Trojaner-Board
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Diverse Viren auf USB-Stick und "angry birds.vbe" ebenso auf Computer (https://www.trojaner-board.de/141735-diverse-viren-usb-stick-angry-birds-vbe-ebenso-computer.html)

falke99 17.09.2013 20:37
Diverse Viren auf USB-Stick und "angry birds.vbe" ebenso auf Computer
 
Hallo zusammen,
folgendes Problem:
habe mir wahrscheinlich in einem Internet-Cafe einen Virus aufn USB-Stick geholt.
Das Problem ist nun, dass aus allen Dateien die auf meinem USB-Stick gespeichert sind, sofort eine Verknüpfung erstellt wird. Die Dateien kann ich allerdings trotzdem noch öffnen.
Eine versteckte Datei ist: angry birds.vbe . Das muss der Wurm sein. Wenn ich den Stick formatiere, speichert sie sich automatisch wieder drauf. Ebenso wenn ich sie manuell lösche. Die Datei befindet sich außerdem in: C:/Benutzer/*****/angry birds.vbe
Wenn ich sie da löschen will, wird mir gesagt: "Die Aktion kann nicht abgeschlossen werden, da die Datei in "Microsoft Windows Based Script Host" geöffnet ist.
Leider komme ich erst jetzt dazu das Problem zu melden, hat mich zunächst nicht weiter gestört und es wurde auch kein Virus gefunden. Seitdem war der Stick an zwei anderen Computern. An einem haben sich automatisch Dateien darauf gespeichert, als ich ihn angeschlossen habe. Schließlich findet avast auf dem Stick 37 infizierte Dateien. (automatische Wiedergabe deaktiviert) Ich weiß leider nicht mehr genau, was das für ein Virus war. Welche von den Avast-Reportdateien muss ich hochladen ? Bei dem anderen Computer war ich nicht dabei, aber avast zeigt mir danach folgenden Virus an: D:/z/csrss.exe (Win32:Rootkit-Gen[Rkt]). Panda USB Vaccine hat den Stick vorher vaccinated und Automatische Wiedergabe war deaktiviert. Habe den Stick sofort formatiert.
Vorher hatte ich auch mein Handy (da ist auch angry birds.vbe), Ipod und einen anderen Stick angeschlossen, also wahrscheinlich alles falsch gemacht, was man falsch machen konnte. Ich bin im Ausland und habe eine schlechte und relativ teure Internetverbindung. Also kann ich andere Programme nur downloaden wenns sein muss. Ich denke, dass beste wird es sein, gleich alles zu formatieren. Habe ein altes Backup auf einer ex. Festplatte dabei. Die habe ich noch nicht angeschlossen. Bevor ich formatiere muss ich aber wichtige Dateien auf einem der Sticks speichern, die infiziert sind. Am liebsten natürlich gar nicht formatieren, aber ich benutze auch online banking.

Vielen Dank!

schrauber 17.09.2013 20:41
hi,

externe Sachen anklemen und dran lassen.

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


falke99 18.09.2013 16:38
So habe ich fürs erste gemacht. Dran waren jetzt: beide sticks, Ipod, USB-Storage vom Handy, SD-Speicherkarte von Kamera.
Leider habe ich nicht genug Steckplätze, sodass mein Internetstick nicht dran war. Den scanne ich nochmal extra und hänge die Files im Post drunter an.
FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-09-2013 03
Ran by Johannes_2 (ATTENTION: The logged in user is not administrator) on JOHANNES-PC on 18-09-2013 17:27:47
Running from C:\Users\Johannes_2\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Dropbox, Inc.) C:\Users\Johannes_2\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe
(AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\TouchControl.exe
() C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\Program Files (x86)\Mascom internet\Mascom internet.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\Lenovo Fingerprint Reader\x86\IEWebSiteLogon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [373760 2012-07-20] (Alcor Micro Corp.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-16] (Synaptics Incorporated)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [LnvMobHotspotClient] - C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [1010784 2012-08-20] (Lenovo)
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [564320 2012-08-13] (Lenovo Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Runonce: [MSPCLOCK] - rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
HKLM\...\Runonce: [MSPQM] - rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
HKLM\...\Runonce: [MSKSSRV] - rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
HKLM\...\Runonce: [MSTEE.CxTransform] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\WINDOWS\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [MSTEE.Splitter] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\WINDOWS\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [WDM_DRMKAUD] - rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\WINDOWS\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install
HKLM-x32\...\RunOnce: [aswAhAScr.dll] - "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\AhAScr.dll" [140544 2013-08-30] (AVAST Software)
HKLM-x32\...\RunOnce: [aswasOutExt.dll] - "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\asOutExt.dll" [289888 2013-08-30] (AVAST Software)
HKLM-x32\...\RunOnce: [aswasOutExt64.dll] - "C:\Program Files\AVAST Software\Avast\aswRegSvr64.exe" "C:\Program Files\AVAST Software\Avast\asOutExt64.dll" [461856 2013-08-30] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [angry birds] - C:\Users\Johannes_2\angry birds.vbe [59525 2013-08-15] ()
MountPoints2: {d4b535cc-1581-11e3-be81-c0143dde9fac} - "D:\AutoRun.exe"
MountPoints2: {d4b53626-1581-11e3-be81-c0143dde9fac} - "D:\AutoRun.exe"
MountPoints2: {d4b5367e-1581-11e3-be81-c0143dde9fac} - "F:\AutoRun.exe"
MountPoints2: {d4b53749-1581-11e3-be81-c0143dde9fac} - "D:\AutoRun.exe"
MountPoints2: {d4b5377c-1581-11e3-be81-c0143dde9fac} - "D:\AutoRun.exe"
HKLM-x32\...\Run: [331BigDog] - C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2012-08-30] (Vimicro)
HKLM-x32\...\Run: [IntelSBA] - C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe [4267784 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Nikon Message Center 2] - C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [619008 2010-05-25] (Nikon Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1601488 2013-08-20] (APN)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
Startup: C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\angry birds.vbe ()
Startup: C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Johannes_2\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13-comm.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM - DefaultScope {486371FD-0620-449E-A9B6-DFB74B032FF4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM - {486371FD-0620-449E-A9B6-DFB74B032FF4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM-x32 - DefaultScope {486371FD-0620-449E-A9B6-DFB74B032FF4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM-x32 - {486371FD-0620-449E-A9B6-DFB74B032FF4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKCU - DefaultScope {486371FD-0620-449E-A9B6-DFB74B032FF4} URL =
SearchScopes: HKCU - {486371FD-0620-449E-A9B6-DFB74B032FF4} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: TrueSuite Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\Lenovo Fingerprint Reader\IEBHO.DLL (AuthenTec Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: TrueSuite Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\Lenovo Fingerprint Reader\x86\IEBHO.dll (AuthenTec Inc.)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095}
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{17054FAC-C445-4402-B354-5F79FABD29A9}: [NameServer]41.223.73.82 0.0.0.0
Tcpip\..\Interfaces\{357A3CE7-C3E4-4970-8B0D-EF16F5F06EFC}: [NameServer]41.223.73.82 0.0.0.0
Tcpip\..\Interfaces\{3FFBD86D-B874-42E9-A3C5-E8C8E687C481}: [NameServer]41.223.73.82 0.0.0.0
Tcpip\..\Interfaces\{C0328E98-9225-4364-BFC6-1D65CD6D562F}: [NameServer]41.223.73.82 0.0.0.0

FireFox:
========
FF ProfilePath: C:\Users\Johannes_2\AppData\Roaming\Mozilla\Firefox\Path=Profiles\4an5ng9v.neu
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @authentec.com/ffwloplugin - C:\Program Files\Lenovo Fingerprint Reader\npffwloplugin.dll (AuthenTec, Inc)
FF Plugin-x32: @exent.com/npExentControl,version=7.1.0.1 - C:\Program Files (x86)\FreeRide Games\npExentControl.dll (Exent Technologies Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Google.com/GoogleEarthPlugin - C:\Users\Johannes_2\AppData\Local\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

==================== Services (Whitelisted) =================

R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [164816 2013-08-20] (APN LLC.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252600 2012-08-17] (Broadcom Corporation.)
R2 FPLService; C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe [2139496 2012-08-31] (AuthenTec, Inc)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
R2 intelsba; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [47368 2012-07-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [559504 2012-08-16] (LENOVO INCORPORATED.)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [222304 2012-08-13] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
S2 lmhosts; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [457824 2012-08-20] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [458336 2012-08-14] ()
S2 Mascom internet. RunOuc; C:\Program Files (x86)\Mascom internet\UpdateDog\ouc.exe [657504 2012-11-12] ()
R2 NlaSvc; C:\Windows\System32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1227800 2013-04-18] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21928 2012-08-15] ()
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
S2 postgresql-9.0; C:/Program Files (x86)/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N "postgresql-9.0" -D "C:/Program Files (x86)/PostgreSQL/9.0/data" -w [x]
R2 postgresql-x64-9.0; C:/Program Files (x86)/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N "postgresql-x64-9.0" -D "C:/Program Files/PostgreSQL/9.0/data" -w [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [164152 2012-08-17] (Broadcom Corporation.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [241152 2012-12-03] (Huawei Technologies Co., Ltd.)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-04-18] (Secunia)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 TASCAM_US122144; C:\Windows\System32\Drivers\tascusb2.sys [409664 2010-06-18] (TASCAM)
S3 TASCAM_US122L_WDM; C:\Windows\system32\drivers\tscusb2a.sys [50240 2010-06-18] (TASCAM)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [981112 2012-09-05] (Vimicro Corporation)
R2 X5XSEx_Pr148; C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [56136 2012-08-02] (Exent Technologies Ltd.)
R2 X5XSEx_Pr148; C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [56136 2012-08-02] (Exent Technologies Ltd.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-18 17:16 - 2013-09-18 17:16 - 00000000 ____D C:\FRST
2013-09-18 17:14 - 2013-09-18 17:15 - 01950524 _____ (Farbar) C:\Users\Johannes_2\Desktop\FRST64.exe
2013-09-17 20:34 - 2013-09-17 21:52 - 00002162 _____ C:\Users\Johannes_2\Desktop\Neues Textdokument.txt
2013-09-16 18:45 - 2013-09-16 18:45 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\dvdcss
2013-09-15 15:03 - 2013-09-15 15:03 - 00000000 ____D C:\Users\Johannes_2\Documents\Lerothodi Bounces
2013-09-14 18:19 - 2013-09-16 21:36 - 00006655 _____ C:\Users\Johannes_2\Documents\blog3.odt
2013-09-14 16:22 - 2013-09-18 07:09 - 00000000 ____D C:\Users\Johannes_2\Desktop\anfängersongs
2013-09-14 13:26 - 2013-09-16 20:24 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\vlc
2013-09-14 13:11 - 2013-09-14 13:12 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\vlc
2013-09-14 13:11 - 2013-09-14 13:11 - 00001081 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-09-14 13:10 - 2013-09-14 13:10 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-09-14 12:59 - 2013-09-14 13:08 - 23003252 _____ C:\Users\Johannes_2\Downloads\vlc-2.0.8_win32.exe
2013-09-13 17:37 - 2013-09-13 17:37 - 00001159 _____ C:\Users\Johannes_2\Desktop\oh happy day.txt
2013-09-12 23:08 - 2013-09-12 23:08 - 00001794 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-12 23:07 - 2013-09-12 23:08 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-12 23:07 - 2013-09-12 23:08 - 00000000 ____D C:\Program Files\iTunes
2013-09-12 23:07 - 2013-09-12 23:07 - 00000000 ____D C:\Program Files\iPod
2013-09-12 22:19 - 2013-09-12 22:19 - 00002407 _____ C:\Users\Johannes_2\Desktop\Google Earth.lnk
2013-09-12 22:19 - 2013-09-12 22:19 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Earth
2013-09-12 22:18 - 2013-09-12 22:18 - 00000000 ____D C:\Users\Johannes_2\AppData\Local\Google
2013-09-12 22:04 - 2013-09-12 22:16 - 25415728 _____ C:\Users\Johannes_2\Downloads\GoogleEarth1888Win.exe
2013-09-07 19:56 - 2013-09-15 18:19 - 00000000 ____D C:\Users\Johannes_2\Desktop\blogbilder
2013-09-07 10:50 - 2013-09-07 10:50 - 00001106 _____ C:\Users\Public\Desktop\Mascom internet.lnk
2013-09-07 10:50 - 2013-09-07 10:50 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
2013-09-07 10:50 - 2013-09-07 10:50 - 00000000 ____D C:\ProgramData\Mascom internet
2013-09-07 10:49 - 2012-12-03 13:22 - 00241152 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_juwwanecm.sys
2013-09-07 10:49 - 2012-12-03 12:40 - 00452608 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbwwan.sys
2013-09-07 10:49 - 2012-10-30 06:42 - 00014336 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_usbenumfilter.sys
2013-09-07 10:49 - 2012-10-29 13:44 - 00076800 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jucdcecm.sys
2013-09-07 10:49 - 2012-08-20 02:55 - 00104960 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jucdcacm.sys
2013-09-07 10:49 - 2012-08-20 02:55 - 00090112 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jubusenum.sys
2013-09-07 10:49 - 2012-08-20 02:55 - 00030720 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_juextctrl.sys
2013-09-07 10:49 - 2012-08-20 02:37 - 01490656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01007.dll
2013-09-07 10:49 - 2012-08-20 02:37 - 01490656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfCoInstaller01007.dll
2013-09-07 10:49 - 2011-12-31 03:20 - 00225920 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbmdm.sys
2013-09-07 10:49 - 2010-10-08 10:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\WINDOWS\system32\Drivers\ewdcsc.sys
2013-09-07 10:49 - 2010-09-26 12:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwupgrade.sys
2013-09-07 10:49 - 2010-08-06 01:43 - 01001472 _____ (DiBcom SA) C:\WINDOWS\system32\Drivers\mod7700.sys
2013-09-07 10:49 - 2010-07-27 03:52 - 00117248 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwusbdev.sys
2013-09-07 10:48 - 2013-09-07 10:50 - 00000000 ____D C:\ProgramData\DatacardService
2013-09-07 10:48 - 2013-09-07 10:50 - 00000000 ____D C:\Program Files (x86)\Mascom internet
2013-09-06 16:05 - 2013-09-06 16:07 - 00000000 ____D C:\Users\Johannes_2\Desktop\filme
2013-09-04 18:40 - 2013-09-07 22:53 - 00003971 _____ C:\Users\Johannes_2\Desktop\1.Blogeintrag.odt
2013-09-04 18:40 - 2013-09-07 22:53 - 00003611 _____ C:\Users\Johannes_2\Desktop\hühner.odt
2013-09-04 18:40 - 2013-09-07 18:40 - 00006943 _____ C:\Users\Johannes_2\Desktop\2. Blogeintrag.odt
2013-09-04 18:40 - 2013-09-04 18:40 - 00001879 _____ C:\Users\Johannes_2\Desktop\hühner.txt
2013-09-04 18:35 - 2013-08-15 17:46 - 00059525 ___SH C:\Users\Johannes_2\angry birds.vbe
2013-09-03 18:25 - 2013-09-03 18:35 - 00003482 _____ C:\Users\Johannes_2\Documents\hühner.odt
2013-09-02 16:37 - 2013-09-02 16:37 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2013-09-01 18:55 - 2013-09-07 22:53 - 00007151 _____ C:\Users\Johannes_2\Documents\2. Blogeintrag.odt
2013-09-01 17:56 - 2013-09-01 18:30 - 00003844 _____ C:\Users\Johannes_2\Documents\1.Blogeintrag.odt
2013-08-30 17:21 - 2013-08-30 17:21 - 00002978 _____ C:\Users\Johannes_2\Documents\Dokument.odt
2013-08-29 18:20 - 2012-12-25 09:37 - 00000000 ____D C:\Users\Johannes_2\Desktop\AUDIO_TS
2013-08-29 18:13 - 2013-08-29 18:20 - 00000000 ____D C:\Users\Johannes_2\Desktop\VIDEO_TS
2013-08-28 19:38 - 2013-08-28 19:38 - 00000428 _____ C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD-RW-Laufwerk (E) RACIST.lnk
2013-08-26 23:08 - 2013-09-02 17:03 - 00000000 ____D C:\Users\Johannes_2\Documents\tagebuch
2013-08-24 00:12 - 2013-08-24 00:28 - 51794785 _____ C:\Users\Johannes_2\Desktop\Unbenannt-2.psd
2013-08-23 23:23 - 2013-08-23 23:23 - 01234944 _____ C:\Users\Johannes_2\Downloads\SetupATX.exe
2013-08-23 23:07 - 2013-09-07 19:04 - 00000000 ____D C:\Users\Johannes_2\Desktop\fsj
2013-08-23 23:06 - 2013-08-23 23:07 - 00000000 ____D C:\Users\Johannes_2\Desktop\Album Frank
2013-08-23 23:06 - 2013-08-23 23:06 - 00000000 ____D C:\Users\Johannes_2\Desktop\rezepte
2013-08-23 23:04 - 2013-08-23 23:04 - 00002040 _____ C:\Users\Johannes_2\Desktop\Finale PrintMusic 2006.lnk
2013-08-23 23:04 - 2013-08-23 23:04 - 00002040 _____ C:\Users\Johannes\Desktop\Finale PrintMusic 2006.lnk
2013-08-23 23:04 - 2013-08-23 23:04 - 00000167 _____ C:\WINDOWS\winiini.fin
2013-08-23 23:04 - 2013-08-23 23:04 - 00000000 ____D C:\Program Files (x86)\Finale PrintMusic 2006
2013-08-23 23:04 - 2004-03-29 15:23 - 00090112 _____ (MindVision Software) C:\WINDOWS\unvise32.exe
2013-08-20 21:14 - 2013-08-20 21:14 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\com.adobe.amp
2013-08-20 20:49 - 2013-08-20 20:49 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\XMedia Recode
2013-08-20 20:46 - 2013-08-20 20:46 - 00000000 ____D C:\Program Files (x86)\XMedia Recode
2013-08-20 20:45 - 2013-08-20 20:45 - 05699384 _____ (XMedia Recode                                              ) C:\Users\Johannes_2\Downloads\XMediaRecode3169_setup.exe
2013-08-20 20:16 - 2013-08-21 00:21 - 00018904 _____ C:\Users\Johannes_2\Documents\portugal.wlmp
2013-08-19 22:19 - 2013-08-19 22:57 - 00000000 ____D C:\Users\Johannes_2\Desktop\portugal

==================== One Month Modified Files and Folders =======

2013-09-18 17:27 - 2012-11-02 23:06 - 00753134 _____ C:\WINDOWS\system32\perfh007.dat
2013-09-18 17:27 - 2012-11-02 23:06 - 00155826 _____ C:\WINDOWS\system32\perfc007.dat
2013-09-18 17:27 - 2012-07-26 09:28 - 01745416 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-09-18 17:26 - 2012-11-02 14:30 - 01996736 _____ C:\WINDOWS\WindowsUpdate.log
2013-09-18 17:16 - 2013-09-18 17:16 - 00000000 ____D C:\FRST
2013-09-18 17:15 - 2013-09-18 17:14 - 01950524 _____ (Farbar) C:\Users\Johannes_2\Desktop\FRST64.exe
2013-09-18 17:09 - 2013-06-14 21:31 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Dropbox
2013-09-18 17:08 - 2013-06-14 21:37 - 00000000 ___RD C:\Users\Johannes_2\Dropbox
2013-09-18 17:06 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\sru
2013-09-18 09:40 - 2013-08-01 01:31 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-09-18 08:18 - 2012-07-26 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-09-18 07:09 - 2013-09-14 16:22 - 00000000 ____D C:\Users\Johannes_2\Desktop\anfängersongs
2013-09-17 21:52 - 2013-09-17 20:34 - 00002162 _____ C:\Users\Johannes_2\Desktop\Neues Textdokument.txt
2013-09-17 21:52 - 2013-05-11 21:12 - 00000000 ____D C:\Users\Johannes_2\AppData\Local\CrashDumps
2013-09-17 16:34 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\rescache
2013-09-17 15:53 - 2012-07-26 09:21 - 00051663 _____ C:\WINDOWS\setupact.log
2013-09-16 21:36 - 2013-09-14 18:19 - 00006655 _____ C:\Users\Johannes_2\Documents\blog3.odt
2013-09-16 20:24 - 2013-09-14 13:26 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\vlc
2013-09-16 18:45 - 2013-09-16 18:45 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\dvdcss
2013-09-16 18:40 - 2013-06-10 16:30 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Audacity
2013-09-15 18:19 - 2013-09-07 19:56 - 00000000 ____D C:\Users\Johannes_2\Desktop\blogbilder
2013-09-15 15:03 - 2013-09-15 15:03 - 00000000 ____D C:\Users\Johannes_2\Documents\Lerothodi Bounces
2013-09-14 13:12 - 2013-09-14 13:11 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\vlc
2013-09-14 13:11 - 2013-09-14 13:11 - 00001081 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-09-14 13:10 - 2013-09-14 13:10 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-09-14 13:08 - 2013-09-14 12:59 - 23003252 _____ C:\Users\Johannes_2\Downloads\vlc-2.0.8_win32.exe
2013-09-13 19:33 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-09-13 17:37 - 2013-09-13 17:37 - 00001159 _____ C:\Users\Johannes_2\Desktop\oh happy day.txt
2013-09-12 23:08 - 2013-09-12 23:08 - 00001794 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-12 23:08 - 2013-09-12 23:07 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-12 23:08 - 2013-09-12 23:07 - 00000000 ____D C:\Program Files\iTunes
2013-09-12 23:08 - 2013-07-16 20:26 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-12 23:07 - 2013-09-12 23:07 - 00000000 ____D C:\Program Files\iPod
2013-09-12 23:07 - 2013-07-15 13:26 - 00000000 ____D C:\ProgramData\Apple Computer
2013-09-12 22:19 - 2013-09-12 22:19 - 00002407 _____ C:\Users\Johannes_2\Desktop\Google Earth.lnk
2013-09-12 22:19 - 2013-09-12 22:19 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Earth
2013-09-12 22:18 - 2013-09-12 22:18 - 00000000 ____D C:\Users\Johannes_2\AppData\Local\Google
2013-09-12 22:16 - 2013-09-12 22:04 - 25415728 _____ C:\Users\Johannes_2\Downloads\GoogleEarth1888Win.exe
2013-09-08 14:18 - 2013-05-13 15:39 - 00000000 _____ C:\WINDOWS\SysWOW64\config.nt
2013-09-07 22:53 - 2013-09-04 18:40 - 00003971 _____ C:\Users\Johannes_2\Desktop\1.Blogeintrag.odt
2013-09-07 22:53 - 2013-09-04 18:40 - 00003611 _____ C:\Users\Johannes_2\Desktop\hühner.odt
2013-09-07 22:53 - 2013-09-01 18:55 - 00007151 _____ C:\Users\Johannes_2\Documents\2. Blogeintrag.odt
2013-09-07 19:04 - 2013-08-23 23:07 - 00000000 ____D C:\Users\Johannes_2\Desktop\fsj
2013-09-07 18:40 - 2013-09-04 18:40 - 00006943 _____ C:\Users\Johannes_2\Desktop\2. Blogeintrag.odt
2013-09-07 10:50 - 2013-09-07 10:50 - 00001106 _____ C:\Users\Public\Desktop\Mascom internet.lnk
2013-09-07 10:50 - 2013-09-07 10:50 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
2013-09-07 10:50 - 2013-09-07 10:50 - 00000000 ____D C:\ProgramData\Mascom internet
2013-09-07 10:50 - 2013-09-07 10:48 - 00000000 ____D C:\ProgramData\DatacardService
2013-09-07 10:50 - 2013-09-07 10:48 - 00000000 ____D C:\Program Files (x86)\Mascom internet
2013-09-06 16:07 - 2013-09-06 16:05 - 00000000 ____D C:\Users\Johannes_2\Desktop\filme
2013-09-04 20:13 - 2013-07-24 19:06 - 00000000 ____D C:\Users\Johannes_2\Documents\setswana
2013-09-04 19:57 - 2013-07-14 23:09 - 04989696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-09-04 18:40 - 2013-09-04 18:40 - 00001879 _____ C:\Users\Johannes_2\Desktop\hühner.txt
2013-09-04 18:35 - 2013-05-11 21:10 - 00000000 ___RD C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-04 18:35 - 2013-05-11 21:09 - 00000000 ____D C:\Users\Johannes_2
2013-09-03 18:35 - 2013-09-03 18:25 - 00003482 _____ C:\Users\Johannes_2\Documents\hühner.odt
2013-09-02 17:03 - 2013-08-26 23:08 - 00000000 ____D C:\Users\Johannes_2\Documents\tagebuch
2013-09-02 16:41 - 2013-05-11 21:11 - 00000000 ____D C:\Users\Johannes_2\Documents\Bluetooth-Exchange-Ordner
2013-09-02 16:37 - 2013-09-02 16:37 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2013-09-01 18:30 - 2013-09-01 17:56 - 00003844 _____ C:\Users\Johannes_2\Documents\1.Blogeintrag.odt
2013-08-30 17:21 - 2013-08-30 17:21 - 00002978 _____ C:\Users\Johannes_2\Documents\Dokument.odt
2013-08-30 09:48 - 2013-05-13 15:40 - 01030952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2013-08-30 09:48 - 2013-05-13 15:40 - 00378944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2013-08-30 09:48 - 2013-05-13 15:40 - 00204880 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-08-30 09:48 - 2013-05-13 15:40 - 00072016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2013-08-30 09:48 - 2013-05-13 15:40 - 00065336 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2013-08-30 09:48 - 2013-05-13 15:40 - 00064288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2013-08-30 09:48 - 2013-05-13 15:40 - 00033400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFsBlk.sys
2013-08-30 09:48 - 2013-05-13 15:39 - 00080816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2013-08-30 09:47 - 2013-05-13 15:39 - 00287840 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2013-08-30 09:47 - 2013-05-13 15:39 - 00041664 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2013-08-29 18:29 - 2013-07-16 20:26 - 00000000 ____D C:\Users\Johannes_2\AppData\Local\Apple Computer
2013-08-29 18:20 - 2013-08-29 18:13 - 00000000 ____D C:\Users\Johannes_2\Desktop\VIDEO_TS
2013-08-28 19:38 - 2013-08-28 19:38 - 00000428 _____ C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD-RW-Laufwerk (E) RACIST.lnk
2013-08-24 00:28 - 2013-08-24 00:12 - 51794785 _____ C:\Users\Johannes_2\Desktop\Unbenannt-2.psd
2013-08-23 23:48 - 2013-05-11 21:10 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Adobe
2013-08-23 23:23 - 2013-08-23 23:23 - 01234944 _____ C:\Users\Johannes_2\Downloads\SetupATX.exe
2013-08-23 23:07 - 2013-08-23 23:06 - 00000000 ____D C:\Users\Johannes_2\Desktop\Album Frank
2013-08-23 23:06 - 2013-08-23 23:06 - 00000000 ____D C:\Users\Johannes_2\Desktop\rezepte
2013-08-23 23:05 - 2013-05-11 21:09 - 00000000 ____D C:\Users\Johannes_2\AppData\Local\VirtualStore
2013-08-23 23:05 - 2012-11-02 14:29 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-08-23 23:04 - 2013-08-23 23:04 - 00002040 _____ C:\Users\Johannes_2\Desktop\Finale PrintMusic 2006.lnk
2013-08-23 23:04 - 2013-08-23 23:04 - 00002040 _____ C:\Users\Johannes\Desktop\Finale PrintMusic 2006.lnk
2013-08-23 23:04 - 2013-08-23 23:04 - 00000167 _____ C:\WINDOWS\winiini.fin
2013-08-23 23:04 - 2013-08-23 23:04 - 00000000 ____D C:\Program Files (x86)\Finale PrintMusic 2006
2013-08-22 23:54 - 2013-05-11 21:10 - 00017479 _____ C:\Users\Johannes_2\AppData\Roaming\AbsoluteReminder.xml
2013-08-22 23:48 - 2013-06-07 10:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-22 17:55 - 2013-05-13 15:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-22 17:55 - 2012-09-13 20:32 - 00473844 _____ C:\WINDOWS\PFRO.log
2013-08-22 17:52 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-08-22 17:52 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-08-22 17:52 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-22 17:52 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-08-21 00:21 - 2013-08-20 20:16 - 00018904 _____ C:\Users\Johannes_2\Documents\portugal.wlmp
2013-08-20 22:07 - 2013-06-07 14:50 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\Mozilla
2013-08-20 21:14 - 2013-08-20 21:14 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\com.adobe.amp
2013-08-20 20:49 - 2013-08-20 20:49 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\XMedia Recode
2013-08-20 20:46 - 2013-08-20 20:46 - 00000000 ____D C:\Program Files (x86)\XMedia Recode
2013-08-20 20:45 - 2013-08-20 20:45 - 05699384 _____ (XMedia Recode                                              ) C:\Users\Johannes_2\Downloads\XMediaRecode3169_setup.exe
2013-08-20 20:00 - 2013-07-22 16:19 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-08-20 19:57 - 2013-05-13 16:04 - 78161360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-08-20 10:41 - 2013-06-07 13:35 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Skype
2013-08-20 00:03 - 2013-06-07 14:44 - 00000000 ____D C:\Users\Johannes_2\AppData\Local\PokerStars.EU
2013-08-19 22:57 - 2013-08-19 22:19 - 00000000 ____D C:\Users\Johannes_2\Desktop\portugal
2013-08-19 00:32 - 2013-08-18 22:47 - 00000000 ____D C:\Users\Johannes_2\Desktop\standards

Files to move or delete:
====================
C:\ProgramData\PKP_DLes.DAT
C:\ProgramData\PKP_DLet.DAT
C:\ProgramData\PKP_DLev.DAT


