Infizierter Rechner lässt nach Virenscan kein Internetzugang zu

Mamasrechner · 25.05.2014, 09:21

hmm, sehr merkwürdig.

funktioniert so auch nicht. aber irgendwie scheint der rechner nicht mehr so ganz sauber zu sein. ständig öffnen sich irgendwelche spamseiten.

hab auch festgestellt, dass der Speicherpfad für den Log ein ganz anderer ist, als ich am anfang eingestellt habe.

Irgendwie habe ich jetzt einen Ordner PROGRAMDATA, in dem sich die Ordner irgendwie ähneln zu dem eigentlichen Hauptordner PROGRAMME (x86).

Ich hab den mbam-Log übrigens in einem Ordner gefunden. aber nur als xml-datei.

was soll ich jetzt machen? ich hab auf jedenfall das Gefühl, als ob der Rechner immer stärker befallen wird.

Bootsektor · 25.05.2014, 11:26

Hallo Mamasrechner,

Zitat:

aber irgendwie scheint der rechner nicht mehr so ganz sauber zu sein. ständig öffnen sich irgendwelche spamseiten.

Ja, du hast da auch adware drauf, aber das ist halb so wild

Zitat:

Irgendwie habe ich jetzt einen Ordner PROGRAMDATA, in dem sich die Ordner irgendwie ähneln zu dem eigentlichen Hauptordner PROGRAMME (x86).

der Ordner ist vollkommen normal, kein Grund zur Sorge

Zitat:

Ich hab den mbam-Log übrigens in einem Ordner gefunden. aber nur als xml-datei.

Dann poste mir bitte das

und mach dann auch noch mal einen Scan mit FRST.

Mamasrechner · 25.05.2014, 21:35

also hier die xml version... nicht besonders schick im Design

<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2014/05/24 23:13:19 +0200</date>
<logfile>mbam-log-2014-05-24 (23-13-13).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.00.2.1012</version>
<malware-database>v2014.05.24.07</malware-database>
<rootkit-database>v2014.05.21.01</rootkit-database>
<license>trial</license>
<file-protection>enabled</file-protection>
<web-protection>enabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x64</arch>
<username>Admin</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>342250</objects>
<time>1115</time>
<processes>0</processes>
<modules>0</modules>
<keys>9</keys>
<values>2</values>
<datas>1</datas>
<folders>0</folders>
<files>1</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
<key><path>HKU\S-1-5-21-2742407630-3556308796-4235214410-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}</path><vendor>PUP.Optional.Mediabar.A</vendor><action>success</action><hash>7dbacb8a8deebb7b50c4e44726dcde22</hash></key>
<key><path>HKU\S-1-5-21-2742407630-3556308796-4235214410-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}</path><vendor>PUP.Optional.Mediabar.A</vendor><action>success</action><hash>7dbacb8a8deebb7b50c4e44726dcde22</hash></key>
<key><path>HKU\S-1-5-21-2742407630-3556308796-4235214410-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}</path><vendor>PUP.Optional.VShareRedir</vendor><action>success</action><hash>e84fca8b8fece84e9c3ac97751b158a8</hash></key>
<key><path>HKU\S-1-5-21-2742407630-3556308796-4235214410-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}</path><vendor>PUP.Optional.VShareRedir</vendor><action>success</action><hash>e84fca8b8fece84e9c3ac97751b158a8</hash></key>
<key><path>HKU\S-1-5-21-2742407630-3556308796-4235214410-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}</path><vendor>PUP.Optional.VShareRedir</vendor><action>success</action><hash>9f98e66f106bb383e6efdf61a1611ae6</hash></key>
<key><path>HKU\S-1-5-21-2742407630-3556308796-4235214410-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}</path><vendor>PUP.Optional.VShareRedir</vendor><action>success</action><hash>9f98e66f106bb383e6efdf61a1611ae6</hash></key>
<key><path>HKU\S-1-5-21-2742407630-3556308796-4235214410-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Datamngr</path><vendor>PUP.Optional.DataMngr.A</vendor><action>success</action><hash>a29570e5fa8176c0f4a4ad0e50b37987</hash></key>
<key><path>HKU\S-1-5-21-2742407630-3556308796-4235214410-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Datamngr</path><vendor>PUP.Optional.DataMngr.A</vendor><action>success</action><hash>77c063f27ffc8bab3860a11a0ef509f7</hash></key>
<key><path>HKU\S-1-5-21-2742407630-3556308796-4235214410-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader</path><vendor>PUP.Optional.Softonic.A</vendor><action>success</action><hash>40f72530c0bbd36313366133a26029d7</hash></key>
<value><path>HKU\S-1-5-21-2742407630-3556308796-4235214410-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER</path><valuename>{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}</valuename><vendor>PUP.Optional.VShareRedir</vendor><action>success</action><valuedata>;áÃzÊ;XA³0öm»Áµ</valuedata><hash>9f98e66f106bb383e6efdf61a1611ae6</hash></value>
<value><path>HKU\S-1-5-21-2742407630-3556308796-4235214410-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}</path><valuename></valuename><vendor>PUP.Optional.VShareRedir</vendor><action>success</action><valuedata></valuedata><hash>a98ee66f9fdc082e7065be82669c0ff1</hash></value>
<data><path>HKU\S-1-5-21-2742407630-3556308796-4235214410-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN</path><valuename>Start Page</valuename><vendor>Hijack.StartPage</vendor><action>replaced</action><valuedata>hxxp://startsear.ch/?aff=1&cf=617ed421-f732-11e0-9b33-028037ec0200</valuedata><baddata>hxxp://startsear.ch/?aff=1&cf=617ed421-f732-11e0-9b33-028037ec0200</baddata><gooddata>hxxp://www.google.com</gooddata><hash>7fb80451accfbe78d012143b7a8a37c9</hash></data>
<file><path>C:\Users\Admin\Downloads\winzip setup.exe</path><vendor>PUP.AdBundle</vendor><action>success</action><hash>4aed74e11c5f9d993d255954f9079e62</hash></file>
</items>
</mbam-log>

und hier die anderen Logs

FRST
FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by Admin (administrator) on ADMIN-THINK on 25-05-2014 22:32:32
Running from C:\Users\Admin\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(UPEK Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Avanquest Software ) C:\Program Files (x86)\Digital Line Detect\DLG.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hypersoft GmbH) C:\Hypers-!\TerminalCommander.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
() C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2697512 2011-02-17] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2010-12-09] (Lenovo.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2011-01-07] (Conexant systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [41320 2011-02-25] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281448 2010-12-16] (Lenovo Group Limited)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [31592 2011-03-08] (Lenovo)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [79192 2011-02-18] (Research In Motion Limited)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-07-05] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (UPEK Inc.)
HKU\S-1-5-21-2742407630-3556308796-4235214410-1001\...\MountPoints2: {51d08977-88a7-11e0-bb74-806e6f6e6963} - Q:\LenovoQDrive.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [226920 2011-04-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [192616 2011-04-05] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll ACGina
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hypersoft Terminal Commander.lnk
ShortcutTarget: Hypersoft Terminal Commander.lnk -> C:\Hypers-!\MCP-!\TerminalCommander.exe (Hypersoft GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files (x86)\Digital Line Detect\DLG.exe (Avanquest Software )

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = Lenovo laptops - ThinkPads & IdeaPad
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Lenovo laptops - ThinkPads & IdeaPad
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - DefaultScope {6704F690-3B93-4B82-AC5E-1BFE76DB1572} URL = hxxp://startsear.ch/?aff=1&src=sp&cf=3973db51-12d3-11e1-8a09-028037ec0200&q={searchTerms}
SearchScopes: HKCU - {6704F690-3B93-4B82-AC5E-1BFE76DB1572} URL = hxxp://startsear.ch/?aff=1&src=sp&cf=3973db51-12d3-11e1-8a09-028037ec0200&q={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ggnpswe7.default
FF DefaultSearchEngine: Web Search
FF SearchEngineOrder.1: Web Search
FF SelectedSearchEngine: Google
FF Homepage: hxxp://search.imesh.net
FF Keyword.URL: hxxp://dts.search-results.com/sr?src=ffb&appid=230&systemid=1&sr=0&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ggnpswe7.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ggnpswe7.default\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ggnpswe7.default\searchplugins\startsear.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: 20-20 3D Viewer - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ggnpswe7.default\Extensions\2020Player@2020Technologies.com [2011-06-17]
FF Extension: TVU Web Player - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ggnpswe7.default\Extensions\firefox@tvunetworks.com [2011-06-17]
FF Extension: VshareComplete - Speed up your search with your personal search suggestions tool - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ggnpswe7.default\Extensions\{3697b17c-b572-4862-a5e6-7f922c0f3403} [2011-11-19]
FF Extension: Yahoo! Toolbar - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ggnpswe7.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-05-23]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ggnpswe7.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2012-07-22]

