Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   RunDLL C:\Program - Modul nicht gefunden (Win8) (https://www.trojaner-board.de/137821-rundll-c-program-modul-gefunden-win8.html)

pedro12345 06.07.2013 23:04
RunDLL C:\Program - Modul nicht gefunden (Win8)
 
Hallo,

ich habe Windows 8 auf meinem Laptop installiert und bin bisher auch super zufrieden.
Seit gestern kommt allerdings nach dem Hochfahren die Fehlermeldung "RunDLL - Problem beim Starten von C:\Program - Das angegebene Modul wurde nicht gefunden."

Was ist das los? wie kann ich das beheben?

Virenscanner hab ich Avira laufen.
Bisher funktioniert alles wunderbar, trotzdem würde ich den Fehler gerne beheben.
Ich habe Malewarebyte durchlaufen lassen, aber der findet nichts.
Dazu habe ich mal einen OTL.log gemacht, allerdings sagt mir der nichts.
vll könnt ihr damit mehr anfangen.

hier noch die andere Datei.

schrauber 07.07.2013 05:41
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


pedro12345 07.07.2013 10:23
so ich habe jetzt mal nach der Anleitung einen frst.log erstellt. Wie bekomme ich die Addition.txt Datei?


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-07-2013
Ran by SYSTEM on 07-07-2013 11:14:10
Running from E:\
Windows 8 Pro (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s [13538376 2013-05-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4 [1308232 2013-05-20] (Realtek Semiconductor)
HKLM\...\Run: [TpShocks] TpShocks.exe [382248 2013-05-10] (Lenovo.)
HKLM\...\Run: [PasswordManager] C:\Program Files\Lenovo\Password Manager\password_manager.exe [1534888 2012-10-23] (Lenovo Group Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [444904 2012-09-19] (Adobe Systems Incorporated)
HKLM\...\Run: [LenovoOptMouseUpdate] C:\Program Files\Lenovo\HOTKEY\extapsup.exe [255480 2013-04-19] (Lenovo Group Limited)
HKLM\...\Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [x]
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-05-29] (Synaptics Incorporated)
HKLM\...\Run: [LnvMobHotspotClient] C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [937976 2013-05-28] (Lenovo)
HKLM\...\Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [594936 2013-05-27] (Lenovo Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKLM-x32\...\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [59392 2012-05-02] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin [1523360 2011-01-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-24] (Apple Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized [684024 2012-10-17] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-11] (Oracle Corporation)
HKLM-x32\...\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [132920 2013-05-30] (Intel Corporation)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PWMTRV] rundll32 C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL,PwrMgrBkGndMonitor [6618408 2013-06-03] (Lenovo Group Limited)
HKU\Peter\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3673728 2012-11-06] (DT Soft Ltd)
HKU\Peter\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [1635752 2013-05-03] (Valve Corporation)
HKU\Peter\...\Run: [AdobeBridge]  [x]
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Spyder3Utility.lnk
ShortcutTarget: Spyder3Utility.lnk -> C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe ()
Startup: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk ->  (No File)
Startup: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Services (Whitelisted) =================

S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-26] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-26] (Avira Operations GmbH & Co. KG)
S2 ArchiCrypt Ultimate RAM-Disk 4; C:\WINDOWS\system32\ACRAMDiskHandlerService64R_D4.exe [1580648 2013-04-30] (Softwareentwicklung Remus - ArchiCrypt)
S3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [149496 2013-05-27] (Lenovo Corporation)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2228440 2013-04-23] (Broadcom Corporation.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-05-30] (Intel Corporation)
S3 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2037240 2013-04-19] (Lenovo Group Limited)
S2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [559504 2012-08-16] (LENOVO INCORPORATED.)
S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [683000 2013-05-27] (Lenovo Corporation)
S2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
S2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [465912 2013-05-28] (Lenovo)
S2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [463352 2013-04-19] ()
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22376 2013-04-11] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-28] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S1 ACMoFlex64RD4; C:\WINDOWS\system32\drivers\ACMoFlex64RD4.sys [23656 2013-04-30] (Softwareentwicklung Remus - ArchiCrypt.de)
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-27] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130016 2013-03-27] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-03-27] (Avira Operations GmbH & Co. KG)
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [172760 2013-04-23] (Broadcom Corporation.)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
S3 BTWPANFL; C:\WINDOWS\system32\drivers\btwpanfl.sys [44912 2013-01-19] (Broadcom Corporation.)
S2 DgiVecp; C:\WINDOWS\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)
S2 DgiVecp; C:\WINDOWS\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)
S1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-03-05] (DT Soft Ltd)
S3 e1cexpress; C:\Windows\system32\DRIVERS\e1c63x64.sys [468240 2013-02-20] (Intel Corporation)
S3 LnvHIDHW; C:\Windows\System32\drivers\LnvHIDHW.sys [27496 2012-07-30] (Lenovo)
S3 MbmLowExt; C:\Windows\System32\Drivers\MbmLowExt.sys [26112 2012-10-29] (Ericsson AB)
S3 MbmUsbSerial; C:\Windows\System32\Drivers\MbmUsbSerial.sys [72704 2012-07-03] (Ericsson AB)
S3 MkBusFilter; C:\Windows\System32\drivers\MbmDeviceFilter.sys [25600 2012-10-22] (Ericsson AB)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3311072 2013-02-21] (Intel Corporation)
S0 RAMDiskVE; C:\Windows\System32\Drivers\RAMDiskVE.sys [73040 2012-09-06] (Dataram, Inc.)
S3 RCUVCAVS; C:\Windows\system32\DRIVERS\RCUVCAVS.sys [149632 2012-08-02] (Ricoh co.,Ltd.)
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44784 2013-05-29] (Synaptics Incorporated)
S2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
S3 Spyder3; C:\Windows\System32\drivers\Spyder3.sys [15360 2010-03-30] ()
S3 wmbclass; C:\Windows\System32\drivers\wmbclass.sys [230912 2013-04-08] (Microsoft Corporation)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 BTCFilterService; \SystemRoot\system32\DRIVERS\motfilt.sys [x]
S3 intaud_WaveExtensible; \SystemRoot\system32\drivers\intelaud.sys [x]
S3 iwdbus; \SystemRoot\System32\drivers\iwdbus.sys [x]
S3 motccgp; \SystemRoot\System32\drivers\motccgp.sys [x]
S3 motccgpfl; \SystemRoot\System32\drivers\motccgpfl.sys [x]
S3 motmodem; \SystemRoot\system32\DRIVERS\motmodem.sys [x]
S3 MotoSwitchService; \SystemRoot\System32\drivers\motswch.sys [x]
S3 Motousbnet; \SystemRoot\system32\DRIVERS\Motousbnet.sys [x]
S3 motusbdevice; \SystemRoot\System32\drivers\motusbdevice.sys [x]
S3 NETwNs64; \SystemRoot\system32\DRIVERS\NETwNs64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-07 11:13 - 2013-07-07 11:13 - 00000000 ____D C:\FRST
2013-07-07 00:49 - 2013-07-07 00:50 - 01934636 ____A (Farbar) C:\Users\Peter\Desktop\FRST64.exe
2013-07-06 14:32 - 2013-07-06 14:32 - 00000000 ____D C:\Program Files (x86)\ThinkPad
2013-07-06 14:32 - 2013-06-03 21:40 - 00020736 ____A (Lenovo Group Limited) C:\Windows\System32\Drivers\TPPWR64V.SYS
2013-07-06 14:32 - 2013-05-27 02:57 - 16819192 ____A (Lenovo Corporation) C:\Windows\System32\LibDriverMft.dll
2013-07-06 14:32 - 2013-05-27 02:57 - 00076280 ____A (Lenovo Corporation) C:\Windows\System32\LibDriverMftStart.dll
2013-07-06 14:32 - 2013-05-27 02:52 - 00067064 ____A (Lenovo Corporation) C:\Windows\SysWOW64\LibDriverMftStart.dll
2013-07-06 14:32 - 2013-05-27 02:51 - 16820728 ____A (Lenovo Corporation) C:\Windows\SysWOW64\LibDriverMft.dll
2013-07-06 14:32 - 2013-05-24 09:05 - 02366320 ____A (Microsoft Corporation) C:\Windows\System32\WudfUpdate_01011.dll
2013-07-06 14:26 - 2013-07-06 14:26 - 00013507 ____A C:\Users\Peter\Desktop\Extras.zip
2013-07-06 14:03 - 2013-07-06 14:03 - 00017462 ____A C:\Users\Peter\Desktop\OTL.zip
2013-07-06 12:48 - 2013-07-06 12:52 - 00073736 ____A C:\Users\Peter\Desktop\Extras.Txt
2013-07-06 12:47 - 2013-07-06 14:02 - 00131310 ____A C:\Users\Peter\Desktop\OTL.Txt
2013-07-06 12:46 - 2013-07-06 12:46 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Malwarebytes
2013-07-06 12:45 - 2013-07-06 12:45 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\Peter\Desktop\mbam-setup-1.75.0.1300.exe
2013-07-06 12:45 - 2013-07-06 12:45 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-03 23:08 - 2013-04-23 14:25 - 02232024 ____A (Broadcom Corporation.) C:\Windows\System32\BcmBtRSupport.dll
2013-07-03 23:08 - 2013-04-23 14:25 - 02228440 ____A (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
2013-07-03 23:08 - 2013-04-23 14:25 - 00186584 ____A (Broadcom Corporation.) C:\Windows\System32\Drivers\btwaudio.sys
2013-07-03 23:08 - 2013-04-23 14:24 - 00228568 ____A (Broadcom Corporation.) C:\Windows\System32\Drivers\btwavdt.sys
2013-07-03 23:08 - 2013-04-23 14:24 - 00022744 ____A (Broadcom Corporation.) C:\Windows\System32\Drivers\btwrchid.sys
2013-07-03 23:08 - 2012-07-26 21:48 - 00040248 ____A (Broadcom Corporation.) C:\Windows\System32\Drivers\btwl2cap.sys
2013-07-03 23:07 - 2013-05-29 11:41 - 01048816 ____A (Synaptics Incorporated) C:\Windows\System32\SynCOM.dll
2013-07-03 23:07 - 2013-05-29 11:41 - 00540400 ____A (Synaptics Incorporated) C:\Windows\SysWOW64\SynCOM.dll
2013-07-03 23:07 - 2013-05-29 11:41 - 00460528 ____A (Synaptics Incorporated) C:\Windows\System32\Drivers\SynTP.sys
2013-07-03 23:07 - 2013-05-29 11:41 - 00229616 ____A (Synaptics Incorporated) C:\Windows\System32\SynTPAPI.dll
2013-07-03 23:07 - 2013-05-29 11:41 - 00178416 ____A (Synaptics Incorporated) C:\Windows\System32\SynTPCo14.dll
2013-07-03 23:07 - 2013-05-29 11:41 - 00114416 ____A (Synaptics Incorporated) C:\Windows\SysWOW64\SynTPCOM.dll
2013-07-03 23:07 - 2013-05-29 11:41 - 00044784 ____A (Synaptics Incorporated) C:\Windows\System32\Drivers\Smb_driver_Intel.sys
2013-07-03 23:04 - 2013-07-03 23:04 - 00000886 ____A C:\Users\Public\Desktop\VLC media player.lnk
2013-07-03 10:58 - 2013-05-15 14:35 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\tssdisai.dll
2013-07-03 08:25 - 2013-07-03 08:25 - 00606352 ____A C:\Users\Peter\Desktop\Passbild-36aGenerator.exe
2013-07-03 08:25 - 2013-07-03 08:25 - 00000000 ____D C:\Users\Peter\AppData\Local\Passbild_Generator
2013-07-02 05:17 - 2013-07-02 05:17 - 00000000 ____D C:\Windows\msagent
2013-07-02 05:17 - 2000-05-22 06:58 - 00244416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msflxgrd.ocx
2013-06-26 01:12 - 2013-06-26 01:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-25 09:23 - 2013-06-25 10:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-06-20 06:23 - 2013-06-20 06:23 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-20 06:23 - 2013-06-20 06:23 - 00000000 ____D C:\Program Files\iTunes
2013-06-20 06:23 - 2013-06-20 06:23 - 00000000 ____D C:\Program Files\iPod
2013-06-19 15:43 - 2013-06-19 15:43 - 00000000 ____D C:\Program Files (x86)\Dolby Home Theater v4
2013-06-19 15:43 - 2013-06-03 07:08 - 00000008 ____A C:\Windows\System32\Drivers\RTKHDAUD.DAT
2013-06-19 15:43 - 2013-05-21 11:50 - 03425608 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RTKVHD64.sys
2013-06-19 15:43 - 2013-05-21 05:57 - 00142408 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RCoInstII64.dll
2013-06-19 15:43 - 2013-05-21 05:05 - 00576929 ____A C:\Windows\System32\Drivers\RTAIODAT.DAT
2013-06-19 15:43 - 2013-05-21 04:15 - 24962560 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RCoRes64.dat
2013-06-19 15:43 - 2013-05-20 06:16 - 01003592 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkApi64.dll
2013-06-19 15:43 - 2013-05-20 04:36 - 02794056 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtPgEx64.dll
2013-06-19 15:43 - 2013-05-02 02:01 - 02103040 ____A (Waves Audio Ltd.) C:\Windows\System32\WavesGUILib64.dll
2013-06-19 15:43 - 2013-04-30 09:53 - 03693640 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkAPO64.dll
2013-06-19 15:43 - 2013-04-30 04:28 - 00916016 ____A (Sony Corporation) C:\Windows\System32\SFSS_APO.dll
2013-06-19 15:43 - 2013-04-24 07:16 - 01662024 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RTSnMg64.cpl
2013-06-19 15:43 - 2013-04-22 14:40 - 02735648 ____A (Fortemedia Corporation) C:\Windows\System32\FMAPO64.dll
2013-06-19 15:43 - 2013-04-01 04:06 - 02079816 ____A (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2013-06-19 15:43 - 2013-03-22 17:43 - 00208072 ____A (Andrea Electronics Corporation) C:\Windows\System32\AERTAC64.dll
2013-06-19 15:43 - 2013-02-20 08:55 - 01284680 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RTCOM64.dll
2013-06-19 15:43 - 2012-10-02 04:41 - 00501192 ____A (DTS) C:\Windows\System32\DTSU2PLFX64.dll
2013-06-19 15:43 - 2012-10-02 04:41 - 00487368 ____A (DTS) C:\Windows\System32\DTSU2PGFX64.dll
2013-06-19 15:43 - 2012-10-02 04:41 - 00415688 ____A (DTS) C:\Windows\System32\DTSU2PREC64.dll
2013-06-19 15:43 - 2012-08-31 09:18 - 07164176 ____A (Dolby Laboratories) C:\Windows\System32\R4EEP64A.dll
2013-06-19 15:43 - 2012-08-31 09:17 - 00434960 ____A (Dolby Laboratories) C:\Windows\System32\R4EED64A.dll
2013-06-19 15:43 - 2012-08-31 09:17 - 00141584 ____A (Dolby Laboratories) C:\Windows\System32\R4EEL64A.dll
2013-06-19 15:43 - 2012-08-31 09:17 - 00124176 ____A (Dolby Laboratories) C:\Windows\System32\R4EEA64A.dll
2013-06-19 15:43 - 2012-08-31 09:17 - 00075024 ____A (Dolby Laboratories) C:\Windows\System32\R4EEG64A.dll
2013-06-19 12:15 - 2013-05-13 05:15 - 00016344 ____A (Intel Corporation) C:\Windows\System32\Drivers\IntelMEFWVer.dll
2013-06-19 12:12 - 2013-06-19 12:12 - 04876072 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-16 02:18 - 2013-05-30 15:24 - 01257472 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-06-16 02:18 - 2013-05-30 15:08 - 00974848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-06-16 02:18 - 2013-05-23 15:01 - 01300992 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2013-06-16 02:18 - 2013-05-23 14:27 - 01022464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-06-16 02:17 - 2013-05-14 18:25 - 00888320 ____A (Microsoft Corporation) C:\Windows\System32\autochk.exe
2013-06-16 02:17 - 2013-05-14 18:25 - 00542208 ____A (Microsoft Corporation) C:\Windows\System32\untfs.dll
2013-06-16 02:17 - 2013-05-14 18:24 - 00793088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2013-06-16 02:17 - 2013-05-14 18:24 - 00482816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2013-06-15 06:53 - 2013-05-03 23:58 - 00120736 ____A (Microsoft Corporation) C:\Windows\System32\AuthHost.exe
2013-06-15 06:53 - 2013-05-03 23:34 - 00446720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
2013-06-15 06:53 - 2013-05-03 23:34 - 00284416 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2013-06-15 06:53 - 2013-05-03 23:34 - 00213248 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS
2013-06-15 06:53 - 2013-05-03 23:30 - 00058312 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2013-06-15 06:53 - 2013-05-03 22:59 - 13644288 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2013-06-15 06:53 - 2013-05-03 22:59 - 03241472 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2013-06-15 06:53 - 2013-05-03 22:59 - 01619968 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2013-06-15 06:53 - 2013-05-03 22:59 - 01483776 ____A (Microsoft Corporation) C:\Windows\System32\VSSVC.exe
2013-06-15 06:53 - 2013-05-03 22:59 - 00812544 ____A (Microsoft Corporation) C:\Windows\System32\Magnify.exe
2013-06-15 06:53 - 2013-05-03 22:59 - 00760320 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2013-06-15 06:53 - 2013-05-03 22:59 - 00251904 ____A (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
2013-06-15 06:53 - 2013-05-03 22:59 - 00141824 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2013-06-15 06:53 - 2013-05-03 22:59 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2013-06-15 06:53 - 2013-05-03 22:59 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2013-06-15 06:53 - 2013-05-03 22:58 - 10116096 ____A (Microsoft Corporation) C:\Windows\System32\twinui.dll
2013-06-15 06:53 - 2013-05-03 22:58 - 01332736 ____A (Microsoft Corporation) C:\Windows\System32\sysmain.dll
2013-06-15 06:53 - 2013-05-03 22:58 - 00470528 ____A (Microsoft Corporation) C:\Windows\System32\netprofmsvc.dll
2013-06-15 06:53 - 2013-05-03 22:58 - 00330240 ____A (Microsoft Corporation) C:\Windows\System32\stobject.dll
2013-06-15 06:53 - 2013-05-03 22:58 - 00328192 ____A (Microsoft Corporation) C:\Windows\System32\ubpm.dll
2013-06-15 06:53 - 2013-05-03 22:58 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\storewuauth.dll
2013-06-15 06:53 - 2013-05-03 22:58 - 00169984 ____A (Microsoft Corporation) C:\Windows\System32\netplwiz.dll
2013-06-15 06:53 - 2013-05-03 22:58 - 00151552 ____A (Microsoft Corporation) C:\Windows\System32\netprofm.dll
2013-06-15 06:53 - 2013-05-03 22:58 - 00093696 ____A (Microsoft Corporation) C:\Windows\System32\psmsrv.dll
2013-06-15 06:53 - 2013-05-03 22:57 - 02305024 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-06-15 06:53 - 2013-05-03 22:57 - 01131520 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll
2013-06-15 06:53 - 2013-05-03 22:57 - 00820736 ____A (Microsoft Corporation) C:\Windows\System32\gpprefcl.dll
2013-06-15 06:53 - 2013-05-03 22:57 - 00708096 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.dll
2013-06-15 06:53 - 2013-05-03 22:57 - 00560640 ____A (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll
2013-06-15 06:53 - 2013-05-03 22:57 - 00501760 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairing.dll
2013-06-15 06:53 - 2013-05-03 22:57 - 00389120 ____A (Microsoft Corporation) C:\Windows\System32\BCP47Langs.dll
2013-06-15 06:53 - 2013-05-03 22:57 - 00179712 ____A (Microsoft Corporation) C:\Windows\System32\bisrv.dll
2013-06-15 06:53 - 2013-05-03 22:57 - 00122368 ____A (Microsoft Corporation) C:\Windows\System32\biwinrt.dll
2013-06-15 06:53 - 2013-05-03 22:57 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\muifontsetup.dll
2013-06-15 06:53 - 2013-05-03 22:56 - 00419840 ____A (Microsoft Corporation) C:\Windows\System32\intl.cpl
2013-06-15 06:53 - 2013-05-03 20:58 - 00758784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2013-06-15 06:53 - 2013-05-03 20:58 - 00621056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-06-15 06:53 - 2013-05-03 20:58 - 00125952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-06-15 06:53 - 2013-05-03 20:58 - 00083968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-06-15 06:53 - 2013-05-03 20:58 - 00034304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-06-15 06:53 - 2013-05-03 20:57 - 10788864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-06-15 06:53 - 2013-05-03 20:57 - 08857088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-06-15 06:53 - 2013-05-03 20:57 - 00303616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2013-06-15 06:53 - 2013-05-03 20:57 - 00247296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-06-15 06:53 - 2013-05-03 20:57 - 00151040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2013-06-15 06:53 - 2013-05-03 20:57 - 00115712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2013-06-15 06:53 - 2013-05-03 20:57 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2013-06-15 06:53 - 2013-05-03 20:57 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2013-06-15 06:53 - 2013-05-03 20:56 - 02035712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-06-15 06:53 - 2013-05-03 20:56 - 00582144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2013-06-15 06:53 - 2013-05-03 20:56 - 00449536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-06-15 06:53 - 2013-05-03 20:56 - 00411136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2013-06-15 06:53 - 2013-05-03 20:56 - 00309760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2013-06-15 06:53 - 2013-05-03 20:56 - 00092160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2013-06-15 06:53 - 2013-05-03 20:55 - 00389632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-06-15 06:53 - 2013-05-03 20:51 - 00014848 ____A (Microsoft) C:\Windows\System32\rars.rs
2013-06-15 06:53 - 2013-05-03 20:48 - 00083968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-06-15 06:53 - 2013-05-03 20:48 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2013-06-15 06:53 - 2013-05-03 20:47 - 00427520 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2013-06-15 06:53 - 2013-05-03 20:10 - 00014848 ____A (Microsoft) C:\Windows\SysWOW64\rars.rs
2013-06-15 06:53 - 2013-05-02 14:04 - 00386646 ____A C:\Windows\System32\ApnDatabase.xml
2013-06-12 04:19 - 2013-04-02 15:37 - 00025088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 04:19 - 2013-04-02 15:12 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-11 23:50 - 2013-06-04 14:09 - 00693112 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-11 23:50 - 2013-06-04 14:09 - 00078200 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-11 23:31 - 2013-05-15 14:37 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-06-11 23:31 - 2013-05-15 14:36 - 14320640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-11 23:31 - 2013-05-15 14:35 - 19230720 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-11 23:31 - 2013-05-15 14:35 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\UXInit.dll
2013-06-11 23:31 - 2013-05-14 05:14 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-11 23:31 - 2013-05-14 01:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-11 23:31 - 2013-05-03 23:45 - 02233600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-11 23:31 - 2013-04-28 14:30 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-11 23:31 - 2013-04-28 14:30 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-11 23:31 - 2013-04-28 14:30 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-11 23:31 - 2013-04-28 14:30 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-11 23:31 - 2013-04-28 14:30 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-11 23:31 - 2013-04-28 14:30 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-11 23:31 - 2013-04-28 14:30 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-11 23:31 - 2013-04-28 14:28 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-11 23:31 - 2013-04-28 14:28 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-11 23:31 - 2013-04-28 14:28 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-11 23:31 - 2013-04-28 14:28 - 00915968 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
2013-06-11 23:31 - 2013-04-28 14:28 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-11 23:31 - 2013-04-28 14:28 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-11 23:31 - 2013-04-28 14:27 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-11 23:31 - 2013-04-28 14:27 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-11 23:31 - 2013-04-28 14:27 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-11 23:31 - 2013-04-26 21:20 - 00733184 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-11 23:31 - 2013-04-23 15:13 - 01013248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-11 23:31 - 2013-04-23 15:12 - 01569792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-11 23:31 - 2013-04-23 15:12 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-11 23:31 - 2013-04-23 14:56 - 01255936 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-11 23:31 - 2013-04-23 14:55 - 01889280 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-11 23:31 - 2013-04-23 14:55 - 00141312 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-11 23:31 - 2013-04-23 14:55 - 00068096 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll

==================== One Month Modified Files and Folders =======

2013-07-07 11:13 - 2013-07-07 11:13 - 00000000 ____D C:\FRST
2013-07-07 01:05 - 2012-07-25 21:26 - 00786432 __ASH C:\Windows\System32\config\BBI
2013-07-07 01:04 - 2012-07-25 23:22 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-07 01:01 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\System32\sru
2013-07-07 00:59 - 2013-01-05 18:42 - 00000000 ___RD C:\Users\Peter\Dropbox
2013-07-07 00:59 - 2013-01-05 18:40 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Dropbox
2013-07-07 00:57 - 2013-01-06 07:49 - 00737518 ____A C:\Windows\System32\perfh007.dat
2013-07-07 00:57 - 2013-01-06 07:49 - 00151270 ____A C:\Windows\System32\perfc007.dat
2013-07-07 00:50 - 2013-07-07 00:49 - 01934636 ____A (Farbar) C:\Users\Peter\Desktop\FRST64.exe
2013-07-06 16:25 - 2013-01-05 23:02 - 01957727 ____A C:\Windows\WindowsUpdate.log
2013-07-06 15:41 - 2013-01-05 17:42 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-06 14:37 - 2012-07-25 23:28 - 01745416 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-06 14:32 - 2013-07-06 14:32 - 00000000 ____D C:\Program Files (x86)\ThinkPad
2013-07-06 14:32 - 2013-01-05 22:52 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-06 14:32 - 2013-01-05 22:52 - 00000000 ____D C:\Program Files\Lenovo
2013-07-06 14:32 - 2013-01-05 22:52 - 00000000 ____D C:\Program Files (x86)\Lenovo
2013-07-06 14:32 - 2012-07-26 00:12 - 00000000 __RSD C:\Windows\Media
2013-07-06 14:27 - 2012-09-13 10:32 - 00577344 ____A C:\Windows\PFRO.log
2013-07-06 14:26 - 2013-07-06 14:26 - 00013507 ____A C:\Users\Peter\Desktop\Extras.zip
2013-07-06 14:25 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\System32\NDF
2013-07-06 14:03 - 2013-07-06 14:03 - 00017462 ____A C:\Users\Peter\Desktop\OTL.zip
2013-07-06 14:02 - 2013-07-06 12:47 - 00131310 ____A C:\Users\Peter\Desktop\OTL.Txt
2013-07-06 12:52 - 2013-07-06 12:48 - 00073736 ____A C:\Users\Peter\Desktop\Extras.Txt
2013-07-06 12:46 - 2013-07-06 12:46 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Malwarebytes
2013-07-06 12:45 - 2013-07-06 12:45 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\Peter\Desktop\mbam-setup-1.75.0.1300.exe
2013-07-06 12:45 - 2013-07-06 12:45 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-06 12:13 - 2013-01-05 23:56 - 00000000 ____D C:\Users\Peter\AppData\Local\Adobe
2013-07-05 13:13 - 2013-01-05 17:39 - 00000000 ____D C:\Users\Peter\AppData\Roaming\vlc
2013-07-04 23:54 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-07-03 23:08 - 2012-07-25 23:21 - 00057789 ____A C:\Windows\setupact.log
2013-07-03 23:07 - 2013-01-18 10:37 - 00001432 ____A C:\Windows\Synaptics.log
2013-07-03 23:07 - 2013-01-05 22:51 - 00267496 ____A C:\Windows\DPINST.LOG
2013-07-03 23:04 - 2013-07-03 23:04 - 00000886 ____A C:\Users\Public\Desktop\VLC media player.lnk
2013-07-03 15:08 - 2013-05-16 23:55 - 524288848 ____A C:\Users\Peter\Desktop\Firefox.ard
2013-07-03 15:08 - 2013-01-05 16:57 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Mozilla
2013-07-03 13:06 - 2012-07-25 21:37 - 00000000 ____D C:\Windows\servicing
2013-07-02 06:07 - 2013-01-05 16:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-02 05:56 - 2013-04-29 06:21 - 00000000 ____D C:\Users\Peter\Documents\Citavi 4
2013-07-02 05:17 - 2013-07-02 05:17 - 00000000 ____D C:\Windows\msagent
2013-07-02 05:17 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\Help
2013-06-26 01:12 - 2013-06-26 01:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-26 00:23 - 2013-05-07 08:40 - 00083672 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avnetflt.sys
2013-06-25 10:42 - 2013-06-25 09:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-06-24 23:20 - 2013-01-05 23:19 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Adobe
2013-06-24 23:20 - 2013-01-05 22:57 - 00000000 ____D C:\ProgramData\Adobe
2013-06-24 23:16 - 2013-01-05 22:57 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-06-22 10:29 - 2013-03-18 15:29 - 00000000 ____D C:\Program Files\Intel
2013-06-22 10:29 - 2013-03-03 16:03 - 00000000 ____D C:\ProgramData\Package Cache
2013-06-22 10:28 - 2013-01-18 10:39 - 00000000 ____D C:\Program Files (x86)\Cisco
2013-06-22 10:28 - 2013-01-05 22:51 - 00000000 ____D C:\ProgramData\Intel
2013-06-22 10:28 - 2013-01-05 22:51 - 00000000 ____D C:\Program Files (x86)\Intel
2013-06-20 06:23 - 2013-06-20 06:23 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-20 06:23 - 2013-06-20 06:23 - 00000000 ____D C:\Program Files\iTunes
2013-06-20 06:23 - 2013-06-20 06:23 - 00000000 ____D C:\Program Files\iPod
2013-06-20 06:23 - 2013-05-16 13:03 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-20 06:22 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\LiveKernelReports
2013-06-19 15:43 - 2013-06-19 15:43 - 00000000 ____D C:\Program Files (x86)\Dolby Home Theater v4
2013-06-19 15:43 - 2013-01-05 22:53 - 00003066 ____A C:\RHDSetup.log
2013-06-19 15:43 - 2013-01-05 22:53 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-06-19 12:12 - 2013-06-19 12:12 - 04876072 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-19 11:41 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\rescache
2013-06-18 15:42 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\WinStore
2013-06-18 15:42 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\ToastData
2013-06-18 15:42 - 2012-07-26 00:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-06-18 15:42 - 2012-07-26 00:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-06-18 15:42 - 2012-07-25 21:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-06-18 15:42 - 2012-07-25 21:38 - 00000000 ____D C:\Windows\System32\Dism
2013-06-18 02:49 - 2013-01-06 00:03 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-17 04:59 - 2013-01-06 04:39 - 00000000 ____D C:\Users\Peter\AppData\Local\CrashDumps
2013-06-09 14:28 - 2013-03-09 11:44 - 00000000 ____D C:\Program Files (x86)\Steam

==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2013-07-06 14:15:59

==================== Memory info ===========================

Percentage of memory in use: 8%
Total physical RAM: 16202.86 MB
Available physical RAM: 14804.03 MB
Total Pagefile: 16202.86 MB
Available Pagefile: 14786.95 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:98.35 GB) (Free:47.52 GB) NTFS (Disk=0 Partition=4) ==>[System with boot components (obtained from reading drive)]
Drive d: (Storage) (Fixed) (Total:444.87 GB) (Free:362.98 GB) NTFS (Disk=1 Partition=4)
Drive e: (SANDISK) (Removable) (Total:7.51 GB) (Free:7.51 GB) FAT32 (Disk=2 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 119 GB) (Disk ID: D9048793)

Partition: GPT Partition Type
========================================================
Disk: 1 (Size: 466 GB) (Disk ID: 9B0D3856)

Partition: GPT Partition Type
========================================================
Disk: 2 (Size: 8 GB) (Disk ID: A8F9ABAD)
Partition 1: (Active) - (Size=8 GB) - (Type=0B)
Partition 2: (Not Active) - (Size=32 KB) - (Type=21)


LastRegBack: 2013-07-01 12:54

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 07.07.2013 10:29
Hi,

kannst Du den Rechner nicht normal booten? ODer warum scannst Du aus der Recovery?
Wird da auch ein dateiname genannt bei der Fehlermeldung?

pedro12345 07.07.2013 10:36
ehm doch Windows bootet gnaz normal, ich dachte man soll das aus dem Modus ausführen.


Bei der Fehlermeldung, die nach dem Hochfahren kommt, erscheint genau der Text wie ich ihn hier angegeben habe.

"RunDLL - Problem beim Starten von C:\Program - Das angegebene Modul wurde nicht gefunden."


Das komische daran ist, dass alles problemlos funktioniert.

schrauber 07.07.2013 10:38
und nach C:\Program komm kein Dateiname? :wtf:

Bitte FRST normal vom Desktop laufen lassen und beide Logs posten.

pedro12345 07.07.2013 10:46
ja gneau, nach C:\program kommt kein Dateiname.

so, hier nochmal die beiden Logs.