Some content of TEMP:
====================
C:\Users\Johannes\AppData\Local\Temp\ose00000.exe
C:\Users\Johannes\AppData\Local\Temp\shutdown1370612092.exe
C:\Users\Johannes_2\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---




Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2013 03
Ran by Johannes_2 at 2013-09-18 17:28:30
Running from C:\Users\Johannes_2\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Absolute Reminder (x32 Version: 2.1.0.9)
Adobe AIR (x32 Version: 3.8.0.870)
Adobe Community Help (x32 Version: 3.0.0)
Adobe Community Help (x32 Version: 3.0.0.400)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Media Player (x32 Version: 1.8)
Adobe Photoshop CS5 (x32 Version: 12.0)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Alcor Micro USB Card Reader (x32 Version: 3.12.3042.71515)
Anzeige am Bildschirm (Version: 7.01.00)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Ask Toolbar (x32 Version: 12.3.0.906)
Audacity 2.0.3 (x32 Version: 2.0.3)
avast! Free Antivirus (x32 Version: 8.0.1497.0)
Bonjour (Version: 3.0.0.10)
Broadcom 802.11 Network Adapter (Version: 6.20.55.57)
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Dropbox (HKCU Version: 2.0.26)
FileHippo.com Update Checker (x32)
Finale PrintMusic 2006 (x32)
Fotogalerie (x32 Version: 16.4.3508.0205)
Free YouTube to MP3 Converter version 3.12.3.610 (x32 Version: 3.12.3.610)
FreeRide Games (x32 Version: 07.05.80.00)
Full Tilt Poker (HKCU Version: 4.63.3.WIN.FullTilt.COM)
Full Tilt Poker.Eu (HKCU Version: 4.63.3.WIN.FullTilt.EU)
Google Earth (x32 Version: 7.1.1.1888)
Integrated Camera (x32 Version: 5.12.831.31)
Intel AppUp(SM) center (x32 Version: 3.6.1.33057.10)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2843)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel(R) Update Manager (x32 Version: 1.0.0.34813)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
iTunes (Version: 11.0.4.4)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Lenovo Auto Scroll Utility (Version: 1.32)
Lenovo Dependency Package (x32 Version: 1.0)
Lenovo Patch Utility (x32 Version: 1.3.1.1)
Lenovo Patch Utility 64 bit (Version: 1.3.1.1)
Lenovo Power Management Driver (Version: 1.66.00.07)
Lenovo QuickLaunch (x32 Version: 1.00.0025)
Lenovo Settings - Camera Audio (Version: 4.0.5.0)
Lenovo Settings Dependency Package (Version: 1.0.0.12)
Lenovo Settings Mobile Hotspot (Version: 1.0.0.21)
Lenovo Solution Center (Version: 2.1.003.00)
Lenovo Solutions for Small Business (x32 Version: 1.1.22.3687)
Lenovo Solutions for Small Business Customizations (x32 Version: 1.1.0004.00)
Lenovo System Update (x32 Version: 5.00.0014)
Lenovo User Guide (x32 Version: 1.0.0008.00)
Lenovo Warranty Information (x32 Version: 1.0.0007.00)
Mascom internet (x32 Version: 23.009.11.00.273)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office (x32 Version: 14.0.6120.5004)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Movie Maker (x32 Version: 16.4.3508.0205)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 17.0.8)
Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
Nightly 24.0a1 (x64 en-US) (Version: 24.0a1)
Nikon Message Center 2 (x32 Version: 2.0.1)
Panda USB Vaccine 1.0.1.4 (x32)
Password Vault (Version: 6.0.200.75)
PDF Settings CS5 (x32 Version: 10.0)
Photo Common (x32 Version: 16.4.3508.0205)
Photo Gallery (x32 Version: 16.4.3508.0205)
Picture Control Utility (x32 Version: 1.2.2)
PokerStars.eu (x32)
PokerTracker 4 (remove only) (x32)
PostgreSQL 9.0  (Version: 9.0)
PostgreSQL 9.0  (x86) (x32 Version: 9.0)
QuickTime (x32 Version: 7.74.80.86)
Realtek Ethernet Controller Driver (x32 Version: 8.2.612.2012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6710)
Secunia PSI (3.0.0.7009) (x32 Version: 3.0.0.7009)
Skype™ 6.6 (x32 Version: 6.6.106)
SugarSync Manager (x32 Version: 1.9.61.90905)
Synaptics Pointing Device Driver (Version: 16.2.10.5)
ThinkPad Bluetooth with Enhanced Data Rate Software (Version: 12.0.0.1900)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553092) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
US122 Driver 3.40 (Version: 3.40)
US-122 MKII / US-144 MKII
ViewNX 2 (x32 Version: 2.1.2)
VLC media player 2.0.8 (x32 Version: 2.0.8)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205)
Windows Live Essentials (x32 Version: 16.4.3508.0205)
Windows Live Installer (x32 Version: 16.4.3508.0205)
Windows Live Photo Common (x32 Version: 16.4.3508.0205)
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205)
Windows Live SOXE (x32 Version: 16.4.3508.0205)
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205)
Windows Live UX Platform (x32 Version: 16.4.3508.0205)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205)
Windows-Treiberpaket - Intel Corporation (iaStorA) HDC  (07/09/2012 11.5.0.1207) (Version: 07/09/2012 11.5.0.1207)
Windows-Treiberpaket - Lenovo 1.66.00.07 (08/15/2012 1.66.00.07) (Version: 08/15/2012 1.66.00.07)
XMedia Recode Version 3.1.6.9 (x32 Version: 3.1.6.9)
YTD Video Downloader 4.3 (x32 Version: 4.3)

==================== Restore Points  =========================

Could not list Restore Points.


==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => ?

==================== Loaded Modules (whitelisted) =============

2013-06-05 19:17 - 2013-06-05 19:17 - 00164016 _____ (Dropbox, Inc.) C:\Users\Johannes_2\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
2011-03-17 00:07 - 2011-03-17 00:07 - 04297568 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-05-14 19:39 - 2012-05-14 19:39 - 00463952 _____ (SugarSync, Inc.) C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll
2012-08-17 11:23 - 2012-08-17 11:23 - 00044408 _____ () C:\Program Files\ThinkPad\Bluetooth Software\BtwLeAPI.dll
2012-11-02 14:21 - 2012-08-24 12:52 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrDEU.lrc
2012-11-02 14:21 - 2012-08-24 12:52 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-11-02 14:17 - 2012-08-16 08:23 - 01046328 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2012-11-02 14:17 - 2012-08-16 08:23 - 00228664 _____ (Synaptics Incorporated) C:\WINDOWS\SYSTEM32\SynTPAPI.dll
2012-08-31 05:43 - 2012-08-31 05:43 - 00171880 _____ (AuthenTec) C:\Program Files\Lenovo Fingerprint Reader\TSLog.dll
2012-08-31 05:42 - 2012-08-31 05:42 - 02501992 _____ (AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\biolayer.dll
2012-08-31 05:43 - 2012-08-31 05:43 - 08675176 _____ (HP) C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteDlg.dll
2012-08-31 05:42 - 2012-08-31 05:42 - 02553192 _____ (AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\AutoSoftwareUpdate.dll
2012-08-31 05:43 - 2012-08-31 05:43 - 01130344 _____ () C:\Program Files\Lenovo Fingerprint Reader\DataManager.dll
2012-07-16 07:59 - 2012-07-16 07:59 - 06593384 _____ (AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueAPI.dll
2012-08-31 05:43 - 2012-08-31 05:43 - 00087400 _____ () C:\Program Files\Lenovo Fingerprint Reader\ssutil.dll
2012-08-31 05:43 - 2012-08-31 05:43 - 00332648 _____ (Authentec Inc.) C:\Program Files\Lenovo Fingerprint Reader\TokenMachine.dll

==================== Alternate Data Streams (whitelisted) ==========



==================== Faulty Device Manager Devices =============

Name: WAN-Miniport (Netzwerkmonitor)
Description: WAN-Miniport (Netzwerkmonitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (09/18/2013 08:19:34 AM) (Source: PostgreSQL) (User: )
Description: postgres kann nicht auf die Serverkonfigurationsdatei �C:/Program Files (x86)/PostgreSQL/9.0/data/postgresql.conf� zugreifen: No such file or directory

Error: (09/18/2013 07:06:51 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31141422

Error: (09/18/2013 07:06:51 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31141422

Error: (09/18/2013 07:06:51 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/18/2013 07:06:50 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31140281

Error: (09/18/2013 07:06:50 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31140281

Error: (09/18/2013 07:06:50 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/18/2013 01:28:17 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10833719

Error: (09/18/2013 01:28:17 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10833719

Error: (09/18/2013 01:28:17 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (09/18/2013 05:18:47 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/18/2013 05:18:47 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/18/2013 05:15:03 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/18/2013 05:15:03 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/18/2013 08:19:50 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/18/2013 08:19:50 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/18/2013 08:19:46 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/18/2013 08:19:44 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/18/2013 08:19:29 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Mascom internet. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (09/18/2013 08:19:29 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Mascom internet. OUC erreicht.


Microsoft Office Sessions:
=========================
Error: (09/18/2013 08:19:34 AM) (Source: PostgreSQL)(User: )
Description: postgres kann nicht auf die Serverkonfigurationsdatei �C:/Program Files (x86)/PostgreSQL/9.0/data/postgresql.conf� zugreifen: No such file or directory

Error: (09/18/2013 07:06:51 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31141422

Error: (09/18/2013 07:06:51 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31141422

Error: (09/18/2013 07:06:51 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/18/2013 07:06:50 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31140281

Error: (09/18/2013 07:06:50 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31140281

Error: (09/18/2013 07:06:50 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/18/2013 01:28:17 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10833719

Error: (09/18/2013 01:28:17 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10833719

Error: (09/18/2013 01:28:17 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info ===========================

Percentage of memory in use: 53%
Total physical RAM: 3854.22 MB
Available physical RAM: 1798.8 MB
Total Pagefile: 12558.22 MB
Available Pagefile: 9542.63 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:453.38 GB) (Free:367.14 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: () (Removable) (Total:3.68 GB) (Free:2.69 GB) FAT32
Drive f: (INTENSO) (Removable) (Total:29.79 GB) (Free:29.79 GB) FAT32
Drive g: () (Removable) (Total:3.8 GB) (Free:1.37 GB) FAT32
Drive h: () (Removable) (Total:1.86 GB) (Free:1.85 GB) FAT

==================== MBR & Partition Table ==================

==================== End Of Log ============================
Hier die Files mit Internetstick (sorry, dass es nicht in einem ging)

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-09-2013 03
Ran by Johannes_2 (ATTENTION: The logged in user is not administrator) on JOHANNES-PC on 18-09-2013 17:38:00
Running from C:\Users\Johannes_2\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Dropbox, Inc.) C:\Users\Johannes_2\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe
(AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\TouchControl.exe
() C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\Program Files (x86)\Mascom internet\Mascom internet.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\Lenovo Fingerprint Reader\x86\IEWebSiteLogon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [373760 2012-07-20] (Alcor Micro Corp.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-16] (Synaptics Incorporated)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [LnvMobHotspotClient] - C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [1010784 2012-08-20] (Lenovo)
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [564320 2012-08-13] (Lenovo Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Runonce: [MSPCLOCK] - rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
HKLM\...\Runonce: [MSPQM] - rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
HKLM\...\Runonce: [MSKSSRV] - rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
HKLM\...\Runonce: [MSTEE.CxTransform] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\WINDOWS\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [MSTEE.Splitter] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\WINDOWS\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [WDM_DRMKAUD] - rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\WINDOWS\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install
HKLM-x32\...\RunOnce: [aswAhAScr.dll] - "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\AhAScr.dll" [140544 2013-08-30] (AVAST Software)
HKLM-x32\...\RunOnce: [aswasOutExt.dll] - "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\asOutExt.dll" [289888 2013-08-30] (AVAST Software)
HKLM-x32\...\RunOnce: [aswasOutExt64.dll] - "C:\Program Files\AVAST Software\Avast\aswRegSvr64.exe" "C:\Program Files\AVAST Software\Avast\asOutExt64.dll" [461856 2013-08-30] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [angry birds] - C:\Users\Johannes_2\angry birds.vbe [59525 2013-08-15] ()
MountPoints2: {d4b535cc-1581-11e3-be81-c0143dde9fac} - "D:\AutoRun.exe"
MountPoints2: {d4b53626-1581-11e3-be81-c0143dde9fac} - "D:\AutoRun.exe"
MountPoints2: {d4b5367e-1581-11e3-be81-c0143dde9fac} - "D:\AutoRun.exe"
MountPoints2: {d4b53749-1581-11e3-be81-c0143dde9fac} - "D:\AutoRun.exe"
MountPoints2: {d4b5377c-1581-11e3-be81-c0143dde9fac} - "D:\AutoRun.exe"
HKLM-x32\...\Run: [331BigDog] - C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2012-08-30] (Vimicro)
HKLM-x32\...\Run: [IntelSBA] - C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe [4267784 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Nikon Message Center 2] - C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [619008 2010-05-25] (Nikon Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1601488 2013-08-20] (APN)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
Startup: C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\angry birds.vbe ()
Startup: C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Johannes_2\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13-comm.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM - DefaultScope {486371FD-0620-449E-A9B6-DFB74B032FF4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM - {486371FD-0620-449E-A9B6-DFB74B032FF4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM-x32 - DefaultScope {486371FD-0620-449E-A9B6-DFB74B032FF4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM-x32 - {486371FD-0620-449E-A9B6-DFB74B032FF4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKCU - DefaultScope {486371FD-0620-449E-A9B6-DFB74B032FF4} URL =
SearchScopes: HKCU - {486371FD-0620-449E-A9B6-DFB74B032FF4} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: TrueSuite Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\Lenovo Fingerprint Reader\IEBHO.DLL (AuthenTec Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: TrueSuite Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\Lenovo Fingerprint Reader\x86\IEBHO.dll (AuthenTec Inc.)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095}
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{17054FAC-C445-4402-B354-5F79FABD29A9}: [NameServer]41.223.73.82 0.0.0.0
Tcpip\..\Interfaces\{357A3CE7-C3E4-4970-8B0D-EF16F5F06EFC}: [NameServer]41.223.73.82 0.0.0.0
Tcpip\..\Interfaces\{3FFBD86D-B874-42E9-A3C5-E8C8E687C481}: [NameServer]41.223.73.82 0.0.0.0
Tcpip\..\Interfaces\{C0328E98-9225-4364-BFC6-1D65CD6D562F}: [NameServer]41.223.73.82 0.0.0.0

FireFox:
========
FF ProfilePath: C:\Users\Johannes_2\AppData\Roaming\Mozilla\Firefox\Path=Profiles\4an5ng9v.neu
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @authentec.com/ffwloplugin - C:\Program Files\Lenovo Fingerprint Reader\npffwloplugin.dll (AuthenTec, Inc)
FF Plugin-x32: @exent.com/npExentControl,version=7.1.0.1 - C:\Program Files (x86)\FreeRide Games\npExentControl.dll (Exent Technologies Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Google.com/GoogleEarthPlugin - C:\Users\Johannes_2\AppData\Local\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

==================== Services (Whitelisted) =================

R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [164816 2013-08-20] (APN LLC.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252600 2012-08-17] (Broadcom Corporation.)
R2 FPLService; C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe [2139496 2012-08-31] (AuthenTec, Inc)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
R2 intelsba; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [47368 2012-07-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [559504 2012-08-16] (LENOVO INCORPORATED.)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [222304 2012-08-13] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
R2 lmhosts; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [457824 2012-08-20] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [458336 2012-08-14] ()
S2 Mascom internet. RunOuc; C:\Program Files (x86)\Mascom internet\UpdateDog\ouc.exe [657504 2012-11-12] ()
R2 NlaSvc; C:\Windows\System32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1227800 2013-04-18] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21928 2012-08-15] ()
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
S2 postgresql-9.0; C:/Program Files (x86)/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N "postgresql-9.0" -D "C:/Program Files (x86)/PostgreSQL/9.0/data" -w [x]
R2 postgresql-x64-9.0; C:/Program Files (x86)/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N "postgresql-x64-9.0" -D "C:/Program Files/PostgreSQL/9.0/data" -w [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [164152 2012-08-17] (Broadcom Corporation.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [241152 2012-12-03] (Huawei Technologies Co., Ltd.)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-04-18] (Secunia)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 TASCAM_US122144; C:\Windows\System32\Drivers\tascusb2.sys [409664 2010-06-18] (TASCAM)
S3 TASCAM_US122L_WDM; C:\Windows\system32\drivers\tscusb2a.sys [50240 2010-06-18] (TASCAM)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [981112 2012-09-05] (Vimicro Corporation)
R2 X5XSEx_Pr148; C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [56136 2012-08-02] (Exent Technologies Ltd.)
R2 X5XSEx_Pr148; C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [56136 2012-08-02] (Exent Technologies Ltd.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-18 17:16 - 2013-09-18 17:16 - 00000000 ____D C:\FRST
2013-09-18 17:14 - 2013-09-18 17:15 - 01950524 _____ (Farbar) C:\Users\Johannes_2\Desktop\FRST64.exe
2013-09-17 20:34 - 2013-09-17 21:52 - 00002162 _____ C:\Users\Johannes_2\Desktop\Neues Textdokument.txt
2013-09-16 18:45 - 2013-09-16 18:45 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\dvdcss
2013-09-15 15:03 - 2013-09-15 15:03 - 00000000 ____D C:\Users\Johannes_2\Documents\Lerothodi Bounces
2013-09-14 18:19 - 2013-09-16 21:36 - 00006655 _____ C:\Users\Johannes_2\Documents\blog3.odt
2013-09-14 16:22 - 2013-09-18 07:09 - 00000000 ____D C:\Users\Johannes_2\Desktop\anfängersongs
2013-09-14 13:26 - 2013-09-16 20:24 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\vlc
2013-09-14 13:11 - 2013-09-14 13:12 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\vlc
2013-09-14 13:11 - 2013-09-14 13:11 - 00001081 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-09-14 13:10 - 2013-09-14 13:10 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-09-14 12:59 - 2013-09-14 13:08 - 23003252 _____ C:\Users\Johannes_2\Downloads\vlc-2.0.8_win32.exe
2013-09-13 17:37 - 2013-09-13 17:37 - 00001159 _____ C:\Users\Johannes_2\Desktop\oh happy day.txt
2013-09-12 23:08 - 2013-09-12 23:08 - 00001794 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-12 23:07 - 2013-09-12 23:08 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-12 23:07 - 2013-09-12 23:08 - 00000000 ____D C:\Program Files\iTunes
2013-09-12 23:07 - 2013-09-12 23:07 - 00000000 ____D C:\Program Files\iPod
2013-09-12 22:19 - 2013-09-12 22:19 - 00002407 _____ C:\Users\Johannes_2\Desktop\Google Earth.lnk
2013-09-12 22:19 - 2013-09-12 22:19 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Earth
2013-09-12 22:18 - 2013-09-12 22:18 - 00000000 ____D C:\Users\Johannes_2\AppData\Local\Google
2013-09-12 22:04 - 2013-09-12 22:16 - 25415728 _____ C:\Users\Johannes_2\Downloads\GoogleEarth1888Win.exe
2013-09-07 19:56 - 2013-09-15 18:19 - 00000000 ____D C:\Users\Johannes_2\Desktop\blogbilder
2013-09-07 10:50 - 2013-09-07 10:50 - 00001106 _____ C:\Users\Public\Desktop\Mascom internet.lnk
2013-09-07 10:50 - 2013-09-07 10:50 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
2013-09-07 10:50 - 2013-09-07 10:50 - 00000000 ____D C:\ProgramData\Mascom internet
2013-09-07 10:49 - 2012-12-03 13:22 - 00241152 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_juwwanecm.sys
2013-09-07 10:49 - 2012-12-03 12:40 - 00452608 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbwwan.sys
2013-09-07 10:49 - 2012-10-30 06:42 - 00014336 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_usbenumfilter.sys
2013-09-07 10:49 - 2012-10-29 13:44 - 00076800 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jucdcecm.sys
2013-09-07 10:49 - 2012-08-20 02:55 - 00104960 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jucdcacm.sys
2013-09-07 10:49 - 2012-08-20 02:55 - 00090112 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jubusenum.sys
2013-09-07 10:49 - 2012-08-20 02:55 - 00030720 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_juextctrl.sys
2013-09-07 10:49 - 2012-08-20 02:37 - 01490656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01007.dll
2013-09-07 10:49 - 2012-08-20 02:37 - 01490656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfCoInstaller01007.dll
2013-09-07 10:49 - 2011-12-31 03:20 - 00225920 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbmdm.sys
2013-09-07 10:49 - 2010-10-08 10:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\WINDOWS\system32\Drivers\ewdcsc.sys
2013-09-07 10:49 - 2010-09-26 12:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwupgrade.sys
2013-09-07 10:49 - 2010-08-06 01:43 - 01001472 _____ (DiBcom SA) C:\WINDOWS\system32\Drivers\mod7700.sys
2013-09-07 10:49 - 2010-07-27 03:52 - 00117248 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwusbdev.sys
2013-09-07 10:48 - 2013-09-07 10:50 - 00000000 ____D C:\ProgramData\DatacardService
2013-09-07 10:48 - 2013-09-07 10:50 - 00000000 ____D C:\Program Files (x86)\Mascom internet
2013-09-06 16:05 - 2013-09-06 16:07 - 00000000 ____D C:\Users\Johannes_2\Desktop\filme
2013-09-04 18:40 - 2013-09-07 22:53 - 00003971 _____ C:\Users\Johannes_2\Desktop\1.Blogeintrag.odt
2013-09-04 18:40 - 2013-09-07 22:53 - 00003611 _____ C:\Users\Johannes_2\Desktop\hühner.odt
2013-09-04 18:40 - 2013-09-07 18:40 - 00006943 _____ C:\Users\Johannes_2\Desktop\2. Blogeintrag.odt
2013-09-04 18:40 - 2013-09-04 18:40 - 00001879 _____ C:\Users\Johannes_2\Desktop\hühner.txt
2013-09-04 18:35 - 2013-08-15 17:46 - 00059525 ___SH C:\Users\Johannes_2\angry birds.vbe
2013-09-03 18:25 - 2013-09-03 18:35 - 00003482 _____ C:\Users\Johannes_2\Documents\hühner.odt
2013-09-02 16:37 - 2013-09-02 16:37 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2013-09-01 18:55 - 2013-09-07 22:53 - 00007151 _____ C:\Users\Johannes_2\Documents\2. Blogeintrag.odt
2013-09-01 17:56 - 2013-09-01 18:30 - 00003844 _____ C:\Users\Johannes_2\Documents\1.Blogeintrag.odt
2013-08-30 17:21 - 2013-08-30 17:21 - 00002978 _____ C:\Users\Johannes_2\Documents\Dokument.odt
2013-08-29 18:20 - 2012-12-25 09:37 - 00000000 ____D C:\Users\Johannes_2\Desktop\AUDIO_TS
2013-08-29 18:13 - 2013-08-29 18:20 - 00000000 ____D C:\Users\Johannes_2\Desktop\VIDEO_TS
2013-08-28 19:38 - 2013-08-28 19:38 - 00000428 _____ C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD-RW-Laufwerk (E) RACIST.lnk
2013-08-26 23:08 - 2013-09-02 17:03 - 00000000 ____D C:\Users\Johannes_2\Documents\tagebuch
2013-08-24 00:12 - 2013-08-24 00:28 - 51794785 _____ C:\Users\Johannes_2\Desktop\Unbenannt-2.psd
2013-08-23 23:23 - 2013-08-23 23:23 - 01234944 _____ C:\Users\Johannes_2\Downloads\SetupATX.exe
2013-08-23 23:07 - 2013-09-07 19:04 - 00000000 ____D C:\Users\Johannes_2\Desktop\fsj
2013-08-23 23:06 - 2013-08-23 23:07 - 00000000 ____D C:\Users\Johannes_2\Desktop\Album Frank
2013-08-23 23:06 - 2013-08-23 23:06 - 00000000 ____D C:\Users\Johannes_2\Desktop\rezepte
2013-08-23 23:04 - 2013-08-23 23:04 - 00002040 _____ C:\Users\Johannes_2\Desktop\Finale PrintMusic 2006.lnk
2013-08-23 23:04 - 2013-08-23 23:04 - 00002040 _____ C:\Users\Johannes\Desktop\Finale PrintMusic 2006.lnk
2013-08-23 23:04 - 2013-08-23 23:04 - 00000167 _____ C:\WINDOWS\winiini.fin
2013-08-23 23:04 - 2013-08-23 23:04 - 00000000 ____D C:\Program Files (x86)\Finale PrintMusic 2006
2013-08-23 23:04 - 2004-03-29 15:23 - 00090112 _____ (MindVision Software) C:\WINDOWS\unvise32.exe
2013-08-20 21:14 - 2013-08-20 21:14 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\com.adobe.amp
2013-08-20 20:49 - 2013-08-20 20:49 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\XMedia Recode
2013-08-20 20:46 - 2013-08-20 20:46 - 00000000 ____D C:\Program Files (x86)\XMedia Recode
2013-08-20 20:45 - 2013-08-20 20:45 - 05699384 _____ (XMedia Recode                                              ) C:\Users\Johannes_2\Downloads\XMediaRecode3169_setup.exe
2013-08-20 20:16 - 2013-08-21 00:21 - 00018904 _____ C:\Users\Johannes_2\Documents\portugal.wlmp
2013-08-19 22:19 - 2013-08-19 22:57 - 00000000 ____D C:\Users\Johannes_2\Desktop\portugal