==================== Services (Whitelisted) =================

S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-04] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-04] (Avira Operations GmbH & Co. KG)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [155496 2011-02-03] (Lenovo.)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [584232 2010-12-09] (Ericsson AB)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-30] (Avira Operations GmbH & Co. KG)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2010-03-03] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [30248 2010-03-03] (Ericsson AB)
R3 l36wgps; C:\Windows\System32\DRIVERS\l36wgps64.sys [101416 2010-12-01] (Ericsson AB)
R3 LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [118016 2009-05-11] (Lenovo)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-05-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [411208 2010-10-31] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [419912 2010-10-31] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2010-10-31] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [472648 2010-10-31] (MCCI Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-05-27] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74240 2011-02-16] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13840 2009-03-13] (UPEK Inc.)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [41536 2009-09-24] (Lenovo (United States) Inc.)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [276008 2010-12-28] (Ericsson AB)
S3 PCDSRVC{127174DC-C366ED8B-06020101}_0; \??\c:\program files\pc-doctor\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-25 22:32 - 2014-05-25 22:32 - 00020694 _____ () C:\Users\Admin\Desktop\FRST.txt
2014-05-25 22:32 - 2014-05-25 22:32 - 00000000 ____D () C:\Users\Admin\Desktop\FRST-OlderVersion
2014-05-25 10:18 - 2014-05-25 10:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2014-05-25 10:12 - 2014-05-25 10:12 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieUserList
2014-05-25 10:12 - 2014-05-25 10:12 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieSiteList
2014-05-24 23:11 - 2014-05-25 22:27 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-24 23:10 - 2014-05-24 23:10 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-24 23:10 - 2014-05-24 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-24 23:10 - 2014-05-24 23:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-24 23:10 - 2014-05-24 23:10 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-24 23:10 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-24 23:10 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-24 23:10 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-24 23:07 - 2014-05-24 23:08 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Admin\Desktop\mbam-setup-2.0.2.1012.exe
2014-05-24 22:56 - 2014-05-24 22:59 - 00000000 ____D () C:\AdwCleaner
2014-05-24 22:54 - 2014-05-24 22:54 - 01326389 _____ () C:\Users\Admin\Desktop\adwcleaner_3.210.exe
2014-05-24 22:51 - 2014-02-12 14:25 - 00000426 _____ () C:\AVScanner.ini
2014-05-23 10:53 - 2014-05-23 10:54 - 00042403 _____ () C:\Users\Admin\Addition.txt
2014-05-23 10:46 - 2014-05-23 10:54 - 00041460 _____ () C:\Users\Admin\FRST.txt
2014-05-20 12:33 - 2014-05-25 22:32 - 02066944 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2014-05-20 12:33 - 2014-05-25 22:32 - 00000000 ____D () C:\FRST
2014-05-17 23:20 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-17 23:20 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-17 23:20 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-17 23:20 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-17 23:20 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-17 23:20 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-16 19:00 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-16 19:00 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-16 19:00 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-16 19:00 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-16 18:59 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-16 18:59 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-16 18:59 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-16 18:59 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-16 18:59 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-16 18:59 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-16 18:59 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-16 18:59 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-16 18:59 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-16 18:59 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-16 18:59 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-16 18:59 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-16 18:59 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-16 18:59 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-16 18:59 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-16 18:59 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-16 18:59 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-16 18:59 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-16 18:59 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-16 18:59 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-16 18:59 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-16 18:59 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-16 18:59 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-16 18:59 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-16 18:59 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-16 18:59 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-16 18:59 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-16 18:59 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-16 18:59 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-16 18:59 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-16 18:59 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-16 18:59 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-16 18:59 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-16 18:59 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-16 18:59 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-16 18:59 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-16 18:59 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-16 18:59 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-16 18:59 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-16 18:59 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-16 18:59 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-12 21:17 - 2014-05-17 23:19 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-11 08:05 - 2014-05-11 08:05 - 00262144 _____ () C:\Windows\Minidump\051114-18064-01.dmp
2014-05-08 13:53 - 2014-05-17 23:37 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 15:22 - 2014-05-06 15:22 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieUserList
2014-05-06 15:22 - 2014-05-06 15:22 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieSiteList
2014-05-01 23:27 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-01 23:27 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-01 23:27 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-01 23:27 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-01 23:27 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-01 23:27 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-01 23:27 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-01 23:27 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-01 23:27 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-01 23:27 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-01 23:27 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-01 23:27 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-01 23:27 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-01 23:27 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-01 23:27 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-01 23:27 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-01 23:27 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-01 23:27 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-01 23:27 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-01 23:27 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-01 23:27 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-01 23:27 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-01 23:27 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-01 23:27 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-01 23:27 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-01 23:27 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-01 23:27 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-01 23:27 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-01 23:27 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-01 23:27 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-01 23:27 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-01 23:27 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-01 23:27 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-01 23:27 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-01 23:27 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-01 23:27 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-01 23:27 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-01 23:27 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-01 23:27 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-01 23:27 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-01 23:27 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-01 23:27 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-01 23:27 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-01 23:27 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

==================== One Month Modified Files and Folders =======

2014-05-25 22:32 - 2014-05-25 22:32 - 00020694 _____ () C:\Users\Admin\Desktop\FRST.txt
2014-05-25 22:32 - 2014-05-25 22:32 - 00000000 ____D () C:\Users\Admin\Desktop\FRST-OlderVersion
2014-05-25 22:32 - 2014-05-20 12:33 - 02066944 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2014-05-25 22:32 - 2014-05-20 12:33 - 00000000 ____D () C:\FRST
2014-05-25 22:32 - 2011-06-16 23:32 - 00000000 ___HD () C:\Users\Admin
2014-05-25 22:31 - 2011-06-17 00:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-25 22:29 - 2011-05-27 23:27 - 01183669 _____ () C:\Windows\WindowsUpdate.log
2014-05-25 22:27 - 2014-05-24 23:11 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-25 22:27 - 2011-07-06 16:07 - 00005754 _____ () C:\Windows\pvsw.log
2014-05-25 22:27 - 2011-05-27 23:50 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-05-25 22:26 - 2011-07-06 16:16 - 00000000 ____D () C:\Hypers-!
2014-05-25 22:25 - 2011-05-27 23:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-25 22:24 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-25 22:24 - 2009-07-14 06:51 - 00103629 _____ () C:\Windows\setupact.log
2014-05-25 10:18 - 2014-05-25 10:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2014-05-25 10:17 - 2011-05-27 23:50 - 00000382 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2014-05-25 10:12 - 2014-05-25 10:12 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieUserList
2014-05-25 10:12 - 2014-05-25 10:12 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieSiteList
2014-05-25 10:11 - 2009-07-14 06:45 - 00031072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-25 10:11 - 2009-07-14 06:45 - 00031072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-25 10:08 - 2012-01-02 17:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\CrashDumps
2014-05-25 10:07 - 2012-06-07 12:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-25 10:03 - 2010-11-21 05:47 - 00448986 _____ () C:\Windows\PFRO.log
2014-05-25 10:02 - 2011-05-28 09:17 - 00847602 _____ () C:\Windows\system32\perfh007.dat
2014-05-25 10:02 - 2011-05-28 09:17 - 00197150 _____ () C:\Windows\system32\perfc007.dat
2014-05-25 10:02 - 2009-07-14 07:13 - 00006264 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-25 10:00 - 2011-05-27 23:50 - 00003448 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
2014-05-25 09:59 - 2011-05-27 23:50 - 00000000 ____D () C:\ProgramData\PCDr
2014-05-25 00:08 - 2011-05-27 23:50 - 00000000 ____D () C:\Program Files\PC-Doctor
2014-05-24 23:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-05-24 23:10 - 2014-05-24 23:10 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-24 23:10 - 2014-05-24 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-24 23:10 - 2014-05-24 23:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-24 23:10 - 2014-05-24 23:10 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-24 23:08 - 2014-05-24 23:07 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Admin\Desktop\mbam-setup-2.0.2.1012.exe
2014-05-24 22:59 - 2014-05-24 22:56 - 00000000 ____D () C:\AdwCleaner
2014-05-24 22:54 - 2014-05-24 22:54 - 01326389 _____ () C:\Users\Admin\Desktop\adwcleaner_3.210.exe
2014-05-24 22:53 - 2011-06-17 16:14 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-24 22:51 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-23 10:54 - 2014-05-23 10:53 - 00042403 _____ () C:\Users\Admin\Addition.txt
2014-05-23 10:54 - 2014-05-23 10:46 - 00041460 _____ () C:\Users\Admin\FRST.txt
2014-05-23 10:47 - 2011-06-17 16:06 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-23 10:44 - 2011-06-16 23:34 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-23 10:44 - 2011-06-16 23:34 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-23 10:43 - 2011-11-10 20:02 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2014-05-19 10:09 - 2013-11-26 19:56 - 00000000 ____D () C:\ProgramData\Sonos,_Inc
2014-05-19 10:06 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-18 22:09 - 2011-06-17 16:59 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-18 22:09 - 2011-06-17 16:59 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-17 23:37 - 2014-05-08 13:53 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-17 23:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-17 23:20 - 2011-06-17 00:02 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-17 23:19 - 2014-05-12 21:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-17 23:15 - 2011-10-11 10:21 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-16 20:07 - 2012-06-07 12:23 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-16 20:07 - 2012-06-07 12:23 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-16 20:07 - 2011-06-17 16:07 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-13 10:26 - 2012-07-03 22:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 22:15 - 2012-05-18 16:14 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Dropbox
2014-05-12 21:16 - 2012-05-18 16:16 - 00000000 ___RD () C:\Users\Admin\Dropbox
2014-05-12 07:26 - 2014-05-24 23:10 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-24 23:10 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-24 23:10 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-11 08:05 - 2014-05-11 08:05 - 00262144 _____ () C:\Windows\Minidump\051114-18064-01.dmp
2014-05-11 08:05 - 2013-01-10 04:34 - 3485825333 _____ () C:\Windows\MEMORY.DMP
2014-05-11 08:05 - 2013-01-10 04:34 - 00000000 ____D () C:\Windows\Minidump
2014-05-10 22:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-09 08:14 - 2014-05-16 19:00 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-16 19:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-06 15:22 - 2014-05-06 15:22 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieUserList
2014-05-06 15:22 - 2014-05-06 15:22 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieSiteList
2014-05-06 06:40 - 2014-05-17 23:20 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-17 23:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-17 23:20 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-17 23:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-17 23:20 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-17 23:20 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\AskSLib.dll
C:\Users\Admin\AppData\Local\Temp\chutil.dll
C:\Users\Admin\AppData\Local\Temp\iMesh_setup.exe
C:\Users\Admin\AppData\Local\Temp\InitBDE.exe
C:\Users\Admin\AppData\Local\Temp\Installhelper.dll
C:\Users\Admin\AppData\Local\Temp\isutldll.dll
C:\Users\Admin\AppData\Local\Temp\ose00000.exe
C:\Users\Admin\AppData\Local\Temp\Quarantine.exe
C:\Users\Admin\AppData\Local\Temp\sqlite3.dll
C:\Users\Admin\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\User\AppData\Local\Temp\AskSLib.dll
C:\Users\User\AppData\Local\Temp\chutil.dll
C:\Users\User\AppData\Local\Temp\install_flashplayer11x32ax_gtba_aih[1].exe
C:\Users\User\AppData\Local\Temp\install_flashplayer11x64_mssa_aih.exe
C:\Users\User\AppData\Local\Temp\install_flashplayer11x64_mssa_aih_1.exe
C:\Users\User\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\User\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-19 16:29