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-07-2013
Ran by Peter (administrator) on 07-07-2013 11:38:54
Running from C:\Users\Peter\Desktop
Windows 8 Pro (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Lenovo.) C:\WINDOWS\system32\ibmpmsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Softwareentwicklung Remus - ArchiCrypt) C:\WINDOWS\system32\ACRAMDiskHandlerService64R_D4.exe
(Broadcom Corporation.) C:\WINDOWS\system32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\WINDOWS\system32\IProsetMonitor.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSD.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\SHTCTKY.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Password Manager\password_manager.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
() C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dropbox, Inc.) C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s [13538376 2013-05-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4 [1308232 2013-05-20] (Realtek Semiconductor)
HKLM\...\Run: [TpShocks] TpShocks.exe [382248 2013-05-10] (Lenovo.)
HKLM\...\Run: [PasswordManager] C:\Program Files\Lenovo\Password Manager\password_manager.exe [1534888 2012-10-23] (Lenovo Group Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [LenovoOptMouseUpdate] C:\Program Files\Lenovo\HOTKEY\extapsup.exe [255480 2013-04-19] (Lenovo Group Limited)
HKLM\...\Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [x]
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-05-29] (Synaptics Incorporated)
HKLM\...\Run: [LnvMobHotspotClient] C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [937976 2013-05-28] (Lenovo)
HKLM\...\Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [594936 2013-05-27] (Lenovo Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3673728 2012-11-06] (DT Soft Ltd)
HKCU\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [1635752 2013-05-04] (Valve Corporation)
HKCU\...\Run: [AdobeBridge]  [x]
MountPoints2: {2281668e-8466-11e2-beb1-3c970e590759} - "F:\setup.exe"
MountPoints2: {e6c31630-7cf3-11e2-bea8-3c970e590759} - "F:\setup.exe" -a
HKLM-x32\...\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [59392 2012-05-02] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized [684024 2012-10-17] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [132920 2013-05-30] (Intel Corporation)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PWMTRV] rundll32 C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL,PwrMgrBkGndMonitor [6618408 2013-06-04] (Lenovo Group Limited)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Spyder3Utility.lnk
ShortcutTarget: Spyder3Utility.lnk -> C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe ()
Startup: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN42722590742379417&ctid=CT3281675
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com
HKCU SearchScopes: DefaultScope {7AFF137D-23DE-4688-ABB1-6B39E6F3E846} URL =
SearchScopes: HKCU - {7AFF137D-23DE-4688-ABB1-6B39E6F3E846} URL =
SearchScopes: HKCU - {E6CDAB7C-C20D-420A-AF96-51F34C5357E9} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=55739059-5BA2-4052-8328-CDDB3C200614&apn_sauid=77C3917E-C046-4525-A045-D8F20E47F656
BHO: IePasswordManagerHelper Class - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files\Lenovo\Password Manager\tvtpwm_ie_com.dll (Lenovo Group Limited)
BHO-x32: Citavi Picker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: IePasswordManagerHelper Class - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files (x86)\Lenovo\Password Manager\tvtpwm_ie_com.dll (Lenovo Group Limited)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{AB94E8B7-CDFE-4189-8BD3-EB57E0CF062B}: [NameServer]193.189.244.225,193.189.244.206

FireFox:
========
FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\if6ueips.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://theawesomer.com/
FF Keyword.URL: hxxp://www.google.de/search?q=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\if6ueips.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\if6ueips.default\searchplugins\conduit.xml
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\if6ueips.default\Extensions\ich@maltegoetz.de
FF Extension: groovesharkUnlocker - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\if6ueips.default\Extensions\groovesharkUnlocker@overlord1337.xpi
FF Extension: jid0-Z0Vu9hJlqV0fhIAPqPfmUCNubYQ - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\if6ueips.default\Extensions\jid0-Z0Vu9hJlqV0fhIAPqPfmUCNubYQ@jetpack.xpi
FF Extension: No Name - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\if6ueips.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKCU\...\Firefox\Extensions: [{F74D5734-46F5-4B16-96F0-1E7FBF41B750}] C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12
FF Extension: ThinkVantage Password Manager - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-26] (Avira Operations GmbH & Co. KG)
R2 ArchiCrypt Ultimate RAM-Disk 4; C:\WINDOWS\system32\ACRAMDiskHandlerService64R_D4.exe [1580648 2013-04-30] (Softwareentwicklung Remus - ArchiCrypt)
S3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [149496 2013-05-27] (Lenovo Corporation)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2228440 2013-04-24] (Broadcom Corporation.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-05-30] (Intel Corporation)
R3 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2037240 2013-04-19] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [559504 2012-08-16] (LENOVO INCORPORATED.)
S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [683000 2013-05-27] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
R2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [465912 2013-05-28] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [463352 2013-04-19] ()
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22376 2013-04-11] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 ACMoFlex64RD4; C:\WINDOWS\system32\drivers\ACMoFlex64RD4.sys [23656 2013-04-30] (Softwareentwicklung Remus - ArchiCrypt.de)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130016 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-03-27] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [172760 2013-04-24] (Broadcom Corporation.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 BTWPANFL; C:\WINDOWS\system32\drivers\btwpanfl.sys [44912 2013-01-20] (Broadcom Corporation.)
S2 DgiVecp; C:\WINDOWS\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)
S2 DgiVecp; C:\WINDOWS\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-03-05] (DT Soft Ltd)
R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c63x64.sys [468240 2013-02-21] (Intel Corporation)
R3 LnvHIDHW; C:\Windows\System32\drivers\LnvHIDHW.sys [27496 2012-07-30] (Lenovo)
R3 MbmLowExt; C:\Windows\System32\Drivers\MbmLowExt.sys [26112 2012-10-30] (Ericsson AB)
R3 MbmUsbSerial; C:\Windows\System32\Drivers\MbmUsbSerial.sys [72704 2012-07-03] (Ericsson AB)
R3 MkBusFilter; C:\Windows\System32\drivers\MbmDeviceFilter.sys [25600 2012-10-22] (Ericsson AB)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3311072 2013-02-21] (Intel Corporation)
R0 RAMDiskVE; C:\Windows\System32\Drivers\RAMDiskVE.sys [73040 2012-09-06] (Dataram, Inc.)
R3 RCUVCAVS; C:\Windows\system32\DRIVERS\RCUVCAVS.sys [149632 2012-08-02] (Ricoh co.,Ltd.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44784 2013-05-29] (Synaptics Incorporated)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
S3 Spyder3; C:\Windows\System32\drivers\Spyder3.sys [15360 2010-03-30] ()
R3 wmbclass; C:\Windows\System32\drivers\wmbclass.sys [230912 2013-04-09] (Microsoft Corporation)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 BTCFilterService; \SystemRoot\system32\DRIVERS\motfilt.sys [x]
S3 intaud_WaveExtensible; \SystemRoot\system32\drivers\intelaud.sys [x]
S3 iwdbus; \SystemRoot\System32\drivers\iwdbus.sys [x]
S3 motccgp; \SystemRoot\System32\drivers\motccgp.sys [x]
S3 motccgpfl; \SystemRoot\System32\drivers\motccgpfl.sys [x]
S3 motmodem; \SystemRoot\system32\DRIVERS\motmodem.sys [x]
S3 MotoSwitchService; \SystemRoot\System32\drivers\motswch.sys [x]
S3 Motousbnet; \SystemRoot\system32\DRIVERS\Motousbnet.sys [x]
S3 motusbdevice; \SystemRoot\System32\drivers\motusbdevice.sys [x]
S3 NETwNs64; \SystemRoot\system32\DRIVERS\NETwNs64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-07 21:13 - 2013-07-07 21:13 - 00000000 ____D C:\FRST
2013-07-07 11:38 - 2013-07-07 10:50 - 01934636 ____A (Farbar) C:\Users\Peter\Desktop\FRST64.exe
2013-07-07 00:32 - 2013-07-07 00:32 - 00000000 ____D C:\Program Files (x86)\ThinkPad
2013-07-07 00:32 - 2013-06-04 07:40 - 00020736 ____A (Lenovo Group Limited) C:\Windows\System32\Drivers\TPPWR64V.SYS
2013-07-07 00:32 - 2013-05-27 12:57 - 16819192 ____A (Lenovo Corporation) C:\Windows\System32\LibDriverMft.dll
2013-07-07 00:32 - 2013-05-27 12:57 - 00076280 ____A (Lenovo Corporation) C:\Windows\System32\LibDriverMftStart.dll
2013-07-07 00:32 - 2013-05-27 12:52 - 00067064 ____A (Lenovo Corporation) C:\Windows\SysWOW64\LibDriverMftStart.dll
2013-07-07 00:32 - 2013-05-27 12:51 - 16820728 ____A (Lenovo Corporation) C:\Windows\SysWOW64\LibDriverMft.dll
2013-07-07 00:32 - 2013-05-24 19:05 - 02366320 ____A (Microsoft Corporation) C:\Windows\System32\WudfUpdate_01011.dll
2013-07-07 00:26 - 2013-07-07 00:26 - 00013507 ____A C:\Users\Peter\Desktop\Extras.zip
2013-07-07 00:03 - 2013-07-07 00:03 - 00017462 ____A C:\Users\Peter\Desktop\OTL.zip
2013-07-06 22:48 - 2013-07-06 22:52 - 00073736 ____A C:\Users\Peter\Desktop\Extras.Txt
2013-07-06 22:47 - 2013-07-07 00:02 - 00131310 ____A C:\Users\Peter\Desktop\OTL.Txt
2013-07-06 22:46 - 2013-07-06 22:46 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Malwarebytes
2013-07-06 22:45 - 2013-07-06 22:45 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-04 09:08 - 2013-04-24 00:25 - 02232024 ____A (Broadcom Corporation.) C:\Windows\System32\BcmBtRSupport.dll
2013-07-04 09:08 - 2013-04-24 00:25 - 02228440 ____A (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
2013-07-04 09:08 - 2013-04-24 00:25 - 00186584 ____A (Broadcom Corporation.) C:\Windows\System32\Drivers\btwaudio.sys
2013-07-04 09:08 - 2013-04-24 00:24 - 00228568 ____A (Broadcom Corporation.) C:\Windows\System32\Drivers\btwavdt.sys
2013-07-04 09:08 - 2013-04-24 00:24 - 00022744 ____A (Broadcom Corporation.) C:\Windows\System32\Drivers\btwrchid.sys
2013-07-04 09:08 - 2012-07-27 07:48 - 00040248 ____A (Broadcom Corporation.) C:\Windows\System32\Drivers\btwl2cap.sys
2013-07-04 09:07 - 2013-05-29 21:41 - 01048816 ____A (Synaptics Incorporated) C:\Windows\System32\SynCOM.dll
2013-07-04 09:07 - 2013-05-29 21:41 - 00540400 ____A (Synaptics Incorporated) C:\Windows\SysWOW64\SynCOM.dll
2013-07-04 09:07 - 2013-05-29 21:41 - 00460528 ____A (Synaptics Incorporated) C:\Windows\System32\Drivers\SynTP.sys
2013-07-04 09:07 - 2013-05-29 21:41 - 00229616 ____A (Synaptics Incorporated) C:\Windows\System32\SynTPAPI.dll
2013-07-04 09:07 - 2013-05-29 21:41 - 00178416 ____A (Synaptics Incorporated) C:\Windows\System32\SynTPCo14.dll
2013-07-04 09:07 - 2013-05-29 21:41 - 00114416 ____A (Synaptics Incorporated) C:\Windows\SysWOW64\SynTPCOM.dll
2013-07-04 09:07 - 2013-05-29 21:41 - 00044784 ____A (Synaptics Incorporated) C:\Windows\System32\Drivers\Smb_driver_Intel.sys
2013-07-03 20:58 - 2013-05-16 00:35 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\tssdisai.dll
2013-07-03 18:25 - 2013-07-03 18:25 - 00606352 ____A C:\Users\Peter\Desktop\Passbild-36aGenerator.exe
2013-07-03 18:25 - 2013-07-03 18:25 - 00000000 ____D C:\Users\Peter\AppData\Local\Passbild_Generator
2013-07-02 15:17 - 2013-07-02 15:17 - 00000000 ____D C:\Windows\msagent
2013-07-02 15:17 - 2000-05-22 16:58 - 00244416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msflxgrd.ocx
2013-06-26 11:12 - 2013-06-26 11:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-25 19:23 - 2013-06-25 20:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-06-20 16:23 - 2013-06-20 16:23 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-20 16:23 - 2013-06-20 16:23 - 00000000 ____D C:\Program Files\iTunes
2013-06-20 16:23 - 2013-06-20 16:23 - 00000000 ____D C:\Program Files\iPod
2013-06-20 01:43 - 2013-06-20 01:43 - 00000000 ____D C:\Program Files (x86)\Dolby Home Theater v4
2013-06-20 01:43 - 2013-06-03 17:08 - 00000008 ____A C:\Windows\System32\Drivers\RTKHDAUD.DAT
2013-06-20 01:43 - 2013-05-21 21:50 - 03425608 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RTKVHD64.sys
2013-06-20 01:43 - 2013-05-21 15:57 - 00142408 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RCoInstII64.dll
2013-06-20 01:43 - 2013-05-21 15:05 - 00576929 ____A C:\Windows\System32\Drivers\RTAIODAT.DAT
2013-06-20 01:43 - 2013-05-21 14:15 - 24962560 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RCoRes64.dat
2013-06-20 01:43 - 2013-05-20 16:16 - 01003592 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkApi64.dll
2013-06-20 01:43 - 2013-05-20 14:36 - 02794056 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtPgEx64.dll
2013-06-20 01:43 - 2013-05-02 12:01 - 02103040 ____A (Waves Audio Ltd.) C:\Windows\System32\WavesGUILib64.dll
2013-06-20 01:43 - 2013-04-30 19:53 - 03693640 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkAPO64.dll
2013-06-20 01:43 - 2013-04-30 14:28 - 00916016 ____A (Sony Corporation) C:\Windows\System32\SFSS_APO.dll
2013-06-20 01:43 - 2013-04-24 17:16 - 01662024 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RTSnMg64.cpl
2013-06-20 01:43 - 2013-04-23 00:40 - 02735648 ____A (Fortemedia Corporation) C:\Windows\System32\FMAPO64.dll
2013-06-20 01:43 - 2013-04-01 14:06 - 02079816 ____A (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2013-06-20 01:43 - 2013-03-23 03:43 - 00208072 ____A (Andrea Electronics Corporation) C:\Windows\System32\AERTAC64.dll
2013-06-20 01:43 - 2013-02-20 18:55 - 01284680 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RTCOM64.dll
2013-06-20 01:43 - 2012-10-02 14:41 - 00501192 ____A (DTS) C:\Windows\System32\DTSU2PLFX64.dll
2013-06-20 01:43 - 2012-10-02 14:41 - 00487368 ____A (DTS) C:\Windows\System32\DTSU2PGFX64.dll
2013-06-20 01:43 - 2012-10-02 14:41 - 00415688 ____A (DTS) C:\Windows\System32\DTSU2PREC64.dll
2013-06-20 01:43 - 2012-08-31 19:18 - 07164176 ____A (Dolby Laboratories) C:\Windows\System32\R4EEP64A.dll
2013-06-20 01:43 - 2012-08-31 19:17 - 00434960 ____A (Dolby Laboratories) C:\Windows\System32\R4EED64A.dll
2013-06-20 01:43 - 2012-08-31 19:17 - 00141584 ____A (Dolby Laboratories) C:\Windows\System32\R4EEL64A.dll
2013-06-20 01:43 - 2012-08-31 19:17 - 00124176 ____A (Dolby Laboratories) C:\Windows\System32\R4EEA64A.dll
2013-06-20 01:43 - 2012-08-31 19:17 - 00075024 ____A (Dolby Laboratories) C:\Windows\System32\R4EEG64A.dll
2013-06-19 22:15 - 2013-05-13 15:15 - 00016344 ____A (Intel Corporation) C:\Windows\System32\Drivers\IntelMEFWVer.dll
2013-06-19 22:12 - 2013-06-19 22:12 - 04876072 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-16 12:18 - 2013-05-31 01:24 - 01257472 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-06-16 12:18 - 2013-05-31 01:08 - 00974848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-06-16 12:18 - 2013-05-24 01:01 - 01300992 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2013-06-16 12:18 - 2013-05-24 00:27 - 01022464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-06-16 12:17 - 2013-05-15 04:25 - 00888320 ____A (Microsoft Corporation) C:\Windows\System32\autochk.exe
2013-06-16 12:17 - 2013-05-15 04:25 - 00542208 ____A (Microsoft Corporation) C:\Windows\System32\untfs.dll
2013-06-16 12:17 - 2013-05-15 04:24 - 00793088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2013-06-16 12:17 - 2013-05-15 04:24 - 00482816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2013-06-15 16:53 - 2013-05-04 09:58 - 00120736 ____A (Microsoft Corporation) C:\Windows\System32\AuthHost.exe
2013-06-15 16:53 - 2013-05-04 09:34 - 00446720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
2013-06-15 16:53 - 2013-05-04 09:34 - 00284416 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2013-06-15 16:53 - 2013-05-04 09:34 - 00213248 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS
2013-06-15 16:53 - 2013-05-04 09:30 - 00058312 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2013-06-15 16:53 - 2013-05-04 08:59 - 13644288 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2013-06-15 16:53 - 2013-05-04 08:59 - 03241472 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2013-06-15 16:53 - 2013-05-04 08:59 - 01619968 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2013-06-15 16:53 - 2013-05-04 08:59 - 01483776 ____A (Microsoft Corporation) C:\Windows\System32\VSSVC.exe
2013-06-15 16:53 - 2013-05-04 08:59 - 00812544 ____A (Microsoft Corporation) C:\Windows\System32\Magnify.exe
2013-06-15 16:53 - 2013-05-04 08:59 - 00760320 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2013-06-15 16:53 - 2013-05-04 08:59 - 00251904 ____A (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
2013-06-15 16:53 - 2013-05-04 08:59 - 00141824 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2013-06-15 16:53 - 2013-05-04 08:59 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2013-06-15 16:53 - 2013-05-04 08:59 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2013-06-15 16:53 - 2013-05-04 08:58 - 10116096 ____A (Microsoft Corporation) C:\Windows\System32\twinui.dll
2013-06-15 16:53 - 2013-05-04 08:58 - 01332736 ____A (Microsoft Corporation) C:\Windows\System32\sysmain.dll
2013-06-15 16:53 - 2013-05-04 08:58 - 00470528 ____A (Microsoft Corporation) C:\Windows\System32\netprofmsvc.dll
2013-06-15 16:53 - 2013-05-04 08:58 - 00330240 ____A (Microsoft Corporation) C:\Windows\System32\stobject.dll
2013-06-15 16:53 - 2013-05-04 08:58 - 00328192 ____A (Microsoft Corporation) C:\Windows\System32\ubpm.dll
2013-06-15 16:53 - 2013-05-04 08:58 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\storewuauth.dll
2013-06-15 16:53 - 2013-05-04 08:58 - 00169984 ____A (Microsoft Corporation) C:\Windows\System32\netplwiz.dll
2013-06-15 16:53 - 2013-05-04 08:58 - 00151552 ____A (Microsoft Corporation) C:\Windows\System32\netprofm.dll
2013-06-15 16:53 - 2013-05-04 08:58 - 00093696 ____A (Microsoft Corporation) C:\Windows\System32\psmsrv.dll
2013-06-15 16:53 - 2013-05-04 08:57 - 02305024 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-06-15 16:53 - 2013-05-04 08:57 - 01131520 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll
2013-06-15 16:53 - 2013-05-04 08:57 - 00820736 ____A (Microsoft Corporation) C:\Windows\System32\gpprefcl.dll
2013-06-15 16:53 - 2013-05-04 08:57 - 00708096 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.dll
2013-06-15 16:53 - 2013-05-04 08:57 - 00560640 ____A (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll
2013-06-15 16:53 - 2013-05-04 08:57 - 00501760 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairing.dll
2013-06-15 16:53 - 2013-05-04 08:57 - 00389120 ____A (Microsoft Corporation) C:\Windows\System32\BCP47Langs.dll
2013-06-15 16:53 - 2013-05-04 08:57 - 00179712 ____A (Microsoft Corporation) C:\Windows\System32\bisrv.dll
2013-06-15 16:53 - 2013-05-04 08:57 - 00122368 ____A (Microsoft Corporation) C:\Windows\System32\biwinrt.dll
2013-06-15 16:53 - 2013-05-04 08:57 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\muifontsetup.dll
2013-06-15 16:53 - 2013-05-04 08:56 - 00419840 ____A (Microsoft Corporation) C:\Windows\System32\intl.cpl
2013-06-15 16:53 - 2013-05-04 06:58 - 00758784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2013-06-15 16:53 - 2013-05-04 06:58 - 00621056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-06-15 16:53 - 2013-05-04 06:58 - 00125952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-06-15 16:53 - 2013-05-04 06:58 - 00083968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-06-15 16:53 - 2013-05-04 06:58 - 00034304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-06-15 16:53 - 2013-05-04 06:57 - 10788864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-06-15 16:53 - 2013-05-04 06:57 - 08857088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-06-15 16:53 - 2013-05-04 06:57 - 00303616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2013-06-15 16:53 - 2013-05-04 06:57 - 00247296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-06-15 16:53 - 2013-05-04 06:57 - 00151040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2013-06-15 16:53 - 2013-05-04 06:57 - 00115712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2013-06-15 16:53 - 2013-05-04 06:57 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2013-06-15 16:53 - 2013-05-04 06:57 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2013-06-15 16:53 - 2013-05-04 06:56 - 02035712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-06-15 16:53 - 2013-05-04 06:56 - 00582144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2013-06-15 16:53 - 2013-05-04 06:56 - 00449536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-06-15 16:53 - 2013-05-04 06:56 - 00411136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2013-06-15 16:53 - 2013-05-04 06:56 - 00309760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2013-06-15 16:53 - 2013-05-04 06:56 - 00092160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2013-06-15 16:53 - 2013-05-04 06:55 - 00389632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-06-15 16:53 - 2013-05-04 06:51 - 00014848 ____A (Microsoft) C:\Windows\System32\rars.rs
2013-06-15 16:53 - 2013-05-04 06:48 - 00083968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-06-15 16:53 - 2013-05-04 06:48 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2013-06-15 16:53 - 2013-05-04 06:47 - 00427520 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2013-06-15 16:53 - 2013-05-04 06:10 - 00014848 ____A (Microsoft) C:\Windows\SysWOW64\rars.rs
2013-06-15 16:53 - 2013-05-03 00:04 - 00386646 ____A C:\Windows\System32\ApnDatabase.xml
2013-06-12 14:19 - 2013-04-03 01:37 - 00025088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 14:19 - 2013-04-03 01:12 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 09:50 - 2013-06-05 00:09 - 00693112 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 09:50 - 2013-06-05 00:09 - 00078200 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-12 09:31 - 2013-05-16 00:37 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-06-12 09:31 - 2013-05-16 00:36 - 14320640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-12 09:31 - 2013-05-16 00:35 - 19230720 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-12 09:31 - 2013-05-16 00:35 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\UXInit.dll
2013-06-12 09:31 - 2013-05-14 15:14 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-12 09:31 - 2013-05-14 11:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-12 09:31 - 2013-05-04 09:45 - 02233600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 09:31 - 2013-04-29 00:30 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-12 09:31 - 2013-04-29 00:30 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 09:31 - 2013-04-29 00:30 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-12 09:31 - 2013-04-29 00:30 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 09:31 - 2013-04-29 00:30 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-12 09:31 - 2013-04-29 00:30 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 09:31 - 2013-04-29 00:30 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 09:31 - 2013-04-29 00:28 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 09:31 - 2013-04-29 00:28 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 09:31 - 2013-04-29 00:28 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-12 09:31 - 2013-04-29 00:28 - 00915968 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
2013-06-12 09:31 - 2013-04-29 00:28 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 09:31 - 2013-04-29 00:28 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 09:31 - 2013-04-29 00:27 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-12 09:31 - 2013-04-29 00:27 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-12 09:31 - 2013-04-29 00:27 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 09:31 - 2013-04-27 07:20 - 00733184 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 09:31 - 2013-04-24 01:13 - 01013248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 09:31 - 2013-04-24 01:12 - 01569792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 09:31 - 2013-04-24 01:12 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 09:31 - 2013-04-24 00:56 - 01255936 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 09:31 - 2013-04-24 00:55 - 01889280 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 09:31 - 2013-04-24 00:55 - 00141312 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 09:31 - 2013-04-24 00:55 - 00068096 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll

==================== One Month Modified Files and Folders =======

2013-07-07 21:13 - 2013-07-07 21:13 - 00000000 ____D C:\FRST
2013-07-07 11:37 - 2013-01-06 17:49 - 00753134 ____A C:\Windows\System32\perfh007.dat
2013-07-07 11:37 - 2013-01-06 17:49 - 00155826 ____A C:\Windows\System32\perfc007.dat
2013-07-07 11:37 - 2012-07-26 09:28 - 01745416 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-07 11:31 - 2013-01-06 04:42 - 00000000 ___RD C:\Users\Peter\Dropbox
2013-07-07 11:31 - 2013-01-06 04:40 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Dropbox
2013-07-07 11:30 - 2012-07-26 09:22 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-07 11:26 - 2012-07-26 07:26 - 00786432 __ASH C:\Windows\System32\config\BBI
2013-07-07 11:01 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\sru
2013-07-07 10:50 - 2013-07-07 11:38 - 01934636 ____A (Farbar) C:\Users\Peter\Desktop\FRST64.exe
2013-07-07 02:25 - 2013-01-06 09:02 - 01957727 ____A C:\Windows\WindowsUpdate.log
2013-07-07 01:41 - 2013-01-06 03:42 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-07 00:32 - 2013-07-07 00:32 - 00000000 ____D C:\Program Files (x86)\ThinkPad
2013-07-07 00:32 - 2013-01-06 08:52 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-07 00:32 - 2013-01-06 08:52 - 00000000 ____D C:\Program Files\Lenovo
2013-07-07 00:32 - 2013-01-06 08:52 - 00000000 ____D C:\Program Files (x86)\Lenovo
2013-07-07 00:32 - 2012-07-26 10:12 - 00000000 __RSD C:\Windows\Media
2013-07-07 00:27 - 2012-09-13 20:32 - 00577344 ____A C:\Windows\PFRO.log
2013-07-07 00:26 - 2013-07-07 00:26 - 00013507 ____A C:\Users\Peter\Desktop\Extras.zip
2013-07-07 00:25 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\NDF
2013-07-07 00:03 - 2013-07-07 00:03 - 00017462 ____A C:\Users\Peter\Desktop\OTL.zip
2013-07-07 00:02 - 2013-07-06 22:47 - 00131310 ____A C:\Users\Peter\Desktop\OTL.Txt
2013-07-06 22:52 - 2013-07-06 22:48 - 00073736 ____A C:\Users\Peter\Desktop\Extras.Txt
2013-07-06 22:46 - 2013-07-06 22:46 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Malwarebytes
2013-07-06 22:45 - 2013-07-06 22:45 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-06 22:13 - 2013-01-06 09:56 - 00000000 ____D C:\Users\Peter\AppData\Local\Adobe
2013-07-05 23:13 - 2013-01-06 03:39 - 00000000 ____D C:\Users\Peter\AppData\Roaming\vlc
2013-07-05 09:54 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-07-04 09:08 - 2012-07-26 09:21 - 00057789 ____A C:\Windows\setupact.log
2013-07-04 09:07 - 2013-01-18 20:37 - 00001432 ____A C:\Windows\Synaptics.log
2013-07-04 09:07 - 2013-01-06 08:51 - 00267496 ____A C:\Windows\DPINST.LOG
2013-07-04 01:08 - 2013-05-17 09:55 - 524288848 ____A C:\Users\Peter\Desktop\Firefox.ard
2013-07-04 01:08 - 2013-01-06 02:57 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Mozilla
2013-07-03 23:06 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-07-03 18:25 - 2013-07-03 18:25 - 00000000 ____D C:\Users\Peter\AppData\Local\Passbild_Generator
2013-07-02 16:07 - 2013-01-06 02:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-02 15:56 - 2013-04-29 16:21 - 00000000 ____D C:\Users\Peter\Documents\Citavi 4
2013-07-02 15:17 - 2013-07-02 15:17 - 00000000 ____D C:\Windows\msagent
2013-07-02 15:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\Help
2013-06-26 11:12 - 2013-06-26 11:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-26 10:23 - 2013-05-07 18:40 - 00083672 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avnetflt.sys
2013-06-25 20:42 - 2013-06-25 19:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-06-25 09:20 - 2013-01-06 09:19 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Adobe
2013-06-25 09:20 - 2013-01-06 08:57 - 00000000 ____D C:\ProgramData\Adobe
2013-06-25 09:16 - 2013-01-06 08:57 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-06-22 20:29 - 2013-03-19 01:29 - 00000000 ____D C:\Program Files\Intel
2013-06-22 20:29 - 2013-03-04 02:03 - 00000000 ____D C:\ProgramData\Package Cache
2013-06-22 20:28 - 2013-01-18 20:39 - 00000000 ____D C:\Program Files (x86)\Cisco
2013-06-22 20:28 - 2013-01-06 08:51 - 00000000 ____D C:\ProgramData\Intel
2013-06-22 20:28 - 2013-01-06 08:51 - 00000000 ____D C:\Program Files (x86)\Intel
2013-06-20 16:23 - 2013-06-20 16:23 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-20 16:23 - 2013-06-20 16:23 - 00000000 ____D C:\Program Files\iTunes
2013-06-20 16:23 - 2013-06-20 16:23 - 00000000 ____D C:\Program Files\iPod
2013-06-20 16:23 - 2013-05-16 23:03 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-20 16:22 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\LiveKernelReports
2013-06-20 01:43 - 2013-06-20 01:43 - 00000000 ____D C:\Program Files (x86)\Dolby Home Theater v4
2013-06-20 01:43 - 2013-01-06 08:53 - 00003066 ____A C:\RHDSetup.log
2013-06-20 01:43 - 2013-01-06 08:53 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-06-19 22:12 - 2013-06-19 22:12 - 04876072 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-19 21:41 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-06-19 01:42 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-06-19 01:42 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\ToastData
2013-06-19 01:42 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-06-19 01:42 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-06-19 01:42 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-06-19 01:42 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\System32\Dism
2013-06-18 12:49 - 2013-01-06 10:03 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-17 14:59 - 2013-01-06 14:39 - 00000000 ____D C:\Users\Peter\AppData\Local\CrashDumps
2013-06-10 00:28 - 2013-03-09 21:44 - 00000000 ____D C:\Program Files (x86)\Steam
2013-06-09 17:18 - 2013-01-24 14:03 - 00000000 ___RD C:\Users\Peter\Desktop\jpgcompressor

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-01 22:54

==================== End Of Log ============================
--- --- ---

--- --- ---





Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-07-2013
Ran by Peter at 2013-07-07 11:39:13
Running from C:\Users\Peter\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Adobe AIR (x32 Version: 3.7.0.1530)
Adobe Community Help (x32 Version: 3.4.980)
Adobe Creative Suite 5.5 Master Collection (x32 Version: 5.5)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Photoshop Lightroom 3.6 64-bit (Version: 3.6.1)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Anzeige am Bildschirm (Version: 7.12.00)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
ArchiCrypt Ultimate RAM-Disk 4 Version 4.0.1.4254 (Version: 4.0.1.4254)
Avira Free Antivirus (x32 Version: 13.0.0.3737)
Bonjour (Version: 3.0.0.10)
Cisco AnyConnect Secure Mobility Client  (x32 Version: 3.1.01065)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.01065)
Citavi 4 (x32 Version: 4.1.0.3)
DAEMON Tools Lite (x32 Version: 4.46.1.0327)
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7/8 (Version: 1.00)
Dolby Home Theater v4 (x32 Version: 7.2.8000.17)
Dota 2 (x32)
Dropbox (HKCU Version: 2.0.22)
Integrated Camera Driver Installer Package Ver.1.0.0.19 (x32 Version: 1.0.0.19)
Intel AppUp(SM) center (x32 Version: 3.6.1.33057.10)
Intel(R) Management Engine Components (x32 Version: 9.0.0.1310)
Intel(R) Network Connections 18.3.72.0 (Version: 18.3.72.0)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2875)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® PROSet/Wireless Software (x32 Version: 15.6.1)
Intel® Trusted Connect Service Client (Version: 1.27.757.1)
iTunes (Version: 11.0.4.4)
Java 7 Update 21 (x32 Version: 7.0.210)
Java Auto Updater (x32 Version: 2.1.9.5)
Lenovo Auto Scroll Utility (Version: 2.00)
Lenovo Dependency Package (x32 Version: 1.0)
Lenovo Patch Utility (x32 Version: 1.3.2.6)
Lenovo Patch Utility 64 bit (Version: 1.3.2.6)
Lenovo Power Management Driver (Version: 1.67.00.02)
Lenovo QuickLaunch (x32 Version: 1.00.0039)
Lenovo Settings - Camera Audio (Version: 4.0.100.0)
Lenovo Settings Dependency Package (Version: 1.2.0.21)
Lenovo Settings Mobile Hotspot (Version: 1.1.0.59)
Lenovo System Update (x32 Version: 5.02.0011)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
Mobile Broadband Drivers (x32 Version: 8.0.8.4)
MotoHelper MergeModules (x32 Version: 1.2.0)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
Mozilla Thunderbird 17.0.7 (x86 de) (x32 Version: 17.0.7)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
PDF Settings CS5 (x32 Version: 10.0)
Personal Backup 5.4 (x32 Version: 5.3)
QuickTime (x32 Version: 7.73.80.64)
RAMDisk (x32 Version: 4.0.0)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6914)
RICOH_Media_Driver_v2.24.18.01 (x32 Version: 2.24.18.01)
Spyder3Pro (x32)
Steam (x32 Version: 1.0.0.0)
SugarSync Manager (x32 Version: 1.9.61.90905)
System Requirements Lab for Intel (x32 Version: 4.5.13.0)
ThinkPad Bluetooth with Enhanced Data Rate Software (Version: 12.0.0.6850)
ThinkPad UltraNav Driver (Version: 16.2.19.9)
ThinkVantage Fingerprint Software (Version: 5.9.9.7282)
ThinkVantage Password Manager (x32 Version: 4.10.20.0)
ThinkVantage System für aktiven Festplattenschutz (Version: 1.77.0.20)
VC_CRT_x64 (Version: 1.02.0000)
VLC media player 2.0.7 (Version: 2.0.7)
Windows-Treiberpaket - Intel USB  (08/26/2011 9.3.0.1011) (Version: 08/26/2011 9.3.0.1011)
Windows-Treiberpaket - Lenovo 1.66.00.07 (08/15/2012 1.66.00.07) (Version: 08/15/2012 1.66.00.07)
Windows-Treiberpaket - Synaptics (SmbDrv) System  (08/16/2012 16.2.10.5) (Version: 08/16/2012 16.2.10.5)
Windows-Treiberpaket - Synaptics (SynTP) Mouse  (08/16/2012 16.2.10.5) (Version: 08/16/2012 16.2.10.5)

==================== Restore Points  =========================

06-07-2013 22:15:56 Entfernt Lenovo Settings - Power

==================== Hosts content: ==========================



==================== Scheduled Tasks (whitelisted) =============

Task: {05140339-597C-421A-AF6E-59170EA60B77} - System32\Tasks\Intel\Intel Service Manager => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [2012-07-12] (Intel Corporation)
Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation)
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {13B00855-58E6-4493-9149-96E265399B5C} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-11] (Adobe Systems Incorporated)
Task: {174F63D5-9DC9-4588-BAA2-5EF799A626AC} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\WINDOWS\system32\sc.exe [2012-07-26] (Microsoft Corporation)
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {286AE1D0-7CE5-4E84-BF46-166DD7601952} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {2A84EB1D-4A5F-4E6D-868F-2A6D2B6F127D} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4194780498-1423412839-850030711-1001
Task: {2B845990-C632-4F8B-B544-7D3CEDEC8A72} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2013-04-11] ()
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {3219AF3F-C6C3-4667-ACDE-5D1124F4BAFA} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup
Task: {3489C0E0-B350-4AF2-A9F8-177B9FD94B61} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {45D1FACA-61B4-4B6A-B785-0DB763B0ABFB} - System32\Tasks\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync
Task: {468F4656-001C-43F4-9971-C3F7CDFF6117} - System32\Tasks\Dolby => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2012-07-26] (Microsoft Corporation)
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {5DA6908C-0077-422E-BC77-73808F48A6D7} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation)
Task: {651EEF17-A3C6-4AB5-B58C-5B303DB48008} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe No File
Task: {6A93B01B-DCE4-4350-9781-8BDCA860F7CD} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation)
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {70875AF2-7BE6-4C0B-8312-AD93ED8BC9EA} - System32\Tasks\Lenovo\Lenovo-15815 => C:\ProgramData\Lenovo-15815.vbs [2013-02-04] ()
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {91A491AB-8E6F-4480-9232-B64D74B7A365} - System32\Tasks\StartPowerDVDService => C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe No File
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {AF796771-4167-4642-8C99-27DC7F7F898D} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe [2012-08-15] (Microsoft Corporation)
Task: {B08314ED-EDC3-4D26-AAEE-8EB5E19172B0} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {C1ABB015-3973-4EB9-9946-6C9D8A26916E} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\WINDOWS\System32\lpksetup.exe [2012-09-20] (Microsoft Corporation)
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {C7F4A638-FC35-4ADC-900F-EA27101938A2} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-peter_stanzel@hotmail.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {D0637B0C-3775-481E-8EA0-4F90E5275489} - System32\Tasks\Lenovo\Lenovo-29935 => C:\ProgramData\Lenovo-29935.vbs [2013-01-06] ()
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN-Miniport (Netzwerkmonitor)
Description: WAN-Miniport (Netzwerkmonitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: WAN-Miniport (Netzwerkmonitor) #2
Description: WAN-Miniport (Netzwerkmonitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/07/2013 00:32:25 AM) (Source: MsiInstaller) (User: PETER)
Description: Product: Lenovo Patch Utility 64 bit -- Error 1316.A network error occurred while attempting to read from the file C:\Program Files\Lenovo\SettingsDependency\LPU\Lenovo Patch Utility 64 bit.msi