==================== One Month Modified Files and Folders =======

2013-09-18 17:33 - 2012-11-02 23:06 - 00753134 _____ C:\WINDOWS\system32\perfh007.dat
2013-09-18 17:33 - 2012-11-02 23:06 - 00155826 _____ C:\WINDOWS\system32\perfc007.dat
2013-09-18 17:33 - 2012-07-26 09:28 - 01745416 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-09-18 17:28 - 2012-11-02 14:30 - 01998488 _____ C:\WINDOWS\WindowsUpdate.log
2013-09-18 17:16 - 2013-09-18 17:16 - 00000000 ____D C:\FRST
2013-09-18 17:15 - 2013-09-18 17:14 - 01950524 _____ (Farbar) C:\Users\Johannes_2\Desktop\FRST64.exe
2013-09-18 17:09 - 2013-06-14 21:31 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Dropbox
2013-09-18 17:08 - 2013-06-14 21:37 - 00000000 ___RD C:\Users\Johannes_2\Dropbox
2013-09-18 17:06 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\sru
2013-09-18 09:40 - 2013-08-01 01:31 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-09-18 08:18 - 2012-07-26 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-09-18 07:09 - 2013-09-14 16:22 - 00000000 ____D C:\Users\Johannes_2\Desktop\anfängersongs
2013-09-17 21:52 - 2013-09-17 20:34 - 00002162 _____ C:\Users\Johannes_2\Desktop\Neues Textdokument.txt
2013-09-17 21:52 - 2013-05-11 21:12 - 00000000 ____D C:\Users\Johannes_2\AppData\Local\CrashDumps
2013-09-17 16:34 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\rescache
2013-09-17 15:53 - 2012-07-26 09:21 - 00051663 _____ C:\WINDOWS\setupact.log
2013-09-16 21:36 - 2013-09-14 18:19 - 00006655 _____ C:\Users\Johannes_2\Documents\blog3.odt
2013-09-16 20:24 - 2013-09-14 13:26 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\vlc
2013-09-16 18:45 - 2013-09-16 18:45 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\dvdcss
2013-09-16 18:40 - 2013-06-10 16:30 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Audacity
2013-09-15 18:19 - 2013-09-07 19:56 - 00000000 ____D C:\Users\Johannes_2\Desktop\blogbilder
2013-09-15 15:03 - 2013-09-15 15:03 - 00000000 ____D C:\Users\Johannes_2\Documents\Lerothodi Bounces
2013-09-14 13:12 - 2013-09-14 13:11 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\vlc
2013-09-14 13:11 - 2013-09-14 13:11 - 00001081 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-09-14 13:10 - 2013-09-14 13:10 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-09-14 13:08 - 2013-09-14 12:59 - 23003252 _____ C:\Users\Johannes_2\Downloads\vlc-2.0.8_win32.exe
2013-09-13 19:33 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-09-13 17:37 - 2013-09-13 17:37 - 00001159 _____ C:\Users\Johannes_2\Desktop\oh happy day.txt
2013-09-12 23:08 - 2013-09-12 23:08 - 00001794 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-12 23:08 - 2013-09-12 23:07 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-12 23:08 - 2013-09-12 23:07 - 00000000 ____D C:\Program Files\iTunes
2013-09-12 23:08 - 2013-07-16 20:26 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-12 23:07 - 2013-09-12 23:07 - 00000000 ____D C:\Program Files\iPod
2013-09-12 23:07 - 2013-07-15 13:26 - 00000000 ____D C:\ProgramData\Apple Computer
2013-09-12 22:19 - 2013-09-12 22:19 - 00002407 _____ C:\Users\Johannes_2\Desktop\Google Earth.lnk
2013-09-12 22:19 - 2013-09-12 22:19 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Earth
2013-09-12 22:18 - 2013-09-12 22:18 - 00000000 ____D C:\Users\Johannes_2\AppData\Local\Google
2013-09-12 22:16 - 2013-09-12 22:04 - 25415728 _____ C:\Users\Johannes_2\Downloads\GoogleEarth1888Win.exe
2013-09-08 14:18 - 2013-05-13 15:39 - 00000000 _____ C:\WINDOWS\SysWOW64\config.nt
2013-09-07 22:53 - 2013-09-04 18:40 - 00003971 _____ C:\Users\Johannes_2\Desktop\1.Blogeintrag.odt
2013-09-07 22:53 - 2013-09-04 18:40 - 00003611 _____ C:\Users\Johannes_2\Desktop\hühner.odt
2013-09-07 22:53 - 2013-09-01 18:55 - 00007151 _____ C:\Users\Johannes_2\Documents\2. Blogeintrag.odt
2013-09-07 19:04 - 2013-08-23 23:07 - 00000000 ____D C:\Users\Johannes_2\Desktop\fsj
2013-09-07 18:40 - 2013-09-04 18:40 - 00006943 _____ C:\Users\Johannes_2\Desktop\2. Blogeintrag.odt
2013-09-07 10:50 - 2013-09-07 10:50 - 00001106 _____ C:\Users\Public\Desktop\Mascom internet.lnk
2013-09-07 10:50 - 2013-09-07 10:50 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
2013-09-07 10:50 - 2013-09-07 10:50 - 00000000 ____D C:\ProgramData\Mascom internet
2013-09-07 10:50 - 2013-09-07 10:48 - 00000000 ____D C:\ProgramData\DatacardService
2013-09-07 10:50 - 2013-09-07 10:48 - 00000000 ____D C:\Program Files (x86)\Mascom internet
2013-09-06 16:07 - 2013-09-06 16:05 - 00000000 ____D C:\Users\Johannes_2\Desktop\filme
2013-09-04 20:13 - 2013-07-24 19:06 - 00000000 ____D C:\Users\Johannes_2\Documents\setswana
2013-09-04 19:57 - 2013-07-14 23:09 - 04989696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-09-04 18:40 - 2013-09-04 18:40 - 00001879 _____ C:\Users\Johannes_2\Desktop\hühner.txt
2013-09-04 18:35 - 2013-05-11 21:10 - 00000000 ___RD C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-04 18:35 - 2013-05-11 21:09 - 00000000 ____D C:\Users\Johannes_2
2013-09-03 18:35 - 2013-09-03 18:25 - 00003482 _____ C:\Users\Johannes_2\Documents\hühner.odt
2013-09-02 17:03 - 2013-08-26 23:08 - 00000000 ____D C:\Users\Johannes_2\Documents\tagebuch
2013-09-02 16:41 - 2013-05-11 21:11 - 00000000 ____D C:\Users\Johannes_2\Documents\Bluetooth-Exchange-Ordner
2013-09-02 16:37 - 2013-09-02 16:37 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2013-09-01 18:30 - 2013-09-01 17:56 - 00003844 _____ C:\Users\Johannes_2\Documents\1.Blogeintrag.odt
2013-08-30 17:21 - 2013-08-30 17:21 - 00002978 _____ C:\Users\Johannes_2\Documents\Dokument.odt
2013-08-30 09:48 - 2013-05-13 15:40 - 01030952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2013-08-30 09:48 - 2013-05-13 15:40 - 00378944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2013-08-30 09:48 - 2013-05-13 15:40 - 00204880 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-08-30 09:48 - 2013-05-13 15:40 - 00072016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2013-08-30 09:48 - 2013-05-13 15:40 - 00065336 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2013-08-30 09:48 - 2013-05-13 15:40 - 00064288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2013-08-30 09:48 - 2013-05-13 15:40 - 00033400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFsBlk.sys
2013-08-30 09:48 - 2013-05-13 15:39 - 00080816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2013-08-30 09:47 - 2013-05-13 15:39 - 00287840 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2013-08-30 09:47 - 2013-05-13 15:39 - 00041664 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2013-08-29 18:29 - 2013-07-16 20:26 - 00000000 ____D C:\Users\Johannes_2\AppData\Local\Apple Computer
2013-08-29 18:20 - 2013-08-29 18:13 - 00000000 ____D C:\Users\Johannes_2\Desktop\VIDEO_TS
2013-08-28 19:38 - 2013-08-28 19:38 - 00000428 _____ C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD-RW-Laufwerk (E) RACIST.lnk
2013-08-24 00:28 - 2013-08-24 00:12 - 51794785 _____ C:\Users\Johannes_2\Desktop\Unbenannt-2.psd
2013-08-23 23:48 - 2013-05-11 21:10 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Adobe
2013-08-23 23:23 - 2013-08-23 23:23 - 01234944 _____ C:\Users\Johannes_2\Downloads\SetupATX.exe
2013-08-23 23:07 - 2013-08-23 23:06 - 00000000 ____D C:\Users\Johannes_2\Desktop\Album Frank
2013-08-23 23:06 - 2013-08-23 23:06 - 00000000 ____D C:\Users\Johannes_2\Desktop\rezepte
2013-08-23 23:05 - 2013-05-11 21:09 - 00000000 ____D C:\Users\Johannes_2\AppData\Local\VirtualStore
2013-08-23 23:05 - 2012-11-02 14:29 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-08-23 23:04 - 2013-08-23 23:04 - 00002040 _____ C:\Users\Johannes_2\Desktop\Finale PrintMusic 2006.lnk
2013-08-23 23:04 - 2013-08-23 23:04 - 00002040 _____ C:\Users\Johannes\Desktop\Finale PrintMusic 2006.lnk
2013-08-23 23:04 - 2013-08-23 23:04 - 00000167 _____ C:\WINDOWS\winiini.fin
2013-08-23 23:04 - 2013-08-23 23:04 - 00000000 ____D C:\Program Files (x86)\Finale PrintMusic 2006
2013-08-22 23:54 - 2013-05-11 21:10 - 00017479 _____ C:\Users\Johannes_2\AppData\Roaming\AbsoluteReminder.xml
2013-08-22 23:48 - 2013-06-07 10:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-22 17:55 - 2013-05-13 15:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-22 17:55 - 2012-09-13 20:32 - 00473844 _____ C:\WINDOWS\PFRO.log
2013-08-22 17:52 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-08-22 17:52 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-08-22 17:52 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-22 17:52 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-08-21 00:21 - 2013-08-20 20:16 - 00018904 _____ C:\Users\Johannes_2\Documents\portugal.wlmp
2013-08-20 22:07 - 2013-06-07 14:50 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\Mozilla
2013-08-20 21:14 - 2013-08-20 21:14 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\com.adobe.amp
2013-08-20 20:49 - 2013-08-20 20:49 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\XMedia Recode
2013-08-20 20:46 - 2013-08-20 20:46 - 00000000 ____D C:\Program Files (x86)\XMedia Recode
2013-08-20 20:45 - 2013-08-20 20:45 - 05699384 _____ (XMedia Recode                                              ) C:\Users\Johannes_2\Downloads\XMediaRecode3169_setup.exe
2013-08-20 20:00 - 2013-07-22 16:19 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-08-20 19:57 - 2013-05-13 16:04 - 78161360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-08-20 10:41 - 2013-06-07 13:35 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Skype
2013-08-20 00:03 - 2013-06-07 14:44 - 00000000 ____D C:\Users\Johannes_2\AppData\Local\PokerStars.EU
2013-08-19 22:57 - 2013-08-19 22:19 - 00000000 ____D C:\Users\Johannes_2\Desktop\portugal
2013-08-19 00:32 - 2013-08-18 22:47 - 00000000 ____D C:\Users\Johannes_2\Desktop\standards

Files to move or delete:
====================
C:\ProgramData\PKP_DLes.DAT
C:\ProgramData\PKP_DLet.DAT
C:\ProgramData\PKP_DLev.DAT


Some content of TEMP:
====================
C:\Users\Johannes\AppData\Local\Temp\ose00000.exe
C:\Users\Johannes\AppData\Local\Temp\shutdown1370612092.exe
C:\Users\Johannes_2\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
--- --- ---

--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2013 03
Ran by Johannes_2 at 2013-09-18 17:38:44
Running from C:\Users\Johannes_2\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Absolute Reminder (x32 Version: 2.1.0.9)
Adobe AIR (x32 Version: 3.8.0.870)
Adobe Community Help (x32 Version: 3.0.0)
Adobe Community Help (x32 Version: 3.0.0.400)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Media Player (x32 Version: 1.8)
Adobe Photoshop CS5 (x32 Version: 12.0)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Alcor Micro USB Card Reader (x32 Version: 3.12.3042.71515)
Anzeige am Bildschirm (Version: 7.01.00)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Ask Toolbar (x32 Version: 12.3.0.906)
Audacity 2.0.3 (x32 Version: 2.0.3)
avast! Free Antivirus (x32 Version: 8.0.1497.0)
Bonjour (Version: 3.0.0.10)
Broadcom 802.11 Network Adapter (Version: 6.20.55.57)
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Dropbox (HKCU Version: 2.0.26)
FileHippo.com Update Checker (x32)
Finale PrintMusic 2006 (x32)
Fotogalerie (x32 Version: 16.4.3508.0205)
Free YouTube to MP3 Converter version 3.12.3.610 (x32 Version: 3.12.3.610)
FreeRide Games (x32 Version: 07.05.80.00)
Full Tilt Poker (HKCU Version: 4.63.3.WIN.FullTilt.COM)
Full Tilt Poker.Eu (HKCU Version: 4.63.3.WIN.FullTilt.EU)
Google Earth (x32 Version: 7.1.1.1888)
Integrated Camera (x32 Version: 5.12.831.31)
Intel AppUp(SM) center (x32 Version: 3.6.1.33057.10)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2843)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel(R) Update Manager (x32 Version: 1.0.0.34813)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
iTunes (Version: 11.0.4.4)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Lenovo Auto Scroll Utility (Version: 1.32)
Lenovo Dependency Package (x32 Version: 1.0)
Lenovo Patch Utility (x32 Version: 1.3.1.1)
Lenovo Patch Utility 64 bit (Version: 1.3.1.1)
Lenovo Power Management Driver (Version: 1.66.00.07)
Lenovo QuickLaunch (x32 Version: 1.00.0025)
Lenovo Settings - Camera Audio (Version: 4.0.5.0)
Lenovo Settings Dependency Package (Version: 1.0.0.12)
Lenovo Settings Mobile Hotspot (Version: 1.0.0.21)
Lenovo Solution Center (Version: 2.1.003.00)
Lenovo Solutions for Small Business (x32 Version: 1.1.22.3687)
Lenovo Solutions for Small Business Customizations (x32 Version: 1.1.0004.00)
Lenovo System Update (x32 Version: 5.00.0014)
Lenovo User Guide (x32 Version: 1.0.0008.00)
Lenovo Warranty Information (x32 Version: 1.0.0007.00)
Mascom internet (x32 Version: 23.009.11.00.273)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office (x32 Version: 14.0.6120.5004)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Movie Maker (x32 Version: 16.4.3508.0205)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 17.0.8)
Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
Nightly 24.0a1 (x64 en-US) (Version: 24.0a1)
Nikon Message Center 2 (x32 Version: 2.0.1)
Panda USB Vaccine 1.0.1.4 (x32)
Password Vault (Version: 6.0.200.75)
PDF Settings CS5 (x32 Version: 10.0)
Photo Common (x32 Version: 16.4.3508.0205)
Photo Gallery (x32 Version: 16.4.3508.0205)
Picture Control Utility (x32 Version: 1.2.2)
PokerStars.eu (x32)
PokerTracker 4 (remove only) (x32)
PostgreSQL 9.0  (Version: 9.0)
PostgreSQL 9.0  (x86) (x32 Version: 9.0)
QuickTime (x32 Version: 7.74.80.86)
Realtek Ethernet Controller Driver (x32 Version: 8.2.612.2012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6710)
Secunia PSI (3.0.0.7009) (x32 Version: 3.0.0.7009)
Skype™ 6.6 (x32 Version: 6.6.106)
SugarSync Manager (x32 Version: 1.9.61.90905)
Synaptics Pointing Device Driver (Version: 16.2.10.5)
ThinkPad Bluetooth with Enhanced Data Rate Software (Version: 12.0.0.1900)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553092) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
US122 Driver 3.40 (Version: 3.40)
US-122 MKII / US-144 MKII
ViewNX 2 (x32 Version: 2.1.2)
VLC media player 2.0.8 (x32 Version: 2.0.8)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205)
Windows Live Essentials (x32 Version: 16.4.3508.0205)
Windows Live Installer (x32 Version: 16.4.3508.0205)
Windows Live Photo Common (x32 Version: 16.4.3508.0205)
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205)
Windows Live SOXE (x32 Version: 16.4.3508.0205)
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205)
Windows Live UX Platform (x32 Version: 16.4.3508.0205)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205)
Windows-Treiberpaket - Intel Corporation (iaStorA) HDC  (07/09/2012 11.5.0.1207) (Version: 07/09/2012 11.5.0.1207)
Windows-Treiberpaket - Lenovo 1.66.00.07 (08/15/2012 1.66.00.07) (Version: 08/15/2012 1.66.00.07)
XMedia Recode Version 3.1.6.9 (x32 Version: 3.1.6.9)
YTD Video Downloader 4.3 (x32 Version: 4.3)

==================== Restore Points  =========================

Could not list Restore Points.


==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => ?

==================== Loaded Modules (whitelisted) =============

2013-06-05 19:17 - 2013-06-05 19:17 - 00164016 _____ (Dropbox, Inc.) C:\Users\Johannes_2\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
2011-03-17 00:07 - 2011-03-17 00:07 - 04297568 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-05-14 19:39 - 2012-05-14 19:39 - 00463952 _____ (SugarSync, Inc.) C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll
2012-08-17 11:23 - 2012-08-17 11:23 - 00044408 _____ () C:\Program Files\ThinkPad\Bluetooth Software\BtwLeAPI.dll
2012-11-02 14:21 - 2012-08-24 12:52 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrDEU.lrc
2012-11-02 14:21 - 2012-08-24 12:52 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-11-02 14:17 - 2012-08-16 08:23 - 01046328 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2012-11-02 14:17 - 2012-08-16 08:23 - 00228664 _____ (Synaptics Incorporated) C:\WINDOWS\SYSTEM32\SynTPAPI.dll
2012-08-31 05:43 - 2012-08-31 05:43 - 00171880 _____ (AuthenTec) C:\Program Files\Lenovo Fingerprint Reader\TSLog.dll
2012-08-31 05:42 - 2012-08-31 05:42 - 02501992 _____ (AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\biolayer.dll
2012-08-31 05:43 - 2012-08-31 05:43 - 08675176 _____ (HP) C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteDlg.dll
2012-08-31 05:42 - 2012-08-31 05:42 - 02553192 _____ (AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\AutoSoftwareUpdate.dll
2012-08-31 05:43 - 2012-08-31 05:43 - 01130344 _____ () C:\Program Files\Lenovo Fingerprint Reader\DataManager.dll
2012-07-16 07:59 - 2012-07-16 07:59 - 06593384 _____ (AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueAPI.dll
2012-08-31 05:43 - 2012-08-31 05:43 - 00087400 _____ () C:\Program Files\Lenovo Fingerprint Reader\ssutil.dll
2012-08-31 05:43 - 2012-08-31 05:43 - 00332648 _____ (Authentec Inc.) C:\Program Files\Lenovo Fingerprint Reader\TokenMachine.dll

==================== Alternate Data Streams (whitelisted) ==========



==================== Faulty Device Manager Devices =============

Name: WAN-Miniport (Netzwerkmonitor)
Description: WAN-Miniport (Netzwerkmonitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (09/18/2013 08:19:34 AM) (Source: PostgreSQL) (User: )
Description: postgres kann nicht auf die Serverkonfigurationsdatei �C:/Program Files (x86)/PostgreSQL/9.0/data/postgresql.conf� zugreifen: No such file or directory

Error: (09/18/2013 07:06:51 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31141422

Error: (09/18/2013 07:06:51 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31141422

Error: (09/18/2013 07:06:51 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/18/2013 07:06:50 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31140281

Error: (09/18/2013 07:06:50 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31140281

Error: (09/18/2013 07:06:50 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/18/2013 01:28:17 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10833719

Error: (09/18/2013 01:28:17 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10833719

Error: (09/18/2013 01:28:17 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (09/18/2013 05:32:12 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/18/2013 05:32:12 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/18/2013 05:18:47 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/18/2013 05:18:47 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/18/2013 05:15:03 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/18/2013 05:15:03 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/18/2013 08:19:50 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/18/2013 08:19:50 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/18/2013 08:19:46 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/18/2013 08:19:44 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


Microsoft Office Sessions:
=========================
Error: (09/18/2013 08:19:34 AM) (Source: PostgreSQL)(User: )
Description: postgres kann nicht auf die Serverkonfigurationsdatei �C:/Program Files (x86)/PostgreSQL/9.0/data/postgresql.conf� zugreifen: No such file or directory

Error: (09/18/2013 07:06:51 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31141422

Error: (09/18/2013 07:06:51 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31141422

Error: (09/18/2013 07:06:51 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/18/2013 07:06:50 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31140281

Error: (09/18/2013 07:06:50 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31140281

Error: (09/18/2013 07:06:50 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/18/2013 01:28:17 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10833719

Error: (09/18/2013 01:28:17 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10833719

Error: (09/18/2013 01:28:17 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info ===========================

Percentage of memory in use: 54%
Total physical RAM: 3854.22 MB
Available physical RAM: 1753.52 MB
Total Pagefile: 12558.22 MB
Available Pagefile: 9490.27 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:453.38 GB) (Free:367.14 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Mobile Partner) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================

schrauber 18.09.2013 20:31
Lass die Internetsticks weg, rest dran machen und nicht mehr abmachen.

Panda USB Vaccine - Download - Filepony
laden und laufen lassen.

Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

falke99 18.09.2013 20:43
Nachdem ich Combofix habe laufen lassen, kann ich die Sticks wieder entfernen ? Brauche einen freien USB-Port für den Inet Stick, um das File zu posten. Und kann sich auf dem Internet-Stick nicht auch was eingefangen haben ?

schrauber 19.09.2013 09:43
Selten. Mach einen ab, InetStick dran, Panda nochmal laufen lassen. Dann Log posten.

falke99 19.09.2013 17:33
Hier die erste Log-Datei. Ipod kann nicht "vaccinated" werden. Wird auch nicht als Wechseldatenträger angezeigt. Nachdem Combofix fertig war, wurde die txt Datei angezeigt. Aber der Desktop war weg (nur blauer Bildschirm). Nur die Taskleiste war noch da. Über den Taskmanager habe ich den Laptop (windows8) neu gestartet. Jetzt ist wieder alles normal. Weiß nicht ob das was zu bedeuten hat.

Code:
ComboFix 13-09-17.01 - Johannes 19.09.2013  17:25:31.2.4 - x64
Microsoft Windows 8  6.2.9200.0.1252.49.1031.18.3854.2088 [GMT 2:00]
ausgeführt von:: c:\users\Johannes_2\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Lenovo\Lenovo Solution Center\Microsoft Fix it\FixitUi\_desktop.ini
c:\users\Johannes_2\AppData\Local\TempFullTiltPokerEuSetup.exe
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-08-19 bis 2013-09-19  ))))))))))))))))))))))))))))))
.
.
2013-09-19 15:34 . 2013-09-19 15:34        --------        d-----w-        c:\users\postgres\AppData\Local\temp
2013-09-19 15:34 . 2013-09-19 15:34        --------        d-----w-        c:\users\Johannes_2\AppData\Local\temp
2013-09-19 15:34 . 2013-09-19 15:34        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-09-19 15:34 . 2013-09-19 15:34        --------        d-----w-        c:\users\Johannes\AppData\Local\temp
2013-09-18 15:16 . 2013-09-18 15:16        --------        d-----w-        C:\FRST
2013-09-16 16:45 . 2013-09-16 16:45        --------        d-----w-        c:\users\Johannes_2\AppData\Roaming\dvdcss
2013-09-14 11:26 . 2013-09-18 16:29        --------        d-----w-        c:\users\Johannes_2\AppData\Roaming\vlc
2013-09-14 11:11 . 2013-09-14 11:12        --------        d-----w-        c:\users\Johannes\AppData\Roaming\vlc
2013-09-14 11:10 . 2013-09-14 11:10        --------        d-----w-        c:\program files (x86)\VideoLAN
2013-09-12 21:07 . 2013-09-12 21:07        --------        d-----w-        c:\program files\iPod
2013-09-12 21:07 . 2013-09-12 21:08        --------        d-----w-        c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-12 21:07 . 2013-09-12 21:08        --------        d-----w-        c:\program files\iTunes
2013-09-12 20:19 . 2013-09-12 20:19        65536        ----a-r-        c:\users\Johannes_2\AppData\Roaming\Microsoft\Installer\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
2013-09-12 20:19 . 2013-09-12 20:19        65536        ----a-r-        c:\users\Johannes_2\AppData\Roaming\Microsoft\Installer\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe
2013-09-12 20:19 . 2013-09-12 20:19        65536        ----a-r-        c:\users\Johannes_2\AppData\Roaming\Microsoft\Installer\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
2013-09-12 20:19 . 2013-09-12 20:19        65536        ----a-r-        c:\users\Johannes_2\AppData\Roaming\Microsoft\Installer\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
2013-09-12 20:19 . 2013-09-12 20:19        65536        ----a-r-        c:\users\Johannes_2\AppData\Roaming\Microsoft\Installer\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}\googleearth.exe1_F6A848FB884248E6A4CDCBDCF41F6A74.exe
2013-09-12 20:19 . 2013-09-12 20:19        65536        ----a-r-        c:\users\Johannes_2\AppData\Roaming\Microsoft\Installer\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe
2013-09-12 20:18 . 2013-09-12 20:19        65536        ----a-r-        c:\users\Johannes_2\AppData\Roaming\Microsoft\Installer\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}\ARPPRODUCTICON.exe
2013-09-12 20:18 . 2013-09-12 20:18        --------        d-----w-        c:\users\Johannes_2\AppData\Local\Google
2013-09-07 08:50 . 2013-09-07 08:50        --------        d-----w-        c:\programdata\Mascom internet
2013-09-07 08:48 . 2013-09-07 08:50        --------        d-----w-        c:\program files (x86)\Mascom internet
2013-09-07 08:48 . 2013-09-07 08:50        --------        d-----w-        c:\programdata\DatacardService
2013-09-04 16:35 . 2013-08-15 15:46        59525        --sha-w-        c:\users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\angry birds.vbe
2013-09-04 16:35 . 2013-08-15 15:46        59525        --sha-w-        c:\users\Johannes_2\angry birds.vbe
2013-09-02 14:36 . 2013-09-02 14:36        --------        d-----w-        c:\users\Johannes\AppData\Local\ElevatedDiagnostics
2013-08-28 18:07 . 2013-09-07 11:38        --------        d-----w-        c:\users\Johannes_2\AppData\Local\Diagnostics
2013-08-23 21:04 . 2004-03-29 13:23        90112        ----a-w-        c:\windows\unvise32.exe
2013-08-23 21:04 . 2013-08-23 21:04        --------        d-----w-        C:\Psfonts
2013-08-23 21:04 . 2013-08-23 21:04        --------        d-----w-        c:\program files (x86)\Finale PrintMusic 2006
2013-08-20 19:14 . 2013-08-20 19:14        --------        d-----w-        c:\users\Johannes_2\AppData\Roaming\com.adobe.amp
2013-08-20 18:49 . 2013-08-20 18:49        --------        d-----w-        c:\users\Johannes_2\AppData\Roaming\XMedia Recode
2013-08-20 18:46 . 2013-08-20 18:46        --------        d-----w-        c:\program files (x86)\XMedia Recode
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-30 07:48 . 2013-05-13 13:40        378944        ----a-w-        c:\windows\system32\drivers\aswSP.sys
2013-08-30 07:48 . 2013-05-13 13:40        72016        ----a-w-        c:\windows\system32\drivers\aswRdr2.sys
2013-08-30 07:48 . 2013-05-13 13:40        64288        ----a-w-        c:\windows\system32\drivers\aswTdi.sys
2013-08-30 07:48 . 2013-05-13 13:40        65336        ----a-w-        c:\windows\system32\drivers\aswRvrt.sys
2013-08-30 07:48 . 2013-05-13 13:40        204880        ----a-w-        c:\windows\system32\drivers\aswVmm.sys
2013-08-30 07:48 . 2013-05-13 13:40        1030952        ----a-w-        c:\windows\system32\drivers\aswSnx.sys
2013-08-30 07:48 . 2013-05-13 13:40        33400        ----a-w-        c:\windows\system32\drivers\aswFsBlk.sys
2013-08-30 07:48 . 2013-05-13 13:39        80816        ----a-w-        c:\windows\system32\drivers\aswMonFlt.sys
2013-08-30 07:47 . 2013-05-13 13:39        41664        ----a-w-        c:\windows\avastSS.scr
2013-08-30 07:47 . 2013-05-13 13:39        287840        ----a-w-        c:\windows\system32\aswBoot.exe
2013-08-20 17:57 . 2013-05-13 14:04        78161360        ----a-w-        c:\windows\system32\MRT.exe
2013-07-31 23:29 . 2013-06-07 13:21        405360        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-26 05:13 . 2013-08-18 21:12        51712        ----a-w-        c:\windows\system32\ie4uinit.exe
2013-07-26 05:13 . 2013-08-18 21:12        2241024        ----a-w-        c:\windows\system32\wininet.dll
2013-07-26 05:13 . 2013-08-18 21:12        915968        ----a-w-        c:\windows\system32\uxtheme.dll
2013-07-26 05:13 . 2013-08-18 21:12        53760        ----a-w-        c:\windows\system32\UXInit.dll
2013-07-26 05:13 . 2013-08-18 21:12        1365504        ----a-w-        c:\windows\system32\urlmon.dll
2013-07-26 05:12 . 2013-08-18 21:12        19239424        ----a-w-        c:\windows\system32\mshtml.dll
2013-07-26 05:12 . 2013-08-18 21:12        603136        ----a-w-        c:\windows\system32\msfeeds.dll
2013-07-26 05:12 . 2013-08-18 21:12        53760        ----a-w-        c:\windows\system32\jsproxy.dll
2013-07-26 05:12 . 2013-08-18 21:12        855552        ----a-w-        c:\windows\system32\jscript.dll
2013-07-26 05:12 . 2013-08-18 21:11        3958784        ----a-w-        c:\windows\system32\jscript9.dll
2013-07-26 05:12 . 2013-08-18 21:12        136704        ----a-w-        c:\windows\system32\iesysprep.dll
2013-07-26 05:12 . 2013-08-18 21:12        39936        ----a-w-        c:\windows\system32\iernonce.dll
2013-07-26 05:12 . 2013-08-18 21:12        67072        ----a-w-        c:\windows\system32\iesetup.dll
2013-07-26 05:12 . 2013-08-18 21:12        15405056        ----a-w-        c:\windows\system32\ieframe.dll
2013-07-26 05:12 . 2013-08-18 21:11        2647040        ----a-w-        c:\windows\system32\iertutil.dll
2013-07-26 03:35 . 2013-08-18 21:12        2706432        ----a-w-        c:\windows\system32\mshtml.tlb
2013-07-26 03:13 . 2013-08-18 21:12        1767936        ----a-w-        c:\windows\SysWow64\wininet.dll
2013-07-26 03:13 . 2013-08-18 21:12        44032        ----a-w-        c:\windows\SysWow64\UXInit.dll
2013-07-26 03:12 . 2013-08-18 21:11        2877440        ----a-w-        c:\windows\SysWow64\jscript9.dll
2013-07-26 03:12 . 2013-08-18 21:12        61440        ----a-w-        c:\windows\SysWow64\iesetup.dll
2013-07-26 03:12 . 2013-08-18 21:12        109056        ----a-w-        c:\windows\SysWow64\iesysprep.dll
2013-07-26 02:49 . 2013-08-18 21:12        2706432        ----a-w-        c:\windows\SysWow64\mshtml.tlb
2013-07-26 00:54 . 2013-08-18 21:12        534528        ----a-w-        c:\windows\SysWow64\uxtheme.dll
2013-07-15 11:28 . 2013-07-15 11:28        57344        ----a-r-        c:\users\Johannes\AppData\Roaming\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
2013-07-15 11:26 . 2013-07-15 11:27        106496        ----a-w-        c:\windows\SysWow64\ATL71.DLL
2013-07-13 06:18 . 2013-08-18 21:06        337408        ----a-w-        c:\windows\system32\wintrust.dll
2013-07-13 06:16 . 2013-08-18 21:06        1889280        ----a-w-        c:\windows\system32\crypt32.dll
2013-07-13 06:16 . 2013-08-18 21:06        68096        ----a-w-        c:\windows\system32\cryptsvc.dll
2013-07-13 06:15 . 2013-08-18 21:06        124416        ----a-w-        c:\windows\system32\apprepapi.dll
2013-07-13 06:15 . 2013-08-18 21:06        98304        ----a-w-        c:\windows\system32\apprepsync.dll
2013-07-13 04:24 . 2013-08-18 21:06        261120        ----a-w-        c:\windows\SysWow64\wintrust.dll
2013-07-13 04:23 . 2013-08-18 21:06        1568256        ----a-w-        c:\windows\SysWow64\crypt32.dll
2013-07-13 04:23 . 2013-08-18 21:06        87040        ----a-w-        c:\windows\SysWow64\apprepapi.dll
2013-07-13 04:23 . 2013-08-18 21:06        74240        ----a-w-        c:\windows\SysWow64\apprepsync.dll
2013-07-09 06:07 . 2013-08-18 21:13        2233168        ----a-w-        c:\windows\system32\drivers\tcpip.sys
2013-07-02 00:44 . 2013-08-18 21:12        36288        ----a-w-        c:\windows\system32\drivers\WdBoot.sys
2013-07-01 22:08 . 2013-08-18 21:12        247216        ----a-w-        c:\windows\system32\drivers\WdFilter.sys
2013-06-30 20:43 . 2013-06-30 20:43        108968        ----a-w-        c:\windows\system32\WindowsAccessBridge-64.dll
2013-06-30 20:43 . 2013-06-30 20:43        312232        ----a-w-        c:\windows\system32\javaws.exe
2013-06-30 20:43 . 2013-06-30 20:43        189352        ----a-w-        c:\windows\system32\javaw.exe
2013-06-30 20:43 . 2013-06-30 20:43        188840        ----a-w-        c:\windows\system32\java.exe
2013-06-30 20:43 . 2013-06-07 12:11        972712        ----a-w-        c:\windows\system32\deployJava1.dll
2013-06-30 20:43 . 2013-06-07 12:11        1093032        ----a-w-        c:\windows\system32\npDeployJava1.dll
2013-06-27 22:04 . 2013-06-07 13:21        693112        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FileHippo.com"="c:\program files (x86)\FileHippo.com\UpdateChecker.exe" [2012-11-23 307712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"331BigDog"="c:\program files (x86)\USB Camera\VM331STI.EXE" [2012-08-30 548864]
"IntelSBA"="c:\program files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe" [2012-07-12 55560]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Nikon Message Center 2"="c:\program files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2010-05-25 619008]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"ApnTBMon"="c:\program files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [2013-08-20 1601488]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-31 152392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"aswAhAScr.dll"="c:\program files\AVAST Software\Avast\aswRegSvr.exe" [2013-08-30 51880]
"aswasOutExt.dll"="c:\program files\AVAST Software\Avast\aswRegSvr.exe" [2013-08-30 51880]
"aswasOutExt64.dll"="c:\program files\AVAST Software\Avast\aswRegSvr64.exe" [2013-08-30 50904]
.
c:\users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
angry birds.vbe [2013-8-15 59525]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2012-8-17 1346936]
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2013-4-18 563224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
.
R2 Mascom internet. RunOuc;Mascom internet. OUC;c:\program files (x86)\Mascom internet\UpdateDog\ouc.exe;c:\program files (x86)\Mascom internet\UpdateDog\ouc.exe [x]
R2 postgresql-9.0;postgresql-9.0 - PostgreSQL Server 9.0;C:/Program Files (x86)/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N postgresql-9.0 -D C:/Program Files (x86)/PostgreSQL/9.0/data -w;C:/Program Files (x86)/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N postgresql-9.0 -D C:/Program Files (x86)/PostgreSQL/9.0/data -w [x]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\System32\drivers\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\drivers\ew_usbenumfilter.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\System32\drivers\ew_juextctrl.sys;c:\windows\SYSNATIVE\drivers\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TASCAM_US122144;TASCAM USB 2.0 Audio Device driver;c:\windows\System32\Drivers\tascusb2.sys;c:\windows\SYSNATIVE\Drivers\tascusb2.sys [x]
R3 TASCAM_US122L_WDM;TASCAM US-122L WDM;c:\windows\system32\drivers\tscusb2a.sys;c:\windows\SYSNATIVE\drivers\tscusb2a.sys [x]
R4 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 APNMCP;Ask Aktualisierungsdienst;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 BcmBtRSupport;Bluetooth Radio Control Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
S2 FPLService;TrueSuiteService;c:\program files\Lenovo Fingerprint Reader\TrueSuiteService.exe;c:\program files\Lenovo Fingerprint Reader\TrueSuiteService.exe [x]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 intelsba;Intel(R) Small Business Advantage;c:\program files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe;c:\program files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 Lenovo System Agent Service;Lenovo System Agent Service;c:\program files\lenovo\SystemAgent\SystemAgentService.exe;c:\program files\lenovo\SystemAgent\SystemAgentService.exe [x]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [x]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [x]
S2 LENOVO.TVTVCAM;ThinkVantage Virtual Camera Controller;c:\program files\Lenovo\Communications Utility\vcamsvc.exe;c:\program files\Lenovo\Communications Utility\vcamsvc.exe [x]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [x]
S2 LnvHotSpotSvc;LnvMHService;c:\program files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe;c:\program files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [x]
S2 LocationTaskManager;Location Task Manager;c:\program files (x86)\Lenovo\LocationAware\loctaskmgr.exe;c:\program files (x86)\Lenovo\LocationAware\loctaskmgr.exe [x]
S2 postgresql-x64-9.0;postgresql-x64-9.0 - PostgreSQL Server 9.0;C:/Program Files (x86)/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N postgresql-x64-9.0 -D C:/Program Files/PostgreSQL/9.0/data -w;C:/Program Files (x86)/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N postgresql-x64-9.0 -D C:/Program Files/PostgreSQL/9.0/data -w [x]
S2 Power Manager DBC Service;Lenovo Settings Power Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 X5XSEx_Pr148;X5XSEx_Pr148;c:\program files (x86)\FreeRide Games\X5XSEx_Pr148.Sys;c:\program files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [x]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 BthLEEnum;Treiber für energiearme Bluetooth-Geräte;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\System32\drivers\ew_jubusenum.sys;c:\windows\SYSNATIVE\drivers\ew_jubusenum.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 TrueService;TrueAPI Service component;c:\program files\Common Files\AuthenTec\TrueService.exe;c:\program files\Common Files\AuthenTec\TrueService.exe [x]
S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\System32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
S3 vm331avs;Digital Camera 1;c:\windows\System32\Drivers\vm331avs.sys;c:\windows\SYSNATIVE\Drivers\vm331avs.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2013-05-11 10:37        215264        ----a-w-        c:\program files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll
.
Inhalt des "geplante Tasks" Ordners
.
2013-09-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-31 19:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-08-30 07:47        133840        ----a-w-        c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17        164016        ----a-w-        c:\users\Johannes_2\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17        164016        ----a-w-        c:\users\Johannes_2\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17        164016        ----a-w-        c:\users\Johannes_2\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17        164016        ----a-w-        c:\users\Johannes_2\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-05-14 17:39        463952        ----a-w-        c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-05-14 17:39        463952        ----a-w-        c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-05-14 17:39        463952        ----a-w-        c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-05-14 17:39        463952        ----a-w-        c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2012-07-20 373760]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-08-20 13192848]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-26 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-26 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-26 441152]
"LnvMobHotspotClient"="c:\program files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe" [2012-08-20 1010784]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2012-08-13 564320]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"MSPCLOCK"="streamci" [X]
"MSPQM"="streamci" [X]
"MSKSSRV"="streamci" [X]
"MSTEE.CxTransform"="streamci" [X]
"MSTEE.Splitter"="streamci" [X]
"WDM_DRMKAUD"="streamci" [X]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://lenovo13-comm.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: Interfaces\{17054FAC-C445-4402-B354-5F79FABD29A9}: NameServer = 41.223.73.82 0.0.0.0
TCP: Interfaces\{357A3CE7-C3E4-4970-8B0D-EF16F5F06EFC}: NameServer = 41.223.73.82 0.0.0.0
TCP: Interfaces\{3FFBD86D-B874-42E9-A3C5-E8C8E687C481}: NameServer = 41.223.73.82 0.0.0.0
TCP: Interfaces\{C0328E98-9225-4364-BFC6-1D65CD6D562F}: NameServer = 41.223.73.82 0.0.0.0
DPF: {4FF78044-96B4-4312-A5B7-FDA3CB328095} -
FF - ProfilePath -
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
c:\users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - c:\users\Johannes\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\postgresql-9.0]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N \"postgresql-9.0\" -D \"C:/Program Files (x86)/PostgreSQL/9.0/data\" -w"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\postgresql-x64-9.0]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N \"postgresql-x64-9.0\" -D \"C:/Program Files/PostgreSQL/9.0/data\" -w"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\postgresql-9.0]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N \"postgresql-9.0\" -D \"C:/Program Files (x86)/PostgreSQL/9.0/data\" -w"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\postgresql-x64-9.0]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N \"postgresql-x64-9.0\" -D \"C:/Program Files/PostgreSQL/9.0/data\" -w"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2013-09-19  17:38:11
ComboFix-quarantined-files.txt  2013-09-19 15:38
.
Vor Suchlauf: 18 Verzeichnis(se), 394.905.067.520 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 395.909.562.368 Bytes frei
.
- - End Of File - - 6B4D4A1081E862344427ACEF3032C1AE
2. Durchgang. Internet Stick statt Ipod. Internetstick wird als CD-Laufwerk angezeigt (kann nicht vaccinated werden). Das mit dem Desktop ist wieder passiert.