==================== End Of Log ============================

--- --- ---

--- --- ---
AdditionFRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02
Ran by Admin at 2014-05-25 22:33:09
Running from C:\Users\Admin\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
.NET Framework-Sicherheitsrichtlinie für den Codezugriff auf Organisationsebene (x32 Version: 1.0.2411.0 - Microsoft Corporation) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1210 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1210 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 2.1.0 - Amazon Services LLC)
Amazon Music Importer (x32 Version: 2.1.0 - Amazon Services LLC) Hidden
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.22.00 - )
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 13.0.0.4052 - Avira)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
BlackBerry Desktop Software 6.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 6.1.0.35 - Research in Motion Ltd.)
BlackBerry Desktop Software 6.1 (x32 Version: 6.1.0.35 - Research in Motion Ltd.) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.1500 - Broadcom Corporation)
Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.18.0 - Conexant)
Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)
Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) Hidden
Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.828 - Corel Inc.)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dienstprogramm "ThinkPad UltraNav" (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Griaule FingerCap USB Driver vr. 1.2 (HKLM-x32\...\{87cd3511-c592-4fba-92e1-54416b3c83cc}_is1) (Version: 1.2 - Griaule Biometrics LTDA.)
iCloud (HKLM\...\{D1829BE5-F305-4576-9593-C66FC7E0B008}) (Version: 1.0.2.17 - Apple Inc.)
Integrated Camera Driver Installer Package Ver.1.1.0.1141 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1141 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.0.71.0 (HKLM-x32\...\{2C43790E-8470-1027-82D3-DF319F3C410F}) (Version: 1.0.71.0 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2321 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
iTunes (HKLM\...\{A535111D-95C8-487F-869E-CE4C239972D2}) (Version: 11.1.1.11 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.00 - )
Lenovo Mobile Broadband Activation (HKLM-x32\...\{A95D9DF7-CF34-421A-A1DC-936A49A4DAEA}) (Version: 4.0.0013.00 - Lenovo Group Limited)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5717.39 - PC-Doctor, Inc.)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Ihr Firmenname)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 2.02.003.0 - Lenovo)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM-x32\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Small Business 2007 (HKLM-x32\...\SMALLBUSINESSR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Small Business 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Outlook Connector für soziale Netzerker 32-Bit (HKLM-x32\...\{95140000-004E-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1001 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Broadband Drivers (HKLM-x32\...\{EA9640BE-414E-4195-B53B-7905BF1A5A09}) (Version: 6.3.1.3 - Ericsson AB)
Mozilla Firefox 18.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 18.0.1 (x86 de)) (Version: 18.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 18.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Treiber 268.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 268.02 - NVIDIA Corporation)
NVIDIA Grafiktreiber 268.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.02 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.19.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.19.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.39.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.0.21 (Version: 1.0.21 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6802 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 268.02 (Version: 268.02 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.0.21 - NVIDIA Corporation) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.1 - Frank Heindörfer, Philip Chinery)
Pervasive System Analyzer (HKLM-x32\...\Pervasive System Analyzer) (Version:  - )
Pervasive.SQL V8 Workgroup (v8.6) (HKLM-x32\...\{5FCFC78C-438A-4F4D-B266-E32B8468BAFC}) (Version: 8.60.192.033 - Pervasive Software Inc. )
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version:  - )
QuickTime (HKLM-x32\...\{C9E14402-3631-4182-B377-6B0DFB1C0339}) (Version: 7.70.80.34 - Apple Inc.)
RapidBoot (HKLM-x32\...\InstallShield_{C83D5AA1-6A1F-4102-8F7F-C0230DD31FC0}) (Version: 1.00 - Lenovo)
RapidBoot (x32 Version: 1.00 - Lenovo) Hidden
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
RICOH Media Driver v2.10.18.02 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.10.18.02 - RICOH)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 24.0.69180 - Sonos, Inc.)
System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.00.0042 - Lenovo)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.16642 - TeamViewer)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.1500 - Broadcom Corporation)
ThinkPad Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.45 - )
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.22 - )
ThinkPad Modem Adapter (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.5.0 - Conexant Systems)
ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.61.00.11 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.14.0 - )
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 5.82 - Lenovo)
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.00 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.04 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{502EE63C-9A62-4330-8F8B-1EAB51B7BB46}) (Version: 5.9.4.6882 - UPEK Inc.)
ThinkVantage GPS (HKLM-x32\...\{6DB21B2C-2BEF-44B4-B264-8EC2BC2369C6}) (Version: 2.71 - Lenovo)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.73 - Lenovo)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_SMALLBUSINESSR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_SMALLBUSINESSR_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2880505) 32-Bit Edition (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{2720451F-5D04-43EC-AB1F-26D948FD971B}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_SMALLBUSINESSR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_SMALLBUSINESSR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_SMALLBUSINESSR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_SMALLBUSINESSR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Veetle TV 0.9.18 (HKLM-x32\...\Veetle TV) (Version: 0.9.18 - Veetle, Inc)
vShare.tv plugin 1.3 (HKLM-x32\...\vShare.tv plugin) (Version: 1.3 - vShare.tv, Inc.) <==== ATTENTION
VshareComplete (HKLM-x32\...\{ec4b6105-e039-42fb-8e18-c8aa393f0018}_is1) (Version:  - VshareComplete) <==== ATTENTION
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Intel (e1cexpress) Net  (12/21/2010 11.8.84.0) (HKLM\...\6D23A494E9A245843FB8584D9307D3E328DF8613) (Version: 12/21/2010 11.8.84.0 - Intel)
Windows-Treiberpaket - Intel (MEIx64) System  (10/19/2010 7.0.0.1144) (HKLM\...\90FD26A77B849AE03FF5F07A1CDA7F950406A8D8) (Version: 10/19/2010 7.0.0.1144 - Intel)
Windows-Treiberpaket - Intel System  (09/10/2010 9.2.0.1011) (HKLM\...\0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows-Treiberpaket - Intel System  (09/10/2010 9.2.0.1011) (HKLM\...\A513FC5E5A08D4EF27F234E91E0E942A0234210B) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows-Treiberpaket - Intel System  (10/04/2010 9.2.0.1015) (HKLM\...\FE1BEBFD475BB832AAF104F5C63348E98A9286DF) (Version: 10/04/2010 9.2.0.1015 - Intel)
Windows-Treiberpaket - Intel USB  (09/16/2010 9.2.0.1013) (HKLM\...\D97688B8E3830BF9820E15EB8D9552DCBF988CFD) (Version: 09/16/2010 9.2.0.1013 - Intel)
Windows-Treiberpaket - Lenovo (LenovoRd) SmartCardReader  (05/11/2009 4.1.0.1) (HKLM\...\9B84710FFAE6C50914FCE568B59E426F1386E7F6) (Version: 05/11/2009 4.1.0.1 - Lenovo)
Windows-Treiberpaket - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11) (HKLM\...\466E9B20D871055D6D3CDA2CDD1D355E978A61AF) (Version: 11/11/2010 1.61.00.11 - Lenovo)
Windows-Treiberpaket - Synaptics (SynTP) Mouse  (02/17/2011 15.2.14.0) (HKLM\...\77A943AB876C131591E0EA5DB6AB08D89EE2EA9E) (Version: 02/17/2011 15.2.14.0 - Synaptics)
WinZip 16.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D3}) (Version: 16.5.10095 - WinZip Computing, S.L. )
XING Connector 1.2 (HKLM-x32\...\XING Connector) (Version: 1.2 - XING AG)
Zattoo4 4.0.5 (HKLM-x32\...\Zattoo4) (Version: 4.0.5 - Zattoo Inc.)

==================== Restore Points  =========================

28-04-2014 19:21:37 Windows Update
01-05-2014 21:04:56 Windows Update
01-05-2014 21:26:58 Windows Update
06-05-2014 13:22:07 Windows Update
08-05-2014 11:52:49 Windows Update
12-05-2014 19:16:50 Windows Update
16-05-2014 16:59:44 Windows Update
17-05-2014 21:13:14 Windows Update
21-05-2014 19:41:34 Windows Update
24-05-2014 20:52:01 Removed Java 7 Update 7
25-05-2014 08:17:13 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-10-06 02:46 - 00000822 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0F3E4895-2173-4109-A776-6B73E7999B33} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-27] ()
Task: {17F43440-2B07-4058-A2DD-D4D72730C318} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe [2010-12-10] (PC-Doctor, Inc.)
Task: {2031C13C-576B-4FAD-9978-E37FBFB6DB06} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {383E631F-492C-492D-812A-77F728F34B8F} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\pcdrcui.exe [2010-12-10] (PC-Doctor, Inc.)
Task: {3A3D20C7-5225-42B1-8F06-034FBCEDA084} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2011-02-03] (Lenovo Group Limited)
Task: {A75E9DB3-0EBC-430B-8B6E-AB4069859532} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2010-12-10] ()
Task: {FBB52A44-6CAB-4B01-8E58-7FB440574FCB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-16] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\pcdrcui.exe

==================== Loaded Modules (whitelisted) =============

2010-12-17 13:53 - 2010-12-17 13:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-06-21 01:39 - 2009-11-05 07:40 - 00085504 _____ () C:\Windows\System32\cpwmon64.dll
2011-06-21 01:52 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2011-05-27 23:41 - 2011-02-03 20:45 - 00054272 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2010-12-18 15:50 - 2010-12-18 15:50 - 00173856 _____ () C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll
2011-05-28 09:10 - 2011-02-17 12:22 - 00057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
2011-05-27 23:37 - 2010-10-26 05:40 - 00049056 ____N () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2011-05-27 23:38 - 2011-03-06 13:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2009-05-27 22:09 - 2009-05-27 22:09 - 00049976 _____ () C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
2011-03-08 10:05 - 2011-03-08 10:05 - 00086016 _____ () C:\Program Files (x86)\Lenovo\Access Connections\AcWrpc.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-05-27 23:37 - 2010-02-17 11:20 - 00065576 ____R () C:\Program Files (x86)\Mobile Broadband drivers\WMCore\MBMDebug.dll
2011-03-08 10:23 - 2011-03-08 10:23 - 00059392 _____ () C:\Program Files (x86)\Lenovo\Access Connections\ACSonyEricssonHlpr.dll
2011-05-27 23:37 - 2010-12-09 14:01 - 00567336 ____R () C:\Program Files (x86)\Mobile Broadband drivers\WMCore\WMCoreApi-c.dll
2011-05-27 23:42 - 2010-04-06 09:05 - 02085888 _____ () C:\Program Files\Lenovo\AutoLock\cv210.dll
2011-05-27 23:42 - 2010-04-06 09:04 - 02201088 _____ () C:\Program Files\Lenovo\AutoLock\cxcore210.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/25/2014 10:25:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Admin-THINK.local already in use; will try Admin-THINK-2.local instead

Error: (05/25/2014 10:25:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 1; will deregister    4 Admin-THINK.local. Addr 192.168.1.125

Error: (05/25/2014 10:25:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.11:5353    4 Admin-THINK.local. Addr 192.168.1.11

Error: (05/25/2014 10:25:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2014 10:25:22 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description: 

Error: (05/25/2014 10:08:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.532, Zeitstempel: 0x53518532
Name des fehlerhaften Moduls: BtMmHook.dll, Version: 6.4.0.1500, Zeitstempel: 0x4d0d38bf
Ausnahmecode: 0x40000015
Fehleroffset: 0x00011b08
ID des fehlerhaften Prozesses: 0xddc
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (05/25/2014 10:04:26 AM) (Source: PerfNet) (EventID: 2005) (User: )
Description: 

Error: (05/25/2014 10:04:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2014 10:02:03 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (05/25/2014 10:02:03 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.