Error: (07/07/2013 00:32:24 AM) (Source: MsiInstaller) (User: PETER)
Description: Product: Lenovo Patch Utility -- Error 1316.A network error occurred while attempting to read from the file C:\Program Files\Lenovo\SettingsDependency\LPU\Lenovo Patch Utility 32 bit.msi

schrauber 07.07.2013 11:18
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
HKCU\...\Run: [AdobeBridge]  [x]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN42722590742379417&ctid=CT3281675
SearchScopes: HKCU - {E6CDAB7C-C20D-420A-AF96-51F34C5357E9} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=55739059-5BA2-4052-8328-CDDB3C200614&apn_sauid=77C3917E-C046-4525-A045-D8F20E47F656

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



und ein frisches Scanlog mit FRST bitte.

pedro12345 07.07.2013 11:36
so, ich habe alles ausgeführt.
Hier die Logs

AdwCleaner:

Code:
# AdwCleaner v2.304 - Datei am 07/07/2013 um 12:21:11 erstellt
# Aktualisiert am 03/07/2013 von Xplode
# Betriebssystem : Windows 8 Pro  (64 bits)
# Benutzer : Peter - PETER
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Peter\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\if6ueips.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\if6ueips.default\searchplugins\Askcom.xml
Datei Gelöscht : C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\if6ueips.default\searchplugins\Conduit.xml
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Users\Peter\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Peter\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Peter\AppData\Roaming\OpenCandy

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3281675
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16599

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&CUI=UN42722590742379417&ctid=CT3281675 --> hxxp://www.google.com

-\\ Mozilla Firefox v22.0 (de)

Datei : C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\if6ueips.default\prefs.js

Gelöscht : user_pref("CT3281675_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Gelöscht : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3281675&CUI=UN34907856[...]
Gelöscht : user_pref("Smartbar.ConduitSearchEngineList", "entrusted Customized Web Search");
Gelöscht : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3281675[...]
Gelöscht : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://www.google.com/search?sourceid=navclient&[...]
Gelöscht : user_pref("Smartbar.keywordURLSelectedCTID", "CT3281675");
Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
Gelöscht : user_pref("browser.search.defaultenginename", "Ask.com");
Gelöscht : user_pref("browser.search.defaultthis.engineName", "entrusted Customized Web Search");
Gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3281675&CUI[...]
Gelöscht : user_pref("browser.search.order.1", "Ask.com");
Gelöscht : user_pref("smartBar.searchInNewTabOwner", "CT3281675");

*************************

JRT-Log:

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 8 Pro x64
Ran by Peter on 07.07.2013 at 12:24:47,48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E6CDAB7C-C20D-420A-AF96-51F34C5357E9}



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [File] "C:\Users\Peter\AppData\Roaming\mozilla\firefox\profiles\if6ueips.default\extensions\jid0-Z0Vu9hJlqV0fhIAPqPfmUCNubYQ@jetpack.xpi"
Emptied folder: C:\Users\Peter\AppData\Roaming\mozilla\firefox\profiles\if6ueips.default\minidumps [58 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.07.2013 at 12:26:43,28
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Fixlog:

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-07-2013
Ran by Peter at 2013-07-07 12:28:59 Run:1
Running from C:\Users\Peter\Desktop
Boot Mode: Normal
==============================================

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E6CDAB7C-C20D-420A-AF96-51F34C5357E9} => Key not found.
HKCR\CLSID\{E6CDAB7C-C20D-420A-AF96-51F34C5357E9} => Key not found.

==== End of Fixlog ====

und noch ein neues scanlog von FRST


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-07-2013
Ran by Peter (administrator) on 07-07-2013 12:29:29
Running from C:\Users\Peter\Desktop
Windows 8 Pro (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Lenovo.) C:\WINDOWS\system32\ibmpmsvc.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Softwareentwicklung Remus - ArchiCrypt) C:\WINDOWS\system32\ACRAMDiskHandlerService64R_D4.exe
(Broadcom Corporation.) C:\WINDOWS\system32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\WINDOWS\system32\IProsetMonitor.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSD.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\SHTCTKY.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Password Manager\password_manager.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
() C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dropbox, Inc.) C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s [13538376 2013-05-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4 [1308232 2013-05-20] (Realtek Semiconductor)
HKLM\...\Run: [TpShocks] TpShocks.exe [382248 2013-05-10] (Lenovo.)
HKLM\...\Run: [PasswordManager] C:\Program Files\Lenovo\Password Manager\password_manager.exe [1534888 2012-10-23] (Lenovo Group Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [LenovoOptMouseUpdate] C:\Program Files\Lenovo\HOTKEY\extapsup.exe [255480 2013-04-19] (Lenovo Group Limited)
HKLM\...\Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [x]
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-05-29] (Synaptics Incorporated)
HKLM\...\Run: [LnvMobHotspotClient] C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [937976 2013-05-28] (Lenovo)
HKLM\...\Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [594936 2013-05-27] (Lenovo Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3673728 2012-11-06] (DT Soft Ltd)
HKCU\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [1635752 2013-05-04] (Valve Corporation)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
MountPoints2: {2281668e-8466-11e2-beb1-3c970e590759} - "F:\setup.exe"
MountPoints2: {e6c31630-7cf3-11e2-bea8-3c970e590759} - "F:\setup.exe" -a
HKLM-x32\...\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [59392 2012-05-02] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized [684024 2012-10-17] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [132920 2013-05-30] (Intel Corporation)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PWMTRV] rundll32 C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL,PwrMgrBkGndMonitor [6618408 2013-06-04] (Lenovo Group Limited)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Spyder3Utility.lnk
ShortcutTarget: Spyder3Utility.lnk -> C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe ()
Startup: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com
SearchScopes: HKCU - {7AFF137D-23DE-4688-ABB1-6B39E6F3E846} URL =
BHO: IePasswordManagerHelper Class - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files\Lenovo\Password Manager\tvtpwm_ie_com.dll (Lenovo Group Limited)
BHO-x32: Citavi Picker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: IePasswordManagerHelper Class - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files (x86)\Lenovo\Password Manager\tvtpwm_ie_com.dll (Lenovo Group Limited)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{AB94E8B7-CDFE-4189-8BD3-EB57E0CF062B}: [NameServer]193.189.244.225,193.189.244.206