Code:
ComboFix 13-09-17.01 - Johannes 19.09.2013  18:07:45.3.4 - x64
Microsoft Windows 8  6.2.9200.0.1252.49.1031.18.3854.2353 [GMT 2:00]
ausgeführt von:: c:\users\Johannes_2\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-08-19 bis 2013-09-19  ))))))))))))))))))))))))))))))
.
.
2013-09-19 16:16 . 2013-09-19 16:16        --------        d-----w-        c:\users\Johannes_2\AppData\Local\temp
2013-09-19 16:16 . 2013-09-19 16:16        --------        d-----w-        c:\users\postgres\AppData\Local\temp
2013-09-19 16:16 . 2013-09-19 16:16        --------        d-----w-        c:\users\Johannes\AppData\Local\temp
2013-09-19 16:16 . 2013-09-19 16:16        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-09-18 15:16 . 2013-09-18 15:16        --------        d-----w-        C:\FRST
2013-09-16 16:45 . 2013-09-16 16:45        --------        d-----w-        c:\users\Johannes_2\AppData\Roaming\dvdcss
2013-09-14 11:26 . 2013-09-18 16:29        --------        d-----w-        c:\users\Johannes_2\AppData\Roaming\vlc
2013-09-14 11:11 . 2013-09-14 11:12        --------        d-----w-        c:\users\Johannes\AppData\Roaming\vlc
2013-09-14 11:10 . 2013-09-14 11:10        --------        d-----w-        c:\program files (x86)\VideoLAN
2013-09-12 21:07 . 2013-09-12 21:07        --------        d-----w-        c:\program files\iPod
2013-09-12 21:07 . 2013-09-12 21:08        --------        d-----w-        c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-12 21:07 . 2013-09-12 21:08        --------        d-----w-        c:\program files\iTunes
2013-09-12 20:19 . 2013-09-12 20:19        65536        ----a-r-        c:\users\Johannes_2\AppData\Roaming\Microsoft\Installer\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
2013-09-12 20:19 . 2013-09-12 20:19        65536        ----a-r-        c:\users\Johannes_2\AppData\Roaming\Microsoft\Installer\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe
2013-09-12 20:19 . 2013-09-12 20:19        65536        ----a-r-        c:\users\Johannes_2\AppData\Roaming\Microsoft\Installer\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
2013-09-12 20:19 . 2013-09-12 20:19        65536        ----a-r-        c:\users\Johannes_2\AppData\Roaming\Microsoft\Installer\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
2013-09-12 20:19 . 2013-09-12 20:19        65536        ----a-r-        c:\users\Johannes_2\AppData\Roaming\Microsoft\Installer\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}\googleearth.exe1_F6A848FB884248E6A4CDCBDCF41F6A74.exe
2013-09-12 20:19 . 2013-09-12 20:19        65536        ----a-r-        c:\users\Johannes_2\AppData\Roaming\Microsoft\Installer\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe
2013-09-12 20:18 . 2013-09-12 20:19        65536        ----a-r-        c:\users\Johannes_2\AppData\Roaming\Microsoft\Installer\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}\ARPPRODUCTICON.exe
2013-09-12 20:18 . 2013-09-12 20:18        --------        d-----w-        c:\users\Johannes_2\AppData\Local\Google
2013-09-07 08:50 . 2013-09-07 08:50        --------        d-----w-        c:\programdata\Mascom internet
2013-09-07 08:48 . 2013-09-07 08:50        --------        d-----w-        c:\program files (x86)\Mascom internet
2013-09-07 08:48 . 2013-09-07 08:50        --------        d-----w-        c:\programdata\DatacardService
2013-09-04 16:35 . 2013-08-15 15:46        59525        --sha-w-        c:\users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\angry birds.vbe
2013-09-04 16:35 . 2013-08-15 15:46        59525        --sha-w-        c:\users\Johannes_2\angry birds.vbe
2013-09-02 14:36 . 2013-09-02 14:36        --------        d-----w-        c:\users\Johannes\AppData\Local\ElevatedDiagnostics
2013-08-28 18:07 . 2013-09-07 11:38        --------        d-----w-        c:\users\Johannes_2\AppData\Local\Diagnostics
2013-08-23 21:04 . 2004-03-29 13:23        90112        ----a-w-        c:\windows\unvise32.exe
2013-08-23 21:04 . 2013-08-23 21:04        --------        d-----w-        C:\Psfonts
2013-08-23 21:04 . 2013-08-23 21:04        --------        d-----w-        c:\program files (x86)\Finale PrintMusic 2006
2013-08-20 19:14 . 2013-08-20 19:14        --------        d-----w-        c:\users\Johannes_2\AppData\Roaming\com.adobe.amp
2013-08-20 18:49 . 2013-08-20 18:49        --------        d-----w-        c:\users\Johannes_2\AppData\Roaming\XMedia Recode
2013-08-20 18:46 . 2013-08-20 18:46        --------        d-----w-        c:\program files (x86)\XMedia Recode
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-30 07:48 . 2013-05-13 13:40        378944        ----a-w-        c:\windows\system32\drivers\aswSP.sys
2013-08-30 07:48 . 2013-05-13 13:40        72016        ----a-w-        c:\windows\system32\drivers\aswRdr2.sys
2013-08-30 07:48 . 2013-05-13 13:40        64288        ----a-w-        c:\windows\system32\drivers\aswTdi.sys
2013-08-30 07:48 . 2013-05-13 13:40        65336        ----a-w-        c:\windows\system32\drivers\aswRvrt.sys
2013-08-30 07:48 . 2013-05-13 13:40        204880        ----a-w-        c:\windows\system32\drivers\aswVmm.sys
2013-08-30 07:48 . 2013-05-13 13:40        1030952        ----a-w-        c:\windows\system32\drivers\aswSnx.sys
2013-08-30 07:48 . 2013-05-13 13:40        33400        ----a-w-        c:\windows\system32\drivers\aswFsBlk.sys
2013-08-30 07:48 . 2013-05-13 13:39        80816        ----a-w-        c:\windows\system32\drivers\aswMonFlt.sys
2013-08-30 07:47 . 2013-05-13 13:39        41664        ----a-w-        c:\windows\avastSS.scr
2013-08-30 07:47 . 2013-05-13 13:39        287840        ----a-w-        c:\windows\system32\aswBoot.exe
2013-08-20 17:57 . 2013-05-13 14:04        78161360        ----a-w-        c:\windows\system32\MRT.exe
2013-07-31 23:29 . 2013-06-07 13:21        405360        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-26 05:13 . 2013-08-18 21:12        51712        ----a-w-        c:\windows\system32\ie4uinit.exe
2013-07-26 05:13 . 2013-08-18 21:12        2241024        ----a-w-        c:\windows\system32\wininet.dll
2013-07-26 05:13 . 2013-08-18 21:12        915968        ----a-w-        c:\windows\system32\uxtheme.dll
2013-07-26 05:13 . 2013-08-18 21:12        53760        ----a-w-        c:\windows\system32\UXInit.dll
2013-07-26 05:13 . 2013-08-18 21:12        1365504        ----a-w-        c:\windows\system32\urlmon.dll
2013-07-26 05:12 . 2013-08-18 21:12        19239424        ----a-w-        c:\windows\system32\mshtml.dll
2013-07-26 05:12 . 2013-08-18 21:12        603136        ----a-w-        c:\windows\system32\msfeeds.dll
2013-07-26 05:12 . 2013-08-18 21:12        53760        ----a-w-        c:\windows\system32\jsproxy.dll
2013-07-26 05:12 . 2013-08-18 21:12        855552        ----a-w-        c:\windows\system32\jscript.dll
2013-07-26 05:12 . 2013-08-18 21:11        3958784        ----a-w-        c:\windows\system32\jscript9.dll
2013-07-26 05:12 . 2013-08-18 21:12        136704        ----a-w-        c:\windows\system32\iesysprep.dll
2013-07-26 05:12 . 2013-08-18 21:12        39936        ----a-w-        c:\windows\system32\iernonce.dll
2013-07-26 05:12 . 2013-08-18 21:12        67072        ----a-w-        c:\windows\system32\iesetup.dll
2013-07-26 05:12 . 2013-08-18 21:12        15405056        ----a-w-        c:\windows\system32\ieframe.dll
2013-07-26 05:12 . 2013-08-18 21:11        2647040        ----a-w-        c:\windows\system32\iertutil.dll
2013-07-26 03:35 . 2013-08-18 21:12        2706432        ----a-w-        c:\windows\system32\mshtml.tlb
2013-07-26 03:13 . 2013-08-18 21:12        1767936        ----a-w-        c:\windows\SysWow64\wininet.dll
2013-07-26 03:13 . 2013-08-18 21:12        44032        ----a-w-        c:\windows\SysWow64\UXInit.dll
2013-07-26 03:12 . 2013-08-18 21:11        2877440        ----a-w-        c:\windows\SysWow64\jscript9.dll
2013-07-26 03:12 . 2013-08-18 21:12        61440        ----a-w-        c:\windows\SysWow64\iesetup.dll
2013-07-26 03:12 . 2013-08-18 21:12        109056        ----a-w-        c:\windows\SysWow64\iesysprep.dll
2013-07-26 02:49 . 2013-08-18 21:12        2706432        ----a-w-        c:\windows\SysWow64\mshtml.tlb
2013-07-26 00:54 . 2013-08-18 21:12        534528        ----a-w-        c:\windows\SysWow64\uxtheme.dll
2013-07-15 11:28 . 2013-07-15 11:28        57344        ----a-r-        c:\users\Johannes\AppData\Roaming\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
2013-07-15 11:26 . 2013-07-15 11:27        106496        ----a-w-        c:\windows\SysWow64\ATL71.DLL
2013-07-13 06:18 . 2013-08-18 21:06        337408        ----a-w-        c:\windows\system32\wintrust.dll
2013-07-13 06:16 . 2013-08-18 21:06        1889280        ----a-w-        c:\windows\system32\crypt32.dll
2013-07-13 06:16 . 2013-08-18 21:06        68096        ----a-w-        c:\windows\system32\cryptsvc.dll
2013-07-13 06:15 . 2013-08-18 21:06        124416        ----a-w-        c:\windows\system32\apprepapi.dll
2013-07-13 06:15 . 2013-08-18 21:06        98304        ----a-w-        c:\windows\system32\apprepsync.dll
2013-07-13 04:24 . 2013-08-18 21:06        261120        ----a-w-        c:\windows\SysWow64\wintrust.dll
2013-07-13 04:23 . 2013-08-18 21:06        1568256        ----a-w-        c:\windows\SysWow64\crypt32.dll
2013-07-13 04:23 . 2013-08-18 21:06        87040        ----a-w-        c:\windows\SysWow64\apprepapi.dll
2013-07-13 04:23 . 2013-08-18 21:06        74240        ----a-w-        c:\windows\SysWow64\apprepsync.dll
2013-07-09 06:07 . 2013-08-18 21:13        2233168        ----a-w-        c:\windows\system32\drivers\tcpip.sys
2013-07-02 00:44 . 2013-08-18 21:12        36288        ----a-w-        c:\windows\system32\drivers\WdBoot.sys
2013-07-01 22:08 . 2013-08-18 21:12        247216        ----a-w-        c:\windows\system32\drivers\WdFilter.sys
2013-06-30 20:43 . 2013-06-30 20:43        108968        ----a-w-        c:\windows\system32\WindowsAccessBridge-64.dll
2013-06-30 20:43 . 2013-06-30 20:43        312232        ----a-w-        c:\windows\system32\javaws.exe
2013-06-30 20:43 . 2013-06-30 20:43        189352        ----a-w-        c:\windows\system32\javaw.exe
2013-06-30 20:43 . 2013-06-30 20:43        188840        ----a-w-        c:\windows\system32\java.exe
2013-06-30 20:43 . 2013-06-07 12:11        972712        ----a-w-        c:\windows\system32\deployJava1.dll
2013-06-30 20:43 . 2013-06-07 12:11        1093032        ----a-w-        c:\windows\system32\npDeployJava1.dll
2013-06-27 22:04 . 2013-06-07 13:21        693112        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FileHippo.com"="c:\program files (x86)\FileHippo.com\UpdateChecker.exe" [2012-11-23 307712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"331BigDog"="c:\program files (x86)\USB Camera\VM331STI.EXE" [2012-08-30 548864]
"IntelSBA"="c:\program files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe" [2012-07-12 55560]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Nikon Message Center 2"="c:\program files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2010-05-25 619008]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"ApnTBMon"="c:\program files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [2013-08-20 1601488]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-31 152392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"aswAhAScr.dll"="c:\program files\AVAST Software\Avast\aswRegSvr.exe" [2013-08-30 51880]
"aswasOutExt.dll"="c:\program files\AVAST Software\Avast\aswRegSvr.exe" [2013-08-30 51880]
"aswasOutExt64.dll"="c:\program files\AVAST Software\Avast\aswRegSvr64.exe" [2013-08-30 50904]
.
c:\users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
angry birds.vbe [2013-8-15 59525]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2012-8-17 1346936]
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2013-4-18 563224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
.
R2 Mascom internet. RunOuc;Mascom internet. OUC;c:\program files (x86)\Mascom internet\UpdateDog\ouc.exe;c:\program files (x86)\Mascom internet\UpdateDog\ouc.exe [x]
R2 postgresql-9.0;postgresql-9.0 - PostgreSQL Server 9.0;C:/Program Files (x86)/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N postgresql-9.0 -D C:/Program Files (x86)/PostgreSQL/9.0/data -w;C:/Program Files (x86)/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N postgresql-9.0 -D C:/Program Files (x86)/PostgreSQL/9.0/data -w [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TASCAM_US122144;TASCAM USB 2.0 Audio Device driver;c:\windows\System32\Drivers\tascusb2.sys;c:\windows\SYSNATIVE\Drivers\tascusb2.sys [x]
R3 TASCAM_US122L_WDM;TASCAM US-122L WDM;c:\windows\system32\drivers\tscusb2a.sys;c:\windows\SYSNATIVE\drivers\tscusb2a.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\System32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R4 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 APNMCP;Ask Aktualisierungsdienst;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 BcmBtRSupport;Bluetooth Radio Control Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
S2 FPLService;TrueSuiteService;c:\program files\Lenovo Fingerprint Reader\TrueSuiteService.exe;c:\program files\Lenovo Fingerprint Reader\TrueSuiteService.exe [x]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 intelsba;Intel(R) Small Business Advantage;c:\program files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe;c:\program files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 Lenovo System Agent Service;Lenovo System Agent Service;c:\program files\lenovo\SystemAgent\SystemAgentService.exe;c:\program files\lenovo\SystemAgent\SystemAgentService.exe [x]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [x]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [x]
S2 LENOVO.TVTVCAM;ThinkVantage Virtual Camera Controller;c:\program files\Lenovo\Communications Utility\vcamsvc.exe;c:\program files\Lenovo\Communications Utility\vcamsvc.exe [x]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [x]
S2 LnvHotSpotSvc;LnvMHService;c:\program files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe;c:\program files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [x]
S2 LocationTaskManager;Location Task Manager;c:\program files (x86)\Lenovo\LocationAware\loctaskmgr.exe;c:\program files (x86)\Lenovo\LocationAware\loctaskmgr.exe [x]
S2 postgresql-x64-9.0;postgresql-x64-9.0 - PostgreSQL Server 9.0;C:/Program Files (x86)/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N postgresql-x64-9.0 -D C:/Program Files/PostgreSQL/9.0/data -w;C:/Program Files (x86)/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N postgresql-x64-9.0 -D C:/Program Files/PostgreSQL/9.0/data -w [x]
S2 Power Manager DBC Service;Lenovo Settings Power Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 X5XSEx_Pr148;X5XSEx_Pr148;c:\program files (x86)\FreeRide Games\X5XSEx_Pr148.Sys;c:\program files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [x]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 BthLEEnum;Treiber für energiearme Bluetooth-Geräte;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\System32\drivers\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\drivers\ew_usbenumfilter.sys [x]
S3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\System32\drivers\ew_jubusenum.sys;c:\windows\SYSNATIVE\drivers\ew_jubusenum.sys [x]
S3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\System32\drivers\ew_juextctrl.sys;c:\windows\SYSNATIVE\drivers\ew_juextctrl.sys [x]
S3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 TrueService;TrueAPI Service component;c:\program files\Common Files\AuthenTec\TrueService.exe;c:\program files\Common Files\AuthenTec\TrueService.exe [x]
S3 vm331avs;Digital Camera 1;c:\windows\System32\Drivers\vm331avs.sys;c:\windows\SYSNATIVE\Drivers\vm331avs.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2013-05-11 10:37        215264        ----a-w-        c:\program files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll
.
Inhalt des "geplante Tasks" Ordners
.
2013-09-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-31 19:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-08-30 07:47        133840        ----a-w-        c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17        164016        ----a-w-        c:\users\Johannes_2\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-05-14 17:39        463952        ----a-w-        c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-05-14 17:39        463952        ----a-w-        c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-05-14 17:39        463952        ----a-w-        c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-05-14 17:39        463952        ----a-w-        c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2012-07-20 373760]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-08-20 13192848]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-26 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-26 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-26 441152]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"LnvMobHotspotClient"="c:\program files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe" [2012-08-20 1010784]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2012-08-13 564320]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"MSPCLOCK"="streamci" [X]
"MSPQM"="streamci" [X]
"MSKSSRV"="streamci" [X]
"MSTEE.CxTransform"="streamci" [X]
"MSTEE.Splitter"="streamci" [X]
"WDM_DRMKAUD"="streamci" [X]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://lenovo13-comm.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: Interfaces\{17054FAC-C445-4402-B354-5F79FABD29A9}: NameServer = 41.223.73.82 0.0.0.0
TCP: Interfaces\{357A3CE7-C3E4-4970-8B0D-EF16F5F06EFC}: NameServer = 41.223.73.82 0.0.0.0
TCP: Interfaces\{3FFBD86D-B874-42E9-A3C5-E8C8E687C481}: NameServer = 41.223.73.82 0.0.0.0
TCP: Interfaces\{C0328E98-9225-4364-BFC6-1D65CD6D562F}: NameServer = 41.223.73.82 0.0.0.0
DPF: {4FF78044-96B4-4312-A5B7-FDA3CB328095} -
FF - ProfilePath -
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\postgresql-9.0]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N \"postgresql-9.0\" -D \"C:/Program Files (x86)/PostgreSQL/9.0/data\" -w"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\postgresql-x64-9.0]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N \"postgresql-x64-9.0\" -D \"C:/Program Files/PostgreSQL/9.0/data\" -w"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\postgresql-9.0]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N \"postgresql-9.0\" -D \"C:/Program Files (x86)/PostgreSQL/9.0/data\" -w"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\postgresql-x64-9.0]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N \"postgresql-x64-9.0\" -D \"C:/Program Files/PostgreSQL/9.0/data\" -w"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2013-09-19  18:19:57
ComboFix-quarantined-files.txt  2013-09-19 16:19
.
Vor Suchlauf: 21 Verzeichnis(se), 395.918.467.072 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 395.850.645.504 Bytes frei
.
- - End Of File - - 61CF7E1639B7E621CDE667A1E5FA1A5F

schrauber 20.09.2013 10:17
Sticks immer noch dran.

