was nicht richtig.