FireFox:
========
FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\if6ueips.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://theawesomer.com/
FF Keyword.URL: hxxp://www.google.de/search?q=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\if6ueips.default\Extensions\ich@maltegoetz.de
FF Extension: groovesharkUnlocker - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\if6ueips.default\Extensions\groovesharkUnlocker@overlord1337.xpi
FF Extension: No Name - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\if6ueips.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKCU\...\Firefox\Extensions: [{F74D5734-46F5-4B16-96F0-1E7FBF41B750}] C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12
FF Extension: ThinkVantage Password Manager - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-26] (Avira Operations GmbH & Co. KG)
R2 ArchiCrypt Ultimate RAM-Disk 4; C:\WINDOWS\system32\ACRAMDiskHandlerService64R_D4.exe [1580648 2013-04-30] (Softwareentwicklung Remus - ArchiCrypt)
S3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [149496 2013-05-27] (Lenovo Corporation)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2228440 2013-04-24] (Broadcom Corporation.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-05-30] (Intel Corporation)
R3 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2037240 2013-04-19] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [559504 2012-08-16] (LENOVO INCORPORATED.)
S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [683000 2013-05-27] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
R2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [465912 2013-05-28] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [463352 2013-04-19] ()
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22376 2013-04-11] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 ACMoFlex64RD4; C:\WINDOWS\system32\drivers\ACMoFlex64RD4.sys [23656 2013-04-30] (Softwareentwicklung Remus - ArchiCrypt.de)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130016 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-03-27] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [172760 2013-04-24] (Broadcom Corporation.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 BTWPANFL; C:\WINDOWS\system32\drivers\btwpanfl.sys [44912 2013-01-20] (Broadcom Corporation.)
S2 DgiVecp; C:\WINDOWS\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)
S2 DgiVecp; C:\WINDOWS\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-03-05] (DT Soft Ltd)
R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c63x64.sys [468240 2013-02-21] (Intel Corporation)
R3 LnvHIDHW; C:\Windows\System32\drivers\LnvHIDHW.sys [27496 2012-07-30] (Lenovo)
R3 MbmLowExt; C:\Windows\System32\Drivers\MbmLowExt.sys [26112 2012-10-30] (Ericsson AB)
R3 MbmUsbSerial; C:\Windows\System32\Drivers\MbmUsbSerial.sys [72704 2012-07-03] (Ericsson AB)
R3 MkBusFilter; C:\Windows\System32\drivers\MbmDeviceFilter.sys [25600 2012-10-22] (Ericsson AB)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3311072 2013-02-21] (Intel Corporation)
R0 RAMDiskVE; C:\Windows\System32\Drivers\RAMDiskVE.sys [73040 2012-09-06] (Dataram, Inc.)
R3 RCUVCAVS; C:\Windows\system32\DRIVERS\RCUVCAVS.sys [149632 2012-08-02] (Ricoh co.,Ltd.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44784 2013-05-29] (Synaptics Incorporated)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
S3 Spyder3; C:\Windows\System32\drivers\Spyder3.sys [15360 2010-03-30] ()
R3 wmbclass; C:\Windows\System32\drivers\wmbclass.sys [230912 2013-04-09] (Microsoft Corporation)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 BTCFilterService; \SystemRoot\system32\DRIVERS\motfilt.sys [x]
S3 intaud_WaveExtensible; \SystemRoot\system32\drivers\intelaud.sys [x]
S3 iwdbus; \SystemRoot\System32\drivers\iwdbus.sys [x]
S3 motccgp; \SystemRoot\System32\drivers\motccgp.sys [x]
S3 motccgpfl; \SystemRoot\System32\drivers\motccgpfl.sys [x]
S3 motmodem; \SystemRoot\system32\DRIVERS\motmodem.sys [x]
S3 MotoSwitchService; \SystemRoot\System32\drivers\motswch.sys [x]
S3 Motousbnet; \SystemRoot\system32\DRIVERS\Motousbnet.sys [x]
S3 motusbdevice; \SystemRoot\System32\drivers\motusbdevice.sys [x]
S3 NETwNs64; \SystemRoot\system32\DRIVERS\NETwNs64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-07 21:13 - 2013-07-07 21:13 - 00000000 ____D C:\FRST
2013-07-07 12:26 - 2013-07-07 12:26 - 00001057 ____A C:\Users\Peter\Desktop\JRT.txt
2013-07-07 12:24 - 2013-07-07 12:24 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Peter\Desktop\JRT.exe
2013-07-07 12:24 - 2013-07-07 12:24 - 00000000 ____D C:\Windows\ERUNT
2013-07-07 12:24 - 2013-07-07 12:24 - 00000000 ____D C:\JRT
2013-07-07 12:22 - 2013-07-07 12:22 - 00002934 ____A C:\Users\Peter\Desktop\AdwCleaner[S1].txt
2013-07-07 12:21 - 2013-07-07 12:21 - 00002934 ____A C:\AdwCleaner[S1].txt
2013-07-07 12:20 - 2013-07-07 12:20 - 00650027 ____A C:\Users\Peter\Desktop\adwcleaner.exe
2013-07-07 11:38 - 2013-07-07 10:50 - 01934636 ____A (Farbar) C:\Users\Peter\Desktop\FRST64.exe
2013-07-07 00:32 - 2013-07-07 00:32 - 00000000 ____D C:\Program Files (x86)\ThinkPad
2013-07-07 00:32 - 2013-06-04 07:40 - 00020736 ____A (Lenovo Group Limited) C:\Windows\System32\Drivers\TPPWR64V.SYS
2013-07-07 00:32 - 2013-05-27 12:57 - 16819192 ____A (Lenovo Corporation) C:\Windows\System32\LibDriverMft.dll
2013-07-07 00:32 - 2013-05-27 12:57 - 00076280 ____A (Lenovo Corporation) C:\Windows\System32\LibDriverMftStart.dll
2013-07-07 00:32 - 2013-05-27 12:52 - 00067064 ____A (Lenovo Corporation) C:\Windows\SysWOW64\LibDriverMftStart.dll
2013-07-07 00:32 - 2013-05-27 12:51 - 16820728 ____A (Lenovo Corporation) C:\Windows\SysWOW64\LibDriverMft.dll
2013-07-07 00:32 - 2013-05-24 19:05 - 02366320 ____A (Microsoft Corporation) C:\Windows\System32\WudfUpdate_01011.dll
2013-07-06 22:46 - 2013-07-06 22:46 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Malwarebytes
2013-07-06 22:45 - 2013-07-06 22:45 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-04 09:08 - 2013-04-24 00:25 - 02232024 ____A (Broadcom Corporation.) C:\Windows\System32\BcmBtRSupport.dll
2013-07-04 09:08 - 2013-04-24 00:25 - 02228440 ____A (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
2013-07-04 09:08 - 2013-04-24 00:25 - 00186584 ____A (Broadcom Corporation.) C:\Windows\System32\Drivers\btwaudio.sys
2013-07-04 09:08 - 2013-04-24 00:24 - 00228568 ____A (Broadcom Corporation.) C:\Windows\System32\Drivers\btwavdt.sys
2013-07-04 09:08 - 2013-04-24 00:24 - 00022744 ____A (Broadcom Corporation.) C:\Windows\System32\Drivers\btwrchid.sys
2013-07-04 09:08 - 2012-07-27 07:48 - 00040248 ____A (Broadcom Corporation.) C:\Windows\System32\Drivers\btwl2cap.sys
2013-07-04 09:07 - 2013-05-29 21:41 - 01048816 ____A (Synaptics Incorporated) C:\Windows\System32\SynCOM.dll
2013-07-04 09:07 - 2013-05-29 21:41 - 00540400 ____A (Synaptics Incorporated) C:\Windows\SysWOW64\SynCOM.dll
2013-07-04 09:07 - 2013-05-29 21:41 - 00460528 ____A (Synaptics Incorporated) C:\Windows\System32\Drivers\SynTP.sys
2013-07-04 09:07 - 2013-05-29 21:41 - 00229616 ____A (Synaptics Incorporated) C:\Windows\System32\SynTPAPI.dll
2013-07-04 09:07 - 2013-05-29 21:41 - 00178416 ____A (Synaptics Incorporated) C:\Windows\System32\SynTPCo14.dll
2013-07-04 09:07 - 2013-05-29 21:41 - 00114416 ____A (Synaptics Incorporated) C:\Windows\SysWOW64\SynTPCOM.dll
2013-07-04 09:07 - 2013-05-29 21:41 - 00044784 ____A (Synaptics Incorporated) C:\Windows\System32\Drivers\Smb_driver_Intel.sys
2013-07-03 20:58 - 2013-05-16 00:35 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\tssdisai.dll
2013-07-03 18:25 - 2013-07-03 18:25 - 00606352 ____A C:\Users\Peter\Desktop\Passbild-36aGenerator.exe
2013-07-03 18:25 - 2013-07-03 18:25 - 00000000 ____D C:\Users\Peter\AppData\Local\Passbild_Generator
2013-07-02 15:17 - 2013-07-02 15:17 - 00000000 ____D C:\Windows\msagent
2013-07-02 15:17 - 2000-05-22 16:58 - 00244416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msflxgrd.ocx
2013-06-26 11:12 - 2013-06-26 11:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-25 19:23 - 2013-06-25 20:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-06-20 16:23 - 2013-06-20 16:23 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-20 16:23 - 2013-06-20 16:23 - 00000000 ____D C:\Program Files\iTunes
2013-06-20 16:23 - 2013-06-20 16:23 - 00000000 ____D C:\Program Files\iPod
2013-06-20 01:43 - 2013-06-20 01:43 - 00000000 ____D C:\Program Files (x86)\Dolby Home Theater v4
2013-06-20 01:43 - 2013-06-03 17:08 - 00000008 ____A C:\Windows\System32\Drivers\RTKHDAUD.DAT
2013-06-20 01:43 - 2013-05-21 21:50 - 03425608 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RTKVHD64.sys
2013-06-20 01:43 - 2013-05-21 15:57 - 00142408 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RCoInstII64.dll
2013-06-20 01:43 - 2013-05-21 15:05 - 00576929 ____A C:\Windows\System32\Drivers\RTAIODAT.DAT
2013-06-20 01:43 - 2013-05-21 14:15 - 24962560 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RCoRes64.dat
2013-06-20 01:43 - 2013-05-20 16:16 - 01003592 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkApi64.dll
2013-06-20 01:43 - 2013-05-20 14:36 - 02794056 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtPgEx64.dll
2013-06-20 01:43 - 2013-05-02 12:01 - 02103040 ____A (Waves Audio Ltd.) C:\Windows\System32\WavesGUILib64.dll
2013-06-20 01:43 - 2013-04-30 19:53 - 03693640 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkAPO64.dll
2013-06-20 01:43 - 2013-04-30 14:28 - 00916016 ____A (Sony Corporation) C:\Windows\System32\SFSS_APO.dll
2013-06-20 01:43 - 2013-04-24 17:16 - 01662024 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RTSnMg64.cpl
2013-06-20 01:43 - 2013-04-23 00:40 - 02735648 ____A (Fortemedia Corporation) C:\Windows\System32\FMAPO64.dll
2013-06-20 01:43 - 2013-04-01 14:06 - 02079816 ____A (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2013-06-20 01:43 - 2013-03-23 03:43 - 00208072 ____A (Andrea Electronics Corporation) C:\Windows\System32\AERTAC64.dll
2013-06-20 01:43 - 2013-02-20 18:55 - 01284680 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RTCOM64.dll
2013-06-20 01:43 - 2012-10-02 14:41 - 00501192 ____A (DTS) C:\Windows\System32\DTSU2PLFX64.dll
2013-06-20 01:43 - 2012-10-02 14:41 - 00487368 ____A (DTS) C:\Windows\System32\DTSU2PGFX64.dll
2013-06-20 01:43 - 2012-10-02 14:41 - 00415688 ____A (DTS) C:\Windows\System32\DTSU2PREC64.dll
2013-06-20 01:43 - 2012-08-31 19:18 - 07164176 ____A (Dolby Laboratories) C:\Windows\System32\R4EEP64A.dll
2013-06-20 01:43 - 2012-08-31 19:17 - 00434960 ____A (Dolby Laboratories) C:\Windows\System32\R4EED64A.dll
2013-06-20 01:43 - 2012-08-31 19:17 - 00141584 ____A (Dolby Laboratories) C:\Windows\System32\R4EEL64A.dll
2013-06-20 01:43 - 2012-08-31 19:17 - 00124176 ____A (Dolby Laboratories) C:\Windows\System32\R4EEA64A.dll
2013-06-20 01:43 - 2012-08-31 19:17 - 00075024 ____A (Dolby Laboratories) C:\Windows\System32\R4EEG64A.dll
2013-06-19 22:15 - 2013-05-13 15:15 - 00016344 ____A (Intel Corporation) C:\Windows\System32\Drivers\IntelMEFWVer.dll
2013-06-19 22:12 - 2013-06-19 22:12 - 04876072 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-16 12:18 - 2013-05-31 01:24 - 01257472 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-06-16 12:18 - 2013-05-31 01:08 - 00974848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-06-16 12:18 - 2013-05-24 01:01 - 01300992 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2013-06-16 12:18 - 2013-05-24 00:27 - 01022464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-06-16 12:17 - 2013-05-15 04:25 - 00888320 ____A (Microsoft Corporation) C:\Windows\System32\autochk.exe
2013-06-16 12:17 - 2013-05-15 04:25 - 00542208 ____A (Microsoft Corporation) C:\Windows\System32\untfs.dll
2013-06-16 12:17 - 2013-05-15 04:24 - 00793088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2013-06-16 12:17 - 2013-05-15 04:24 - 00482816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2013-06-15 16:53 - 2013-05-04 09:58 - 00120736 ____A (Microsoft Corporation) C:\Windows\System32\AuthHost.exe
2013-06-15 16:53 - 2013-05-04 09:34 - 00446720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
2013-06-15 16:53 - 2013-05-04 09:34 - 00284416 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2013-06-15 16:53 - 2013-05-04 09:34 - 00213248 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS
2013-06-15 16:53 - 2013-05-04 09:30 - 00058312 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2013-06-15 16:53 - 2013-05-04 08:59 - 13644288 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2013-06-15 16:53 - 2013-05-04 08:59 - 03241472 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2013-06-15 16:53 - 2013-05-04 08:59 - 01619968 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2013-06-15 16:53 - 2013-05-04 08:59 - 01483776 ____A (Microsoft Corporation) C:\Windows\System32\VSSVC.exe
2013-06-15 16:53 - 2013-05-04 08:59 - 00812544 ____A (Microsoft Corporation) C:\Windows\System32\Magnify.exe
2013-06-15 16:53 - 2013-05-04 08:59 - 00760320 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2013-06-15 16:53 - 2013-05-04 08:59 - 00251904 ____A (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
2013-06-15 16:53 - 2013-05-04 08:59 - 00141824 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2013-06-15 16:53 - 2013-05-04 08:59 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2013-06-15 16:53 - 2013-05-04 08:59 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2013-06-15 16:53 - 2013-05-04 08:58 - 10116096 ____A (Microsoft Corporation) C:\Windows\System32\twinui.dll
2013-06-15 16:53 - 2013-05-04 08:58 - 01332736 ____A (Microsoft Corporation) C:\Windows\System32\sysmain.dll
2013-06-15 16:53 - 2013-05-04 08:58 - 00470528 ____A (Microsoft Corporation) C:\Windows\System32\netprofmsvc.dll
2013-06-15 16:53 - 2013-05-04 08:58 - 00330240 ____A (Microsoft Corporation) C:\Windows\System32\stobject.dll
2013-06-15 16:53 - 2013-05-04 08:58 - 00328192 ____A (Microsoft Corporation) C:\Windows\System32\ubpm.dll
2013-06-15 16:53 - 2013-05-04 08:58 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\storewuauth.dll
2013-06-15 16:53 - 2013-05-04 08:58 - 00169984 ____A (Microsoft Corporation) C:\Windows\System32\netplwiz.dll
2013-06-15 16:53 - 2013-05-04 08:58 - 00151552 ____A (Microsoft Corporation) C:\Windows\System32\netprofm.dll
2013-06-15 16:53 - 2013-05-04 08:58 - 00093696 ____A (Microsoft Corporation) C:\Windows\System32\psmsrv.dll
2013-06-15 16:53 - 2013-05-04 08:57 - 02305024 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-06-15 16:53 - 2013-05-04 08:57 - 01131520 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll
2013-06-15 16:53 - 2013-05-04 08:57 - 00820736 ____A (Microsoft Corporation) C:\Windows\System32\gpprefcl.dll
2013-06-15 16:53 - 2013-05-04 08:57 - 00708096 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.dll
2013-06-15 16:53 - 2013-05-04 08:57 - 00560640 ____A (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll
2013-06-15 16:53 - 2013-05-04 08:57 - 00501760 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairing.dll
2013-06-15 16:53 - 2013-05-04 08:57 - 00389120 ____A (Microsoft Corporation) C:\Windows\System32\BCP47Langs.dll
2013-06-15 16:53 - 2013-05-04 08:57 - 00179712 ____A (Microsoft Corporation) C:\Windows\System32\bisrv.dll
2013-06-15 16:53 - 2013-05-04 08:57 - 00122368 ____A (Microsoft Corporation) C:\Windows\System32\biwinrt.dll
2013-06-15 16:53 - 2013-05-04 08:57 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\muifontsetup.dll
2013-06-15 16:53 - 2013-05-04 08:56 - 00419840 ____A (Microsoft Corporation) C:\Windows\System32\intl.cpl
2013-06-15 16:53 - 2013-05-04 06:58 - 00758784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2013-06-15 16:53 - 2013-05-04 06:58 - 00621056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-06-15 16:53 - 2013-05-04 06:58 - 00125952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-06-15 16:53 - 2013-05-04 06:58 - 00083968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-06-15 16:53 - 2013-05-04 06:58 - 00034304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-06-15 16:53 - 2013-05-04 06:57 - 10788864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-06-15 16:53 - 2013-05-04 06:57 - 08857088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-06-15 16:53 - 2013-05-04 06:57 - 00303616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2013-06-15 16:53 - 2013-05-04 06:57 - 00247296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-06-15 16:53 - 2013-05-04 06:57 - 00151040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2013-06-15 16:53 - 2013-05-04 06:57 - 00115712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2013-06-15 16:53 - 2013-05-04 06:57 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2013-06-15 16:53 - 2013-05-04 06:57 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2013-06-15 16:53 - 2013-05-04 06:56 - 02035712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-06-15 16:53 - 2013-05-04 06:56 - 00582144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2013-06-15 16:53 - 2013-05-04 06:56 - 00449536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-06-15 16:53 - 2013-05-04 06:56 - 00411136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2013-06-15 16:53 - 2013-05-04 06:56 - 00309760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2013-06-15 16:53 - 2013-05-04 06:56 - 00092160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2013-06-15 16:53 - 2013-05-04 06:55 - 00389632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-06-15 16:53 - 2013-05-04 06:51 - 00014848 ____A (Microsoft) C:\Windows\System32\rars.rs
2013-06-15 16:53 - 2013-05-04 06:48 - 00083968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-06-15 16:53 - 2013-05-04 06:48 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2013-06-15 16:53 - 2013-05-04 06:47 - 00427520 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2013-06-15 16:53 - 2013-05-04 06:10 - 00014848 ____A (Microsoft) C:\Windows\SysWOW64\rars.rs
2013-06-15 16:53 - 2013-05-03 00:04 - 00386646 ____A C:\Windows\System32\ApnDatabase.xml
2013-06-12 14:19 - 2013-04-03 01:37 - 00025088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 14:19 - 2013-04-03 01:12 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 09:50 - 2013-06-05 00:09 - 00693112 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 09:50 - 2013-06-05 00:09 - 00078200 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-12 09:31 - 2013-05-16 00:37 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-06-12 09:31 - 2013-05-16 00:36 - 14320640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-12 09:31 - 2013-05-16 00:35 - 19230720 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-12 09:31 - 2013-05-16 00:35 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\UXInit.dll
2013-06-12 09:31 - 2013-05-14 15:14 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-12 09:31 - 2013-05-14 11:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-12 09:31 - 2013-05-04 09:45 - 02233600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 09:31 - 2013-04-29 00:30 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-12 09:31 - 2013-04-29 00:30 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 09:31 - 2013-04-29 00:30 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-12 09:31 - 2013-04-29 00:30 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 09:31 - 2013-04-29 00:30 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-12 09:31 - 2013-04-29 00:30 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 09:31 - 2013-04-29 00:30 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 09:31 - 2013-04-29 00:28 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 09:31 - 2013-04-29 00:28 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 09:31 - 2013-04-29 00:28 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-12 09:31 - 2013-04-29 00:28 - 00915968 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
2013-06-12 09:31 - 2013-04-29 00:28 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 09:31 - 2013-04-29 00:28 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 09:31 - 2013-04-29 00:27 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-12 09:31 - 2013-04-29 00:27 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-12 09:31 - 2013-04-29 00:27 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 09:31 - 2013-04-27 07:20 - 00733184 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 09:31 - 2013-04-24 01:13 - 01013248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 09:31 - 2013-04-24 01:12 - 01569792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 09:31 - 2013-04-24 01:12 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 09:31 - 2013-04-24 00:56 - 01255936 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 09:31 - 2013-04-24 00:55 - 01889280 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 09:31 - 2013-04-24 00:55 - 00141312 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 09:31 - 2013-04-24 00:55 - 00068096 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll

==================== One Month Modified Files and Folders =======

2013-07-07 21:13 - 2013-07-07 21:13 - 00000000 ____D C:\FRST
2013-07-07 12:27 - 2013-01-06 17:49 - 00753134 ____A C:\Windows\System32\perfh007.dat
2013-07-07 12:27 - 2013-01-06 17:49 - 00155826 ____A C:\Windows\System32\perfc007.dat
2013-07-07 12:27 - 2012-07-26 09:28 - 01745416 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-07 12:26 - 2013-07-07 12:26 - 00001057 ____A C:\Users\Peter\Desktop\JRT.txt
2013-07-07 12:24 - 2013-07-07 12:24 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Peter\Desktop\JRT.exe
2013-07-07 12:24 - 2013-07-07 12:24 - 00000000 ____D C:\Windows\ERUNT
2013-07-07 12:24 - 2013-07-07 12:24 - 00000000 ____D C:\JRT
2013-07-07 12:22 - 2013-07-07 12:22 - 00002934 ____A C:\Users\Peter\Desktop\AdwCleaner[S1].txt
2013-07-07 12:22 - 2013-01-06 04:42 - 00000000 ___RD C:\Users\Peter\Dropbox
2013-07-07 12:22 - 2013-01-06 04:40 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Dropbox
2013-07-07 12:22 - 2012-07-26 09:22 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-07 12:21 - 2013-07-07 12:21 - 00002934 ____A C:\AdwCleaner[S1].txt
2013-07-07 12:21 - 2012-07-26 07:26 - 00786432 __ASH C:\Windows\System32\config\BBI
2013-07-07 12:20 - 2013-07-07 12:20 - 00650027 ____A C:\Users\Peter\Desktop\adwcleaner.exe
2013-07-07 12:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\sru
2013-07-07 11:41 - 2013-01-06 03:42 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-07 10:50 - 2013-07-07 11:38 - 01934636 ____A (Farbar) C:\Users\Peter\Desktop\FRST64.exe
2013-07-07 02:25 - 2013-01-06 09:02 - 01957727 ____A C:\Windows\WindowsUpdate.log
2013-07-07 00:32 - 2013-07-07 00:32 - 00000000 ____D C:\Program Files (x86)\ThinkPad
2013-07-07 00:32 - 2013-01-06 08:52 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-07 00:32 - 2013-01-06 08:52 - 00000000 ____D C:\Program Files\Lenovo
2013-07-07 00:32 - 2013-01-06 08:52 - 00000000 ____D C:\Program Files (x86)\Lenovo
2013-07-07 00:32 - 2012-07-26 10:12 - 00000000 __RSD C:\Windows\Media
2013-07-07 00:27 - 2012-09-13 20:32 - 00577344 ____A C:\Windows\PFRO.log
2013-07-07 00:25 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\NDF
2013-07-06 22:46 - 2013-07-06 22:46 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Malwarebytes
2013-07-06 22:45 - 2013-07-06 22:45 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-06 22:13 - 2013-01-06 09:56 - 00000000 ____D C:\Users\Peter\AppData\Local\Adobe
2013-07-05 23:13 - 2013-01-06 03:39 - 00000000 ____D C:\Users\Peter\AppData\Roaming\vlc
2013-07-05 09:54 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-07-04 09:08 - 2012-07-26 09:21 - 00057789 ____A C:\Windows\setupact.log
2013-07-04 09:07 - 2013-01-18 20:37 - 00001432 ____A C:\Windows\Synaptics.log
2013-07-04 09:07 - 2013-01-06 08:51 - 00267496 ____A C:\Windows\DPINST.LOG
2013-07-04 01:08 - 2013-05-17 09:55 - 524288848 ____A C:\Users\Peter\Desktop\Firefox.ard
2013-07-04 01:08 - 2013-01-06 02:57 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Mozilla
2013-07-03 23:06 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-07-03 18:25 - 2013-07-03 18:25 - 00606352 ____A C:\Users\Peter\Desktop\Passbild-36aGenerator.exe
2013-07-03 18:25 - 2013-07-03 18:25 - 00000000 ____D C:\Users\Peter\AppData\Local\Passbild_Generator
2013-07-02 16:07 - 2013-01-06 02:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-02 15:56 - 2013-04-29 16:21 - 00000000 ____D C:\Users\Peter\Documents\Citavi 4
2013-07-02 15:17 - 2013-07-02 15:17 - 00000000 ____D C:\Windows\msagent
2013-07-02 15:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\Help
2013-06-26 11:12 - 2013-06-26 11:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-26 10:23 - 2013-05-07 18:40 - 00083672 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avnetflt.sys
2013-06-25 20:42 - 2013-06-25 19:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-06-25 09:53 - 2013-01-20 23:55 - 00000000 ____D C:\Users\Peter\Desktop\Tattoo
2013-06-25 09:20 - 2013-01-06 09:19 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Adobe
2013-06-25 09:20 - 2013-01-06 08:57 - 00000000 ____D C:\ProgramData\Adobe
2013-06-25 09:16 - 2013-01-06 08:57 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-06-22 20:29 - 2013-03-19 01:29 - 00000000 ____D C:\Program Files\Intel
2013-06-22 20:29 - 2013-03-04 02:03 - 00000000 ____D C:\ProgramData\Package Cache
2013-06-22 20:28 - 2013-01-18 20:39 - 00000000 ____D C:\Program Files (x86)\Cisco
2013-06-22 20:28 - 2013-01-06 08:51 - 00000000 ____D C:\ProgramData\Intel
2013-06-22 20:28 - 2013-01-06 08:51 - 00000000 ____D C:\Program Files (x86)\Intel
2013-06-20 16:23 - 2013-06-20 16:23 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-20 16:23 - 2013-06-20 16:23 - 00000000 ____D C:\Program Files\iTunes
2013-06-20 16:23 - 2013-06-20 16:23 - 00000000 ____D C:\Program Files\iPod
2013-06-20 16:23 - 2013-05-16 23:03 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-20 16:22 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\LiveKernelReports
2013-06-20 01:43 - 2013-06-20 01:43 - 00000000 ____D C:\Program Files (x86)\Dolby Home Theater v4
2013-06-20 01:43 - 2013-01-06 08:53 - 00003066 ____A C:\RHDSetup.log
2013-06-20 01:43 - 2013-01-06 08:53 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-06-19 22:12 - 2013-06-19 22:12 - 04876072 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-19 21:41 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-06-19 01:42 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-06-19 01:42 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\ToastData
2013-06-19 01:42 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-06-19 01:42 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-06-19 01:42 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-06-19 01:42 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\System32\Dism
2013-06-18 12:49 - 2013-01-06 10:03 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-17 14:59 - 2013-01-06 14:39 - 00000000 ____D C:\Users\Peter\AppData\Local\CrashDumps
2013-06-10 00:28 - 2013-03-09 21:44 - 00000000 ____D C:\Program Files (x86)\Steam
2013-06-09 17:18 - 2013-01-24 14:03 - 00000000 ___RD C:\Users\Peter\Desktop\jpgcompressor