System errors:
=============
Error: (05/25/2014 10:25:48 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "ADMIN-THINK    :20" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.125
registriert werden. Der Computer mit IP-Adresse 192.168.1.11 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (05/25/2014 10:25:48 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{3483F924-0143-44B6-A31A-9F3884BB54B4} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (05/25/2014 10:25:45 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde mit folgendem dienstspezifischem Fehler beendet: %%303.

Error: (05/25/2014 10:25:04 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "ADMIN-THINK    :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.125
registriert werden. Der Computer mit IP-Adresse 192.168.1.11 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (05/25/2014 10:24:54 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Avira Planer" wurde mit folgendem dienstspezifischem Fehler beendet: %%305.

Error: (05/25/2014 10:04:43 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde mit folgendem dienstspezifischem Fehler beendet: %%303.

Error: (05/25/2014 10:03:54 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Avira Planer" wurde mit folgendem dienstspezifischem Fehler beendet: %%305.

Error: (05/25/2014 10:00:28 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst MBAMScheduler erreicht.

Error: (05/25/2014 09:59:58 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst MBAMScheduler erreicht.

Error: (05/25/2014 09:59:28 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst MBAMScheduler erreicht.


Microsoft Office Sessions:
=========================
Error: (11/25/2013 08:19:36 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 1834 seconds with 1320 seconds of active time.  This session ended with a crash.

Error: (10/01/2013 11:50:16 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 56 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (01/31/2013 00:58:15 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 130340 seconds with 1560 seconds of active time.  This session ended with a crash.

Error: (01/30/2013 00:45:48 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 43287 seconds with 1620 seconds of active time.  This session ended with a crash.

Error: (01/23/2013 00:45:37 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 111615 seconds with 540 seconds of active time.  This session ended with a crash.

Error: (12/06/2012 01:02:27 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 83 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (12/05/2012 01:51:42 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 322 seconds with 300 seconds of active time.  This session ended with a crash.

Error: (11/26/2012 04:15:42 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 133701 seconds with 180 seconds of active time.  This session ended with a crash.

Error: (11/11/2012 11:50:42 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 32216 seconds with 540 seconds of active time.  This session ended with a crash.

Error: (10/31/2012 00:45:20 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 41199 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2012-03-28 01:22:04.102
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-03-28 01:22:04.092
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-03-28 01:22:04.082
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-03-28 01:22:04.072
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-03-28 01:22:04.052
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\gpapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-03-28 01:22:04.032
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\gpapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-12-01 00:16:53.934
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-12-01 00:16:53.914
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-12-01 00:16:53.894
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-12-01 00:16:53.824
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 47%
Total physical RAM: 3983.23 MB
Available physical RAM: 2071.69 MB
Total Pagefile: 7964.65 MB
Available Pagefile: 5880.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:448.96 GB) (Free:260.41 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:15.62 GB) (Free:6.22 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: F4253A71)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16 GB) - (Type=07 NTFS)

==================== End Of Log ============================

--- --- ---

Bootsektor · 25.05.2014, 22:40

Hallo Mamasrechner,

Zitat:

also hier die xml version... nicht besonders schick im Design

Ja, das stimmt, aber ausreichend für unsere Zwecke

Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

SearchScopes: HKCU - DefaultScope {6704F690-3B93-4B82-AC5E-1BFE76DB1572} URL = hxxp://startsear.ch/?aff=1&src=sp&cf=3973db51-12d3-11e1-8a09-028037ec0200&q={searchTerms}
SearchScopes: HKCU - {6704F690-3B93-4B82-AC5E-1BFE76DB1572} URL = hxxp://startsear.ch/?aff=1&src=sp&cf=3973db51-12d3-11e1-8a09-028037ec0200&q={searchTerms}
FF DefaultSearchEngine: Web Search
FF SearchEngineOrder.1: Web Search
FF Homepage: hxxp://search.imesh.net
FF Keyword.URL: hxxp://dts.search-results.com/sr?src=ffb&appid=230&systemid=1&sr=0&q=
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ggnpswe7.default\searchplugins\startsear.xm
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ggnpswe7.default\searchplugins\Search_Results.xml

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2
Da der Scan mit Eset sehr gründlich ist, kann er unter Umständen mehrere Stunden dauern

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 3
Bitte deinstalliere Avira komplett, benutze danach den Avira Registry Cleaner um noch vorhandene Reste in der Registry zu entfernen und installiere dir danach Avira erneut, teste, ob es sich nun anschalten lässt und berichte mir davon

Schritt 4
Starte noch einmal FRST.

Ändere keine der Voreinstellungen und drücke auf Scan.
Wenn der Scan abgeschlossen ist, wird ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

Mamasrechner · 26.05.2014, 16:59

Fixlog

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-05-2014 02
Ran by Admin at 2014-05-26 09:53:26 Run:1
Running from C:\Users\Admin\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
SearchScopes: HKCU - DefaultScope {6704F690-3B93-4B82-AC5E-1BFE76DB1572} URL = hxxp://startsear.ch/?aff=1&src=sp&cf=3973db51-12d3-11e1-8a09-028037ec0200&q={searchTerms}
SearchScopes: HKCU - {6704F690-3B93-4B82-AC5E-1BFE76DB1572} URL = hxxp://startsear.ch/?aff=1&src=sp&cf=3973db51-12d3-11e1-8a09-028037ec0200&q={searchTerms}
FF DefaultSearchEngine: Web Search
FF SearchEngineOrder.1: Web Search
FF Homepage: hxxp://search.imesh.net
FF Keyword.URL: hxxp://dts.search-results.com/sr?src=ffb&appid=230&systemid=1&sr=0&q=
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ggnpswe7.default\searchplugins\startsear.xm
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ggnpswe7.default\searchplugins\Search_Results.xml

*****************

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6704F690-3B93-4B82-AC5E-1BFE76DB1572} => Key deleted successfully.
HKCR\CLSID\{6704F690-3B93-4B82-AC5E-1BFE76DB1572} => Key not found.
Firefox DefaultSearchEngine deleted successfully.
Firefox SearchEngineOrder.1 deleted successfully.
Firefox homepage deleted successfully.
Firefox Keyword.URL deleted successfully.
"C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ggnpswe7.default\searchplugins\startsear.xm" => not found.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ggnpswe7.default\searchplugins\Search_Results.xml => Moved successfully.

==== End of Fixlog ====

ESET log

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=b128b91b8a506846bb0cb95dd894b53f
# engine=18411
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-26 11:22:35
# local_time=2014-05-26 01:22:35 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775166 100 96 17508435 266526645 17631746 0
# compatibility_mode=5893 16776574 100 94 27470722 152733205 0 0
# scanned=215390
# found=18
# cleaned=0
# scan_time=11602
sh=A297AB137CFC91B7FD9B86B966DA7B1C29259255 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y9VNRHNQ\brand_files[1].7zip"
sh=51CB63BC1AF2875B0451FEE2D95CCF4BF19FF1B9 ft=1 fh=e4f3c3cfb058b189 vn="Variante von Win32/PredictAd.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Admin\AppData\Roaming\VshareComplete\KeepMeUpdated.exe"
sh=763F9C72DDD6A0CA2376FE06952D9C4AC66B4D80 ft=1 fh=31d4e5d491f43ec9 vn="möglicherweise Variante von Win32/Complitly.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Admin\AppData\Roaming\VshareComplete\VshareComplete.dll"
sh=51CB63BC1AF2875B0451FEE2D95CCF4BF19FF1B9 ft=1 fh=e4f3c3cfb058b189 vn="Variante von Win32/PredictAd.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Admin\AppData\Roaming\VshareComplete\64\KeepMeUpdated.exe"
sh=AD4BA42F5F3AE29C90A2CF7915496A0957876E90 ft=1 fh=413684c892c1ed39 vn="möglicherweise Variante von Win64/Complitly.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Admin\AppData\Roaming\VshareComplete\64\VshareComplete64.dll"
sh=83F7491AAA9DAF73337CC0B2D13A40EFD4C19339 ft=1 fh=7fcedeea9049f953 vn="Win32/TopMedia.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Admin\Downloads\vshare-plugin.exe"
sh=34DF0003ED9275AC1F1CA47710CEFB353079056A ft=1 fh=a4d704e1a4cd300f vn="Variante von Win32/OpenInstall evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Admin\Downloads\WinZip165Multi-language(32).exe"
sh=34DF0003ED9275AC1F1CA47710CEFB353079056A ft=1 fh=a4d704e1a4cd300f vn="Variante von Win32/OpenInstall evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Admin\Downloads\WinZip165Multi-language.exe"
sh=BF7EA18C06250FD574091FC7E01B008AE6751C54 ft=0 fh=0000000000000000 vn="Java/Exploit.CVE-2012-0507.DD Trojaner" ac=I fn="C:\Users\User\AppData\Local\Temp\jar_cache8841403805913033595.tmp"
sh=6F4AD8CED3F8D99CA7A030AB10BCCBA10D788034 ft=1 fh=1054510efd18331b vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\AppData\Local\Temp\OCS\ocs_v5c.exe"
sh=C4B6F4818B7E9259E27B2A75F8B3917BA1669286 ft=1 fh=d2f80211b729cedf vn="Variante von Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\AppData\Local\{6DFE6B59-3F4E-45AF-A9D0-5EDC43DD23AF}\BRAND_FILES\F9A8E141\CD47D6EC\SetupDataMngr_iMesh.exe"
sh=C5DB8386C3A901DD6D4FB8B66685B889FA1099F9 ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xcf2xqvd.default\user.js"
sh=48FD60E5A677BD39B13E0188075E83137005259E ft=1 fh=ff79543ffacc5f95 vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\Pictures\Downloads\PDFCreator-1_2_1_setup.exe"
sh=4644437DB838EF04A70FAD50F86025585753D6C1 ft=1 fh=4bd032b95da59869 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\Pictures\Downloads\SoftonicDownloader_fuer_cutepdf-writer.exe"
sh=83F7491AAA9DAF73337CC0B2D13A40EFD4C19339 ft=1 fh=7fcedeea9049f953 vn="Win32/TopMedia.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\Pictures\Downloads\vshare-plugin(1).exe"
sh=5DE4084222A4AF0D57FF89E0A8F32D7654EEA9F5 ft=1 fh=20b3f2bda540ff2c vn="Win32/TopMedia.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\Pictures\Downloads\vshare-plugin.exe"
sh=95BCB1A8C74C5822493E3B411366962BF3189E2A ft=1 fh=fcfde6bba4cd300f vn="Variante von Win32/OpenInstall evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\Pictures\Downloads\WinZip165Multi-language(1).exe"
sh=95BCB1A8C74C5822493E3B411366962BF3189E2A ft=1 fh=fcfde6bba4cd300f vn="Variante von Win32/OpenInstall evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\Pictures\Downloads\WinZip165Multi-language.exe"

Avira habe ich erfolgreich deinstalliert, alles aus der Registry gelöscht und wieder erfolgreich und funktionsfähig neu installiert.