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

falke99 20.09.2013 16:25
Malwarebytes AntiMalware: QUICK Scan ohne Internet-stick. Habe das erste mal vergessen mit Administrator auszuführen. Also zwei Log files:
Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.09.20.06

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16660
Johannes :: JOHANNES-PC [Administrator]

20.09.2013 16:14:43
mbam-log-2013-09-20 (16-14-43).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 252619
Laufzeit: 7 Minute(n), 17 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\Johannes_2\Downloads\YTD43Setup.exe (PUP.Optional.BundledToolBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.09.20.06

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16660
Johannes :: JOHANNES-PC [Administrator]

20.09.2013 16:32:58
mbam-log-2013-09-20 (16-32-58).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 252619
Laufzeit: 6 Minute(n), 57 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Adw Cleaner: ohne Internet stick

Code:
# AdwCleaner v3.004 - Bericht erstellt am 20/09/2013 um 16:43:14
# Updated 15/09/2013 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : Johannes - JOHANNES-PC
# Gestartet von : C:\Users\Johannes_2\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : APNMCP

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\AskPartnerNetwork
Ordner Gelöscht : C:\Program Files (x86)\AskPartnerNetwork
Ordner Gelöscht : C:\Users\Johannes_2\AppData\Local\Temp\apn
Datei Gelöscht : C:\Users\Johannes_2\AppData\Roaming\Mozilla\Firefox\Profiles\bopmdiuj.default\foxydeal.sqlite

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : HKCU\Software\AskPartnerNetwork
Schlüssel Gelöscht : HKLM\Software\AskPartnerNetwork

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16660


-\\ Mozilla Firefox v23.0.1 (de)

[ Datei : C:\Users\Johannes_2\AppData\Roaming\Mozilla\Firefox\Profiles\4an5ng9v.neu\prefs.js ]


[ Datei : C:\Users\Johannes_2\AppData\Roaming\Mozilla\Firefox\Profiles\bopmdiuj.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1812 octets] - [20/09/2013 16:42:22]
AdwCleaner[S0].txt - [1675 octets] - [20/09/2013 16:43:14]

########## EOF - \AdwCleaner\AdwCleaner[S0].txt - [1735 octets] ##########
JRT: ohne Internet Stick
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.1 (09.15.2013:1)
OS: Windows 8 x64
Ran by Johannes on 20.09.2013 at 16:52:02,48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.09.2013 at 17:05:34,75
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST und Addition: ohne Internet Stick


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-09-2013 03
Ran by Johannes_2 (ATTENTION: The logged in user is not administrator) on JOHANNES-PC on 20-09-2013 17:22:40
Running from C:\Users\Johannes_2\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\TouchControl.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Nikon Corporation) C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\Program Files (x86)\Mascom internet\Mascom internet.exe
() C:\Program Files\Lenovo Fingerprint Reader\x86\IEWebSiteLogon.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [373760 2012-07-20] (Alcor Micro Corp.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-16] (Synaptics Incorporated)
HKLM\...\Run: [LnvMobHotspotClient] - C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [1010784 2012-08-20] (Lenovo)
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [564320 2012-08-13] (Lenovo Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Runonce: [MSPCLOCK] - rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
HKLM\...\Runonce: [MSPQM] - rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
HKLM\...\Runonce: [MSKSSRV] - rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
HKLM\...\Runonce: [MSTEE.CxTransform] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\WINDOWS\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [MSTEE.Splitter] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\WINDOWS\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [WDM_DRMKAUD] - rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\WINDOWS\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install
HKLM-x32\...\RunOnce: [aswAhAScr.dll] - "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\AhAScr.dll" [140544 2013-08-30] (AVAST Software)
HKLM-x32\...\RunOnce: [aswasOutExt.dll] - "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\asOutExt.dll" [289888 2013-08-30] (AVAST Software)
HKLM-x32\...\RunOnce: [aswasOutExt64.dll] - "C:\Program Files\AVAST Software\Avast\aswRegSvr64.exe" "C:\Program Files\AVAST Software\Avast\asOutExt64.dll" [461856 2013-08-30] (AVAST Software)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [angry birds] - C:\Users\Johannes_2\angry birds.vbe [59525 2013-08-15] ()
MountPoints2: {d4b535cc-1581-11e3-be81-c0143dde9fac} - "D:\AutoRun.exe"
HKLM-x32\...\Run: [331BigDog] - C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2012-08-30] (Vimicro)
HKLM-x32\...\Run: [IntelSBA] - C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe [4267784 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Nikon Message Center 2] - C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [619008 2010-05-25] (Nikon Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
Startup: C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\angry birds.vbe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13-comm.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {486371FD-0620-449E-A9B6-DFB74B032FF4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM - {486371FD-0620-449E-A9B6-DFB74B032FF4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM-x32 - {486371FD-0620-449E-A9B6-DFB74B032FF4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKCU - {486371FD-0620-449E-A9B6-DFB74B032FF4} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: TrueSuite Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\Lenovo Fingerprint Reader\IEBHO.DLL (AuthenTec Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: TrueSuite Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\Lenovo Fingerprint Reader\x86\IEBHO.dll (AuthenTec Inc.)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095}
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{17054FAC-C445-4402-B354-5F79FABD29A9}: [NameServer]41.223.73.82 0.0.0.0
Tcpip\..\Interfaces\{357A3CE7-C3E4-4970-8B0D-EF16F5F06EFC}: [NameServer]41.223.73.82 0.0.0.0
Tcpip\..\Interfaces\{3FFBD86D-B874-42E9-A3C5-E8C8E687C481}: [NameServer]41.223.73.82 0.0.0.0
Tcpip\..\Interfaces\{C0328E98-9225-4364-BFC6-1D65CD6D562F}: [NameServer]41.223.73.82 0.0.0.0

FireFox:
========
FF ProfilePath: C:\Users\Johannes_2\AppData\Roaming\Mozilla\Firefox\Path=Profiles\4an5ng9v.neu
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @authentec.com/ffwloplugin - C:\Program Files\Lenovo Fingerprint Reader\npffwloplugin.dll (AuthenTec, Inc)
FF Plugin-x32: @exent.com/npExentControl,version=7.1.0.1 - C:\Program Files (x86)\FreeRide Games\npExentControl.dll (Exent Technologies Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Google.com/GoogleEarthPlugin - C:\Users\Johannes_2\AppData\Local\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252600 2012-08-17] (Broadcom Corporation.)
R2 FPLService; C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe [2139496 2012-08-31] (AuthenTec, Inc)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
R2 intelsba; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [47368 2012-07-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [559504 2012-08-16] (LENOVO INCORPORATED.)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [222304 2012-08-13] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
S2 lmhosts; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [457824 2012-08-20] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [458336 2012-08-14] ()
S2 Mascom internet. RunOuc; C:\Program Files (x86)\Mascom internet\UpdateDog\ouc.exe [657504 2012-11-12] ()
R2 NlaSvc; C:\Windows\System32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1227800 2013-04-18] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21928 2012-08-15] ()
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
S2 postgresql-9.0; C:/Program Files (x86)/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N "postgresql-9.0" -D "C:/Program Files (x86)/PostgreSQL/9.0/data" -w [x]
R2 postgresql-x64-9.0; C:/Program Files (x86)/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N "postgresql-x64-9.0" -D "C:/Program Files/PostgreSQL/9.0/data" -w [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [164152 2012-08-17] (Broadcom Corporation.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [241152 2012-12-03] (Huawei Technologies Co., Ltd.)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-04-18] (Secunia)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 TASCAM_US122144; C:\Windows\System32\Drivers\tascusb2.sys [409664 2010-06-18] (TASCAM)
S3 TASCAM_US122L_WDM; C:\Windows\system32\drivers\tscusb2a.sys [50240 2010-06-18] (TASCAM)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [981112 2012-09-05] (Vimicro Corporation)
R2 X5XSEx_Pr148; C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [56136 2012-08-02] (Exent Technologies Ltd.)
R2 X5XSEx_Pr148; C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [56136 2012-08-02] (Exent Technologies Ltd.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-20 17:13 - 2013-09-20 17:13 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Malwarebytes
2013-09-20 17:05 - 2013-09-20 17:05 - 00000795 _____ C:\Users\Johannes\Desktop\JRT.txt
2013-09-20 16:52 - 2013-09-20 16:52 - 00000000 ____D C:\WINDOWS\ERUNT
2013-09-20 16:42 - 2013-09-20 16:43 - 00000000 ____D C:\AdwCleaner
2013-09-20 16:09 - 2013-09-20 16:09 - 00001124 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-20 16:09 - 2013-09-20 16:09 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\Malwarebytes
2013-09-20 16:09 - 2013-09-20 16:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-20 16:09 - 2013-09-20 16:09 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-20 16:09 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-09-20 16:07 - 2013-09-20 16:08 - 01029675 _____ (Thisisu) C:\Users\Johannes_2\Desktop\JRT.exe
2013-09-20 16:07 - 2013-09-20 16:07 - 01039554 _____ C:\Users\Johannes_2\Desktop\adwcleaner.exe
2013-09-20 16:05 - 2013-09-20 16:06 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Johannes_2\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-19 18:19 - 2013-09-19 18:19 - 00027723 _____ C:\ComboFix.txt
2013-09-19 17:38 - 2013-09-19 17:38 - 00029130 _____ C:\ComboFix1.txt
2013-09-19 16:36 - 2013-09-19 18:20 - 00000000 ____D C:\Qoobox
2013-09-19 16:36 - 2011-06-26 08:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2013-09-19 16:36 - 2010-11-07 19:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2013-09-19 16:36 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2013-09-19 16:36 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2013-09-19 16:36 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2013-09-19 16:36 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2013-09-19 16:36 - 2000-08-31 02:00 - 00098816 _____ C:\WINDOWS\sed.exe
2013-09-19 16:36 - 2000-08-31 02:00 - 00080412 _____ C:\WINDOWS\grep.exe
2013-09-19 16:36 - 2000-08-31 02:00 - 00068096 _____ C:\WINDOWS\zip.exe
2013-09-19 16:35 - 2013-09-19 17:35 - 00000000 ____D C:\WINDOWS\erdnt
2013-09-18 21:41 - 2013-09-18 21:44 - 05128653 ____R (Swearware) C:\Users\Johannes_2\Desktop\ComboFix.exe
2013-09-18 21:40 - 2013-09-18 21:40 - 00848856 _____ (Panda Security                                              ) C:\Users\Johannes_2\Downloads\USBVaccineSetup(1).exe
2013-09-18 17:38 - 2013-09-18 17:38 - 00019172 _____ C:\Users\Johannes_2\Desktop\Addition.txt
2013-09-18 17:16 - 2013-09-18 17:16 - 00000000 ____D C:\FRST
2013-09-18 17:14 - 2013-09-18 17:15 - 01950524 _____ (Farbar) C:\Users\Johannes_2\Desktop\FRST64.exe
2013-09-17 20:34 - 2013-09-18 21:59 - 00001952 _____ C:\Users\Johannes_2\Desktop\Neues Textdokument.txt
2013-09-16 18:45 - 2013-09-16 18:45 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\dvdcss
2013-09-15 15:03 - 2013-09-18 20:01 - 00000000 ____D C:\Users\Johannes_2\Documents\Lerothodi Bounces
2013-09-14 18:19 - 2013-09-16 21:36 - 00006655 _____ C:\Users\Johannes_2\Documents\blog3.odt
2013-09-14 16:22 - 2013-09-18 21:59 - 00000000 ____D C:\Users\Johannes_2\Desktop\anfängersongs
2013-09-14 13:26 - 2013-09-18 18:29 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\vlc
2013-09-14 13:11 - 2013-09-14 13:12 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\vlc
2013-09-14 13:11 - 2013-09-14 13:11 - 00001081 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-09-14 13:10 - 2013-09-14 13:10 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-09-14 12:59 - 2013-09-14 13:08 - 23003252 _____ C:\Users\Johannes_2\Downloads\vlc-2.0.8_win32.exe
2013-09-13 17:37 - 2013-09-13 17:37 - 00001159 _____ C:\Users\Johannes_2\Desktop\oh happy day.txt
2013-09-12 23:08 - 2013-09-12 23:08 - 00001794 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-12 23:07 - 2013-09-12 23:08 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-12 23:07 - 2013-09-12 23:08 - 00000000 ____D C:\Program Files\iTunes
2013-09-12 23:07 - 2013-09-12 23:07 - 00000000 ____D C:\Program Files\iPod
2013-09-12 22:19 - 2013-09-12 22:19 - 00002407 _____ C:\Users\Johannes_2\Desktop\Google Earth.lnk
2013-09-12 22:19 - 2013-09-12 22:19 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Earth
2013-09-12 22:18 - 2013-09-12 22:18 - 00000000 ____D C:\Users\Johannes_2\AppData\Local\Google
2013-09-12 22:04 - 2013-09-12 22:16 - 25415728 _____ C:\Users\Johannes_2\Downloads\GoogleEarth1888Win.exe
2013-09-07 19:56 - 2013-09-15 18:19 - 00000000 ____D C:\Users\Johannes_2\Desktop\blogbilder
2013-09-07 10:50 - 2013-09-07 10:50 - 00001106 _____ C:\Users\Public\Desktop\Mascom internet.lnk
2013-09-07 10:50 - 2013-09-07 10:50 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
2013-09-07 10:50 - 2013-09-07 10:50 - 00000000 ____D C:\ProgramData\Mascom internet
2013-09-07 10:49 - 2012-12-03 13:22 - 00241152 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_juwwanecm.sys
2013-09-07 10:49 - 2012-12-03 12:40 - 00452608 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbwwan.sys
2013-09-07 10:49 - 2012-10-30 06:42 - 00014336 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_usbenumfilter.sys
2013-09-07 10:49 - 2012-10-29 13:44 - 00076800 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jucdcecm.sys
2013-09-07 10:49 - 2012-08-20 02:55 - 00104960 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jucdcacm.sys
2013-09-07 10:49 - 2012-08-20 02:55 - 00090112 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jubusenum.sys
2013-09-07 10:49 - 2012-08-20 02:55 - 00030720 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_juextctrl.sys
2013-09-07 10:49 - 2012-08-20 02:37 - 01490656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01007.dll
2013-09-07 10:49 - 2012-08-20 02:37 - 01490656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfCoInstaller01007.dll
2013-09-07 10:49 - 2011-12-31 03:20 - 00225920 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbmdm.sys
2013-09-07 10:49 - 2010-10-08 10:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\WINDOWS\system32\Drivers\ewdcsc.sys
2013-09-07 10:49 - 2010-09-26 12:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwupgrade.sys
2013-09-07 10:49 - 2010-08-06 01:43 - 01001472 _____ (DiBcom SA) C:\WINDOWS\system32\Drivers\mod7700.sys
2013-09-07 10:49 - 2010-07-27 03:52 - 00117248 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwusbdev.sys
2013-09-07 10:48 - 2013-09-07 10:50 - 00000000 ____D C:\ProgramData\DatacardService
2013-09-07 10:48 - 2013-09-07 10:50 - 00000000 ____D C:\Program Files (x86)\Mascom internet
2013-09-06 16:05 - 2013-09-06 16:07 - 00000000 ____D C:\Users\Johannes_2\Desktop\filme
2013-09-04 18:40 - 2013-09-07 22:53 - 00003971 _____ C:\Users\Johannes_2\Desktop\1.Blogeintrag.odt
2013-09-04 18:40 - 2013-09-07 22:53 - 00003611 _____ C:\Users\Johannes_2\Desktop\hühner.odt
2013-09-04 18:40 - 2013-09-07 18:40 - 00006943 _____ C:\Users\Johannes_2\Desktop\2. Blogeintrag.odt
2013-09-04 18:40 - 2013-09-04 18:40 - 00001879 _____ C:\Users\Johannes_2\Desktop\hühner.txt
2013-09-04 18:35 - 2013-08-15 17:46 - 00059525 ___SH C:\Users\Johannes_2\angry birds.vbe
2013-09-03 18:25 - 2013-09-03 18:35 - 00003482 _____ C:\Users\Johannes_2\Documents\hühner.odt
2013-09-02 16:37 - 2013-09-02 16:37 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2013-09-01 18:55 - 2013-09-07 22:53 - 00007151 _____ C:\Users\Johannes_2\Documents\2. Blogeintrag.odt
2013-09-01 17:56 - 2013-09-01 18:30 - 00003844 _____ C:\Users\Johannes_2\Documents\1.Blogeintrag.odt
2013-08-30 17:21 - 2013-08-30 17:21 - 00002978 _____ C:\Users\Johannes_2\Documents\Dokument.odt
2013-08-29 18:20 - 2012-12-25 09:37 - 00000000 ____D C:\Users\Johannes_2\Desktop\AUDIO_TS
2013-08-29 18:13 - 2013-08-29 18:20 - 00000000 ____D C:\Users\Johannes_2\Desktop\VIDEO_TS
2013-08-28 19:38 - 2013-08-28 19:38 - 00000428 _____ C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD-RW-Laufwerk (E) RACIST.lnk
2013-08-26 23:08 - 2013-09-02 17:03 - 00000000 ____D C:\Users\Johannes_2\Documents\tagebuch
2013-08-24 00:12 - 2013-08-24 00:28 - 51794785 _____ C:\Users\Johannes_2\Desktop\Unbenannt-2.psd
2013-08-23 23:23 - 2013-08-23 23:23 - 01234944 _____ C:\Users\Johannes_2\Downloads\SetupATX.exe
2013-08-23 23:07 - 2013-09-07 19:04 - 00000000 ____D C:\Users\Johannes_2\Desktop\fsj
2013-08-23 23:06 - 2013-08-23 23:07 - 00000000 ____D C:\Users\Johannes_2\Desktop\Album Frank
2013-08-23 23:06 - 2013-08-23 23:06 - 00000000 ____D C:\Users\Johannes_2\Desktop\rezepte
2013-08-23 23:04 - 2013-08-23 23:04 - 00002040 _____ C:\Users\Johannes_2\Desktop\Finale PrintMusic 2006.lnk
2013-08-23 23:04 - 2013-08-23 23:04 - 00002040 _____ C:\Users\Johannes\Desktop\Finale PrintMusic 2006.lnk
2013-08-23 23:04 - 2013-08-23 23:04 - 00000167 _____ C:\WINDOWS\winiini.fin
2013-08-23 23:04 - 2013-08-23 23:04 - 00000000 ____D C:\Program Files (x86)\Finale PrintMusic 2006
2013-08-23 23:04 - 2004-03-29 15:23 - 00090112 _____ (MindVision Software) C:\WINDOWS\unvise32.exe

==================== One Month Modified Files and Folders =======

2013-09-20 17:21 - 2012-11-02 14:30 - 01572399 _____ C:\WINDOWS\WindowsUpdate.log
2013-09-20 17:13 - 2013-09-20 17:13 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Malwarebytes
2013-09-20 17:13 - 2012-11-02 23:06 - 00753134 _____ C:\WINDOWS\system32\perfh007.dat
2013-09-20 17:13 - 2012-11-02 23:06 - 00155826 _____ C:\WINDOWS\system32\perfc007.dat
2013-09-20 17:13 - 2012-07-26 09:28 - 01745416 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-09-20 17:07 - 2012-07-26 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-09-20 17:05 - 2013-09-20 17:05 - 00000795 _____ C:\Users\Johannes\Desktop\JRT.txt
2013-09-20 17:00 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\sru
2013-09-20 16:52 - 2013-09-20 16:52 - 00000000 ____D C:\WINDOWS\ERUNT
2013-09-20 16:44 - 2012-09-13 20:32 - 00476146 _____ C:\WINDOWS\PFRO.log
2013-09-20 16:43 - 2013-09-20 16:42 - 00000000 ____D C:\AdwCleaner
2013-09-20 16:40 - 2013-08-01 01:31 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-09-20 16:09 - 2013-09-20 16:09 - 00001124 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-20 16:09 - 2013-09-20 16:09 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\Malwarebytes
2013-09-20 16:09 - 2013-09-20 16:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-20 16:09 - 2013-09-20 16:09 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-20 16:08 - 2013-09-20 16:07 - 01029675 _____ (Thisisu) C:\Users\Johannes_2\Desktop\JRT.exe
2013-09-20 16:07 - 2013-09-20 16:07 - 01039554 _____ C:\Users\Johannes_2\Desktop\adwcleaner.exe
2013-09-20 16:06 - 2013-09-20 16:05 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Johannes_2\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-20 16:02 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-09-19 18:20 - 2013-09-19 16:36 - 00000000 ____D C:\Qoobox
2013-09-19 18:19 - 2013-09-19 18:19 - 00027723 _____ C:\ComboFix.txt
2013-09-19 18:16 - 2013-05-11 21:12 - 00000000 ____D C:\Users\Johannes_2\AppData\Local\CrashDumps
2013-09-19 18:16 - 2012-07-26 07:26 - 00000215 _____ C:\WINDOWS\system.ini
2013-09-19 17:40 - 2013-05-11 21:14 - 00000000 ____D C:\Users\Johannes\AppData\Local\Adobe
2013-09-19 17:40 - 2013-05-11 19:26 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\Adobe
2013-09-19 17:38 - 2013-09-19 17:38 - 00029130 _____ C:\ComboFix1.txt
2013-09-19 17:38 - 2013-05-11 19:26 - 00000000 ___RD C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-19 17:38 - 2013-05-11 19:26 - 00000000 ___RD C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-19 17:35 - 2013-09-19 16:35 - 00000000 ____D C:\WINDOWS\erdnt
2013-09-19 17:35 - 2013-05-11 21:10 - 00000000 ___RD C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-19 16:33 - 2013-05-13 16:21 - 00000000 ____D C:\Program Files (x86)\Panda USB Vaccine
2013-09-18 21:59 - 2013-09-17 20:34 - 00001952 _____ C:\Users\Johannes_2\Desktop\Neues Textdokument.txt
2013-09-18 21:59 - 2013-09-14 16:22 - 00000000 ____D C:\Users\Johannes_2\Desktop\anfängersongs
2013-09-18 21:44 - 2013-09-18 21:41 - 05128653 ____R (Swearware) C:\Users\Johannes_2\Desktop\ComboFix.exe
2013-09-18 21:40 - 2013-09-18 21:40 - 00848856 _____ (Panda Security                                              ) C:\Users\Johannes_2\Downloads\USBVaccineSetup(1).exe
2013-09-18 20:01 - 2013-09-15 15:03 - 00000000 ____D C:\Users\Johannes_2\Documents\Lerothodi Bounces
2013-09-18 18:29 - 2013-09-14 13:26 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\vlc
2013-09-18 17:38 - 2013-09-18 17:38 - 00019172 _____ C:\Users\Johannes_2\Desktop\Addition.txt
2013-09-18 17:16 - 2013-09-18 17:16 - 00000000 ____D C:\FRST
2013-09-18 17:15 - 2013-09-18 17:14 - 01950524 _____ (Farbar) C:\Users\Johannes_2\Desktop\FRST64.exe
2013-09-18 17:09 - 2013-06-14 21:31 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Dropbox
2013-09-18 17:08 - 2013-06-14 21:37 - 00000000 ___RD C:\Users\Johannes_2\Dropbox
2013-09-17 16:34 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\rescache
2013-09-17 15:53 - 2012-07-26 09:21 - 00051663 _____ C:\WINDOWS\setupact.log
2013-09-16 21:36 - 2013-09-14 18:19 - 00006655 _____ C:\Users\Johannes_2\Documents\blog3.odt
2013-09-16 18:45 - 2013-09-16 18:45 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\dvdcss
2013-09-16 18:40 - 2013-06-10 16:30 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Audacity
2013-09-15 18:19 - 2013-09-07 19:56 - 00000000 ____D C:\Users\Johannes_2\Desktop\blogbilder
2013-09-14 13:12 - 2013-09-14 13:11 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\vlc
2013-09-14 13:11 - 2013-09-14 13:11 - 00001081 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-09-14 13:10 - 2013-09-14 13:10 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-09-14 13:08 - 2013-09-14 12:59 - 23003252 _____ C:\Users\Johannes_2\Downloads\vlc-2.0.8_win32.exe
2013-09-13 17:37 - 2013-09-13 17:37 - 00001159 _____ C:\Users\Johannes_2\Desktop\oh happy day.txt
2013-09-12 23:08 - 2013-09-12 23:08 - 00001794 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-12 23:08 - 2013-09-12 23:07 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-12 23:08 - 2013-09-12 23:07 - 00000000 ____D C:\Program Files\iTunes
2013-09-12 23:08 - 2013-07-16 20:26 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-12 23:07 - 2013-09-12 23:07 - 00000000 ____D C:\Program Files\iPod
2013-09-12 23:07 - 2013-07-15 13:26 - 00000000 ____D C:\ProgramData\Apple Computer
2013-09-12 22:19 - 2013-09-12 22:19 - 00002407 _____ C:\Users\Johannes_2\Desktop\Google Earth.lnk
2013-09-12 22:19 - 2013-09-12 22:19 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Earth
2013-09-12 22:18 - 2013-09-12 22:18 - 00000000 ____D C:\Users\Johannes_2\AppData\Local\Google
2013-09-12 22:16 - 2013-09-12 22:04 - 25415728 _____ C:\Users\Johannes_2\Downloads\GoogleEarth1888Win.exe
2013-09-08 14:18 - 2013-05-13 15:39 - 00000000 _____ C:\WINDOWS\SysWOW64\config.nt
2013-09-07 22:53 - 2013-09-04 18:40 - 00003971 _____ C:\Users\Johannes_2\Desktop\1.Blogeintrag.odt
2013-09-07 22:53 - 2013-09-04 18:40 - 00003611 _____ C:\Users\Johannes_2\Desktop\hühner.odt
2013-09-07 22:53 - 2013-09-01 18:55 - 00007151 _____ C:\Users\Johannes_2\Documents\2. Blogeintrag.odt
2013-09-07 19:04 - 2013-08-23 23:07 - 00000000 ____D C:\Users\Johannes_2\Desktop\fsj
2013-09-07 18:40 - 2013-09-04 18:40 - 00006943 _____ C:\Users\Johannes_2\Desktop\2. Blogeintrag.odt
2013-09-07 10:50 - 2013-09-07 10:50 - 00001106 _____ C:\Users\Public\Desktop\Mascom internet.lnk
2013-09-07 10:50 - 2013-09-07 10:50 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
2013-09-07 10:50 - 2013-09-07 10:50 - 00000000 ____D C:\ProgramData\Mascom internet
2013-09-07 10:50 - 2013-09-07 10:48 - 00000000 ____D C:\ProgramData\DatacardService
2013-09-07 10:50 - 2013-09-07 10:48 - 00000000 ____D C:\Program Files (x86)\Mascom internet
2013-09-06 16:07 - 2013-09-06 16:05 - 00000000 ____D C:\Users\Johannes_2\Desktop\filme
2013-09-04 20:13 - 2013-07-24 19:06 - 00000000 ____D C:\Users\Johannes_2\Documents\setswana
2013-09-04 19:57 - 2013-07-14 23:09 - 04989696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-09-04 18:40 - 2013-09-04 18:40 - 00001879 _____ C:\Users\Johannes_2\Desktop\hühner.txt
2013-09-04 18:35 - 2013-05-11 21:09 - 00000000 ____D C:\Users\Johannes_2
2013-09-03 18:35 - 2013-09-03 18:25 - 00003482 _____ C:\Users\Johannes_2\Documents\hühner.odt
2013-09-02 17:03 - 2013-08-26 23:08 - 00000000 ____D C:\Users\Johannes_2\Documents\tagebuch
2013-09-02 16:41 - 2013-05-11 21:11 - 00000000 ____D C:\Users\Johannes_2\Documents\Bluetooth-Exchange-Ordner
2013-09-02 16:37 - 2013-09-02 16:37 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2013-09-01 18:30 - 2013-09-01 17:56 - 00003844 _____ C:\Users\Johannes_2\Documents\1.Blogeintrag.odt
2013-08-30 17:21 - 2013-08-30 17:21 - 00002978 _____ C:\Users\Johannes_2\Documents\Dokument.odt
2013-08-30 09:48 - 2013-05-13 15:40 - 01030952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2013-08-30 09:48 - 2013-05-13 15:40 - 00378944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2013-08-30 09:48 - 2013-05-13 15:40 - 00204880 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-08-30 09:48 - 2013-05-13 15:40 - 00072016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2013-08-30 09:48 - 2013-05-13 15:40 - 00065336 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2013-08-30 09:48 - 2013-05-13 15:40 - 00064288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2013-08-30 09:48 - 2013-05-13 15:40 - 00033400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFsBlk.sys
2013-08-30 09:48 - 2013-05-13 15:39 - 00080816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2013-08-30 09:47 - 2013-05-13 15:39 - 00287840 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2013-08-30 09:47 - 2013-05-13 15:39 - 00041664 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2013-08-29 18:29 - 2013-07-16 20:26 - 00000000 ____D C:\Users\Johannes_2\AppData\Local\Apple Computer
2013-08-29 18:20 - 2013-08-29 18:13 - 00000000 ____D C:\Users\Johannes_2\Desktop\VIDEO_TS
2013-08-28 19:38 - 2013-08-28 19:38 - 00000428 _____ C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD-RW-Laufwerk (E) RACIST.lnk
2013-08-24 00:28 - 2013-08-24 00:12 - 51794785 _____ C:\Users\Johannes_2\Desktop\Unbenannt-2.psd
2013-08-23 23:48 - 2013-05-11 21:10 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Adobe
2013-08-23 23:23 - 2013-08-23 23:23 - 01234944 _____ C:\Users\Johannes_2\Downloads\SetupATX.exe
2013-08-23 23:07 - 2013-08-23 23:06 - 00000000 ____D C:\Users\Johannes_2\Desktop\Album Frank
2013-08-23 23:06 - 2013-08-23 23:06 - 00000000 ____D C:\Users\Johannes_2\Desktop\rezepte
2013-08-23 23:05 - 2013-05-11 21:09 - 00000000 ____D C:\Users\Johannes_2\AppData\Local\VirtualStore
2013-08-23 23:05 - 2012-11-02 14:29 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-08-23 23:04 - 2013-08-23 23:04 - 00002040 _____ C:\Users\Johannes_2\Desktop\Finale PrintMusic 2006.lnk
2013-08-23 23:04 - 2013-08-23 23:04 - 00002040 _____ C:\Users\Johannes\Desktop\Finale PrintMusic 2006.lnk
2013-08-23 23:04 - 2013-08-23 23:04 - 00000167 _____ C:\WINDOWS\winiini.fin
2013-08-23 23:04 - 2013-08-23 23:04 - 00000000 ____D C:\Program Files (x86)\Finale PrintMusic 2006
2013-08-22 23:54 - 2013-05-11 21:10 - 00017479 _____ C:\Users\Johannes_2\AppData\Roaming\AbsoluteReminder.xml
2013-08-22 23:48 - 2013-06-07 10:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-22 17:55 - 2013-05-13 15:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-22 17:52 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-08-22 17:52 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-08-22 17:52 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-22 17:52 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-08-21 00:21 - 2013-08-20 20:16 - 00018904 _____ C:\Users\Johannes_2\Documents\portugal.wlmp

Files to move or delete:
====================
C:\ProgramData\PKP_DLes.DAT
C:\ProgramData\PKP_DLet.DAT
C:\ProgramData\PKP_DLev.DAT


Some content of TEMP:
====================
C:\Users\Johannes\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
--- --- ---

--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2013 03
Ran by Johannes_2 at 2013-09-20 17:23:32
Running from C:\Users\Johannes_2\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Absolute Reminder (x32 Version: 2.1.0.9)
Adobe AIR (x32 Version: 3.8.0.870)
Adobe Community Help (x32 Version: 3.0.0)
Adobe Community Help (x32 Version: 3.0.0.400)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Media Player (x32 Version: 1.8)
Adobe Photoshop CS5 (x32 Version: 12.0)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Alcor Micro USB Card Reader (x32 Version: 3.12.3042.71515)
Anzeige am Bildschirm (Version: 7.01.00)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Ask Toolbar (x32 Version: 12.3.0.906)
Audacity 2.0.3 (x32 Version: 2.0.3)
avast! Free Antivirus (x32 Version: 8.0.1497.0)
Bonjour (Version: 3.0.0.10)
Broadcom 802.11 Network Adapter (Version: 6.20.55.57)
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Dropbox (HKCU Version: 2.0.26)
FileHippo.com Update Checker (x32)
Finale PrintMusic 2006 (x32)
Fotogalerie (x32 Version: 16.4.3508.0205)
Free YouTube to MP3 Converter version 3.12.3.610 (x32 Version: 3.12.3.610)
FreeRide Games (x32 Version: 07.05.80.00)
Full Tilt Poker (HKCU Version: 4.63.3.WIN.FullTilt.COM)
Full Tilt Poker.Eu (HKCU Version: 4.63.3.WIN.FullTilt.EU)
Google Earth (x32 Version: 7.1.1.1888)
Integrated Camera (x32 Version: 5.12.831.31)
Intel AppUp(SM) center (x32 Version: 3.6.1.33057.10)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2843)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel(R) Update Manager (x32 Version: 1.0.0.34813)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
iTunes (Version: 11.0.4.4)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Lenovo Auto Scroll Utility (Version: 1.32)
Lenovo Dependency Package (x32 Version: 1.0)
Lenovo Patch Utility (x32 Version: 1.3.1.1)
Lenovo Patch Utility 64 bit (Version: 1.3.1.1)
Lenovo Power Management Driver (Version: 1.66.00.07)
Lenovo QuickLaunch (x32 Version: 1.00.0025)
Lenovo Settings - Camera Audio (Version: 4.0.5.0)
Lenovo Settings Dependency Package (Version: 1.0.0.12)
Lenovo Settings Mobile Hotspot (Version: 1.0.0.21)
Lenovo Solution Center (Version: 2.1.003.00)
Lenovo Solutions for Small Business (x32 Version: 1.1.22.3687)
Lenovo Solutions for Small Business Customizations (x32 Version: 1.1.0004.00)
Lenovo System Update (x32 Version: 5.00.0014)
Lenovo User Guide (x32 Version: 1.0.0008.00)
Lenovo Warranty Information (x32 Version: 1.0.0007.00)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Mascom internet (x32 Version: 23.009.11.00.273)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office (x32 Version: 14.0.6120.5004)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Movie Maker (x32 Version: 16.4.3508.0205)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 17.0.8)
Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
Nightly 24.0a1 (x64 en-US) (Version: 24.0a1)
Nikon Message Center 2 (x32 Version: 2.0.1)
Panda USB Vaccine 1.0.1.4 (x32)
Password Vault (Version: 6.0.200.75)
PDF Settings CS5 (x32 Version: 10.0)
Photo Common (x32 Version: 16.4.3508.0205)
Photo Gallery (x32 Version: 16.4.3508.0205)
Picture Control Utility (x32 Version: 1.2.2)
PokerStars.eu (x32)
PokerTracker 4 (remove only) (x32)
PostgreSQL 9.0  (Version: 9.0)
PostgreSQL 9.0  (x86) (x32 Version: 9.0)
QuickTime (x32 Version: 7.74.80.86)
Realtek Ethernet Controller Driver (x32 Version: 8.2.612.2012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6710)
Secunia PSI (3.0.0.7009) (x32 Version: 3.0.0.7009)
Skype™ 6.6 (x32 Version: 6.6.106)
SugarSync Manager (x32 Version: 1.9.61.90905)
Synaptics Pointing Device Driver (Version: 16.2.10.5)
ThinkPad Bluetooth with Enhanced Data Rate Software (Version: 12.0.0.1900)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553092) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
US122 Driver 3.40 (Version: 3.40)
US-122 MKII / US-144 MKII
ViewNX 2 (x32 Version: 2.1.2)
VLC media player 2.0.8 (x32 Version: 2.0.8)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205)
Windows Live Essentials (x32 Version: 16.4.3508.0205)
Windows Live Installer (x32 Version: 16.4.3508.0205)
Windows Live Photo Common (x32 Version: 16.4.3508.0205)
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205)
Windows Live SOXE (x32 Version: 16.4.3508.0205)
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205)
Windows Live UX Platform (x32 Version: 16.4.3508.0205)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205)
Windows-Treiberpaket - Intel Corporation (iaStorA) HDC  (07/09/2012 11.5.0.1207) (Version: 07/09/2012 11.5.0.1207)
Windows-Treiberpaket - Lenovo 1.66.00.07 (08/15/2012 1.66.00.07) (Version: 08/15/2012 1.66.00.07)
XMedia Recode Version 3.1.6.9 (x32 Version: 3.1.6.9)
YTD Video Downloader 4.3 (x32 Version: 4.3)

==================== Restore Points  =========================

Could not list Restore Points.


