Weißer Bildschirm nach Anmeldung, kein abgesicherter Modus, kein Taskmanager

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-07-2013
Ran by XXXYYY (administrator) on 09-07-2013 14:30:40
Running from C:\install
Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

() C:\Windows\system32\DTS.exe
(Lenovo) C:\Windows\system32\ibmpmsvc.exe
(AuthenTec, Inc.) C:\Windows\system32\AtService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Lexmark International, Inc.) C:\Windows\System32\LEXBCES.EXE
(Lexmark International, Inc.) C:\Windows\System32\LEXPPS.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Zoom\TpScrex.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
() C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Avanquest Software ) C:\Program Files\Digital Line Detect\DLG.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Ricoh co.,Ltd.) C:\Program Files\RotateImage\RCIMGDIR.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\Client Security Solution\password_manager.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Lenovo Group Limited) c:\Program Files\Lenovo\System Update\SUService.exe
(Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\System Update\TvsuCommandLauncher.exe
() C:\Program Files\Lenovo\System Update\UACSdk.exe
(Lenovo Group Limited) c:\Program Files\Lenovo\System Update\Tvsukernel.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1725736 2010-04-23] (Synaptics Incorporated)
HKLM\...\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [68976 2009-03-13] (Lenovo Group Limited)
HKLM\...\Run: [LENOVO.TPFNF6R] C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe [62752 2009-08-20] (Lenovo Group Limited)
HKLM\...\Run: []  [x]
HKLM\...\Run: [TpShocks] TpShocks.exe [x]
HKLM\...\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor [709920 2009-08-23] (Lenovo Group Limited)
HKLM\...\Run: [FingerPrintSoftware] "C:\Program Files\Lenovo Fingerprint Software\fpapp.exe" \s [1582328 2009-09-01] (AuthenTec)
HKLM\...\Run: [Message Center Plus] C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe /start [49976 2009-05-27] ()
HKLM\...\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent [3089720 2009-08-26] (Lenovo Group Limited)
HKLM\...\Run: [LenVolFx] LenVolEx.exe [x]
HKLM\...\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe" [x]
HKLM\...\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-07-09] (Avira Operations GmbH & Co. KG)
HKCU\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-08-14] (Google Inc.)
MountPoints2: F - F:\Setup.exe
MountPoints2: {36755a01-cef4-11de-807f-806e6f6e6963} - Q:\LenovoQDrive.exe
HKU\Default\...\RunOnce: [WLStart] C:\SWTOOLS\WindowsLive\execcmd.exe C:\SWTOOLS\WindowsLive\WLEULA.cmd [ 2009-10-16] ()
HKU\Default\...\RunOnce: []  [x]
HKU\Default\...\RunOnce: [Lenovoautoqdrive] C:\PROGRA~1\Common~1\Lenovo\Lenovo~1\LenovoAutorunreg.exe /DRIVE=Q [ 2009-03-24] ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )
Startup: C:\ProgramData\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\RCIMGDIR.exe.lnk
ShortcutTarget: RCIMGDIR.exe.lnk -> C:\Program Files\RotateImage\RCIMGDIR.exe (Ricoh co.,Ltd.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\VR-NetWorld Auftragsprüfung.lnk
ShortcutTarget: VR-NetWorld Auftragsprüfung.lnk -> C:\Program Files\VR-NetWorld\vrtoolcheckorder.exe (VR-NetWorld Software)
Startup: C:\Users\XXXYYY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.msn.com
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
HKCU SearchScopes: DefaultScope {7048AC5C-6175-4502-B660-A77A24BA6CA2} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADFA_deDE444
SearchScopes: HKCU - {2CD0ED1B-8E28-4714-AE33-9BDE714997A7} URL = 
SearchScopes: HKCU - {7048AC5C-6175-4502-B660-A77A24BA6CA2} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADFA_deDE444
SearchScopes: HKCU - {B6F6BD1E-E70E-4881-A649-70C9BA1B94E8} URL = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms}
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: IePasswordManagerHelper Class - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll" No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 52 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\XXXYYY\AppData\Roaming\Mozilla\Firefox\Profiles\vnv9vzj5.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\XXXYYY\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
FF Extension: No Name - C:\Users\XXXYYY\AppData\Roaming\Mozilla\Firefox\Profiles\vnv9vzj5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [{FCF36B88-1BBA-487f-B64B-D2E8980A9293}] C:\Program Files\Lenovo\Client Security Solution\PWM Firefox Extension
FF Extension: ThinkVantage Password Manager - C:\Program Files\Lenovo\Client Security Solution\PWM Firefox Extension