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by Admin (administrator) on ADMIN-THINK on 26-05-2014 17:53:43
Running from C:\Users\Admin\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(UPEK Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Avanquest Software ) C:\Program Files (x86)\Digital Line Detect\DLG.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Hypersoft GmbH) C:\Hypers-!\TerminalCommander.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2697512 2011-02-17] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2010-12-09] (Lenovo.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2011-01-07] (Conexant systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [41320 2011-02-25] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281448 2010-12-16] (Lenovo Group Limited)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [31592 2011-03-08] (Lenovo)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [79192 2011-02-18] (Research In Motion Limited)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-07-05] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [183376 2014-05-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-09] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (UPEK Inc.)
HKU\S-1-5-21-2742407630-3556308796-4235214410-1001\...\MountPoints2: {51d08977-88a7-11e0-bb74-806e6f6e6963} - Q:\LenovoQDrive.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [226920 2011-04-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [192616 2011-04-05] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll ACGina
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hypersoft Terminal Commander.lnk
ShortcutTarget: Hypersoft Terminal Commander.lnk -> C:\Hypers-!\MCP-!\TerminalCommander.exe (Hypersoft GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files (x86)\Digital Line Detect\DLG.exe (Avanquest Software )

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = Lenovo laptops - ThinkPads & IdeaPad
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Lenovo laptops - ThinkPads & IdeaPad
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ggnpswe7.default
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ggnpswe7.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ggnpswe7.default\searchplugins\startsear.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: 20-20 3D Viewer - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ggnpswe7.default\Extensions\2020Player@2020Technologies.com [2011-06-17]
FF Extension: TVU Web Player - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ggnpswe7.default\Extensions\firefox@tvunetworks.com [2011-06-17]
FF Extension: VshareComplete - Speed up your search with your personal search suggestions tool - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ggnpswe7.default\Extensions\{3697b17c-b572-4862-a5e6-7f922c0f3403} [2011-11-19]
FF Extension: Yahoo! Toolbar - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ggnpswe7.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-05-23]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ggnpswe7.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2012-07-22]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-09] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [123984 2014-05-14] (Avira Operations GmbH & Co. KG)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [155496 2011-02-03] (Lenovo.)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [584232 2010-12-09] (Ericsson AB)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2010-03-03] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [30248 2010-03-03] (Ericsson AB)
R3 l36wgps; C:\Windows\System32\DRIVERS\l36wgps64.sys [101416 2010-12-01] (Ericsson AB)
R3 LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [118016 2009-05-11] (Lenovo)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-05-26] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [411208 2010-10-31] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [419912 2010-10-31] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2010-10-31] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [472648 2010-10-31] (MCCI Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-05-27] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74240 2011-02-16] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13840 2009-03-13] (UPEK Inc.)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [41536 2009-09-24] (Lenovo (United States) Inc.)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [276008 2010-12-28] (Ericsson AB)
S3 PCDSRVC{127174DC-C366ED8B-06020101}_0; \??\c:\program files\pc-doctor\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-26 16:58 - 2014-05-26 16:58 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Avira
2014-05-26 16:55 - 2014-05-09 11:16 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-26 16:55 - 2014-05-09 11:16 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-26 16:55 - 2014-05-09 11:16 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-05-26 16:42 - 2014-05-26 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-26 16:42 - 2014-05-26 16:55 - 00000000 ____D () C:\ProgramData\Avira
2014-05-26 16:42 - 2014-05-26 16:55 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-26 16:42 - 2014-05-26 16:42 - 00001148 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-05-26 16:42 - 2014-05-26 16:42 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-26 16:41 - 2014-05-26 16:41 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Admin\Downloads\avira_de_av_4006366364__ws.exe
2014-05-26 16:37 - 2014-05-26 16:37 - 00227096 _____ () C:\Users\Admin\Downloads\avira_registry_cleaner_de.exe
2014-05-26 09:56 - 2014-05-26 09:56 - 02347384 _____ (ESET) C:\Users\Admin\Desktop\esetsmartinstaller_deu.exe
2014-05-25 22:33 - 2014-05-25 22:33 - 00039108 _____ () C:\Users\Admin\Desktop\Addition.txt
2014-05-25 22:32 - 2014-05-26 17:54 - 00021178 _____ () C:\Users\Admin\Desktop\FRST.txt
2014-05-25 22:32 - 2014-05-25 22:32 - 00000000 ____D () C:\Users\Admin\Desktop\FRST-OlderVersion
2014-05-25 10:18 - 2014-05-25 10:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2014-05-25 10:12 - 2014-05-25 10:12 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieUserList
2014-05-25 10:12 - 2014-05-25 10:12 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieSiteList
2014-05-24 23:11 - 2014-05-26 16:40 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-24 23:10 - 2014-05-24 23:10 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-24 23:10 - 2014-05-24 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-24 23:10 - 2014-05-24 23:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-24 23:10 - 2014-05-24 23:10 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-24 23:10 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-24 23:10 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-24 23:10 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-24 23:07 - 2014-05-24 23:08 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Admin\Desktop\mbam-setup-2.0.2.1012.exe
2014-05-24 22:56 - 2014-05-24 22:59 - 00000000 ____D () C:\AdwCleaner
2014-05-24 22:54 - 2014-05-24 22:54 - 01326389 _____ () C:\Users\Admin\Desktop\adwcleaner_3.210.exe
2014-05-24 22:51 - 2014-02-12 14:25 - 00000426 _____ () C:\AVScanner.ini
2014-05-23 10:53 - 2014-05-23 10:54 - 00042403 _____ () C:\Users\Admin\Addition.txt
2014-05-23 10:46 - 2014-05-23 10:54 - 00041460 _____ () C:\Users\Admin\FRST.txt
2014-05-20 12:33 - 2014-05-26 17:53 - 00000000 ____D () C:\FRST
2014-05-20 12:33 - 2014-05-25 22:32 - 02066944 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2014-05-17 23:20 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-17 23:20 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-17 23:20 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-17 23:20 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-17 23:20 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-17 23:20 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-16 19:00 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-16 19:00 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-16 19:00 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-16 19:00 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-16 18:59 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-16 18:59 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-16 18:59 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-16 18:59 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-16 18:59 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-16 18:59 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-16 18:59 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-16 18:59 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-16 18:59 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-16 18:59 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-16 18:59 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-16 18:59 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-16 18:59 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-16 18:59 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-16 18:59 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-16 18:59 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-16 18:59 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-16 18:59 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-16 18:59 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-16 18:59 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-16 18:59 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-16 18:59 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-16 18:59 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-16 18:59 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-16 18:59 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-16 18:59 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-16 18:59 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-16 18:59 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-16 18:59 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-16 18:59 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-16 18:59 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-16 18:59 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-16 18:59 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-16 18:59 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-16 18:59 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-16 18:59 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-16 18:59 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-16 18:59 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-16 18:59 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-16 18:59 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-16 18:59 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-12 21:17 - 2014-05-17 23:19 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-11 08:05 - 2014-05-11 08:05 - 00262144 _____ () C:\Windows\Minidump\051114-18064-01.dmp
2014-05-08 13:53 - 2014-05-17 23:37 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 15:22 - 2014-05-06 15:22 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieUserList
2014-05-06 15:22 - 2014-05-06 15:22 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieSiteList
2014-05-01 23:27 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-01 23:27 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-01 23:27 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-01 23:27 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-01 23:27 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-01 23:27 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-01 23:27 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-01 23:27 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-01 23:27 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-01 23:27 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-01 23:27 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-01 23:27 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-01 23:27 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-01 23:27 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-01 23:27 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-01 23:27 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-01 23:27 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-01 23:27 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-01 23:27 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-01 23:27 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-01 23:27 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-01 23:27 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-01 23:27 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-01 23:27 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-01 23:27 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-01 23:27 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-01 23:27 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-01 23:27 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-01 23:27 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-01 23:27 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-01 23:27 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-01 23:27 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-01 23:27 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-01 23:27 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-01 23:27 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-01 23:27 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-01 23:27 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-01 23:27 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-01 23:27 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-01 23:27 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-01 23:27 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-01 23:27 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-01 23:27 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-01 23:27 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