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-01 22:54

==================== End Of Log ============================
--- --- ---

--- --- ---



schon mal vielen vielen Dank für deine Hilfe =)

schrauber 07.07.2013 12:35

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

pedro12345 07.07.2013 13:29
so hier wieder die Log-Dateien

Eset:

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=7dd0d1d9d635044c9d1f669ee654e5f8
# engine=14301
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-07 12:18:52
# local_time=2013-07-07 02:18:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=1799 16775165 100 96 58121 238622822 5463 0
# compatibility_mode=5893 16776574 100 94 8783475 32705643 0 0
# scanned=241422
# found=3
# cleaned=0
# scan_time=2092
sh=9802F7621093DBFC4382358338668406F1C98DD4 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Peter\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\23573b19-6ef1c661"
sh=5BB9F56DB35FD792FE84CE470CF9B97976D6EC85 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Peter\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\1e7ec47c-608d7e4b"
sh=04EBD05AF01E6F85602121AF7A90A6A27077784D ft=0 fh=0000000000000000 vn="probably unknown STEALTH.POLY.CRYPT.TSR.DRIVER virus" ac=I fn="C:\Windows\WinSxS\amd64_microsoft-windows-w..pdateclient-activex_31bf3856ad364e35_7.8.9200.20652_none_3af95a8249870d53\wuapp.exe"

SecCheck:

Code:
Results of screen317's Security Check version 0.99.68 
  x64 (UAC is enabled) 
 Internet Explorer 10 
``````````````Antivirus/Firewall Check:``````````````
Windows Defender 
Avira Desktop     
 Antivirus up to date!  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Spyder3Pro   
 Java 7 Update 21 
 Java version out of Date!
 Adobe Flash Player        11.7.700.224 
 Adobe Reader XI 
 Mozilla Firefox (22.0)
 Mozilla Thunderbird (17.0.7)
````````Process Check: objlist.exe by Laurent```````` 
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
und neuer FRST-Log:


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-07-2013
Ran by Peter (administrator) on 07-07-2013 14:25:22
Running from C:\Users\Peter\Desktop
Windows 8 Pro (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Lenovo.) C:\WINDOWS\system32\ibmpmsvc.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Softwareentwicklung Remus - ArchiCrypt) C:\WINDOWS\system32\ACRAMDiskHandlerService64R_D4.exe
(Broadcom Corporation.) C:\WINDOWS\system32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\WINDOWS\system32\IProsetMonitor.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSD.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\SHTCTKY.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Password Manager\password_manager.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
() C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dropbox, Inc.) C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s [13538376 2013-05-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4 [1308232 2013-05-20] (Realtek Semiconductor)
HKLM\...\Run: [TpShocks] TpShocks.exe [382248 2013-05-10] (Lenovo.)
HKLM\...\Run: [PasswordManager] C:\Program Files\Lenovo\Password Manager\password_manager.exe [1534888 2012-10-23] (Lenovo Group Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [LenovoOptMouseUpdate] C:\Program Files\Lenovo\HOTKEY\extapsup.exe [255480 2013-04-19] (Lenovo Group Limited)
HKLM\...\Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [x]
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-05-29] (Synaptics Incorporated)
HKLM\...\Run: [LnvMobHotspotClient] C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [937976 2013-05-28] (Lenovo)
HKLM\...\Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [594936 2013-05-27] (Lenovo Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3673728 2012-11-06] (DT Soft Ltd)
HKCU\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [1635752 2013-05-04] (Valve Corporation)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
MountPoints2: {2281668e-8466-11e2-beb1-3c970e590759} - "F:\setup.exe"
MountPoints2: {e6c31630-7cf3-11e2-bea8-3c970e590759} - "F:\setup.exe" -a
HKLM-x32\...\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [59392 2012-05-02] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized [684024 2012-10-17] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [132920 2013-05-30] (Intel Corporation)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PWMTRV] rundll32 C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL,PwrMgrBkGndMonitor [6618408 2013-06-04] (Lenovo Group Limited)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Spyder3Utility.lnk
ShortcutTarget: Spyder3Utility.lnk -> C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe ()
Startup: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com
SearchScopes: HKCU - {7AFF137D-23DE-4688-ABB1-6B39E6F3E846} URL =
BHO: IePasswordManagerHelper Class - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files\Lenovo\Password Manager\tvtpwm_ie_com.dll (Lenovo Group Limited)
BHO-x32: Citavi Picker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: IePasswordManagerHelper Class - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files (x86)\Lenovo\Password Manager\tvtpwm_ie_com.dll (Lenovo Group Limited)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{AB94E8B7-CDFE-4189-8BD3-EB57E0CF062B}: [NameServer]193.189.244.225,193.189.244.206

FireFox:
========
FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\if6ueips.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://theawesomer.com/
FF Keyword.URL: hxxp://www.google.de/search?q=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\if6ueips.default\Extensions\ich@maltegoetz.de
FF Extension: groovesharkUnlocker - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\if6ueips.default\Extensions\groovesharkUnlocker@overlord1337.xpi
FF Extension: No Name - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\if6ueips.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKCU\...\Firefox\Extensions: [{F74D5734-46F5-4B16-96F0-1E7FBF41B750}] C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12
FF Extension: ThinkVantage Password Manager - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-26] (Avira Operations GmbH & Co. KG)
R2 ArchiCrypt Ultimate RAM-Disk 4; C:\WINDOWS\system32\ACRAMDiskHandlerService64R_D4.exe [1580648 2013-04-30] (Softwareentwicklung Remus - ArchiCrypt)
S3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [149496 2013-05-27] (Lenovo Corporation)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2228440 2013-04-24] (Broadcom Corporation.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-05-30] (Intel Corporation)
R3 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2037240 2013-04-19] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [559504 2012-08-16] (LENOVO INCORPORATED.)
S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [683000 2013-05-27] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
R2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [465912 2013-05-28] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [463352 2013-04-19] ()
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22376 2013-04-11] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 ACMoFlex64RD4; C:\WINDOWS\system32\drivers\ACMoFlex64RD4.sys [23656 2013-04-30] (Softwareentwicklung Remus - ArchiCrypt.de)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130016 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-03-27] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [172760 2013-04-24] (Broadcom Corporation.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 BTWPANFL; C:\WINDOWS\system32\drivers\btwpanfl.sys [44912 2013-01-20] (Broadcom Corporation.)
S2 DgiVecp; C:\WINDOWS\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)
S2 DgiVecp; C:\WINDOWS\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-03-05] (DT Soft Ltd)
R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c63x64.sys [468240 2013-02-21] (Intel Corporation)
R3 LnvHIDHW; C:\Windows\System32\drivers\LnvHIDHW.sys [27496 2012-07-30] (Lenovo)
R3 MbmLowExt; C:\Windows\System32\Drivers\MbmLowExt.sys [26112 2012-10-30] (Ericsson AB)
R3 MbmUsbSerial; C:\Windows\System32\Drivers\MbmUsbSerial.sys [72704 2012-07-03] (Ericsson AB)
R3 MkBusFilter; C:\Windows\System32\drivers\MbmDeviceFilter.sys [25600 2012-10-22] (Ericsson AB)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3311072 2013-02-21] (Intel Corporation)
R0 RAMDiskVE; C:\Windows\System32\Drivers\RAMDiskVE.sys [73040 2012-09-06] (Dataram, Inc.)
R3 RCUVCAVS; C:\Windows\system32\DRIVERS\RCUVCAVS.sys [149632 2012-08-02] (Ricoh co.,Ltd.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44784 2013-05-29] (Synaptics Incorporated)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
S3 Spyder3; C:\Windows\System32\drivers\Spyder3.sys [15360 2010-03-30] ()
R3 wmbclass; C:\Windows\System32\drivers\wmbclass.sys [230912 2013-04-09] (Microsoft Corporation)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 BTCFilterService; \SystemRoot\system32\DRIVERS\motfilt.sys [x]
S3 intaud_WaveExtensible; \SystemRoot\system32\drivers\intelaud.sys [x]
S3 iwdbus; \SystemRoot\System32\drivers\iwdbus.sys [x]
S3 motccgp; \SystemRoot\System32\drivers\motccgp.sys [x]
S3 motccgpfl; \SystemRoot\System32\drivers\motccgpfl.sys [x]
S3 motmodem; \SystemRoot\system32\DRIVERS\motmodem.sys [x]
S3 MotoSwitchService; \SystemRoot\System32\drivers\motswch.sys [x]
S3 Motousbnet; \SystemRoot\system32\DRIVERS\Motousbnet.sys [x]
S3 motusbdevice; \SystemRoot\System32\drivers\motusbdevice.sys [x]
S3 NETwNs64; \SystemRoot\system32\DRIVERS\NETwNs64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-07 21:13 - 2013-07-07 21:13 - 00000000 ____D C:\FRST
2013-07-07 14:25 - 2013-07-07 14:25 - 00000869 ____A C:\Users\Peter\Desktop\checkup.txt
2013-07-07 14:24 - 2013-07-07 14:24 - 00890988 ____A C:\Users\Peter\Desktop\SecurityCheck.exe
2013-07-07 13:38 - 2013-07-07 13:38 - 02347384 ____A (ESET) C:\Users\Peter\Desktop\esetsmartinstaller_enu.exe
2013-07-07 13:34 - 2013-07-07 13:34 - 00000000 ____D C:\Users\Peter\Desktop\Soundcloud
2013-07-07 13:31 - 2013-07-07 13:31 - 00000000 ____D C:\Users\Peter\Desktop\CloudDownloaderVersion2.0
2013-07-07 12:24 - 2013-07-07 12:24 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Peter\Desktop\JRT.exe
2013-07-07 12:24 - 2013-07-07 12:24 - 00000000 ____D C:\Windows\ERUNT
2013-07-07 12:24 - 2013-07-07 12:24 - 00000000 ____D C:\JRT
2013-07-07 12:21 - 2013-07-07 12:21 - 00002934 ____A C:\AdwCleaner[S1].txt
2013-07-07 12:20 - 2013-07-07 12:20 - 00650027 ____A C:\Users\Peter\Desktop\adwcleaner.exe
2013-07-07 11:38 - 2013-07-07 10:50 - 01934636 ____A (Farbar) C:\Users\Peter\Desktop\FRST64.exe
2013-07-07 00:32 - 2013-07-07 00:32 - 00000000 ____D C:\Program Files (x86)\ThinkPad
2013-07-07 00:32 - 2013-06-04 07:40 - 00020736 ____A (Lenovo Group Limited) C:\Windows\System32\Drivers\TPPWR64V.SYS
2013-07-07 00:32 - 2013-05-27 12:57 - 16819192 ____A (Lenovo Corporation) C:\Windows\System32\LibDriverMft.dll
2013-07-07 00:32 - 2013-05-27 12:57 - 00076280 ____A (Lenovo Corporation) C:\Windows\System32\LibDriverMftStart.dll
2013-07-07 00:32 - 2013-05-27 12:52 - 00067064 ____A (Lenovo Corporation) C:\Windows\SysWOW64\LibDriverMftStart.dll
2013-07-07 00:32 - 2013-05-27 12:51 - 16820728 ____A (Lenovo Corporation) C:\Windows\SysWOW64\LibDriverMft.dll
2013-07-07 00:32 - 2013-05-24 19:05 - 02366320 ____A (Microsoft Corporation) C:\Windows\System32\WudfUpdate_01011.dll
2013-07-06 22:46 - 2013-07-06 22:46 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Malwarebytes
2013-07-06 22:45 - 2013-07-06 22:45 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-04 09:08 - 2013-04-24 00:25 - 02232024 ____A (Broadcom Corporation.) C:\Windows\System32\BcmBtRSupport.dll
2013-07-04 09:08 - 2013-04-24 00:25 - 02228440 ____A (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
2013-07-04 09:08 - 2013-04-24 00:25 - 00186584 ____A (Broadcom Corporation.) C:\Windows\System32\Drivers\btwaudio.sys
2013-07-04 09:08 - 2013-04-24 00:24 - 00228568 ____A (Broadcom Corporation.) C:\Windows\System32\Drivers\btwavdt.sys
2013-07-04 09:08 - 2013-04-24 00:24 - 00022744 ____A (Broadcom Corporation.) C:\Windows\System32\Drivers\btwrchid.sys
2013-07-04 09:08 - 2012-07-27 07:48 - 00040248 ____A (Broadcom Corporation.) C:\Windows\System32\Drivers\btwl2cap.sys
2013-07-04 09:07 - 2013-05-29 21:41 - 01048816 ____A (Synaptics Incorporated) C:\Windows\System32\SynCOM.dll
2013-07-04 09:07 - 2013-05-29 21:41 - 00540400 ____A (Synaptics Incorporated) C:\Windows\SysWOW64\SynCOM.dll
2013-07-04 09:07 - 2013-05-29 21:41 - 00460528 ____A (Synaptics Incorporated) C:\Windows\System32\Drivers\SynTP.sys
2013-07-04 09:07 - 2013-05-29 21:41 - 00229616 ____A (Synaptics Incorporated) C:\Windows\System32\SynTPAPI.dll
2013-07-04 09:07 - 2013-05-29 21:41 - 00178416 ____A (Synaptics Incorporated) C:\Windows\System32\SynTPCo14.dll
2013-07-04 09:07 - 2013-05-29 21:41 - 00114416 ____A (Synaptics Incorporated) C:\Windows\SysWOW64\SynTPCOM.dll
2013-07-04 09:07 - 2013-05-29 21:41 - 00044784 ____A (Synaptics Incorporated) C:\Windows\System32\Drivers\Smb_driver_Intel.sys
2013-07-03 20:58 - 2013-05-16 00:35 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\tssdisai.dll
2013-07-03 18:25 - 2013-07-03 18:25 - 00606352 ____A C:\Users\Peter\Desktop\Passbild-36aGenerator.exe
2013-07-03 18:25 - 2013-07-03 18:25 - 00000000 ____D C:\Users\Peter\AppData\Local\Passbild_Generator
2013-07-02 15:17 - 2013-07-02 15:17 - 00000000 ____D C:\Windows\msagent
2013-07-02 15:17 - 2000-05-22 16:58 - 00244416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msflxgrd.ocx
2013-06-26 11:12 - 2013-06-26 11:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-25 19:23 - 2013-06-25 20:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-06-20 16:23 - 2013-06-20 16:23 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-20 16:23 - 2013-06-20 16:23 - 00000000 ____D C:\Program Files\iTunes
2013-06-20 16:23 - 2013-06-20 16:23 - 00000000 ____D C:\Program Files\iPod
2013-06-20 01:43 - 2013-06-20 01:43 - 00000000 ____D C:\Program Files (x86)\Dolby Home Theater v4
2013-06-20 01:43 - 2013-06-03 17:08 - 00000008 ____A C:\Windows\System32\Drivers\RTKHDAUD.DAT
2013-06-20 01:43 - 2013-05-21 21:50 - 03425608 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RTKVHD64.sys
2013-06-20 01:43 - 2013-05-21 15:57 - 00142408 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RCoInstII64.dll
2013-06-20 01:43 - 2013-05-21 15:05 - 00576929 ____A C:\Windows\System32\Drivers\RTAIODAT.DAT
2013-06-20 01:43 - 2013-05-21 14:15 - 24962560 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RCoRes64.dat
2013-06-20 01:43 - 2013-05-20 16:16 - 01003592 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkApi64.dll
2013-06-20 01:43 - 2013-05-20 14:36 - 02794056 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtPgEx64.dll
2013-06-20 01:43 - 2013-05-02 12:01 - 02103040 ____A (Waves Audio Ltd.) C:\Windows\System32\WavesGUILib64.dll
2013-06-20 01:43 - 2013-04-30 19:53 - 03693640 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkAPO64.dll
2013-06-20 01:43 - 2013-04-30 14:28 - 00916016 ____A (Sony Corporation) C:\Windows\System32\SFSS_APO.dll
2013-06-20 01:43 - 2013-04-24 17:16 - 01662024 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RTSnMg64.cpl
2013-06-20 01:43 - 2013-04-23 00:40 - 02735648 ____A (Fortemedia Corporation) C:\Windows\System32\FMAPO64.dll
2013-06-20 01:43 - 2013-04-01 14:06 - 02079816 ____A (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2013-06-20 01:43 - 2013-03-23 03:43 - 00208072 ____A (Andrea Electronics Corporation) C:\Windows\System32\AERTAC64.dll
2013-06-20 01:43 - 2013-02-20 18:55 - 01284680 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RTCOM64.dll
2013-06-20 01:43 - 2012-10-02 14:41 - 00501192 ____A (DTS) C:\Windows\System32\DTSU2PLFX64.dll
2013-06-20 01:43 - 2012-10-02 14:41 - 00487368 ____A (DTS) C:\Windows\System32\DTSU2PGFX64.dll
2013-06-20 01:43 - 2012-10-02 14:41 - 00415688 ____A (DTS) C:\Windows\System32\DTSU2PREC64.dll
2013-06-20 01:43 - 2012-08-31 19:18 - 07164176 ____A (Dolby Laboratories) C:\Windows\System32\R4EEP64A.dll
2013-06-20 01:43 - 2012-08-31 19:17 - 00434960 ____A (Dolby Laboratories) C:\Windows\System32\R4EED64A.dll
2013-06-20 01:43 - 2012-08-31 19:17 - 00141584 ____A (Dolby Laboratories) C:\Windows\System32\R4EEL64A.dll
2013-06-20 01:43 - 2012-08-31 19:17 - 00124176 ____A (Dolby Laboratories) C:\Windows\System32\R4EEA64A.dll
2013-06-20 01:43 - 2012-08-31 19:17 - 00075024 ____A (Dolby Laboratories) C:\Windows\System32\R4EEG64A.dll
2013-06-19 22:15 - 2013-05-13 15:15 - 00016344 ____A (Intel Corporation) C:\Windows\System32\Drivers\IntelMEFWVer.dll
2013-06-19 22:12 - 2013-06-19 22:12 - 04876072 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-16 12:18 - 2013-05-31 01:24 - 01257472 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-06-16 12:18 - 2013-05-31 01:08 - 00974848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-06-16 12:18 - 2013-05-24 01:01 - 01300992 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2013-06-16 12:18 - 2013-05-24 00:27 - 01022464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-06-16 12:17 - 2013-05-15 04:25 - 00888320 ____A (Microsoft Corporation) C:\Windows\System32\autochk.exe
2013-06-16 12:17 - 2013-05-15 04:25 - 00542208 ____A (Microsoft Corporation) C:\Windows\System32\untfs.dll
2013-06-16 12:17 - 2013-05-15 04:24 - 00793088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2013-06-16 12:17 - 2013-05-15 04:24 - 00482816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2013-06-15 16:53 - 2013-05-04 09:58 - 00120736 ____A (Microsoft Corporation) C:\Windows\System32\AuthHost.exe
2013-06-15 16:53 - 2013-05-04 09:34 - 00446720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
2013-06-15 16:53 - 2013-05-04 09:34 - 00284416 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2013-06-15 16:53 - 2013-05-04 09:34 - 00213248 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS
2013-06-15 16:53 - 2013-05-04 09:30 - 00058312 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2013-06-15 16:53 - 2013-05-04 08:59 - 13644288 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2013-06-15 16:53 - 2013-05-04 08:59 - 03241472 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2013-06-15 16:53 - 2013-05-04 08:59 - 01619968 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2013-06-15 16:53 - 2013-05-04 08:59 - 01483776 ____A (Microsoft Corporation) C:\Windows\System32\VSSVC.exe
2013-06-15 16:53 - 2013-05-04 08:59 - 00812544 ____A (Microsoft Corporation) C:\Windows\System32\Magnify.exe
2013-06-15 16:53 - 2013-05-04 08:59 - 00760320 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2013-06-15 16:53 - 2013-05-04 08:59 - 00251904 ____A (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
2013-06-15 16:53 - 2013-05-04 08:59 - 00141824 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2013-06-15 16:53 - 2013-05-04 08:59 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2013-06-15 16:53 - 2013-05-04 08:59 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2013-06-15 16:53 - 2013-05-04 08:58 - 10116096 ____A (Microsoft Corporation) C:\Windows\System32\twinui.dll
2013-06-15 16:53 - 2013-05-04 08:58 - 01332736 ____A (Microsoft Corporation) C:\Windows\System32\sysmain.dll
2013-06-15 16:53 - 2013-05-04 08:58 - 00470528 ____A (Microsoft Corporation) C:\Windows\System32\netprofmsvc.dll
2013-06-15 16:53 - 2013-05-04 08:58 - 00330240 ____A (Microsoft Corporation) C:\Windows\System32\stobject.dll
2013-06-15 16:53 - 2013-05-04 08:58 - 00328192 ____A (Microsoft Corporation) C:\Windows\System32\ubpm.dll
2013-06-15 16:53 - 2013-05-04 08:58 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\storewuauth.dll
2013-06-15 16:53 - 2013-05-04 08:58 - 00169984 ____A (Microsoft Corporation) C:\Windows\System32\netplwiz.dll
2013-06-15 16:53 - 2013-05-04 08:58 - 00151552 ____A (Microsoft Corporation) C:\Windows\System32\netprofm.dll
2013-06-15 16:53 - 2013-05-04 08:58 - 00093696 ____A (Microsoft Corporation) C:\Windows\System32\psmsrv.dll
2013-06-15 16:53 - 2013-05-04 08:57 - 02305024 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-06-15 16:53 - 2013-05-04 08:57 - 01131520 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll
2013-06-15 16:53 - 2013-05-04 08:57 - 00820736 ____A (Microsoft Corporation) C:\Windows\System32\gpprefcl.dll
2013-06-15 16:53 - 2013-05-04 08:57 - 00708096 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.dll
2013-06-15 16:53 - 2013-05-04 08:57 - 00560640 ____A (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll
2013-06-15 16:53 - 2013-05-04 08:57 - 00501760 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairing.dll
2013-06-15 16:53 - 2013-05-04 08:57 - 00389120 ____A (Microsoft Corporation) C:\Windows\System32\BCP47Langs.dll
2013-06-15 16:53 - 2013-05-04 08:57 - 00179712 ____A (Microsoft Corporation) C:\Windows\System32\bisrv.dll
2013-06-15 16:53 - 2013-05-04 08:57 - 00122368 ____A (Microsoft Corporation) C:\Windows\System32\biwinrt.dll
2013-06-15 16:53 - 2013-05-04 08:57 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\muifontsetup.dll
2013-06-15 16:53 - 2013-05-04 08:56 - 00419840 ____A (Microsoft Corporation) C:\Windows\System32\intl.cpl
2013-06-15 16:53 - 2013-05-04 06:58 - 00758784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2013-06-15 16:53 - 2013-05-04 06:58 - 00621056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-06-15 16:53 - 2013-05-04 06:58 - 00125952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-06-15 16:53 - 2013-05-04 06:58 - 00083968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-06-15 16:53 - 2013-05-04 06:58 - 00034304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-06-15 16:53 - 2013-05-04 06:57 - 10788864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-06-15 16:53 - 2013-05-04 06:57 - 08857088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-06-15 16:53 - 2013-05-04 06:57 - 00303616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2013-06-15 16:53 - 2013-05-04 06:57 - 00247296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-06-15 16:53 - 2013-05-04 06:57 - 00151040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2013-06-15 16:53 - 2013-05-04 06:57 - 00115712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2013-06-15 16:53 - 2013-05-04 06:57 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2013-06-15 16:53 - 2013-05-04 06:57 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2013-06-15 16:53 - 2013-05-04 06:56 - 02035712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-06-15 16:53 - 2013-05-04 06:56 - 00582144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2013-06-15 16:53 - 2013-05-04 06:56 - 00449536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-06-15 16:53 - 2013-05-04 06:56 - 00411136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2013-06-15 16:53 - 2013-05-04 06:56 - 00309760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2013-06-15 16:53 - 2013-05-04 06:56 - 00092160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2013-06-15 16:53 - 2013-05-04 06:55 - 00389632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-06-15 16:53 - 2013-05-04 06:51 - 00014848 ____A (Microsoft) C:\Windows\System32\rars.rs
2013-06-15 16:53 - 2013-05-04 06:48 - 00083968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-06-15 16:53 - 2013-05-04 06:48 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2013-06-15 16:53 - 2013-05-04 06:47 - 00427520 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2013-06-15 16:53 - 2013-05-04 06:10 - 00014848 ____A (Microsoft) C:\Windows\SysWOW64\rars.rs
2013-06-15 16:53 - 2013-05-03 00:04 - 00386646 ____A C:\Windows\System32\ApnDatabase.xml
2013-06-12 14:19 - 2013-04-03 01:37 - 00025088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 14:19 - 2013-04-03 01:12 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 09:50 - 2013-06-05 00:09 - 00693112 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 09:50 - 2013-06-05 00:09 - 00078200 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-12 09:31 - 2013-05-16 00:37 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-06-12 09:31 - 2013-05-16 00:36 - 14320640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-12 09:31 - 2013-05-16 00:35 - 19230720 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-12 09:31 - 2013-05-16 00:35 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\UXInit.dll
2013-06-12 09:31 - 2013-05-14 15:14 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-12 09:31 - 2013-05-14 11:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-12 09:31 - 2013-05-04 09:45 - 02233600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 09:31 - 2013-04-29 00:30 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-12 09:31 - 2013-04-29 00:30 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 09:31 - 2013-04-29 00:30 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-12 09:31 - 2013-04-29 00:30 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 09:31 - 2013-04-29 00:30 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-12 09:31 - 2013-04-29 00:30 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 09:31 - 2013-04-29 00:30 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 09:31 - 2013-04-29 00:28 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 09:31 - 2013-04-29 00:28 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 09:31 - 2013-04-29 00:28 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-12 09:31 - 2013-04-29 00:28 - 00915968 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
2013-06-12 09:31 - 2013-04-29 00:28 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 09:31 - 2013-04-29 00:28 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 09:31 - 2013-04-29 00:27 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-12 09:31 - 2013-04-29 00:27 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-12 09:31 - 2013-04-29 00:27 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 09:31 - 2013-04-27 07:20 - 00733184 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 09:31 - 2013-04-24 01:13 - 01013248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 09:31 - 2013-04-24 01:12 - 01569792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 09:31 - 2013-04-24 01:12 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 09:31 - 2013-04-24 00:56 - 01255936 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 09:31 - 2013-04-24 00:55 - 01889280 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 09:31 - 2013-04-24 00:55 - 00141312 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 09:31 - 2013-04-24 00:55 - 00068096 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll

==================== One Month Modified Files and Folders =======

2013-07-07 21:13 - 2013-07-07 21:13 - 00000000 ____D C:\FRST
2013-07-07 14:25 - 2013-07-07 14:25 - 00000869 ____A C:\Users\Peter\Desktop\checkup.txt
2013-07-07 14:24 - 2013-07-07 14:24 - 00890988 ____A C:\Users\Peter\Desktop\SecurityCheck.exe
2013-07-07 14:14 - 2013-01-06 03:39 - 00000000 ____D C:\Users\Peter\AppData\Roaming\vlc
2013-07-07 14:02 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\sru
2013-07-07 13:41 - 2013-01-06 03:42 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-07 13:38 - 2013-07-07 13:38 - 02347384 ____A (ESET) C:\Users\Peter\Desktop\esetsmartinstaller_enu.exe
2013-07-07 13:34 - 2013-07-07 13:34 - 00000000 ____D C:\Users\Peter\Desktop\Soundcloud
2013-07-07 13:31 - 2013-07-07 13:31 - 00000000 ____D C:\Users\Peter\Desktop\CloudDownloaderVersion2.0
2013-07-07 12:43 - 2013-01-06 17:49 - 00753134 ____A C:\Windows\System32\perfh007.dat
2013-07-07 12:43 - 2013-01-06 17:49 - 00155826 ____A C:\Windows\System32\perfc007.dat
2013-07-07 12:43 - 2012-07-26 09:28 - 01745416 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-07 12:37 - 2013-01-06 04:42 - 00000000 ___RD C:\Users\Peter\Dropbox
2013-07-07 12:37 - 2013-01-06 04:40 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Dropbox
2013-07-07 12:37 - 2012-07-26 09:22 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-07 12:36 - 2012-07-26 07:26 - 00786432 __ASH C:\Windows\System32\config\BBI
2013-07-07 12:24 - 2013-07-07 12:24 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Peter\Desktop\JRT.exe
2013-07-07 12:24 - 2013-07-07 12:24 - 00000000 ____D C:\Windows\ERUNT
2013-07-07 12:24 - 2013-07-07 12:24 - 00000000 ____D C:\JRT
2013-07-07 12:21 - 2013-07-07 12:21 - 00002934 ____A C:\AdwCleaner[S1].txt
2013-07-07 12:20 - 2013-07-07 12:20 - 00650027 ____A C:\Users\Peter\Desktop\adwcleaner.exe
2013-07-07 10:50 - 2013-07-07 11:38 - 01934636 ____A (Farbar) C:\Users\Peter\Desktop\FRST64.exe
2013-07-07 02:25 - 2013-01-06 09:02 - 01957727 ____A C:\Windows\WindowsUpdate.log
2013-07-07 00:32 - 2013-07-07 00:32 - 00000000 ____D C:\Program Files (x86)\ThinkPad
2013-07-07 00:32 - 2013-01-06 08:52 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-07 00:32 - 2013-01-06 08:52 - 00000000 ____D C:\Program Files\Lenovo
2013-07-07 00:32 - 2013-01-06 08:52 - 00000000 ____D C:\Program Files (x86)\Lenovo
2013-07-07 00:32 - 2012-07-26 10:12 - 00000000 __RSD C:\Windows\Media
2013-07-07 00:27 - 2012-09-13 20:32 - 00577344 ____A C:\Windows\PFRO.log
2013-07-07 00:25 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\NDF
2013-07-06 22:46 - 2013-07-06 22:46 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Malwarebytes
2013-07-06 22:45 - 2013-07-06 22:45 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-06 22:13 - 2013-01-06 09:56 - 00000000 ____D C:\Users\Peter\AppData\Local\Adobe
2013-07-05 09:54 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-07-04 09:08 - 2012-07-26 09:21 - 00057789 ____A C:\Windows\setupact.log
2013-07-04 09:07 - 2013-01-18 20:37 - 00001432 ____A C:\Windows\Synaptics.log
2013-07-04 09:07 - 2013-01-06 08:51 - 00267496 ____A C:\Windows\DPINST.LOG
2013-07-04 01:08 - 2013-05-17 09:55 - 524288848 ____A C:\Users\Peter\Desktop\Firefox.ard
2013-07-04 01:08 - 2013-01-06 02:57 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Mozilla
2013-07-03 23:06 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-07-03 18:25 - 2013-07-03 18:25 - 00606352 ____A C:\Users\Peter\Desktop\Passbild-36aGenerator.exe
2013-07-03 18:25 - 2013-07-03 18:25 - 00000000 ____D C:\Users\Peter\AppData\Local\Passbild_Generator
2013-07-02 16:07 - 2013-01-06 02:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-02 15:56 - 2013-04-29 16:21 - 00000000 ____D C:\Users\Peter\Documents\Citavi 4
2013-07-02 15:17 - 2013-07-02 15:17 - 00000000 ____D C:\Windows\msagent
2013-07-02 15:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\Help
2013-06-26 11:12 - 2013-06-26 11:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-26 10:23 - 2013-05-07 18:40 - 00083672 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avnetflt.sys
2013-06-25 20:42 - 2013-06-25 19:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-06-25 09:53 - 2013-01-20 23:55 - 00000000 ____D C:\Users\Peter\Desktop\Tattoo
2013-06-25 09:20 - 2013-01-06 09:19 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Adobe
2013-06-25 09:20 - 2013-01-06 08:57 - 00000000 ____D C:\ProgramData\Adobe
2013-06-25 09:16 - 2013-01-06 08:57 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-06-22 20:29 - 2013-03-19 01:29 - 00000000 ____D C:\Program Files\Intel
2013-06-22 20:29 - 2013-03-04 02:03 - 00000000 ____D C:\ProgramData\Package Cache
2013-06-22 20:28 - 2013-01-18 20:39 - 00000000 ____D C:\Program Files (x86)\Cisco
2013-06-22 20:28 - 2013-01-06 08:51 - 00000000 ____D C:\ProgramData\Intel
2013-06-22 20:28 - 2013-01-06 08:51 - 00000000 ____D C:\Program Files (x86)\Intel
2013-06-20 16:23 - 2013-06-20 16:23 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-20 16:23 - 2013-06-20 16:23 - 00000000 ____D C:\Program Files\iTunes
2013-06-20 16:23 - 2013-06-20 16:23 - 00000000 ____D C:\Program Files\iPod
2013-06-20 16:23 - 2013-05-16 23:03 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-20 16:22 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\LiveKernelReports
2013-06-20 01:43 - 2013-06-20 01:43 - 00000000 ____D C:\Program Files (x86)\Dolby Home Theater v4
2013-06-20 01:43 - 2013-01-06 08:53 - 00003066 ____A C:\RHDSetup.log
2013-06-20 01:43 - 2013-01-06 08:53 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-06-19 22:12 - 2013-06-19 22:12 - 04876072 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-19 21:41 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-06-19 01:42 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-06-19 01:42 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\ToastData
2013-06-19 01:42 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-06-19 01:42 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-06-19 01:42 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-06-19 01:42 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\System32\Dism
2013-06-18 12:49 - 2013-01-06 10:03 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-17 14:59 - 2013-01-06 14:39 - 00000000 ____D C:\Users\Peter\AppData\Local\CrashDumps
2013-06-10 00:28 - 2013-03-09 21:44 - 00000000 ____D C:\Program Files (x86)\Steam
2013-06-09 17:18 - 2013-01-24 14:03 - 00000000 ___RD C:\Users\Peter\Desktop\jpgcompressor

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-01 22:54

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 07.07.2013 14:12
Java bitte updaten.

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.


Noch Probleme? :)

pedro12345 07.07.2013 19:16
ich habe alles ausgeführt, aber die Fehlermeldung kommt leider noch immer.

schrauber 07.07.2013 20:43
Screenshot bitte davon :)

pedro12345 07.07.2013 22:49
Liste der Anhänge anzeigen (Anzahl: 1)
hier ist mal ein Screenshot


sehr mysteriös die ganze Sache. Aber solang alles funktioniert und die Programme keine Viren o.ä. finden, kann es nicht so schlimm sein, oder?


Alle Zeitangaben in WEZ +1. Es ist jetzt 05:04 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20