========================== Services (Whitelisted) =================

S3 ADMonitor; C:\Windows\system32\ADMonitor.exe [106496 2009-09-01] ()
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-07-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-07-09] (Avira Operations GmbH & Co. KG)
R2 dtsvc; C:\Windows\system32\DTS.exe [98304 2009-09-01] ()
S2 LENOVO.MICMUTE; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [45424 2009-07-03] (Lenovo Group Limited)
R2 LexBceS; C:\Windows\System32\LEXBCES.EXE [303104 2003-09-23] (Lexmark International, Inc.)
R2 SUService; c:\Program Files\Lenovo\System Update\SUService.exe [15872 2009-09-24] (Lenovo Group Limited)
R2 WMCoreService; C:\Program Files\Mobile Broadband Drivers\WMCore\mini_WMCore.exe [424448 2009-08-06] ()

==================== Drivers (Whitelisted) ====================

R3 5U875UVC; C:\Windows\System32\DRIVERS\5U875.sys [72320 2009-07-08] (Ricoh co.,Ltd.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-07-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-07-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-07-09] (Avira Operations GmbH & Co. KG)
S3 e36gbus; C:\Windows\System32\DRIVERS\e36gbus.sys [285056 2009-06-30] (MCCI Corporation)
S3 e36gmdfl; C:\Windows\System32\DRIVERS\e36gmdfl.sys [14848 2009-06-30] (MCCI Corporation)
S3 e36gmdm; C:\Windows\System32\DRIVERS\e36gmdm.sys [374272 2009-06-30] (MCCI Corporation)
S3 e36gmgmt; C:\Windows\System32\DRIVERS\e36gmgmt.sys [357376 2009-06-30] (MCCI Corporation)
S3 e36wgps; C:\Windows\System32\DRIVERS\e36wgps.sys [82984 2009-07-10] (Ericsson AB)
R0 mv64xx; C:\Windows\System32\DRIVERS\mv64xx.sys [277032 2009-05-19] (Marvell Semiconductor, Inc.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-07-09] (Avira GmbH)
S3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp.sys [213032 2009-07-29] (Ericsson AB)
S3 PCDSRVC{3037D694-FD904ACA-06000000}_0; \??\c:\program files\pc-doctor\pcdsrvc.pkms [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-09 13:11 - 2013-07-09 13:11 - 00000000 ____D C:\FRST
2013-07-09 11:42 - 2013-07-09 11:43 - 00002209 ____A C:\AdwCleaner[S1].txt
2013-07-09 11:08 - 2013-07-09 11:08 - 00000000 ____D C:\Users\XXXYYY\AppData\Roaming\Malwarebytes
2013-07-09 11:04 - 2013-07-09 11:04 - 00001038 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-09 11:04 - 2013-07-09 11:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-09 11:04 - 2013-07-09 11:04 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-07-09 11:04 - 2013-04-04 14:50 - 00022856 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-07-09 03:46 - 2013-05-23 16:11 - 00015617 ____A C:\Users\XXXYYY\Documents\13.xlsx
2013-07-09 03:46 - 2013-05-23 16:03 - 00015841 ____A C:\Users\XXXYYY\Documents\11.xlsx
2013-07-09 03:44 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-07-09 03:43 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-07-09 03:43 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-07-09 03:43 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-07-09 03:43 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-07-09 03:43 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-07-09 03:39 - 2013-05-17 03:26 - 00042496 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-07-09 03:39 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-07-09 03:39 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-07-09 03:39 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-07-09 03:39 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-07-09 03:39 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-07-09 03:39 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-07-09 03:39 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-07-09 03:39 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-07-09 03:39 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-07-09 03:38 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-07-09 03:38 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-07-09 03:38 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-07-09 03:38 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-07-09 03:38 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-07-09 03:38 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-07-09 03:38 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-07-09 03:38 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-07-09 03:37 - 2013-05-08 07:38 - 01293672 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-07-09 03:37 - 2013-05-06 07:06 - 03968872 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2013-07-09 03:37 - 2013-05-06 07:06 - 03913576 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-07-09 03:37 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-07-09 03:32 - 2013-07-09 13:37 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-09 03:29 - 2013-07-09 03:29 - 00000000 ____D C:\Users\XXXYYY\AppData\Roaming\Avira
2013-07-09 03:25 - 2013-07-09 03:25 - 00067168 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avnetflt.sys
2013-07-09 03:23 - 2013-07-09 03:23 - 00001911 ____A C:\Users\Public\Desktop\Avira Control Center.lnk
2013-07-09 03:23 - 2013-07-09 03:23 - 00000000 ____D C:\ProgramData\Avira
2013-07-09 03:23 - 2013-07-09 03:23 - 00000000 ____D C:\Program Files\Avira
2013-07-09 03:23 - 2013-07-09 03:14 - 00135136 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avipbb.sys
2013-07-09 03:23 - 2013-07-09 03:14 - 00084744 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avgntflt.sys
2013-07-09 03:23 - 2013-07-09 03:14 - 00037352 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avkmgr.sys
2013-07-09 03:23 - 2013-07-09 03:14 - 00028520 ____A (Avira GmbH) C:\Windows\System32\Drivers\ssmdrv.sys
2013-07-09 03:00 - 2013-07-09 03:00 - 00000000 ____D C:\Program Files\Common Files\Java
2013-07-09 03:00 - 2013-07-09 02:59 - 00867240 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-07-09 03:00 - 2013-07-09 02:59 - 00263592 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-07-09 02:59 - 2013-07-09 03:00 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-09 02:59 - 2013-07-09 02:59 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-07-09 02:59 - 2013-07-09 02:59 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-07-09 02:59 - 2013-07-09 02:59 - 00094632 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2013-07-09 02:59 - 2013-07-09 02:59 - 00000000 ____D C:\Program Files\Java