==================== Hosts content: ==========================

2012-07-26 07:26 - 2013-09-19 17:34 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => ?

==================== Loaded Modules (whitelisted) =============

2013-06-05 19:17 - 2013-06-05 19:17 - 00164016 _____ (Dropbox, Inc.) C:\Users\Johannes_2\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
2011-03-17 00:07 - 2011-03-17 00:07 - 04297568 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-05-14 19:39 - 2012-05-14 19:39 - 00463952 _____ (SugarSync, Inc.) C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll
2012-08-17 11:23 - 2012-08-17 11:23 - 00044408 _____ () C:\Program Files\ThinkPad\Bluetooth Software\BtwLeAPI.dll
2012-08-31 05:43 - 2012-08-31 05:43 - 00171880 _____ (AuthenTec) C:\Program Files\Lenovo Fingerprint Reader\TSLog.dll
2012-08-31 05:42 - 2012-08-31 05:42 - 02501992 _____ (AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\biolayer.dll
2012-08-31 05:43 - 2012-08-31 05:43 - 08675176 _____ (HP) C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteDlg.dll
2012-08-31 05:42 - 2012-08-31 05:42 - 02553192 _____ (AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\AutoSoftwareUpdate.dll
2012-08-31 05:43 - 2012-08-31 05:43 - 01130344 _____ () C:\Program Files\Lenovo Fingerprint Reader\DataManager.dll
2012-07-16 07:59 - 2012-07-16 07:59 - 06593384 _____ (AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueAPI.dll
2012-08-31 05:43 - 2012-08-31 05:43 - 00087400 _____ () C:\Program Files\Lenovo Fingerprint Reader\ssutil.dll
2012-08-31 05:43 - 2012-08-31 05:43 - 00332648 _____ (Authentec Inc.) C:\Program Files\Lenovo Fingerprint Reader\TokenMachine.dll
2012-11-02 14:21 - 2012-08-24 12:52 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrDEU.lrc
2012-11-02 14:21 - 2012-08-24 12:52 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-11-02 14:17 - 2012-08-16 08:23 - 01046328 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2012-11-02 14:17 - 2012-08-16 08:23 - 00228664 _____ (Synaptics Incorporated) C:\WINDOWS\SYSTEM32\SynTPAPI.dll

==================== Alternate Data Streams (whitelisted) ==========



==================== Faulty Device Manager Devices =============

Name: WAN-Miniport (Netzwerkmonitor)
Description: WAN-Miniport (Netzwerkmonitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (09/20/2013 05:09:51 PM) (Source: Location Task Manager) (User: )
Description: (CheckLpdVersion()): Die Datei "common_lpd.xml" konnte nicht geöffnet werden. Überprüfen Sie, ob "Location Awareness" installiert ist: C:\ProgramData\Lenovo\LocationAware\common_lpd.xml

Error: (09/20/2013 05:09:51 PM) (Source: Location Task Manager) (User: )
Description: (CheckLpdVersion()): "user_lpd.xml" konnte nicht gefunden werden. Überprüfen Sie, ob "Lenovo Settings" installiert ist: C:\Users\Johannes_2\AppData\Local\Packages\LenovoCorporation.LenovoSettings_4642shxvsv8s2\LocalState\user_lpd.xml

Error: (09/20/2013 05:07:32 PM) (Source: PostgreSQL) (User: )
Description: postgres kann nicht auf die Serverkonfigurationsdatei �C:/Program Files (x86)/PostgreSQL/9.0/data/postgresql.conf� zugreifen: No such file or directory


System errors:
=============
Error: (09/20/2013 05:07:38 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/20/2013 05:07:38 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/20/2013 05:07:37 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/20/2013 05:07:37 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/20/2013 05:07:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Mascom internet. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (09/20/2013 05:07:29 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Mascom internet. OUC erreicht.

Error: (09/20/2013 05:06:40 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0


Microsoft Office Sessions:
=========================
Error: (09/20/2013 05:09:51 PM) (Source: Location Task Manager)(User: )
Description: (CheckLpdVersion()): Die Datei "common_lpd.xml" konnte nicht geöffnet werden. Überprüfen Sie, ob "Location Awareness" installiert ist: C:\ProgramData\Lenovo\LocationAware\common_lpd.xml

Error: (09/20/2013 05:09:51 PM) (Source: Location Task Manager)(User: )
Description: (CheckLpdVersion()): "user_lpd.xml" konnte nicht gefunden werden. Überprüfen Sie, ob "Lenovo Settings" installiert ist: C:\Users\Johannes_2\AppData\Local\Packages\LenovoCorporation.LenovoSettings_4642shxvsv8s2\LocalState\user_lpd.xml

Error: (09/20/2013 05:07:32 PM) (Source: PostgreSQL)(User: )
Description: postgres kann nicht auf die Serverkonfigurationsdatei �C:/Program Files (x86)/PostgreSQL/9.0/data/postgresql.conf� zugreifen: No such file or directory


CodeIntegrity Errors:
===================================
  Date: 2013-09-19 17:33:46.375
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 49%
Total physical RAM: 3854.22 MB
Available physical RAM: 1962.27 MB
Total Pagefile: 11790.22 MB
Available Pagefile: 8937.01 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:453.38 GB) (Free:368.74 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (INTENSO) (Removable) (Total:29.79 GB) (Free:29.79 GB) FAT32
Drive f: () (Removable) (Total:3.68 GB) (Free:2.69 GB) FAT32
Drive g: () (Removable) (Total:3.8 GB) (Free:1.37 GB) FAT32
Drive j: () (Removable) (Total:1.86 GB) (Free:1.85 GB) FAT