==================== One Month Modified Files and Folders =======

2014-05-26 17:54 - 2014-05-25 22:32 - 00021178 _____ () C:\Users\Admin\Desktop\FRST.txt
2014-05-26 17:53 - 2014-05-20 12:33 - 00000000 ____D () C:\FRST
2014-05-26 17:53 - 2011-05-27 23:50 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-05-26 17:49 - 2011-05-27 23:50 - 00000382 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2014-05-26 17:33 - 2011-05-27 23:27 - 01257889 _____ () C:\Windows\WindowsUpdate.log
2014-05-26 17:07 - 2012-06-07 12:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-26 16:59 - 2011-05-28 09:17 - 00877186 _____ () C:\Windows\system32\perfh007.dat
2014-05-26 16:59 - 2011-05-28 09:17 - 00206622 _____ () C:\Windows\system32\perfc007.dat
2014-05-26 16:59 - 2009-07-14 07:13 - 00006264 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-26 16:58 - 2014-05-26 16:58 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Avira
2014-05-26 16:56 - 2014-05-26 16:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-26 16:55 - 2014-05-26 16:42 - 00000000 ____D () C:\ProgramData\Avira
2014-05-26 16:55 - 2014-05-26 16:42 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-26 16:46 - 2009-07-14 06:45 - 00031072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-26 16:46 - 2009-07-14 06:45 - 00031072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-26 16:42 - 2014-05-26 16:42 - 00001148 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-05-26 16:42 - 2014-05-26 16:42 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-26 16:41 - 2014-05-26 16:41 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Admin\Downloads\avira_de_av_4006366364__ws.exe
2014-05-26 16:41 - 2011-07-06 16:07 - 00006244 _____ () C:\Windows\pvsw.log
2014-05-26 16:40 - 2014-05-24 23:11 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-26 16:40 - 2011-07-06 16:16 - 00000000 ____D () C:\Hypers-!
2014-05-26 16:40 - 2011-06-17 00:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-26 16:39 - 2011-05-27 23:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-26 16:38 - 2010-11-21 05:47 - 00450052 _____ () C:\Windows\PFRO.log
2014-05-26 16:38 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-26 16:38 - 2009-07-14 06:51 - 00103741 _____ () C:\Windows\setupact.log
2014-05-26 16:37 - 2014-05-26 16:37 - 00227096 _____ () C:\Users\Admin\Downloads\avira_registry_cleaner_de.exe
2014-05-26 14:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-26 09:56 - 2014-05-26 09:56 - 02347384 _____ (ESET) C:\Users\Admin\Desktop\esetsmartinstaller_deu.exe
2014-05-25 22:33 - 2014-05-25 22:33 - 00039108 _____ () C:\Users\Admin\Desktop\Addition.txt
2014-05-25 22:32 - 2014-05-25 22:32 - 00000000 ____D () C:\Users\Admin\Desktop\FRST-OlderVersion
2014-05-25 22:32 - 2014-05-20 12:33 - 02066944 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2014-05-25 22:32 - 2011-06-16 23:32 - 00000000 ___HD () C:\Users\Admin
2014-05-25 10:18 - 2014-05-25 10:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2014-05-25 10:12 - 2014-05-25 10:12 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieUserList
2014-05-25 10:12 - 2014-05-25 10:12 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieSiteList
2014-05-25 10:08 - 2012-01-02 17:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\CrashDumps
2014-05-25 10:00 - 2011-05-27 23:50 - 00003448 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
2014-05-25 09:59 - 2011-05-27 23:50 - 00000000 ____D () C:\ProgramData\PCDr
2014-05-25 00:08 - 2011-05-27 23:50 - 00000000 ____D () C:\Program Files\PC-Doctor
2014-05-24 23:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-05-24 23:10 - 2014-05-24 23:10 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-24 23:10 - 2014-05-24 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-24 23:10 - 2014-05-24 23:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-24 23:10 - 2014-05-24 23:10 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-24 23:08 - 2014-05-24 23:07 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Admin\Desktop\mbam-setup-2.0.2.1012.exe
2014-05-24 22:59 - 2014-05-24 22:56 - 00000000 ____D () C:\AdwCleaner
2014-05-24 22:54 - 2014-05-24 22:54 - 01326389 _____ () C:\Users\Admin\Desktop\adwcleaner_3.210.exe
2014-05-24 22:53 - 2011-06-17 16:14 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-24 22:51 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-23 10:54 - 2014-05-23 10:53 - 00042403 _____ () C:\Users\Admin\Addition.txt
2014-05-23 10:54 - 2014-05-23 10:46 - 00041460 _____ () C:\Users\Admin\FRST.txt
2014-05-23 10:47 - 2011-06-17 16:06 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-23 10:44 - 2011-06-16 23:34 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-23 10:44 - 2011-06-16 23:34 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-23 10:43 - 2011-11-10 20:02 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2014-05-19 10:09 - 2013-11-26 19:56 - 00000000 ____D () C:\ProgramData\Sonos,_Inc
2014-05-19 10:06 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-18 22:09 - 2011-06-17 16:59 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-18 22:09 - 2011-06-17 16:59 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-17 23:37 - 2014-05-08 13:53 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-17 23:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-17 23:20 - 2011-06-17 00:02 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-17 23:19 - 2014-05-12 21:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-17 23:15 - 2011-10-11 10:21 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-16 20:07 - 2012-06-07 12:23 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-16 20:07 - 2012-06-07 12:23 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-16 20:07 - 2011-06-17 16:07 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-13 10:26 - 2012-07-03 22:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 22:15 - 2012-05-18 16:14 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Dropbox
2014-05-12 21:16 - 2012-05-18 16:16 - 00000000 ___RD () C:\Users\Admin\Dropbox
2014-05-12 07:26 - 2014-05-24 23:10 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-24 23:10 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-24 23:10 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-11 08:05 - 2014-05-11 08:05 - 00262144 _____ () C:\Windows\Minidump\051114-18064-01.dmp
2014-05-11 08:05 - 2013-01-10 04:34 - 3485825333 _____ () C:\Windows\MEMORY.DMP
2014-05-11 08:05 - 2013-01-10 04:34 - 00000000 ____D () C:\Windows\Minidump
2014-05-09 11:16 - 2014-05-26 16:55 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-09 11:16 - 2014-05-26 16:55 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-09 11:16 - 2014-05-26 16:55 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-05-09 08:14 - 2014-05-16 19:00 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-16 19:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-06 15:22 - 2014-05-06 15:22 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieUserList
2014-05-06 15:22 - 2014-05-06 15:22 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieSiteList
2014-05-06 06:40 - 2014-05-17 23:20 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-17 23:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-17 23:20 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-17 23:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-17 23:20 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-17 23:20 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\AskSLib.dll
C:\Users\Admin\AppData\Local\Temp\avgnt.exe
C:\Users\Admin\AppData\Local\Temp\chutil.dll
C:\Users\Admin\AppData\Local\Temp\iMesh_setup.exe
C:\Users\Admin\AppData\Local\Temp\InitBDE.exe
C:\Users\Admin\AppData\Local\Temp\Installhelper.dll
C:\Users\Admin\AppData\Local\Temp\isutldll.dll
C:\Users\Admin\AppData\Local\Temp\ose00000.exe
C:\Users\Admin\AppData\Local\Temp\Quarantine.exe
C:\Users\Admin\AppData\Local\Temp\sqlite3.dll
C:\Users\Admin\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\User\AppData\Local\Temp\AskSLib.dll
C:\Users\User\AppData\Local\Temp\chutil.dll
C:\Users\User\AppData\Local\Temp\install_flashplayer11x32ax_gtba_aih[1].exe
C:\Users\User\AppData\Local\Temp\install_flashplayer11x64_mssa_aih.exe
C:\Users\User\AppData\Local\Temp\install_flashplayer11x64_mssa_aih_1.exe
C:\Users\User\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\User\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-19 16:29

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---
FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02
Ran by Admin at 2014-05-26 17:55:09
Running from C:\Users\Admin\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
.NET Framework-Sicherheitsrichtlinie für den Codezugriff auf Organisationsebene (x32 Version: 1.0.2411.0 - Microsoft Corporation) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1210 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1210 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 2.1.0 - Amazon Services LLC)
Amazon Music Importer (x32 Version: 2.1.0 - Amazon Services LLC) Hidden
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.22.00 - )
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM-x32\...\{68e29fba-92b1-4f6f-a604-1d8679da3a9f}) (Version: 1.1.13.24161 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.13.24161 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.642 - Avira)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
BlackBerry Desktop Software 6.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 6.1.0.35 - Research in Motion Ltd.)
BlackBerry Desktop Software 6.1 (x32 Version: 6.1.0.35 - Research in Motion Ltd.) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.1500 - Broadcom Corporation)
Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.18.0 - Conexant)
Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)
Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) Hidden
Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.828 - Corel Inc.)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dienstprogramm "ThinkPad UltraNav" (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Griaule FingerCap USB Driver vr. 1.2 (HKLM-x32\...\{87cd3511-c592-4fba-92e1-54416b3c83cc}_is1) (Version: 1.2 - Griaule Biometrics LTDA.)
iCloud (HKLM\...\{D1829BE5-F305-4576-9593-C66FC7E0B008}) (Version: 1.0.2.17 - Apple Inc.)
Integrated Camera Driver Installer Package Ver.1.1.0.1141 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1141 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.0.71.0 (HKLM-x32\...\{2C43790E-8470-1027-82D3-DF319F3C410F}) (Version: 1.0.71.0 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2321 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
iTunes (HKLM\...\{A535111D-95C8-487F-869E-CE4C239972D2}) (Version: 11.1.1.11 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.00 - )
Lenovo Mobile Broadband Activation (HKLM-x32\...\{A95D9DF7-CF34-421A-A1DC-936A49A4DAEA}) (Version: 4.0.0013.00 - Lenovo Group Limited)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5717.39 - PC-Doctor, Inc.)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Ihr Firmenname)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 2.02.003.0 - Lenovo)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM-x32\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Small Business 2007 (HKLM-x32\...\SMALLBUSINESSR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Small Business 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Outlook Connector für soziale Netzerker 32-Bit (HKLM-x32\...\{95140000-004E-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1001 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Broadband Drivers (HKLM-x32\...\{EA9640BE-414E-4195-B53B-7905BF1A5A09}) (Version: 6.3.1.3 - Ericsson AB)
Mozilla Firefox 18.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 18.0.1 (x86 de)) (Version: 18.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 18.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Treiber 268.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 268.02 - NVIDIA Corporation)
NVIDIA Grafiktreiber 268.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.02 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.19.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.19.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.39.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.0.21 (Version: 1.0.21 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6802 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 268.02 (Version: 268.02 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.0.21 - NVIDIA Corporation) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.1 - Frank Heindörfer, Philip Chinery)
Pervasive System Analyzer (HKLM-x32\...\Pervasive System Analyzer) (Version:  - )
Pervasive.SQL V8 Workgroup (v8.6) (HKLM-x32\...\{5FCFC78C-438A-4F4D-B266-E32B8468BAFC}) (Version: 8.60.192.033 - Pervasive Software Inc. )
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version:  - )
QuickTime (HKLM-x32\...\{C9E14402-3631-4182-B377-6B0DFB1C0339}) (Version: 7.70.80.34 - Apple Inc.)
RapidBoot (HKLM-x32\...\InstallShield_{C83D5AA1-6A1F-4102-8F7F-C0230DD31FC0}) (Version: 1.00 - Lenovo)
RapidBoot (x32 Version: 1.00 - Lenovo) Hidden
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
RICOH Media Driver v2.10.18.02 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.10.18.02 - RICOH)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 24.0.69180 - Sonos, Inc.)
System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.00.0042 - Lenovo)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.16642 - TeamViewer)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.1500 - Broadcom Corporation)
ThinkPad Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.45 - )
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.22 - )
ThinkPad Modem Adapter (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.5.0 - Conexant Systems)
ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.61.00.11 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.14.0 - )
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 5.82 - Lenovo)
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.00 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.04 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{502EE63C-9A62-4330-8F8B-1EAB51B7BB46}) (Version: 5.9.4.6882 - UPEK Inc.)
ThinkVantage GPS (HKLM-x32\...\{6DB21B2C-2BEF-44B4-B264-8EC2BC2369C6}) (Version: 2.71 - Lenovo)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.73 - Lenovo)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_SMALLBUSINESSR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_SMALLBUSINESSR_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2880505) 32-Bit Edition (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{2720451F-5D04-43EC-AB1F-26D948FD971B}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_SMALLBUSINESSR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_SMALLBUSINESSR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_SMALLBUSINESSR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_SMALLBUSINESSR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Veetle TV 0.9.18 (HKLM-x32\...\Veetle TV) (Version: 0.9.18 - Veetle, Inc)
vShare.tv plugin 1.3 (HKLM-x32\...\vShare.tv plugin) (Version: 1.3 - vShare.tv, Inc.) <==== ATTENTION
VshareComplete (HKLM-x32\...\{ec4b6105-e039-42fb-8e18-c8aa393f0018}_is1) (Version:  - VshareComplete) <==== ATTENTION
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Intel (e1cexpress) Net  (12/21/2010 11.8.84.0) (HKLM\...\6D23A494E9A245843FB8584D9307D3E328DF8613) (Version: 12/21/2010 11.8.84.0 - Intel)
Windows-Treiberpaket - Intel (MEIx64) System  (10/19/2010 7.0.0.1144) (HKLM\...\90FD26A77B849AE03FF5F07A1CDA7F950406A8D8) (Version: 10/19/2010 7.0.0.1144 - Intel)
Windows-Treiberpaket - Intel System  (09/10/2010 9.2.0.1011) (HKLM\...\0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows-Treiberpaket - Intel System  (09/10/2010 9.2.0.1011) (HKLM\...\A513FC5E5A08D4EF27F234E91E0E942A0234210B) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows-Treiberpaket - Intel System  (10/04/2010 9.2.0.1015) (HKLM\...\FE1BEBFD475BB832AAF104F5C63348E98A9286DF) (Version: 10/04/2010 9.2.0.1015 - Intel)
Windows-Treiberpaket - Intel USB  (09/16/2010 9.2.0.1013) (HKLM\...\D97688B8E3830BF9820E15EB8D9552DCBF988CFD) (Version: 09/16/2010 9.2.0.1013 - Intel)
Windows-Treiberpaket - Lenovo (LenovoRd) SmartCardReader  (05/11/2009 4.1.0.1) (HKLM\...\9B84710FFAE6C50914FCE568B59E426F1386E7F6) (Version: 05/11/2009 4.1.0.1 - Lenovo)
Windows-Treiberpaket - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11) (HKLM\...\466E9B20D871055D6D3CDA2CDD1D355E978A61AF) (Version: 11/11/2010 1.61.00.11 - Lenovo)
Windows-Treiberpaket - Synaptics (SynTP) Mouse  (02/17/2011 15.2.14.0) (HKLM\...\77A943AB876C131591E0EA5DB6AB08D89EE2EA9E) (Version: 02/17/2011 15.2.14.0 - Synaptics)
WinZip 16.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D3}) (Version: 16.5.10095 - WinZip Computing, S.L. )
XING Connector 1.2 (HKLM-x32\...\XING Connector) (Version: 1.2 - XING AG)
Zattoo4 4.0.5 (HKLM-x32\...\Zattoo4) (Version: 4.0.5 - Zattoo Inc.)