==================== One Month Modified Files and Folders ========

2013-07-09 15:23 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\DriverStore
2013-07-09 15:22 - 2010-02-23 16:42 - 00000000 ____D C:\Windows\Minidump
2013-07-09 15:22 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\Msdtc
2013-07-09 14:30 - 2010-02-18 19:17 - 00000000 ____D C:\install
2013-07-09 14:25 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-07-09 13:37 - 2013-07-09 03:32 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-09 13:35 - 2011-08-14 08:45 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-09 13:15 - 2009-07-21 07:30 - 01536340 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-09 13:14 - 2009-07-14 06:34 - 00016976 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-09 13:14 - 2009-07-14 06:34 - 00016976 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-09 13:11 - 2013-07-09 13:11 - 00000000 ____D C:\FRST
2013-07-09 13:11 - 2009-11-11 21:21 - 01155466 ____A C:\Windows\WindowsUpdate.log
2013-07-09 13:03 - 2011-10-19 19:06 - 00001024 ____A C:\Users\XXXYYY\.rnd
2013-07-09 13:03 - 2011-08-14 08:45 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-09 13:03 - 2009-07-14 06:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-09 13:03 - 2009-07-14 06:39 - 00253881 ____A C:\Windows\setupact.log
2013-07-09 11:43 - 2013-07-09 11:42 - 00002209 ____A C:\AdwCleaner[S1].txt
2013-07-09 11:35 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\IME
2013-07-09 11:08 - 2013-07-09 11:08 - 00000000 ____D C:\Users\XXXYYY\AppData\Roaming\Malwarebytes
2013-07-09 11:04 - 2013-07-09 11:04 - 00001038 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-09 11:04 - 2013-07-09 11:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-09 11:04 - 2013-07-09 11:04 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-07-09 05:49 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\NDF
2013-07-09 05:24 - 2009-12-14 23:18 - 00000000 ____D C:\users\XXXYYY
2013-07-09 05:24 - 2009-11-11 20:59 - 00000000 ____D C:\Windows\CSC
2013-07-09 03:53 - 2009-12-14 23:10 - 00106156 ____A C:\Windows\PFRO.log
2013-07-09 03:52 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\de-DE
2013-07-09 03:46 - 2009-11-11 21:46 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-09 03:40 - 2010-02-18 19:27 - 73381792 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-07-09 03:37 - 2012-09-19 13:10 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-07-09 03:37 - 2011-08-14 08:45 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-07-09 03:36 - 2009-12-14 16:38 - 00000000 ____D C:\Users\XXXYYY\AppData\Local\Adobe
2013-07-09 03:29 - 2013-07-09 03:29 - 00000000 ____D C:\Users\XXXYYY\AppData\Roaming\Avira
2013-07-09 03:25 - 2013-07-09 03:25 - 00067168 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avnetflt.sys
2013-07-09 03:23 - 2013-07-09 03:23 - 00001911 ____A C:\Users\Public\Desktop\Avira Control Center.lnk
2013-07-09 03:23 - 2013-07-09 03:23 - 00000000 ____D C:\ProgramData\Avira
2013-07-09 03:23 - 2013-07-09 03:23 - 00000000 ____D C:\Program Files\Avira
2013-07-09 03:18 - 2012-09-19 13:04 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-07-09 03:14 - 2013-07-09 03:23 - 00135136 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avipbb.sys
2013-07-09 03:14 - 2013-07-09 03:23 - 00084744 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avgntflt.sys
2013-07-09 03:14 - 2013-07-09 03:23 - 00037352 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avkmgr.sys
2013-07-09 03:14 - 2013-07-09 03:23 - 00028520 ____A (Avira GmbH) C:\Windows\System32\Drivers\ssmdrv.sys
2013-07-09 03:00 - 2013-07-09 03:00 - 00000000 ____D C:\Program Files\Common Files\Java
2013-07-09 03:00 - 2013-07-09 02:59 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-09 02:59 - 2013-07-09 03:00 - 00867240 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-07-09 02:59 - 2013-07-09 03:00 - 00263592 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-07-09 02:59 - 2013-07-09 02:59 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-07-09 02:59 - 2013-07-09 02:59 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-07-09 02:59 - 2013-07-09 02:59 - 00094632 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2013-07-09 02:59 - 2013-07-09 02:59 - 00000000 ____D C:\Program Files\Java
2013-07-09 02:59 - 2010-11-18 16:44 - 00789416 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-09 14:17

==================== End Of Log ============================