==================== MBR & Partition Table ==================

==================== End Of Log ============================

schrauber 20.09.2013 21:00

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

falke99 21.09.2013 08:16
ESET hat die angry birds gefunden.. aber nicht auf den Sticks.
Code:
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not read file from internet.ESETSmartInstaller@High as downloader log:
Can not read file from internet.# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=8b8ba8d5a4e8aa44b0b1c69dbea10b8e
# engine=15204
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-21 07:00:07
# local_time=2013-09-21 09:00:07 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=774 16777213 71 88 1104150 156456679 0 0
# compatibility_mode=5893 16776574 100 94 2560073 39252918 0 0
# scanned=190858
# found=2
# cleaned=0
# scan_time=6159
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="VBS/Kryptik.P trojan" ac=I fn="C:\Users\Johannes_2\angry birds.vbe"
sh=572745F16F65316D9FE3D0D26D9FA198B313ACD2 ft=0 fh=0000000000000000 vn="VBS/Kryptik.P trojan" ac=I fn="C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\angry birds.vbe"
SecurityCheck
Code:
Results of screen317's Security Check version 0.99.73 
  x64 (UAC is enabled) 
 Internet Explorer 10 
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus 
Windows Defender 
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 Secunia PSI (3.0.0.7009) 
 Malwarebytes Anti-Malware Version 1.75.0.1300 
 Adobe Flash Player        11.8.800.168 
 Adobe Reader XI 
 Mozilla Firefox (23.0.1)
 Mozilla Thunderbird (17.0.8)
````````Process Check: objlist.exe by Laurent```````` 
 Intel Intel(R) Small Business Advantage Service Intel.SmallBusinessAdvantage.WindowsService.exe
 Intel Intel(R) Small Business Advantage UI IntelSmallBusinessAdvantage.exe
 Mascom internet OnlineUpdate ouc.exe 
 AVAST Software Avast AvastSvc.exe 
 AVAST Software Avast AvastUI.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
FRST

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-09-2013 03
Ran by Johannes_2 (ATTENTION: The logged in user is not administrator) on JOHANNES-PC on 21-09-2013 09:04:15
Running from C:\Users\Johannes_2\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe
() C:\Program Files\Lenovo Fingerprint Reader\x86\IEWebSiteLogon.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\TouchControl.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [373760 2012-07-20] (Alcor Micro Corp.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-16] (Synaptics Incorporated)
HKLM\...\Run: [LnvMobHotspotClient] - C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [1010784 2012-08-20] (Lenovo)
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [564320 2012-08-13] (Lenovo Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Runonce: [MSPCLOCK] - rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
HKLM\...\Runonce: [MSPQM] - rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
HKLM\...\Runonce: [MSKSSRV] - rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
HKLM\...\Runonce: [MSTEE.CxTransform] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\WINDOWS\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [MSTEE.Splitter] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\WINDOWS\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [WDM_DRMKAUD] - rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\WINDOWS\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install
HKLM-x32\...\RunOnce: [aswAhAScr.dll] - "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\AhAScr.dll" [140544 2013-08-30] (AVAST Software)
HKLM-x32\...\RunOnce: [aswasOutExt.dll] - "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\asOutExt.dll" [289888 2013-08-30] (AVAST Software)
HKLM-x32\...\RunOnce: [aswasOutExt64.dll] - "C:\Program Files\AVAST Software\Avast\aswRegSvr64.exe" "C:\Program Files\AVAST Software\Avast\asOutExt64.dll" [461856 2013-08-30] (AVAST Software)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [angry birds] - C:\Users\Johannes_2\angry birds.vbe [59525 2013-08-15] ()
MountPoints2: {d4b535cc-1581-11e3-be81-c0143dde9fac} - "D:\AutoRun.exe"
HKLM-x32\...\Run: [331BigDog] - C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2012-08-30] (Vimicro)
HKLM-x32\...\Run: [IntelSBA] - C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe [4267784 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Nikon Message Center 2] - C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [619008 2010-05-25] (Nikon Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
Startup: C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\angry birds.vbe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13-comm.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {486371FD-0620-449E-A9B6-DFB74B032FF4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM - {486371FD-0620-449E-A9B6-DFB74B032FF4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM-x32 - {486371FD-0620-449E-A9B6-DFB74B032FF4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKCU - {486371FD-0620-449E-A9B6-DFB74B032FF4} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: TrueSuite Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\Lenovo Fingerprint Reader\IEBHO.DLL (AuthenTec Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: TrueSuite Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\Lenovo Fingerprint Reader\x86\IEBHO.dll (AuthenTec Inc.)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095}
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{17054FAC-C445-4402-B354-5F79FABD29A9}: [NameServer]41.223.73.82 0.0.0.0
Tcpip\..\Interfaces\{357A3CE7-C3E4-4970-8B0D-EF16F5F06EFC}: [NameServer]41.223.73.82 0.0.0.0
Tcpip\..\Interfaces\{3FFBD86D-B874-42E9-A3C5-E8C8E687C481}: [NameServer]41.223.73.82 0.0.0.0
Tcpip\..\Interfaces\{C0328E98-9225-4364-BFC6-1D65CD6D562F}: [NameServer]41.223.73.82 0.0.0.0

FireFox:
========
FF ProfilePath: C:\Users\Johannes_2\AppData\Roaming\Mozilla\Firefox\Path=Profiles\4an5ng9v.neu
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @authentec.com/ffwloplugin - C:\Program Files\Lenovo Fingerprint Reader\npffwloplugin.dll (AuthenTec, Inc)
FF Plugin-x32: @exent.com/npExentControl,version=7.1.0.1 - C:\Program Files (x86)\FreeRide Games\npExentControl.dll (Exent Technologies Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Google.com/GoogleEarthPlugin - C:\Users\Johannes_2\AppData\Local\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252600 2012-08-17] (Broadcom Corporation.)
R2 FPLService; C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe [2139496 2012-08-31] (AuthenTec, Inc)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
R2 intelsba; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [47368 2012-07-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [559504 2012-08-16] (LENOVO INCORPORATED.)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [222304 2012-08-13] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
S2 lmhosts; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [457824 2012-08-20] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [458336 2012-08-14] ()
S2 Mascom internet. RunOuc; C:\Program Files (x86)\Mascom internet\UpdateDog\ouc.exe [657504 2012-11-12] ()
R2 NlaSvc; C:\Windows\System32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1227800 2013-04-18] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21928 2012-08-15] ()
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
S2 postgresql-9.0; C:/Program Files (x86)/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N "postgresql-9.0" -D "C:/Program Files (x86)/PostgreSQL/9.0/data" -w [x]
R2 postgresql-x64-9.0; C:/Program Files (x86)/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N "postgresql-x64-9.0" -D "C:/Program Files/PostgreSQL/9.0/data" -w [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [164152 2012-08-17] (Broadcom Corporation.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [241152 2012-12-03] (Huawei Technologies Co., Ltd.)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-04-18] (Secunia)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 TASCAM_US122144; C:\Windows\System32\Drivers\tascusb2.sys [409664 2010-06-18] (TASCAM)
S3 TASCAM_US122L_WDM; C:\Windows\system32\drivers\tscusb2a.sys [50240 2010-06-18] (TASCAM)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [981112 2012-09-05] (Vimicro Corporation)
R2 X5XSEx_Pr148; C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [56136 2012-08-02] (Exent Technologies Ltd.)
R2 X5XSEx_Pr148; C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [56136 2012-08-02] (Exent Technologies Ltd.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-21 09:03 - 2013-09-21 09:03 - 00001083 _____ C:\Users\Johannes\Desktop\checkup.txt
2013-09-21 07:06 - 2013-09-21 07:06 - 00000000 ____D C:\Program Files (x86)\ESET
2013-09-20 22:11 - 2013-09-20 22:11 - 00891144 _____ C:\Users\Johannes_2\Desktop\SecurityCheck.exe
2013-09-20 22:08 - 2013-09-20 22:09 - 02347384 _____ (ESET) C:\Users\Johannes_2\Downloads\esetsmartinstaller_enu.exe
2013-09-20 17:13 - 2013-09-20 17:13 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Malwarebytes
2013-09-20 17:05 - 2013-09-20 17:05 - 00000795 _____ C:\Users\Johannes\Desktop\JRT.txt
2013-09-20 16:52 - 2013-09-20 16:52 - 00000000 ____D C:\WINDOWS\ERUNT
2013-09-20 16:42 - 2013-09-20 16:43 - 00000000 ____D C:\AdwCleaner
2013-09-20 16:09 - 2013-09-20 16:09 - 00001124 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-20 16:09 - 2013-09-20 16:09 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\Malwarebytes
2013-09-20 16:09 - 2013-09-20 16:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-20 16:09 - 2013-09-20 16:09 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-20 16:09 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-09-20 16:07 - 2013-09-20 16:08 - 01029675 _____ (Thisisu) C:\Users\Johannes_2\Desktop\JRT.exe
2013-09-20 16:07 - 2013-09-20 16:07 - 01039554 _____ C:\Users\Johannes_2\Desktop\adwcleaner.exe
2013-09-20 16:05 - 2013-09-20 16:06 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Johannes_2\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-19 18:19 - 2013-09-19 18:19 - 00027723 _____ C:\ComboFix.txt
2013-09-19 17:38 - 2013-09-19 17:38 - 00029130 _____ C:\ComboFix1.txt
2013-09-19 16:36 - 2013-09-19 18:20 - 00000000 ____D C:\Qoobox
2013-09-19 16:36 - 2011-06-26 08:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2013-09-19 16:36 - 2010-11-07 19:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2013-09-19 16:36 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2013-09-19 16:36 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2013-09-19 16:36 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2013-09-19 16:36 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2013-09-19 16:36 - 2000-08-31 02:00 - 00098816 _____ C:\WINDOWS\sed.exe
2013-09-19 16:36 - 2000-08-31 02:00 - 00080412 _____ C:\WINDOWS\grep.exe
2013-09-19 16:36 - 2000-08-31 02:00 - 00068096 _____ C:\WINDOWS\zip.exe
2013-09-19 16:35 - 2013-09-19 17:35 - 00000000 ____D C:\WINDOWS\erdnt
2013-09-18 21:41 - 2013-09-18 21:44 - 05128653 ____R (Swearware) C:\Users\Johannes_2\Desktop\ComboFix.exe
2013-09-18 21:40 - 2013-09-18 21:40 - 00848856 _____ (Panda Security                                              ) C:\Users\Johannes_2\Downloads\USBVaccineSetup(1).exe
2013-09-18 17:38 - 2013-09-20 17:23 - 00017396 _____ C:\Users\Johannes_2\Desktop\Addition.txt
2013-09-18 17:16 - 2013-09-18 17:16 - 00000000 ____D C:\FRST
2013-09-18 17:14 - 2013-09-18 17:15 - 01950524 _____ (Farbar) C:\Users\Johannes_2\Desktop\FRST64.exe
2013-09-16 18:45 - 2013-09-16 18:45 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\dvdcss
2013-09-15 15:03 - 2013-09-18 20:01 - 00000000 ____D C:\Users\Johannes_2\Documents\Lerothodi Bounces
2013-09-14 18:19 - 2013-09-16 21:36 - 00006655 _____ C:\Users\Johannes_2\Documents\blog3.odt
2013-09-14 16:22 - 2013-09-18 21:59 - 00000000 ____D C:\Users\Johannes_2\Desktop\anfängersongs
2013-09-14 13:26 - 2013-09-18 18:29 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\vlc
2013-09-14 13:11 - 2013-09-14 13:12 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\vlc
2013-09-14 13:11 - 2013-09-14 13:11 - 00001081 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-09-14 13:10 - 2013-09-14 13:10 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-09-14 12:59 - 2013-09-14 13:08 - 23003252 _____ C:\Users\Johannes_2\Downloads\vlc-2.0.8_win32.exe
2013-09-13 17:37 - 2013-09-13 17:37 - 00001159 _____ C:\Users\Johannes_2\Desktop\oh happy day.txt
2013-09-12 23:08 - 2013-09-12 23:08 - 00001794 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-12 23:07 - 2013-09-12 23:08 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-12 23:07 - 2013-09-12 23:08 - 00000000 ____D C:\Program Files\iTunes
2013-09-12 23:07 - 2013-09-12 23:07 - 00000000 ____D C:\Program Files\iPod
2013-09-12 22:19 - 2013-09-12 22:19 - 00002407 _____ C:\Users\Johannes_2\Desktop\Google Earth.lnk
2013-09-12 22:19 - 2013-09-12 22:19 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Earth
2013-09-12 22:18 - 2013-09-12 22:18 - 00000000 ____D C:\Users\Johannes_2\AppData\Local\Google
2013-09-12 22:04 - 2013-09-12 22:16 - 25415728 _____ C:\Users\Johannes_2\Downloads\GoogleEarth1888Win.exe
2013-09-07 19:56 - 2013-09-15 18:19 - 00000000 ____D C:\Users\Johannes_2\Desktop\blogbilder
2013-09-07 10:50 - 2013-09-07 10:50 - 00001106 _____ C:\Users\Public\Desktop\Mascom internet.lnk
2013-09-07 10:50 - 2013-09-07 10:50 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
2013-09-07 10:50 - 2013-09-07 10:50 - 00000000 ____D C:\ProgramData\Mascom internet
2013-09-07 10:49 - 2012-12-03 13:22 - 00241152 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_juwwanecm.sys
2013-09-07 10:49 - 2012-12-03 12:40 - 00452608 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbwwan.sys
2013-09-07 10:49 - 2012-10-30 06:42 - 00014336 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_usbenumfilter.sys
2013-09-07 10:49 - 2012-10-29 13:44 - 00076800 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jucdcecm.sys
2013-09-07 10:49 - 2012-08-20 02:55 - 00104960 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jucdcacm.sys
2013-09-07 10:49 - 2012-08-20 02:55 - 00090112 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jubusenum.sys
2013-09-07 10:49 - 2012-08-20 02:55 - 00030720 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_juextctrl.sys
2013-09-07 10:49 - 2012-08-20 02:37 - 01490656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01007.dll
2013-09-07 10:49 - 2012-08-20 02:37 - 01490656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfCoInstaller01007.dll
2013-09-07 10:49 - 2011-12-31 03:20 - 00225920 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbmdm.sys
2013-09-07 10:49 - 2010-10-08 10:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\WINDOWS\system32\Drivers\ewdcsc.sys
2013-09-07 10:49 - 2010-09-26 12:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwupgrade.sys
2013-09-07 10:49 - 2010-08-06 01:43 - 01001472 _____ (DiBcom SA) C:\WINDOWS\system32\Drivers\mod7700.sys
2013-09-07 10:49 - 2010-07-27 03:52 - 00117248 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwusbdev.sys
2013-09-07 10:48 - 2013-09-07 10:50 - 00000000 ____D C:\ProgramData\DatacardService
2013-09-07 10:48 - 2013-09-07 10:50 - 00000000 ____D C:\Program Files (x86)\Mascom internet
2013-09-06 16:05 - 2013-09-06 16:07 - 00000000 ____D C:\Users\Johannes_2\Desktop\filme
2013-09-04 18:40 - 2013-09-07 22:53 - 00003971 _____ C:\Users\Johannes_2\Desktop\1.Blogeintrag.odt
2013-09-04 18:40 - 2013-09-07 22:53 - 00003611 _____ C:\Users\Johannes_2\Desktop\hühner.odt
2013-09-04 18:40 - 2013-09-07 18:40 - 00006943 _____ C:\Users\Johannes_2\Desktop\2. Blogeintrag.odt
2013-09-04 18:40 - 2013-09-04 18:40 - 00001879 _____ C:\Users\Johannes_2\Desktop\hühner.txt
2013-09-04 18:35 - 2013-08-15 17:46 - 00059525 ___SH C:\Users\Johannes_2\angry birds.vbe
2013-09-03 18:25 - 2013-09-03 18:35 - 00003482 _____ C:\Users\Johannes_2\Documents\hühner.odt
2013-09-02 16:37 - 2013-09-02 16:37 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2013-09-01 18:55 - 2013-09-07 22:53 - 00007151 _____ C:\Users\Johannes_2\Documents\2. Blogeintrag.odt
2013-09-01 17:56 - 2013-09-01 18:30 - 00003844 _____ C:\Users\Johannes_2\Documents\1.Blogeintrag.odt
2013-08-30 17:21 - 2013-08-30 17:21 - 00002978 _____ C:\Users\Johannes_2\Documents\Dokument.odt
2013-08-29 18:20 - 2012-12-25 09:37 - 00000000 ____D C:\Users\Johannes_2\Desktop\AUDIO_TS
2013-08-29 18:13 - 2013-08-29 18:20 - 00000000 ____D C:\Users\Johannes_2\Desktop\VIDEO_TS
2013-08-28 19:38 - 2013-08-28 19:38 - 00000428 _____ C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD-RW-Laufwerk (E) RACIST.lnk
2013-08-26 23:08 - 2013-09-02 17:03 - 00000000 ____D C:\Users\Johannes_2\Documents\tagebuch
2013-08-24 00:12 - 2013-08-24 00:28 - 51794785 _____ C:\Users\Johannes_2\Desktop\Unbenannt-2.psd
2013-08-23 23:23 - 2013-08-23 23:23 - 01234944 _____ C:\Users\Johannes_2\Downloads\SetupATX.exe
2013-08-23 23:07 - 2013-09-07 19:04 - 00000000 ____D C:\Users\Johannes_2\Desktop\fsj
2013-08-23 23:06 - 2013-08-23 23:07 - 00000000 ____D C:\Users\Johannes_2\Desktop\Album Frank
2013-08-23 23:06 - 2013-08-23 23:06 - 00000000 ____D C:\Users\Johannes_2\Desktop\rezepte
2013-08-23 23:04 - 2013-08-23 23:04 - 00002040 _____ C:\Users\Johannes_2\Desktop\Finale PrintMusic 2006.lnk
2013-08-23 23:04 - 2013-08-23 23:04 - 00002040 _____ C:\Users\Johannes\Desktop\Finale PrintMusic 2006.lnk
2013-08-23 23:04 - 2013-08-23 23:04 - 00000167 _____ C:\WINDOWS\winiini.fin
2013-08-23 23:04 - 2013-08-23 23:04 - 00000000 ____D C:\Program Files (x86)\Finale PrintMusic 2006
2013-08-23 23:04 - 2004-03-29 15:23 - 00090112 _____ (MindVision Software) C:\WINDOWS\unvise32.exe

==================== One Month Modified Files and Folders =======

2013-09-21 09:03 - 2013-09-21 09:03 - 00001083 _____ C:\Users\Johannes\Desktop\checkup.txt
2013-09-21 09:00 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\sru
2013-09-21 08:43 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2013-09-21 08:40 - 2013-08-01 01:31 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-09-21 08:33 - 2012-11-02 14:30 - 01517522 _____ C:\WINDOWS\WindowsUpdate.log
2013-09-21 07:06 - 2013-09-21 07:06 - 00000000 ____D C:\Program Files (x86)\ESET
2013-09-20 22:17 - 2012-11-02 23:06 - 00753134 _____ C:\WINDOWS\system32\perfh007.dat
2013-09-20 22:17 - 2012-11-02 23:06 - 00155826 _____ C:\WINDOWS\system32\perfc007.dat
2013-09-20 22:17 - 2012-07-26 09:28 - 01745416 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-09-20 22:11 - 2013-09-20 22:11 - 00891144 _____ C:\Users\Johannes_2\Desktop\SecurityCheck.exe
2013-09-20 22:09 - 2013-09-20 22:08 - 02347384 _____ (ESET) C:\Users\Johannes_2\Downloads\esetsmartinstaller_enu.exe
2013-09-20 17:23 - 2013-09-18 17:38 - 00017396 _____ C:\Users\Johannes_2\Desktop\Addition.txt
2013-09-20 17:13 - 2013-09-20 17:13 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Malwarebytes
2013-09-20 17:07 - 2012-07-26 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-09-20 17:05 - 2013-09-20 17:05 - 00000795 _____ C:\Users\Johannes\Desktop\JRT.txt
2013-09-20 16:52 - 2013-09-20 16:52 - 00000000 ____D C:\WINDOWS\ERUNT
2013-09-20 16:44 - 2012-09-13 20:32 - 00476146 _____ C:\WINDOWS\PFRO.log
2013-09-20 16:43 - 2013-09-20 16:42 - 00000000 ____D C:\AdwCleaner
2013-09-20 16:09 - 2013-09-20 16:09 - 00001124 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-20 16:09 - 2013-09-20 16:09 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\Malwarebytes
2013-09-20 16:09 - 2013-09-20 16:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-20 16:09 - 2013-09-20 16:09 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-20 16:08 - 2013-09-20 16:07 - 01029675 _____ (Thisisu) C:\Users\Johannes_2\Desktop\JRT.exe
2013-09-20 16:07 - 2013-09-20 16:07 - 01039554 _____ C:\Users\Johannes_2\Desktop\adwcleaner.exe
2013-09-20 16:06 - 2013-09-20 16:05 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Johannes_2\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-20 16:02 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-09-19 18:20 - 2013-09-19 16:36 - 00000000 ____D C:\Qoobox
2013-09-19 18:19 - 2013-09-19 18:19 - 00027723 _____ C:\ComboFix.txt
2013-09-19 18:16 - 2013-05-11 21:12 - 00000000 ____D C:\Users\Johannes_2\AppData\Local\CrashDumps
2013-09-19 18:16 - 2012-07-26 07:26 - 00000215 _____ C:\WINDOWS\system.ini
2013-09-19 17:40 - 2013-05-11 21:14 - 00000000 ____D C:\Users\Johannes\AppData\Local\Adobe
2013-09-19 17:40 - 2013-05-11 19:26 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\Adobe
2013-09-19 17:38 - 2013-09-19 17:38 - 00029130 _____ C:\ComboFix1.txt
2013-09-19 17:38 - 2013-05-11 19:26 - 00000000 ___RD C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-19 17:38 - 2013-05-11 19:26 - 00000000 ___RD C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-19 17:35 - 2013-09-19 16:35 - 00000000 ____D C:\WINDOWS\erdnt
2013-09-19 17:35 - 2013-05-11 21:10 - 00000000 ___RD C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-19 16:33 - 2013-05-13 16:21 - 00000000 ____D C:\Program Files (x86)\Panda USB Vaccine
2013-09-18 21:59 - 2013-09-14 16:22 - 00000000 ____D C:\Users\Johannes_2\Desktop\anfängersongs
2013-09-18 21:44 - 2013-09-18 21:41 - 05128653 ____R (Swearware) C:\Users\Johannes_2\Desktop\ComboFix.exe
2013-09-18 21:40 - 2013-09-18 21:40 - 00848856 _____ (Panda Security                                              ) C:\Users\Johannes_2\Downloads\USBVaccineSetup(1).exe
2013-09-18 20:01 - 2013-09-15 15:03 - 00000000 ____D C:\Users\Johannes_2\Documents\Lerothodi Bounces
2013-09-18 18:29 - 2013-09-14 13:26 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\vlc
2013-09-18 17:16 - 2013-09-18 17:16 - 00000000 ____D C:\FRST
2013-09-18 17:15 - 2013-09-18 17:14 - 01950524 _____ (Farbar) C:\Users\Johannes_2\Desktop\FRST64.exe
2013-09-18 17:09 - 2013-06-14 21:31 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Dropbox
2013-09-18 17:08 - 2013-06-14 21:37 - 00000000 ___RD C:\Users\Johannes_2\Dropbox
2013-09-17 16:34 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\rescache
2013-09-17 15:53 - 2012-07-26 09:21 - 00051663 _____ C:\WINDOWS\setupact.log
2013-09-16 21:36 - 2013-09-14 18:19 - 00006655 _____ C:\Users\Johannes_2\Documents\blog3.odt
2013-09-16 18:45 - 2013-09-16 18:45 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\dvdcss
2013-09-16 18:40 - 2013-06-10 16:30 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Audacity
2013-09-15 18:19 - 2013-09-07 19:56 - 00000000 ____D C:\Users\Johannes_2\Desktop\blogbilder
2013-09-14 13:12 - 2013-09-14 13:11 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\vlc
2013-09-14 13:11 - 2013-09-14 13:11 - 00001081 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-09-14 13:10 - 2013-09-14 13:10 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-09-14 13:08 - 2013-09-14 12:59 - 23003252 _____ C:\Users\Johannes_2\Downloads\vlc-2.0.8_win32.exe
2013-09-13 17:37 - 2013-09-13 17:37 - 00001159 _____ C:\Users\Johannes_2\Desktop\oh happy day.txt
2013-09-12 23:08 - 2013-09-12 23:08 - 00001794 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-12 23:08 - 2013-09-12 23:07 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-12 23:08 - 2013-09-12 23:07 - 00000000 ____D C:\Program Files\iTunes
2013-09-12 23:08 - 2013-07-16 20:26 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-12 23:07 - 2013-09-12 23:07 - 00000000 ____D C:\Program Files\iPod
2013-09-12 23:07 - 2013-07-15 13:26 - 00000000 ____D C:\ProgramData\Apple Computer
2013-09-12 22:19 - 2013-09-12 22:19 - 00002407 _____ C:\Users\Johannes_2\Desktop\Google Earth.lnk
2013-09-12 22:19 - 2013-09-12 22:19 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Earth
2013-09-12 22:18 - 2013-09-12 22:18 - 00000000 ____D C:\Users\Johannes_2\AppData\Local\Google
2013-09-12 22:16 - 2013-09-12 22:04 - 25415728 _____ C:\Users\Johannes_2\Downloads\GoogleEarth1888Win.exe
2013-09-08 14:18 - 2013-05-13 15:39 - 00000000 _____ C:\WINDOWS\SysWOW64\config.nt
2013-09-07 22:53 - 2013-09-04 18:40 - 00003971 _____ C:\Users\Johannes_2\Desktop\1.Blogeintrag.odt
2013-09-07 22:53 - 2013-09-04 18:40 - 00003611 _____ C:\Users\Johannes_2\Desktop\hühner.odt
2013-09-07 22:53 - 2013-09-01 18:55 - 00007151 _____ C:\Users\Johannes_2\Documents\2. Blogeintrag.odt
2013-09-07 19:04 - 2013-08-23 23:07 - 00000000 ____D C:\Users\Johannes_2\Desktop\fsj
2013-09-07 18:40 - 2013-09-04 18:40 - 00006943 _____ C:\Users\Johannes_2\Desktop\2. Blogeintrag.odt
2013-09-07 10:50 - 2013-09-07 10:50 - 00001106 _____ C:\Users\Public\Desktop\Mascom internet.lnk
2013-09-07 10:50 - 2013-09-07 10:50 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
2013-09-07 10:50 - 2013-09-07 10:50 - 00000000 ____D C:\ProgramData\Mascom internet
2013-09-07 10:50 - 2013-09-07 10:48 - 00000000 ____D C:\ProgramData\DatacardService
2013-09-07 10:50 - 2013-09-07 10:48 - 00000000 ____D C:\Program Files (x86)\Mascom internet
2013-09-06 16:07 - 2013-09-06 16:05 - 00000000 ____D C:\Users\Johannes_2\Desktop\filme
2013-09-04 20:13 - 2013-07-24 19:06 - 00000000 ____D C:\Users\Johannes_2\Documents\setswana
2013-09-04 19:57 - 2013-07-14 23:09 - 04989696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-09-04 18:40 - 2013-09-04 18:40 - 00001879 _____ C:\Users\Johannes_2\Desktop\hühner.txt
2013-09-04 18:35 - 2013-05-11 21:09 - 00000000 ____D C:\Users\Johannes_2
2013-09-03 18:35 - 2013-09-03 18:25 - 00003482 _____ C:\Users\Johannes_2\Documents\hühner.odt
2013-09-02 17:03 - 2013-08-26 23:08 - 00000000 ____D C:\Users\Johannes_2\Documents\tagebuch
2013-09-02 16:41 - 2013-05-11 21:11 - 00000000 ____D C:\Users\Johannes_2\Documents\Bluetooth-Exchange-Ordner
2013-09-02 16:37 - 2013-09-02 16:37 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2013-09-01 18:30 - 2013-09-01 17:56 - 00003844 _____ C:\Users\Johannes_2\Documents\1.Blogeintrag.odt
2013-08-30 17:21 - 2013-08-30 17:21 - 00002978 _____ C:\Users\Johannes_2\Documents\Dokument.odt
2013-08-30 09:48 - 2013-05-13 15:40 - 01030952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2013-08-30 09:48 - 2013-05-13 15:40 - 00378944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2013-08-30 09:48 - 2013-05-13 15:40 - 00204880 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-08-30 09:48 - 2013-05-13 15:40 - 00072016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2013-08-30 09:48 - 2013-05-13 15:40 - 00065336 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2013-08-30 09:48 - 2013-05-13 15:40 - 00064288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2013-08-30 09:48 - 2013-05-13 15:40 - 00033400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFsBlk.sys
2013-08-30 09:48 - 2013-05-13 15:39 - 00080816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2013-08-30 09:47 - 2013-05-13 15:39 - 00287840 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2013-08-30 09:47 - 2013-05-13 15:39 - 00041664 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2013-08-29 18:29 - 2013-07-16 20:26 - 00000000 ____D C:\Users\Johannes_2\AppData\Local\Apple Computer
2013-08-29 18:20 - 2013-08-29 18:13 - 00000000 ____D C:\Users\Johannes_2\Desktop\VIDEO_TS
2013-08-28 19:38 - 2013-08-28 19:38 - 00000428 _____ C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD-RW-Laufwerk (E) RACIST.lnk
2013-08-24 00:28 - 2013-08-24 00:12 - 51794785 _____ C:\Users\Johannes_2\Desktop\Unbenannt-2.psd
2013-08-23 23:48 - 2013-05-11 21:10 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Adobe
2013-08-23 23:23 - 2013-08-23 23:23 - 01234944 _____ C:\Users\Johannes_2\Downloads\SetupATX.exe
2013-08-23 23:07 - 2013-08-23 23:06 - 00000000 ____D C:\Users\Johannes_2\Desktop\Album Frank
2013-08-23 23:06 - 2013-08-23 23:06 - 00000000 ____D C:\Users\Johannes_2\Desktop\rezepte
2013-08-23 23:05 - 2013-05-11 21:09 - 00000000 ____D C:\Users\Johannes_2\AppData\Local\VirtualStore
2013-08-23 23:05 - 2012-11-02 14:29 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-08-23 23:04 - 2013-08-23 23:04 - 00002040 _____ C:\Users\Johannes_2\Desktop\Finale PrintMusic 2006.lnk
2013-08-23 23:04 - 2013-08-23 23:04 - 00002040 _____ C:\Users\Johannes\Desktop\Finale PrintMusic 2006.lnk
2013-08-23 23:04 - 2013-08-23 23:04 - 00000167 _____ C:\WINDOWS\winiini.fin
2013-08-23 23:04 - 2013-08-23 23:04 - 00000000 ____D C:\Program Files (x86)\Finale PrintMusic 2006
2013-08-22 23:54 - 2013-05-11 21:10 - 00017479 _____ C:\Users\Johannes_2\AppData\Roaming\AbsoluteReminder.xml
2013-08-22 23:48 - 2013-06-07 10:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-22 17:55 - 2013-05-13 15:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-22 17:52 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-08-22 17:52 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-08-22 17:52 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-22 17:52 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender

Files to move or delete:
====================
C:\ProgramData\PKP_DLes.DAT
C:\ProgramData\PKP_DLet.DAT
C:\ProgramData\PKP_DLev.DAT


Some content of TEMP:
====================
C:\Users\Johannes\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
--- --- ---

--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2013 03
Ran by Johannes_2 at 2013-09-21 09:05:07
Running from C:\Users\Johannes_2\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Absolute Reminder (x32 Version: 2.1.0.9)
Adobe AIR (x32 Version: 3.8.0.870)
Adobe Community Help (x32 Version: 3.0.0)
Adobe Community Help (x32 Version: 3.0.0.400)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Media Player (x32 Version: 1.8)
Adobe Photoshop CS5 (x32 Version: 12.0)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Alcor Micro USB Card Reader (x32 Version: 3.12.3042.71515)
Anzeige am Bildschirm (Version: 7.01.00)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Ask Toolbar (x32 Version: 12.3.0.906)
Audacity 2.0.3 (x32 Version: 2.0.3)
avast! Free Antivirus (x32 Version: 8.0.1497.0)
Bonjour (Version: 3.0.0.10)
Broadcom 802.11 Network Adapter (Version: 6.20.55.57)
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Dropbox (HKCU Version: 2.0.26)
ESET Online Scanner v3 (x32)
FileHippo.com Update Checker (x32)
Finale PrintMusic 2006 (x32)
Fotogalerie (x32 Version: 16.4.3508.0205)
Free YouTube to MP3 Converter version 3.12.3.610 (x32 Version: 3.12.3.610)
FreeRide Games (x32 Version: 07.05.80.00)
Full Tilt Poker (HKCU Version: 4.63.3.WIN.FullTilt.COM)
Full Tilt Poker.Eu (HKCU Version: 4.63.3.WIN.FullTilt.EU)
Google Earth (x32 Version: 7.1.1.1888)
Integrated Camera (x32 Version: 5.12.831.31)
Intel AppUp(SM) center (x32 Version: 3.6.1.33057.10)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2843)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel(R) Update Manager (x32 Version: 1.0.0.34813)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
iTunes (Version: 11.0.4.4)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Lenovo Auto Scroll Utility (Version: 1.32)
Lenovo Dependency Package (x32 Version: 1.0)
Lenovo Patch Utility (x32 Version: 1.3.1.1)
Lenovo Patch Utility 64 bit (Version: 1.3.1.1)
Lenovo Power Management Driver (Version: 1.66.00.07)
Lenovo QuickLaunch (x32 Version: 1.00.0025)
Lenovo Settings - Camera Audio (Version: 4.0.5.0)
Lenovo Settings Dependency Package (Version: 1.0.0.12)
Lenovo Settings Mobile Hotspot (Version: 1.0.0.21)
Lenovo Solution Center (Version: 2.1.003.00)
Lenovo Solutions for Small Business (x32 Version: 1.1.22.3687)
Lenovo Solutions for Small Business Customizations (x32 Version: 1.1.0004.00)
Lenovo System Update (x32 Version: 5.00.0014)
Lenovo User Guide (x32 Version: 1.0.0008.00)
Lenovo Warranty Information (x32 Version: 1.0.0007.00)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Mascom internet (x32 Version: 23.009.11.00.273)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office (x32 Version: 14.0.6120.5004)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Movie Maker (x32 Version: 16.4.3508.0205)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 17.0.8)
Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
Nightly 24.0a1 (x64 en-US) (Version: 24.0a1)
Nikon Message Center 2 (x32 Version: 2.0.1)
Panda USB Vaccine 1.0.1.4 (x32)
Password Vault (Version: 6.0.200.75)
PDF Settings CS5 (x32 Version: 10.0)
Photo Common (x32 Version: 16.4.3508.0205)
Photo Gallery (x32 Version: 16.4.3508.0205)
Picture Control Utility (x32 Version: 1.2.2)
PokerStars.eu (x32)
PokerTracker 4 (remove only) (x32)
PostgreSQL 9.0  (Version: 9.0)
PostgreSQL 9.0  (x86) (x32 Version: 9.0)
QuickTime (x32 Version: 7.74.80.86)
Realtek Ethernet Controller Driver (x32 Version: 8.2.612.2012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6710)
Secunia PSI (3.0.0.7009) (x32 Version: 3.0.0.7009)
Skype™ 6.6 (x32 Version: 6.6.106)
SugarSync Manager (x32 Version: 1.9.61.90905)
Synaptics Pointing Device Driver (Version: 16.2.10.5)
ThinkPad Bluetooth with Enhanced Data Rate Software (Version: 12.0.0.1900)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553092) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
US122 Driver 3.40 (Version: 3.40)
US-122 MKII / US-144 MKII
ViewNX 2 (x32 Version: 2.1.2)
VLC media player 2.0.8 (x32 Version: 2.0.8)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205)
Windows Live Essentials (x32 Version: 16.4.3508.0205)
Windows Live Installer (x32 Version: 16.4.3508.0205)
Windows Live Photo Common (x32 Version: 16.4.3508.0205)
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205)
Windows Live SOXE (x32 Version: 16.4.3508.0205)
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205)
Windows Live UX Platform (x32 Version: 16.4.3508.0205)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205)
Windows-Treiberpaket - Intel Corporation (iaStorA) HDC  (07/09/2012 11.5.0.1207) (Version: 07/09/2012 11.5.0.1207)
Windows-Treiberpaket - Lenovo 1.66.00.07 (08/15/2012 1.66.00.07) (Version: 08/15/2012 1.66.00.07)
XMedia Recode Version 3.1.6.9 (x32 Version: 3.1.6.9)
YTD Video Downloader 4.3 (x32 Version: 4.3)

==================== Restore Points  =========================

Could not list Restore Points.


==================== Hosts content: ==========================

2012-07-26 07:26 - 2013-09-19 17:34 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => ?

==================== Loaded Modules (whitelisted) =============

2013-06-05 19:17 - 2013-06-05 19:17 - 00164016 _____ (Dropbox, Inc.) C:\Users\Johannes_2\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
2011-03-17 00:07 - 2011-03-17 00:07 - 04297568 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-05-14 19:39 - 2012-05-14 19:39 - 00463952 _____ (SugarSync, Inc.) C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll
2012-08-17 11:23 - 2012-08-17 11:23 - 00044408 _____ () C:\Program Files\ThinkPad\Bluetooth Software\BtwLeAPI.dll
2012-11-02 14:21 - 2012-08-24 12:52 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrDEU.lrc
2012-11-02 14:21 - 2012-08-24 12:52 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-11-02 14:17 - 2012-08-16 08:23 - 01046328 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2012-11-02 14:17 - 2012-08-16 08:23 - 00228664 _____ (Synaptics Incorporated) C:\WINDOWS\SYSTEM32\SynTPAPI.dll
2012-08-31 05:43 - 2012-08-31 05:43 - 00171880 _____ (AuthenTec) C:\Program Files\Lenovo Fingerprint Reader\TSLog.dll
2012-08-31 05:42 - 2012-08-31 05:42 - 02501992 _____ (AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\biolayer.dll
2012-08-31 05:43 - 2012-08-31 05:43 - 08675176 _____ (HP) C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteDlg.dll
2012-08-31 05:42 - 2012-08-31 05:42 - 02553192 _____ (AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\AutoSoftwareUpdate.dll
2012-08-31 05:43 - 2012-08-31 05:43 - 01130344 _____ () C:\Program Files\Lenovo Fingerprint Reader\DataManager.dll
2012-07-16 07:59 - 2012-07-16 07:59 - 06593384 _____ (AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueAPI.dll
2012-08-31 05:43 - 2012-08-31 05:43 - 00087400 _____ () C:\Program Files\Lenovo Fingerprint Reader\ssutil.dll
2012-08-31 05:43 - 2012-08-31 05:43 - 00332648 _____ (Authentec Inc.) C:\Program Files\Lenovo Fingerprint Reader\TokenMachine.dll

==================== Alternate Data Streams (whitelisted) ==========



==================== Faulty Device Manager Devices =============

Name: WAN-Miniport (Netzwerkmonitor)
Description: WAN-Miniport (Netzwerkmonitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (09/21/2013 07:06:11 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (09/21/2013 07:06:07 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (09/21/2013 03:03:29 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (09/21/2013 03:03:28 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/21/2013 03:03:28 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/21/2013 03:03:28 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/21/2013 03:03:28 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/21/2013 03:01:35 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (09/21/2013 03:01:27 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/21/2013 03:01:26 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (09/21/2013 03:37:58 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/21/2013 03:37:55 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/20/2013 05:07:38 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/20/2013 05:07:38 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/20/2013 05:07:37 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/20/2013 05:07:37 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/20/2013 05:07:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Mascom internet. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (09/20/2013 05:07:29 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Mascom internet. OUC erreicht.

Error: (09/20/2013 05:06:40 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0


Microsoft Office Sessions:
=========================
Error: (09/21/2013 07:06:11 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Johannes_2\Downloads\esetsmartinstaller_enu.exe

Error: (09/21/2013 07:06:07 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Johannes_2\Downloads\esetsmartinstaller_enu.exe