==================== Restore Points  =========================

16-05-2014 16:59:44 Windows Update
17-05-2014 21:13:14 Windows Update
21-05-2014 19:41:34 Windows Update
24-05-2014 20:52:01 Removed Java 7 Update 7
25-05-2014 08:17:13 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-10-06 02:46 - 00000822 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0F3E4895-2173-4109-A776-6B73E7999B33} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-27] ()
Task: {17F43440-2B07-4058-A2DD-D4D72730C318} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe [2010-12-10] (PC-Doctor, Inc.)
Task: {2031C13C-576B-4FAD-9978-E37FBFB6DB06} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {383E631F-492C-492D-812A-77F728F34B8F} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\pcdrcui.exe [2010-12-10] (PC-Doctor, Inc.)
Task: {3A3D20C7-5225-42B1-8F06-034FBCEDA084} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2011-02-03] (Lenovo Group Limited)
Task: {A75E9DB3-0EBC-430B-8B6E-AB4069859532} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2010-12-10] ()
Task: {FBB52A44-6CAB-4B01-8E58-7FB440574FCB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-16] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\pcdrcui.exe

==================== Loaded Modules (whitelisted) =============

2010-12-17 13:53 - 2010-12-17 13:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-06-21 01:39 - 2009-11-05 07:40 - 00085504 _____ () C:\Windows\System32\cpwmon64.dll
2011-06-21 01:52 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2011-05-27 23:41 - 2011-02-03 20:45 - 00054272 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2010-12-18 15:50 - 2010-12-18 15:50 - 00173856 _____ () C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll
2011-05-28 09:10 - 2011-02-17 12:22 - 00057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
2011-05-27 23:37 - 2010-10-26 05:40 - 00049056 ____N () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2011-05-27 23:38 - 2011-03-06 13:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2009-05-27 22:09 - 2009-05-27 22:09 - 00049976 _____ () C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
2011-03-08 10:05 - 2011-03-08 10:05 - 00086016 _____ () C:\Program Files (x86)\Lenovo\Access Connections\AcWrpc.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-05-27 23:37 - 2010-02-17 11:20 - 00065576 ____R () C:\Program Files (x86)\Mobile Broadband drivers\WMCore\MBMDebug.dll
2011-03-08 10:23 - 2011-03-08 10:23 - 00059392 _____ () C:\Program Files (x86)\Lenovo\Access Connections\ACSonyEricssonHlpr.dll
2011-05-27 23:37 - 2010-12-09 14:01 - 00567336 ____R () C:\Program Files (x86)\Mobile Broadband drivers\WMCore\WMCoreApi-c.dll
2011-05-27 23:42 - 2010-04-06 09:05 - 02085888 _____ () C:\Program Files\Lenovo\AutoLock\cv210.dll
2011-05-27 23:42 - 2010-04-06 09:04 - 02201088 _____ () C:\Program Files\Lenovo\AutoLock\cxcore210.dll
2011-06-17 00:28 - 2014-05-12 21:18 - 03022232 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-04-01 14:47 - 2011-04-01 14:47 - 00235112 _____ () C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
2014-05-14 14:27 - 2014-05-14 14:27 - 00137296 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-05-14 14:27 - 2014-05-14 14:27 - 00065616 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-05-26 16:57 - 2014-05-14 14:27 - 00049744 _____ () C:\Users\Admin\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-05-16 20:07 - 2014-05-16 20:07 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/26/2014 04:59:10 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (05/26/2014 04:59:10 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (05/26/2014 04:59:10 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (05/26/2014 04:39:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/26/2014 04:39:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Admin-THINK.local already in use; will try Admin-THINK-2.local instead

Error: (05/26/2014 04:39:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 1; will deregister    4 Admin-THINK.local. Addr 192.168.1.125

Error: (05/26/2014 04:39:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.11:5353    4 Admin-THINK.local. Addr 192.168.1.11

Error: (05/26/2014 04:31:15 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/26/2014 02:00:17 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/26/2014 01:57:43 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.


System errors:
=============
Error: (05/26/2014 04:58:41 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "ADMIN-THINK    :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.125
registriert werden. Der Computer mit IP-Adresse 192.168.1.11 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (05/26/2014 04:39:24 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "ADMIN-THINK    :20" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.125
registriert werden. Der Computer mit IP-Adresse 192.168.1.11 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (05/26/2014 04:39:24 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{3483F924-0143-44B6-A31A-9F3884BB54B4} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (05/26/2014 04:39:05 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "ADMIN-THINK    :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.125
registriert werden. Der Computer mit IP-Adresse 192.168.1.11 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (05/26/2014 04:31:00 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "ADMIN-THINK    :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.125
registriert werden. Der Computer mit IP-Adresse 192.168.1.11 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (05/26/2014 09:52:34 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "ADMIN-THINK    :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.125
registriert werden. Der Computer mit IP-Adresse 192.168.1.11 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (05/26/2014 09:49:02 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde mit folgendem dienstspezifischem Fehler beendet: %%303.

Error: (05/26/2014 09:48:49 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "ADMIN-THINK    :20" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.125
registriert werden. Der Computer mit IP-Adresse 192.168.1.11 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (05/26/2014 09:48:49 AM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{3483F924-0143-44B6-A31A-9F3884BB54B4} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (05/26/2014 09:48:16 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "ADMIN-THINK    :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.125
registriert werden. Der Computer mit IP-Adresse 192.168.1.11 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.


Microsoft Office Sessions:
=========================
Error: (11/25/2013 08:19:36 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 1834 seconds with 1320 seconds of active time.  This session ended with a crash.

Error: (10/01/2013 11:50:16 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 56 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (01/31/2013 00:58:15 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 130340 seconds with 1560 seconds of active time.  This session ended with a crash.

Error: (01/30/2013 00:45:48 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 43287 seconds with 1620 seconds of active time.  This session ended with a crash.

Error: (01/23/2013 00:45:37 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 111615 seconds with 540 seconds of active time.  This session ended with a crash.

Error: (12/06/2012 01:02:27 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 83 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (12/05/2012 01:51:42 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 322 seconds with 300 seconds of active time.  This session ended with a crash.

Error: (11/26/2012 04:15:42 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 133701 seconds with 180 seconds of active time.  This session ended with a crash.

Error: (11/11/2012 11:50:42 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 32216 seconds with 540 seconds of active time.  This session ended with a crash.

Error: (10/31/2012 00:45:20 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 41199 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2012-03-28 01:22:04.102
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-03-28 01:22:04.092
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-03-28 01:22:04.082
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-03-28 01:22:04.072
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-03-28 01:22:04.052
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\gpapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-03-28 01:22:04.032
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\gpapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-12-01 00:16:53.934
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-12-01 00:16:53.914
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-12-01 00:16:53.894
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-12-01 00:16:53.824
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 63%
Total physical RAM: 3983.23 MB
Available physical RAM: 1449.66 MB
Total Pagefile: 7964.65 MB
Available Pagefile: 4944.08 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:448.96 GB) (Free:264.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:15.62 GB) (Free:6.22 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: F4253A71)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16 GB) - (Type=07 NTFS)

==================== End Of Log ============================

--- --- ---

so, alles erledigt.

aber der efes scan hat noch einiges gefunden. was hat das zu bedeuten?

Bootsektor · 26.05.2014, 20:07

Hallo Mamasrechner,

Zitat:

aber der efes scan hat noch einiges gefunden. was hat das zu bedeuten?

Das sind zum Großteil Toolbars und potentiell unerwünschte Programme, also solche ohne wirkliche Funktion oder Funktion die man nur in der Vollversion erwerben kann, installieren sich oft mit, wenn man sich Freeware runterlädt oder auf Werbung klickt. ESET ist da immer sehr gründlich mit.

Dann ist da noch was im JavaCache, aber das löschen wir gleich mit

Also nichts weltbewegendes

Schön, dass Avira wieder geht

Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ggnpswe7.default\searchplugins\startsear.xml
FF Extension: VshareComplete - Speed up your search with your personal search suggestions tool - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ggnpswe7.default\Extensions\{3697b17c-b572-4862-a5e6-7f922c0f3403} [2011-11-19]
C:\Users\Admin\Downloads\WinZip165Multi-language(32).exe
C:\Users\Admin\Downloads\WinZip165Multi-language.ex
C:\Users\User\AppData\Local\{6DFE6B59-3F4E-45AF-A9D0-5EDC43DD23AF}\BRAND_FILES\F9A8E141\CD47D6EC\SetupDataMngr_iMesh.exe
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xcf2xqvd.default\user.js
C:\Users\Admin\AppData\Roaming\VshareComplete
C:\Users\User\Pictures\Downloads\PDFCreator-1_2_1_setup.exe
C:\Users\User\Pictures\Downloads\SoftonicDownloader_fuer_cutepdf-writer.exe
C:\Users\User\Pictures\Downloads\vshare-plugin(1).exe
C:\Users\User\Pictures\Downloads\vshare-plugin.exe
C:\Users\User\Pictures\Downloads\WinZip165Multi-language(1).exe
C:\Users\User\Pictures\Downloads\WinZip165Multi-language.exe

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2
Datenträgerbereinigung

Gehe auf das Windowsstartsymbol
Gebe im Suchfeld Datenträgerrereinigung ein
Setze den Haken zusätzlich bei Temporäre Dateien
Bestätige mit OK

Schritt 3
Java Cache löschen
Gehe auf:
Start => Systemsteuerung => Java auswählen=> Reiter: Allgemein => Temporäre Internet-Dateien "Einstellungen" => Dateien löschen => Haken bei "gecachte Anwendungen und Applets" sowie bei "Verfolgungs- und Protokolldateien" (Trace und Logdateien") setzen => OK

Ausführliche Anleitung Wie leere ich den Java-Cache?

OK
So wie ich es sehe, haben wir damit alles Schadhafte entfernt. Deine Logs sind sauber.
Abschließend räumen wir noch etwas auf, führen Updates durch und dann bekommst du noch etwas Lesestoff von mir.

Schritt 1

Falls Du Malwarebytes-Antimalware und den ESET-Onlinescan nicht mehr benötigst, kannst Du beide Programme einfach über die Programmdeinstallation deinstallieren.
Ich empfehle Dir aber zumindest Malwarebytes zu behalten, und damit einmal die Woche einen Kontrollscan zu machen.

Schritt 2
Downloade dir bitte delfix auf deinen Desktop.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.
DelFix entfernt u. a. alle verwendeten Programme und löscht sich abschließend selbst.

Falls nach Delfix noch Programme aus unserer Bereinigung vorhanden sein sollten, kannst du diese nun bedenkenlos löschen.

Updates / Programme aktualisieren
Auf dem Rechner befinden sich zwei aktivierte Antivirenprogramm: Avira und MS Essentials, diese konnen sich in ihrer Funktion gegenseitig behindern, entscheide dich für eines und deinstalliere das andere

Adobe Reader

Dein Adobe Reader ist veraltet.
Deinstalliere Deinen Reader und lade Dir die neueste Version von hier herunter. Schaue, ob sich noch etwas mit installieren möchte und entferne den Haken gegebenenfalls.

Nun zum Schluss noch ein paar Tipps zur Absicherung deines Systems.

Aktualität des Systems
Es ist extrem wichtig, dass sowohl dein System als auch die darauf installierte sicherheitsrelevante Software (Flash Player, PDF-Reader und besonders Java, sofern vorhanden) aktuell sind.

Bitte überprüfe, ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.

Java

Du hattest eine veraltete Java-Version auf dem Rechner die wir in einem der vorherigen Schritte deinstalliert haben, denn Java ist eine große Sicherheitslücke auf deinem System, es werden immer wieder neue Schwachstellen entdeckt, die ausgenutzt werden um Rechner zu infizieren.

Falls du Java doch unbedingt benötigst, dann

Downloade dir bitte die neueste Java-Version von hier
Speichere die jxpiinstall.exe
Schließe alle laufenden Programme. Speziell deinen Browser.
Starte die jxpiinstall.exe. Diese wird den Installer für die neueste Java Version ( Java 7 Update 55 ) herunter laden.
Entferne den Haken bei "Installieren Sie die Ask-Toolbar ..." während der Installation.

und sorge dafür, dass Java automatisch updated.
Dazu:

öffne Java
klicke auf den Reiter Update
klicke auf: Benachrichtung ausgeben: Vor dem Download setze den Haken bei Automatisch nach Updates suchen
klicke auf Erweitert
ändere das Intervall mindestens auf wöchentlich

und schalte das Browser-Plugin aus.
Hier findest du eine Anleitung dazu.

Antivirensoftware

Gehe sicher immer eine Antiviren Software installiert zu haben und halte diese unbedingt aktuell.

Zusätzlicher Schutz

MalwareBytes Anti-Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On-Demand Scantool welches viele aktuelle Malware erkennt und auch entfernt.
Aktualisiere das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der Internet Explorer, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf einen Banner um diesen zu AdBlockPlus hinzuzufügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Systemleistung
Lösche regelmäßig deine temporären Dateien. Ich empfehle hierzu die Datenträgerbereinigung von Windows.
Halte dich fern von jeglichen Registry Cleanern.
Diese schaden deinem System mehr als dass sie es schneller machen.

Verhaltensregeln zum sichereren Surfen

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Achte besonders bei der Installation von Programmen darauf, ob sich weitere Software mitinstallieren möchte, wähle wo immer es geht die benutzerdefinierte Installation und wähle alles ab, was nichts mit dem Programm zu tun hat, welches du dir installieren möchtest.

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind.

Falls Du Lob oder Kritik abgeben möchtest, kannst Du das sehr gerne hier tun.

Wenn Du etwas für das Forum und unsere Arbeit spenden möchtest, so kannst Du das hier tun.

Mamasrechner · 26.05.2014, 22:20

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-05-2014 02
Ran by Admin at 2014-05-26 23:04:47 Run:2
Running from C:\Users\Admin\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ggnpswe7.default\searchplugins\startsear.xml
FF Extension: VshareComplete - Speed up your search with your personal search suggestions tool - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ggnpswe7.default\Extensions\{3697b17c-b572-4862-a5e6-7f922c0f3403} [2011-11-19]
C:\Users\Admin\Downloads\WinZip165Multi-language(32).exe
C:\Users\Admin\Downloads\WinZip165Multi-language.ex
C:\Users\User\AppData\Local\{6DFE6B59-3F4E-45AF-A9D0-5EDC43DD23AF}\BRAND_FILES\F9A8E141\CD47D6EC\SetupDataMngr_iMesh.exe
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xcf2xqvd.default\user.js
C:\Users\Admin\AppData\Roaming\VshareComplete
C:\Users\User\Pictures\Downloads\PDFCreator-1_2_1_setup.exe
C:\Users\User\Pictures\Downloads\SoftonicDownloader_fuer_cutepdf-writer.exe
C:\Users\User\Pictures\Downloads\vshare-plugin(1).exe
C:\Users\User\Pictures\Downloads\vshare-plugin.exe
C:\Users\User\Pictures\Downloads\WinZip165Multi-language(1).exe
C:\Users\User\Pictures\Downloads\WinZip165Multi-language.exe

*****************

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ggnpswe7.default\searchplugins\startsear.xml => Moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ggnpswe7.default\Extensions\{3697b17c-b572-4862-a5e6-7f922c0f3403} => Moved successfully.
C:\Users\Admin\Downloads\WinZip165Multi-language(32).exe => Moved successfully.
"C:\Users\Admin\Downloads\WinZip165Multi-language.ex" => File/Directory not found.
C:\Users\User\AppData\Local\{6DFE6B59-3F4E-45AF-A9D0-5EDC43DD23AF}\BRAND_FILES\F9A8E141\CD47D6EC\SetupDataMngr_iMesh.exe => Moved successfully.
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xcf2xqvd.default\user.js => Moved successfully.
C:\Users\Admin\AppData\Roaming\VshareComplete => Moved successfully.
C:\Users\User\Pictures\Downloads\PDFCreator-1_2_1_setup.exe => Moved successfully.
C:\Users\User\Pictures\Downloads\SoftonicDownloader_fuer_cutepdf-writer.exe => Moved successfully.
C:\Users\User\Pictures\Downloads\vshare-plugin(1).exe => Moved successfully.
C:\Users\User\Pictures\Downloads\vshare-plugin.exe => Moved successfully.
C:\Users\User\Pictures\Downloads\WinZip165Multi-language(1).exe => Moved successfully.
C:\Users\User\Pictures\Downloads\WinZip165Multi-language.exe => Moved successfully.

==== End of Fixlog ====

ich finde das java control panel nicht. ich hatte doch java deinstalliert.

auch die anleitung hat nicht geholfen.

Bootsektor · 26.05.2014, 22:38

Hallo Mamasrechner,

Du hast recht, da hab ich nicht zuende gedacht.
Dann löschen wir das eben noch manuell.

Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

C:\Users\User\AppData\Local\Temp\jar_cache8841403805913033595.tmp

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Mamasrechner · 26.05.2014, 23:01

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-05-2014 02
Ran by Admin at 2014-05-26 23:42:37 Run:3
Running from C:\Users\Admin\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\User\AppData\Local\Temp\jar_cache8841403805913033595.tmp

*****************

C:\Users\User\AppData\Local\Temp\jar_cache8841403805913033595.tmp => Moved successfully.

==== End of Fixlog ====

hat geklappt

Ich hab Java installiert. aber ich finde den Reiter Update nicht um den entsprechenden Haken zu setzen. Ich komme nur auf den Java Control Panel. Aber da hab ich nichts gefunden.

Bootsektor · 27.05.2014, 23:58

Hallo Mamasrechner,

das ist merkwürdig. Kannst du mal die Schritte im folgenden Link probieren und mir schildern, ob es so funktioniert?

https://www.java.com/de/download/help/javacpl.xml

Mamasrechner · 06.06.2014, 11:54

Hallo Sandra,

das hat leider nicht geklappt. Also ich kann den Java Control Panel damit öffnen, aber dort gibt es keinen Reiter "Update" bzw. "Aktualisieren". ich musste allerdings auch den Befehl ein wenig anpassen auf Java\jre7\ [und nicht jre6].

Es gibt 4 Reiter:
Allgemein
Java
Sicherheit
Erweitert

aber kein Update

kann das vielleicht an der Version liegen, dass es gar kein Update mehr gibt?

LG
Mamasrechner

Bootsektor · 06.06.2014, 23:40

Hast du die 64 bit Version heruntergeladen? Die hat keinen Updatereiter.

06.06.2014, 23:40	#57
Bootsektor Ruhe in Frieden † 2019	Infizierter Rechner lässt nach Virenscan kein Internetzugang zu Hast du die 64 bit Version heruntergeladen? Die hat keinen Updatereiter. __________________ Grüße stolzes Mitglied von UNITE Du hast Lob oder Verbesserungsvorschläge? Du findest unsere Arbeit gut und möchtest uns finanziell unterstützen? -> Spende

Infizierter Rechner lässt nach Virenscan kein Internetzugang zu

Plagegeister aller Art und deren Bekämpfung: Infizierter Rechner lässt nach Virenscan kein Internetzugang zu