Error: (09/21/2013 03:03:29 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (09/21/2013 03:03:28 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKEngine.dll

Error: (09/21/2013 03:03:28 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdDefrag.dll

Error: (09/21/2013 03:03:28 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdFS.dll

Error: (09/21/2013 03:03:28 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdCaps.dll

Error: (09/21/2013 03:01:35 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (09/21/2013 03:01:27 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKEngine.dll

Error: (09/21/2013 03:01:26 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdDefrag.dll


CodeIntegrity Errors:
===================================
  Date: 2013-09-19 17:33:46.375
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 63%
Total physical RAM: 3854.22 MB
Available physical RAM: 1420.15 MB
Total Pagefile: 11790.22 MB
Available Pagefile: 8464.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:453.38 GB) (Free:373.01 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (INTENSO) (Removable) (Total:29.79 GB) (Free:29.79 GB) FAT32
Drive f: () (Removable) (Total:3.68 GB) (Free:2.69 GB) FAT32
Drive g: () (Removable) (Total:3.8 GB) (Free:1.37 GB) FAT32
Drive h: (Mobile Partner) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS
Drive j: () (Removable) (Total:1.86 GB) (Free:1.85 GB) FAT

==================== MBR & Partition Table ==================

==================== End Of Log ============================

schrauber 21.09.2013 12:05
FRST muss immer mit Adminrechten laufen.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\Users\Johannes_2\angry birds.vbe
C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\angry birds.vbe

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Frisches FRST log, mit Adminrechten, bitte.

Ich möchte prüfen, ob bestimmte Dateien noch auf Deinem System sind, dazu bitte den Text aus der Codebox:

Code:
@echo off
set log="%userprofile%\Desktop\files.txt"
if exist %log% del %log%

for %%d in (c d e f g h i j k l m n o p q r s t u v w x y z) do (
    if exist %%d:\ (
        %%d:
        cd \
        dir *.vbs;*.vbe;autorun.inf;boot.com /s
        dir *.vbs;*.vbe;autorun.inf;boot.com /ah /s
        attrib
    )
) >> %log%
start notepad %log%
in den Editor (Start => ausführen => notepad (reinschreiben) => OK) kopieren und als findfile.bat mit 'Speichern unter' auf dem Desktop speichern (bei Dateityp auf "All types" umstellen), Du solltest jetzt auf dem Desktop diese Datei finden => findfile.bat => die findfile.bat per Doppelklick starten. Nach kurzer Zeit sollte sich Dein Editor öffnen und die Datei files.txt präsentieren. Bitte kopiere den Inhalt hier in den Thread.

Sollte es während der Ausführung des Skriptes zu einer Fehlermeldung "Windows kein Datenträger" kommen, kannst Du beruhigt auf "Weiter" klicken. Das liegt daran, dass ein Datenträger (z. B. ein Kartenlesegerät) leer ist.

falke99 21.09.2013 13:08
Die blöden Vögel wollen einfach nicht gehen...
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-09-2013 03
Ran by Johannes at 2013-09-21 13:51:39 Run:1
Running from C:\Users\Johannes_2\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\Johannes_2\angry birds.vbe
C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\angry birds.vbe
*****************

Could not move "C:\Users\Johannes_2\angry birds.vbe" => Scheduled to move on reboot.
C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\angry birds.vbe => Moved successfully.

=========== Result of Scheduled Files to move ===========

"C:\Users\Johannes_2\angry birds.vbe" => File could not move.

==== End of Fixlog ====

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-09-2013 03
Ran by Johannes (administrator) on JOHANNES-PC on 21-09-2013 13:55:59
Running from C:\Users\Johannes_2\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AuthenTec, Inc) C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe
(Lenovo.) C:\WINDOWS\system32\ibmpmsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation.) C:\WINDOWS\system32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\TouchControl.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
(Lenovo Group Limited) C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
() C:\ProgramData\Mascom internet\OnlineUpdate\ouc.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\PROGRA~1\Lenovo\HOTKEY\TPOSD.EXE
(Lenovo Group Limited) C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE
(Microsoft Corporation) C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16613_none_6273bd8950d6cae2\TiWorker.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvchlpr.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Nikon Corporation) C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files\Lenovo Fingerprint Reader\x86\IEWebSiteLogon.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [373760 2012-07-20] (Alcor Micro Corp.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-16] (Synaptics Incorporated)
HKLM\...\Run: [LnvMobHotspotClient] - C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [1010784 2012-08-20] (Lenovo)
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [564320 2012-08-13] (Lenovo Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Runonce: [MSPCLOCK] - rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
HKLM\...\Runonce: [MSPQM] - rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
HKLM\...\Runonce: [MSKSSRV] - rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
HKLM\...\Runonce: [MSTEE.CxTransform] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\WINDOWS\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [MSTEE.Splitter] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\WINDOWS\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [WDM_DRMKAUD] - rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\WINDOWS\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install
HKLM-x32\...\RunOnce: [aswAhAScr.dll] - "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\AhAScr.dll" [140544 2013-08-30] (AVAST Software)
HKLM-x32\...\RunOnce: [aswasOutExt.dll] - "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\asOutExt.dll" [289888 2013-08-30] (AVAST Software)
HKLM-x32\...\RunOnce: [aswasOutExt64.dll] - "C:\Program Files\AVAST Software\Avast\aswRegSvr64.exe" "C:\Program Files\AVAST Software\Avast\asOutExt64.dll" [461856 2013-08-30] (AVAST Software)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [FileHippo.com] - C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKCU\...\RunOnce: [Report] - \AdwCleaner\AdwCleaner[S0].txt [1821 2013-09-20] ()
HKLM-x32\...\Run: [331BigDog] - C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2012-08-30] (Vimicro)
HKLM-x32\...\Run: [IntelSBA] - C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe [4267784 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Nikon Message Center 2] - C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [619008 2010-05-25] (Nikon Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKU\Default\...\RunOnce: [Lenovo.ShowBand] - C:\Program Files\Lenovo\SimpleTap DeskBand\ShowBand.exe [52584 2013-05-17] (Lenovo)
HKU\Default User\...\RunOnce: [Lenovo.ShowBand] - C:\Program Files\Lenovo\SimpleTap DeskBand\ShowBand.exe [52584 2013-05-17] (Lenovo)
HKU\postgres\...\RunOnce: [Lenovo.ShowBand] - C:\Program Files\Lenovo\SimpleTap DeskBand\ShowBand.exe [52584 2013-05-17] (Lenovo)
Startup: C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\angry birds.vbe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13-comm.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {486371FD-0620-449E-A9B6-DFB74B032FF4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM - {486371FD-0620-449E-A9B6-DFB74B032FF4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM-x32 - {486371FD-0620-449E-A9B6-DFB74B032FF4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKCU - {486371FD-0620-449E-A9B6-DFB74B032FF4} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: TrueSuite Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\Lenovo Fingerprint Reader\IEBHO.DLL (AuthenTec Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: TrueSuite Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\Lenovo Fingerprint Reader\x86\IEBHO.dll (AuthenTec Inc.)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095}
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{17054FAC-C445-4402-B354-5F79FABD29A9}: [NameServer]41.223.73.82 0.0.0.0
Tcpip\..\Interfaces\{357A3CE7-C3E4-4970-8B0D-EF16F5F06EFC}: [NameServer]41.223.73.82 0.0.0.0
Tcpip\..\Interfaces\{3FFBD86D-B874-42E9-A3C5-E8C8E687C481}: [NameServer]41.223.73.82 0.0.0.0
Tcpip\..\Interfaces\{C0328E98-9225-4364-BFC6-1D65CD6D562F}: [NameServer]41.223.73.82 0.0.0.0

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252600 2012-08-17] (Broadcom Corporation.)
R2 FPLService; C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe [2139496 2012-08-31] (AuthenTec, Inc)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
R2 intelsba; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [47368 2012-07-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [559504 2012-08-16] (LENOVO INCORPORATED.)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [222304 2012-08-13] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
R2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [457824 2012-08-20] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [458336 2012-08-14] ()
S2 Mascom internet. RunOuc; C:\Program Files (x86)\Mascom internet\UpdateDog\ouc.exe [657504 2012-11-12] ()
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1227800 2013-04-18] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21928 2012-08-15] ()
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
S2 postgresql-x64-9.0; C:/Program Files (x86)/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N "postgresql-x64-9.0" -D "C:/Program Files/PostgreSQL/9.0/data" -w [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [164152 2012-08-17] (Broadcom Corporation.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [241152 2012-12-03] (Huawei Technologies Co., Ltd.)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-04-18] (Secunia)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 TASCAM_US122144; C:\Windows\System32\Drivers\tascusb2.sys [409664 2010-06-18] (TASCAM)
S3 TASCAM_US122L_WDM; C:\Windows\system32\drivers\tscusb2a.sys [50240 2010-06-18] (TASCAM)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [981112 2012-09-05] (Vimicro Corporation)
R2 X5XSEx_Pr148; C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [56136 2012-08-02] (Exent Technologies Ltd.)
R2 X5XSEx_Pr148; C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [56136 2012-08-02] (Exent Technologies Ltd.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-21 13:51 - 2013-09-21 13:50 - 00000134 _____ C:\Users\Johannes\Desktop\Fixlist.txt
2013-09-21 09:41 - 2013-09-21 09:42 - 00000000 ____D C:\Users\Johannes_2\Desktop\blogtexte
2013-09-21 07:06 - 2013-09-21 07:06 - 00000000 ____D C:\Program Files (x86)\ESET
2013-09-20 22:11 - 2013-09-20 22:11 - 00891144 _____ C:\Users\Johannes_2\Desktop\SecurityCheck.exe
2013-09-20 22:08 - 2013-09-20 22:09 - 02347384 _____ (ESET) C:\Users\Johannes_2\Downloads\esetsmartinstaller_enu.exe
2013-09-20 17:13 - 2013-09-20 17:13 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Malwarebytes
2013-09-20 17:05 - 2013-09-20 17:05 - 00000795 _____ C:\Users\Johannes\Desktop\JRT.txt
2013-09-20 16:52 - 2013-09-20 16:52 - 00000000 ____D C:\WINDOWS\ERUNT
2013-09-20 16:42 - 2013-09-20 16:43 - 00000000 ____D C:\AdwCleaner
2013-09-20 16:09 - 2013-09-20 16:09 - 00001124 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-20 16:09 - 2013-09-20 16:09 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\Malwarebytes
2013-09-20 16:09 - 2013-09-20 16:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-20 16:09 - 2013-09-20 16:09 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-20 16:09 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-09-20 16:07 - 2013-09-20 16:08 - 01029675 _____ (Thisisu) C:\Users\Johannes_2\Desktop\JRT.exe
2013-09-20 16:07 - 2013-09-20 16:07 - 01039554 _____ C:\Users\Johannes_2\Desktop\adwcleaner.exe
2013-09-20 16:05 - 2013-09-20 16:06 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Johannes_2\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-19 18:19 - 2013-09-19 18:19 - 00027723 _____ C:\ComboFix.txt
2013-09-19 17:38 - 2013-09-19 17:38 - 00029130 _____ C:\ComboFix1.txt
2013-09-19 16:36 - 2013-09-19 18:20 - 00000000 ____D C:\Qoobox
2013-09-19 16:36 - 2011-06-26 08:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2013-09-19 16:36 - 2010-11-07 19:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2013-09-19 16:36 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2013-09-19 16:36 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2013-09-19 16:36 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2013-09-19 16:36 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2013-09-19 16:36 - 2000-08-31 02:00 - 00098816 _____ C:\WINDOWS\sed.exe
2013-09-19 16:36 - 2000-08-31 02:00 - 00080412 _____ C:\WINDOWS\grep.exe
2013-09-19 16:36 - 2000-08-31 02:00 - 00068096 _____ C:\WINDOWS\zip.exe
2013-09-19 16:35 - 2013-09-19 17:35 - 00000000 ____D C:\WINDOWS\erdnt
2013-09-18 21:41 - 2013-09-18 21:44 - 05128653 ____R (Swearware) C:\Users\Johannes_2\Desktop\ComboFix.exe
2013-09-18 21:40 - 2013-09-18 21:40 - 00848856 _____ (Panda Security                                              ) C:\Users\Johannes_2\Downloads\USBVaccineSetup(1).exe
2013-09-18 17:38 - 2013-09-21 09:05 - 00026287 _____ C:\Users\Johannes_2\Desktop\Addition.txt
2013-09-18 17:16 - 2013-09-21 13:55 - 00000000 ____D C:\FRST
2013-09-18 17:14 - 2013-09-18 17:15 - 01950524 _____ (Farbar) C:\Users\Johannes_2\Desktop\FRST64.exe
2013-09-16 18:45 - 2013-09-16 18:45 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\dvdcss
2013-09-15 15:03 - 2013-09-18 20:01 - 00000000 ____D C:\Users\Johannes_2\Documents\Lerothodi Bounces
2013-09-14 18:19 - 2013-09-16 21:36 - 00006655 _____ C:\Users\Johannes_2\Documents\blog3.odt
2013-09-14 16:22 - 2013-09-18 21:59 - 00000000 ____D C:\Users\Johannes_2\Desktop\anfängersongs
2013-09-14 13:26 - 2013-09-18 18:29 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\vlc
2013-09-14 13:11 - 2013-09-14 13:12 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\vlc
2013-09-14 13:11 - 2013-09-14 13:11 - 00001081 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-09-14 13:10 - 2013-09-14 13:10 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-09-14 12:59 - 2013-09-14 13:08 - 23003252 _____ C:\Users\Johannes_2\Downloads\vlc-2.0.8_win32.exe
2013-09-13 17:37 - 2013-09-13 17:37 - 00001159 _____ C:\Users\Johannes_2\Desktop\oh happy day.txt
2013-09-12 23:08 - 2013-09-12 23:08 - 00001794 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-12 23:07 - 2013-09-12 23:08 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-12 23:07 - 2013-09-12 23:08 - 00000000 ____D C:\Program Files\iTunes
2013-09-12 23:07 - 2013-09-12 23:07 - 00000000 ____D C:\Program Files\iPod
2013-09-12 22:19 - 2013-09-12 22:19 - 00002407 _____ C:\Users\Johannes_2\Desktop\Google Earth.lnk
2013-09-12 22:19 - 2013-09-12 22:19 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Earth
2013-09-12 22:18 - 2013-09-12 22:18 - 00000000 ____D C:\Users\Johannes_2\AppData\Local\Google
2013-09-12 22:04 - 2013-09-12 22:16 - 25415728 _____ C:\Users\Johannes_2\Downloads\GoogleEarth1888Win.exe
2013-09-07 19:56 - 2013-09-15 18:19 - 00000000 ____D C:\Users\Johannes_2\Desktop\blogbilder
2013-09-07 10:50 - 2013-09-07 10:50 - 00001106 _____ C:\Users\Public\Desktop\Mascom internet.lnk
2013-09-07 10:50 - 2013-09-07 10:50 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
2013-09-07 10:50 - 2013-09-07 10:50 - 00000000 ____D C:\ProgramData\Mascom internet
2013-09-07 10:49 - 2012-12-03 13:22 - 00241152 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_juwwanecm.sys
2013-09-07 10:49 - 2012-12-03 12:40 - 00452608 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbwwan.sys
2013-09-07 10:49 - 2012-10-30 06:42 - 00014336 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_usbenumfilter.sys
2013-09-07 10:49 - 2012-10-29 13:44 - 00076800 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jucdcecm.sys
2013-09-07 10:49 - 2012-08-20 02:55 - 00104960 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jucdcacm.sys
2013-09-07 10:49 - 2012-08-20 02:55 - 00090112 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jubusenum.sys
2013-09-07 10:49 - 2012-08-20 02:55 - 00030720 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_juextctrl.sys
2013-09-07 10:49 - 2012-08-20 02:37 - 01490656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01007.dll
2013-09-07 10:49 - 2012-08-20 02:37 - 01490656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfCoInstaller01007.dll
2013-09-07 10:49 - 2011-12-31 03:20 - 00225920 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbmdm.sys
2013-09-07 10:49 - 2010-10-08 10:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\WINDOWS\system32\Drivers\ewdcsc.sys
2013-09-07 10:49 - 2010-09-26 12:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwupgrade.sys
2013-09-07 10:49 - 2010-08-06 01:43 - 01001472 _____ (DiBcom SA) C:\WINDOWS\system32\Drivers\mod7700.sys
2013-09-07 10:49 - 2010-07-27 03:52 - 00117248 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwusbdev.sys
2013-09-07 10:48 - 2013-09-07 10:50 - 00000000 ____D C:\ProgramData\DatacardService
2013-09-07 10:48 - 2013-09-07 10:50 - 00000000 ____D C:\Program Files (x86)\Mascom internet
2013-09-06 16:05 - 2013-09-06 16:07 - 00000000 ____D C:\Users\Johannes_2\Desktop\filme
2013-09-04 18:35 - 2013-08-15 17:46 - 00059525 _____ C:\Users\Johannes_2\angry birds.vbe
2013-09-03 18:25 - 2013-09-03 18:35 - 00003482 _____ C:\Users\Johannes_2\Documents\hühner.odt
2013-09-02 16:37 - 2013-09-02 16:37 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2013-09-01 18:55 - 2013-09-07 22:53 - 00007151 _____ C:\Users\Johannes_2\Documents\2. Blogeintrag.odt
2013-09-01 17:56 - 2013-09-01 18:30 - 00003844 _____ C:\Users\Johannes_2\Documents\1.Blogeintrag.odt
2013-08-30 17:21 - 2013-08-30 17:21 - 00002978 _____ C:\Users\Johannes_2\Documents\Dokument.odt
2013-08-29 18:20 - 2012-12-25 09:37 - 00000000 ____D C:\Users\Johannes_2\Desktop\AUDIO_TS
2013-08-29 18:13 - 2013-08-29 18:20 - 00000000 ____D C:\Users\Johannes_2\Desktop\VIDEO_TS
2013-08-28 19:38 - 2013-08-28 19:38 - 00000428 _____ C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD-RW-Laufwerk (E) RACIST.lnk
2013-08-26 23:08 - 2013-09-02 17:03 - 00000000 ____D C:\Users\Johannes_2\Documents\tagebuch
2013-08-24 00:12 - 2013-08-24 00:28 - 51794785 _____ C:\Users\Johannes_2\Desktop\Unbenannt-2.psd
2013-08-23 23:23 - 2013-08-23 23:23 - 01234944 _____ C:\Users\Johannes_2\Downloads\SetupATX.exe
2013-08-23 23:07 - 2013-09-07 19:04 - 00000000 ____D C:\Users\Johannes_2\Desktop\fsj
2013-08-23 23:06 - 2013-08-23 23:07 - 00000000 ____D C:\Users\Johannes_2\Desktop\Album Frank
2013-08-23 23:06 - 2013-08-23 23:06 - 00000000 ____D C:\Users\Johannes_2\Desktop\rezepte
2013-08-23 23:04 - 2013-08-23 23:04 - 00002040 _____ C:\Users\postgres\Desktop\Finale PrintMusic 2006.lnk
2013-08-23 23:04 - 2013-08-23 23:04 - 00002040 _____ C:\Users\Johannes_2\Desktop\Finale PrintMusic 2006.lnk
2013-08-23 23:04 - 2013-08-23 23:04 - 00002040 _____ C:\Users\Johannes\Desktop\Finale PrintMusic 2006.lnk
2013-08-23 23:04 - 2013-08-23 23:04 - 00000167 _____ C:\WINDOWS\winiini.fin
2013-08-23 23:04 - 2013-08-23 23:04 - 00000000 ____D C:\Program Files (x86)\Finale PrintMusic 2006
2013-08-23 23:04 - 2004-03-29 15:23 - 00090112 _____ (MindVision Software) C:\WINDOWS\unvise32.exe

==================== One Month Modified Files and Folders =======

2013-09-21 13:55 - 2013-09-18 17:16 - 00000000 ____D C:\FRST
2013-09-21 13:54 - 2012-11-02 14:30 - 01172622 _____ C:\WINDOWS\WindowsUpdate.log
2013-09-21 13:52 - 2012-09-13 20:32 - 00477008 _____ C:\WINDOWS\PFRO.log
2013-09-21 13:52 - 2012-07-26 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-09-21 13:51 - 2013-05-11 21:10 - 00000000 ___RD C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-21 13:50 - 2013-09-21 13:51 - 00000134 _____ C:\Users\Johannes\Desktop\Fixlist.txt
2013-09-21 13:43 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\sru
2013-09-21 09:42 - 2013-09-21 09:41 - 00000000 ____D C:\Users\Johannes_2\Desktop\blogtexte
2013-09-21 09:40 - 2013-08-01 01:31 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-09-21 09:38 - 2013-06-07 14:50 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\Mozilla
2013-09-21 09:28 - 2013-05-11 21:16 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1160456912-2462130871-4204107674-1002
2013-09-21 09:05 - 2013-09-18 17:38 - 00026287 _____ C:\Users\Johannes_2\Desktop\Addition.txt
2013-09-21 08:43 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2013-09-21 07:06 - 2013-09-21 07:06 - 00000000 ____D C:\Program Files (x86)\ESET
2013-09-20 22:17 - 2012-11-02 23:06 - 00753134 _____ C:\WINDOWS\system32\perfh007.dat
2013-09-20 22:17 - 2012-11-02 23:06 - 00155826 _____ C:\WINDOWS\system32\perfc007.dat
2013-09-20 22:17 - 2012-07-26 09:28 - 01745416 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-09-20 22:11 - 2013-09-20 22:11 - 00891144 _____ C:\Users\Johannes_2\Desktop\SecurityCheck.exe
2013-09-20 22:09 - 2013-09-20 22:08 - 02347384 _____ (ESET) C:\Users\Johannes_2\Downloads\esetsmartinstaller_enu.exe
2013-09-20 17:13 - 2013-09-20 17:13 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Malwarebytes
2013-09-20 17:05 - 2013-09-20 17:05 - 00000795 _____ C:\Users\Johannes\Desktop\JRT.txt
2013-09-20 16:52 - 2013-09-20 16:52 - 00000000 ____D C:\WINDOWS\ERUNT
2013-09-20 16:43 - 2013-09-20 16:42 - 00000000 ____D C:\AdwCleaner
2013-09-20 16:09 - 2013-09-20 16:09 - 00001124 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-20 16:09 - 2013-09-20 16:09 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\Malwarebytes
2013-09-20 16:09 - 2013-09-20 16:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-20 16:09 - 2013-09-20 16:09 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-20 16:08 - 2013-09-20 16:07 - 01029675 _____ (Thisisu) C:\Users\Johannes_2\Desktop\JRT.exe
2013-09-20 16:07 - 2013-09-20 16:07 - 01039554 _____ C:\Users\Johannes_2\Desktop\adwcleaner.exe
2013-09-20 16:06 - 2013-09-20 16:05 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Johannes_2\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-20 16:02 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-09-19 18:20 - 2013-09-19 16:36 - 00000000 ____D C:\Qoobox
2013-09-19 18:19 - 2013-09-19 18:19 - 00027723 _____ C:\ComboFix.txt
2013-09-19 18:16 - 2013-05-11 21:12 - 00000000 ____D C:\Users\Johannes_2\AppData\Local\CrashDumps
2013-09-19 18:16 - 2012-07-26 07:26 - 00000215 _____ C:\WINDOWS\system.ini
2013-09-19 17:40 - 2013-05-11 21:14 - 00000000 ____D C:\Users\Johannes\AppData\Local\Adobe
2013-09-19 17:40 - 2013-05-11 19:26 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\Adobe
2013-09-19 17:38 - 2013-09-19 17:38 - 00029130 _____ C:\ComboFix1.txt
2013-09-19 17:38 - 2013-05-11 19:26 - 00000000 ___RD C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-19 17:38 - 2013-05-11 19:26 - 00000000 ___RD C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-19 17:35 - 2013-09-19 16:35 - 00000000 ____D C:\WINDOWS\erdnt
2013-09-19 16:33 - 2013-05-13 16:21 - 00000000 ____D C:\Program Files (x86)\Panda USB Vaccine
2013-09-18 21:59 - 2013-09-14 16:22 - 00000000 ____D C:\Users\Johannes_2\Desktop\anfängersongs
2013-09-18 21:44 - 2013-09-18 21:41 - 05128653 ____R (Swearware) C:\Users\Johannes_2\Desktop\ComboFix.exe
2013-09-18 21:40 - 2013-09-18 21:40 - 00848856 _____ (Panda Security                                              ) C:\Users\Johannes_2\Downloads\USBVaccineSetup(1).exe
2013-09-18 20:01 - 2013-09-15 15:03 - 00000000 ____D C:\Users\Johannes_2\Documents\Lerothodi Bounces
2013-09-18 18:29 - 2013-09-14 13:26 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\vlc
2013-09-18 17:15 - 2013-09-18 17:14 - 01950524 _____ (Farbar) C:\Users\Johannes_2\Desktop\FRST64.exe
2013-09-18 17:09 - 2013-06-14 21:31 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Dropbox
2013-09-18 17:08 - 2013-06-14 21:37 - 00000000 ___RD C:\Users\Johannes_2\Dropbox
2013-09-18 07:16 - 2012-07-26 07:26 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-09-17 16:34 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\rescache
2013-09-17 15:53 - 2012-07-26 09:21 - 00051663 _____ C:\WINDOWS\setupact.log
2013-09-16 21:44 - 2013-08-01 01:31 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-09-16 21:36 - 2013-09-14 18:19 - 00006655 _____ C:\Users\Johannes_2\Documents\blog3.odt
2013-09-16 18:45 - 2013-09-16 18:45 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\dvdcss
2013-09-16 18:40 - 2013-06-10 16:30 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Audacity
2013-09-15 18:19 - 2013-09-07 19:56 - 00000000 ____D C:\Users\Johannes_2\Desktop\blogbilder
2013-09-14 13:12 - 2013-09-14 13:11 - 00000000 ____D C:\Users\Johannes\AppData\Roaming\vlc
2013-09-14 13:11 - 2013-09-14 13:11 - 00001081 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-09-14 13:10 - 2013-09-14 13:10 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-09-14 13:08 - 2013-09-14 12:59 - 23003252 _____ C:\Users\Johannes_2\Downloads\vlc-2.0.8_win32.exe
2013-09-13 17:37 - 2013-09-13 17:37 - 00001159 _____ C:\Users\Johannes_2\Desktop\oh happy day.txt
2013-09-12 23:08 - 2013-09-12 23:08 - 00001794 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-12 23:08 - 2013-09-12 23:07 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-12 23:08 - 2013-09-12 23:07 - 00000000 ____D C:\Program Files\iTunes
2013-09-12 23:08 - 2013-07-16 20:26 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-12 23:07 - 2013-09-12 23:07 - 00000000 ____D C:\Program Files\iPod
2013-09-12 23:07 - 2013-07-15 13:26 - 00000000 ____D C:\ProgramData\Apple Computer
2013-09-12 22:19 - 2013-09-12 22:19 - 00002407 _____ C:\Users\Johannes_2\Desktop\Google Earth.lnk
2013-09-12 22:19 - 2013-09-12 22:19 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Earth
2013-09-12 22:18 - 2013-09-12 22:18 - 00000000 ____D C:\Users\Johannes_2\AppData\Local\Google
2013-09-12 22:16 - 2013-09-12 22:04 - 25415728 _____ C:\Users\Johannes_2\Downloads\GoogleEarth1888Win.exe
2013-09-08 14:18 - 2013-05-13 15:39 - 00003924 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2013-09-08 14:18 - 2013-05-13 15:39 - 00000000 _____ C:\WINDOWS\SysWOW64\config.nt
2013-09-07 22:53 - 2013-09-01 18:55 - 00007151 _____ C:\Users\Johannes_2\Documents\2. Blogeintrag.odt
2013-09-07 19:04 - 2013-08-23 23:07 - 00000000 ____D C:\Users\Johannes_2\Desktop\fsj
2013-09-07 10:50 - 2013-09-07 10:50 - 00001106 _____ C:\Users\Public\Desktop\Mascom internet.lnk
2013-09-07 10:50 - 2013-09-07 10:50 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
2013-09-07 10:50 - 2013-09-07 10:50 - 00000000 ____D C:\ProgramData\Mascom internet
2013-09-07 10:50 - 2013-09-07 10:48 - 00000000 ____D C:\ProgramData\DatacardService
2013-09-07 10:50 - 2013-09-07 10:48 - 00000000 ____D C:\Program Files (x86)\Mascom internet
2013-09-06 16:07 - 2013-09-06 16:05 - 00000000 ____D C:\Users\Johannes_2\Desktop\filme
2013-09-04 20:13 - 2013-07-24 19:06 - 00000000 ____D C:\Users\Johannes_2\Documents\setswana
2013-09-04 19:57 - 2013-07-14 23:09 - 04989696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-09-04 18:35 - 2013-05-11 21:09 - 00000000 ____D C:\Users\Johannes_2
2013-09-03 18:35 - 2013-09-03 18:25 - 00003482 _____ C:\Users\Johannes_2\Documents\hühner.odt
2013-09-02 17:03 - 2013-08-26 23:08 - 00000000 ____D C:\Users\Johannes_2\Documents\tagebuch
2013-09-02 16:41 - 2013-05-11 21:11 - 00000000 ____D C:\Users\Johannes_2\Documents\Bluetooth-Exchange-Ordner
2013-09-02 16:37 - 2013-09-02 16:37 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2013-09-01 18:30 - 2013-09-01 17:56 - 00003844 _____ C:\Users\Johannes_2\Documents\1.Blogeintrag.odt
2013-08-30 17:21 - 2013-08-30 17:21 - 00002978 _____ C:\Users\Johannes_2\Documents\Dokument.odt
2013-08-30 09:48 - 2013-05-13 15:40 - 01030952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2013-08-30 09:48 - 2013-05-13 15:40 - 00378944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2013-08-30 09:48 - 2013-05-13 15:40 - 00204880 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-08-30 09:48 - 2013-05-13 15:40 - 00072016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2013-08-30 09:48 - 2013-05-13 15:40 - 00065336 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2013-08-30 09:48 - 2013-05-13 15:40 - 00064288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2013-08-30 09:48 - 2013-05-13 15:40 - 00033400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFsBlk.sys
2013-08-30 09:48 - 2013-05-13 15:39 - 00080816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2013-08-30 09:47 - 2013-05-13 15:39 - 00287840 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2013-08-30 09:47 - 2013-05-13 15:39 - 00041664 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2013-08-29 18:29 - 2013-07-16 20:26 - 00000000 ____D C:\Users\Johannes_2\AppData\Local\Apple Computer
2013-08-29 18:20 - 2013-08-29 18:13 - 00000000 ____D C:\Users\Johannes_2\Desktop\VIDEO_TS
2013-08-28 19:38 - 2013-08-28 19:38 - 00000428 _____ C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD-RW-Laufwerk (E) RACIST.lnk
2013-08-24 00:28 - 2013-08-24 00:12 - 51794785 _____ C:\Users\Johannes_2\Desktop\Unbenannt-2.psd
2013-08-23 23:48 - 2013-05-11 21:10 - 00000000 ____D C:\Users\Johannes_2\AppData\Roaming\Adobe
2013-08-23 23:23 - 2013-08-23 23:23 - 01234944 _____ C:\Users\Johannes_2\Downloads\SetupATX.exe
2013-08-23 23:07 - 2013-08-23 23:06 - 00000000 ____D C:\Users\Johannes_2\Desktop\Album Frank
2013-08-23 23:06 - 2013-08-23 23:06 - 00000000 ____D C:\Users\Johannes_2\Desktop\rezepte
2013-08-23 23:05 - 2013-05-11 21:09 - 00000000 ____D C:\Users\Johannes_2\AppData\Local\VirtualStore
2013-08-23 23:05 - 2012-11-02 14:29 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-08-23 23:04 - 2013-08-23 23:04 - 00002040 _____ C:\Users\postgres\Desktop\Finale PrintMusic 2006.lnk
2013-08-23 23:04 - 2013-08-23 23:04 - 00002040 _____ C:\Users\Johannes_2\Desktop\Finale PrintMusic 2006.lnk
2013-08-23 23:04 - 2013-08-23 23:04 - 00002040 _____ C:\Users\Johannes\Desktop\Finale PrintMusic 2006.lnk
2013-08-23 23:04 - 2013-08-23 23:04 - 00000167 _____ C:\WINDOWS\winiini.fin
2013-08-23 23:04 - 2013-08-23 23:04 - 00000000 ____D C:\Program Files (x86)\Finale PrintMusic 2006
2013-08-22 23:54 - 2013-05-11 21:10 - 00017479 _____ C:\Users\Johannes_2\AppData\Roaming\AbsoluteReminder.xml
2013-08-22 23:48 - 2013-06-07 10:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-22 17:55 - 2013-05-13 15:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-22 17:52 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-08-22 17:52 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-08-22 17:52 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-22 17:52 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender

Files to move or delete:
====================
C:\ProgramData\PKP_DLes.DAT
C:\ProgramData\PKP_DLet.DAT
C:\ProgramData\PKP_DLev.DAT


Some content of TEMP:
====================
C:\Users\Johannes\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-20 07:06

==================== End Of Log ============================
--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2013 03
Ran by Johannes at 2013-09-21 13:56:55
Running from C:\Users\Johannes_2\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Absolute Reminder (x32 Version: 2.1.0.9)
Adobe AIR (x32 Version: 3.8.0.870)
Adobe Community Help (x32 Version: 3.0.0)
Adobe Community Help (x32 Version: 3.0.0.400)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Media Player (x32 Version: 1.8)
Adobe Photoshop CS5 (x32 Version: 12.0)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Alcor Micro USB Card Reader (x32 Version: 3.12.3042.71515)
Anzeige am Bildschirm (Version: 7.01.00)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Audacity 2.0.3 (x32 Version: 2.0.3)
avast! Free Antivirus (x32 Version: 8.0.1497.0)
Bonjour (Version: 3.0.0.10)
Broadcom 802.11 Network Adapter (Version: 6.20.55.57)
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
ESET Online Scanner v3 (x32)
FileHippo.com Update Checker (x32)
Finale PrintMusic 2006 (x32)
Fotogalerie (x32 Version: 16.4.3508.0205)
Free YouTube to MP3 Converter version 3.12.3.610 (x32 Version: 3.12.3.610)
FreeRide Games (x32 Version: 07.05.80.00)
Google Earth (x32 Version: 7.1.1.1888)
Integrated Camera (x32 Version: 5.12.831.31)
Intel AppUp(SM) center (x32 Version: 3.6.1.33057.10)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2843)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel(R) Update Manager (x32 Version: 1.0.0.34813)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
iTunes (Version: 11.0.4.4)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Lenovo Auto Scroll Utility (Version: 1.32)
Lenovo Dependency Package (x32 Version: 1.0)
Lenovo Patch Utility (x32 Version: 1.3.1.1)
Lenovo Patch Utility 64 bit (Version: 1.3.1.1)
Lenovo Power Management Driver (Version: 1.66.00.07)
Lenovo QuickLaunch (x32 Version: 1.00.0025)
Lenovo Settings - Camera Audio (Version: 4.0.5.0)
Lenovo Settings Dependency Package (Version: 1.0.0.12)
Lenovo Settings Mobile Hotspot (Version: 1.0.0.21)
Lenovo Solution Center (Version: 2.1.003.00)
Lenovo Solutions for Small Business (x32 Version: 1.1.22.3687)
Lenovo Solutions for Small Business Customizations (x32 Version: 1.1.0004.00)
Lenovo System Update (x32 Version: 5.00.0014)
Lenovo User Guide (x32 Version: 1.0.0008.00)
Lenovo Warranty Information (x32 Version: 1.0.0007.00)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Mascom internet (x32 Version: 23.009.11.00.273)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office (x32 Version: 14.0.6120.5004)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Movie Maker (x32 Version: 16.4.3508.0205)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 17.0.8)
Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
Nightly 24.0a1 (x64 en-US) (Version: 24.0a1)
Nikon Message Center 2 (x32 Version: 2.0.1)
Panda USB Vaccine 1.0.1.4 (x32)
Password Vault (Version: 6.0.200.75)
PDF Settings CS5 (x32 Version: 10.0)
Photo Common (x32 Version: 16.4.3508.0205)
Photo Gallery (x32 Version: 16.4.3508.0205)
Picture Control Utility (x32 Version: 1.2.2)
PokerStars.eu (x32)
PokerTracker 4 (remove only) (x32)
QuickTime (x32 Version: 7.74.80.86)
Realtek Ethernet Controller Driver (x32 Version: 8.2.612.2012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6710)
Secunia PSI (3.0.0.7009) (x32 Version: 3.0.0.7009)
Skype™ 6.6 (x32 Version: 6.6.106)
SugarSync Manager (x32 Version: 1.9.61.90905)
Synaptics Pointing Device Driver (Version: 16.2.10.5)
ThinkPad Bluetooth with Enhanced Data Rate Software (Version: 12.0.0.1900)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553092) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
US122 Driver 3.40 (Version: 3.40)
US-122 MKII / US-144 MKII
ViewNX 2 (x32 Version: 2.1.2)
VLC media player 2.0.8 (x32 Version: 2.0.8)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205)
Windows Live Essentials (x32 Version: 16.4.3508.0205)
Windows Live Installer (x32 Version: 16.4.3508.0205)
Windows Live Photo Common (x32 Version: 16.4.3508.0205)
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205)
Windows Live SOXE (x32 Version: 16.4.3508.0205)
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205)
Windows Live UX Platform (x32 Version: 16.4.3508.0205)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205)
Windows-Treiberpaket - Intel Corporation (iaStorA) HDC  (07/09/2012 11.5.0.1207) (Version: 07/09/2012 11.5.0.1207)
Windows-Treiberpaket - Lenovo 1.66.00.07 (08/15/2012 1.66.00.07) (Version: 08/15/2012 1.66.00.07)
YTD Video Downloader 4.3 (x32 Version: 4.3)

==================== Restore Points  =========================

19-09-2013 14:36:41 ComboFix created restore point

==================== Hosts content: ==========================

2012-07-26 07:26 - 2013-09-19 17:34 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0177425A-B18A-4B49-9D0F-E947F11FBC92} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\System32\sdengin2.dll [2012-07-26] (Microsoft Corporation)
Task: {05DD919C-A5B6-4583-8C63-7937F9E8FFB6} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] ()
Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation)
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\System32\sysmain.dll [2013-05-04] (Microsoft Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\WSClient.dll [2012-09-20] (Microsoft Corporation)
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {30890797-9BEF-4C57-8ADE-2D94FCCF1F7E} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {30AD97A8-8850-4D42-A243-CF20D9745D05} - System32\Tasks\TVT\TVSUUpdateTask_WIN-CFG50OF50EJ_Administrator => C:\Program Files (x86)\Lenovo\System Update\tvsu.exe [2012-08-15] ()
Task: {36C2C64A-F056-49F3-A268-A7F0428D10FE} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-16] (Adobe Systems Incorporated)
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {3E292994-4035-41FE-B480-255D4FB56EB7} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {449A65C6-085D-4AB9-8A37-CDFCD83B6C57} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {46A4D379-6460-4796-AA0D-2E3E2357EAAA} - System32\Tasks\Lenovo\LSC\CreateHardwareScanTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCScheduler.exe [2013-05-17] ()
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation)
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {52E577EF-5861-4E1B-9910-B7581A8761B1} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => Sc.exe start wuauserv
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation)
Task: {66237EB2-156A-4211-A7E6-2BA885AA2693} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2013-05-17] (Lenovo)
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation)
Task: {6F09AE78-A951-4DBB-86A3-2CA41A623FBF} - System32\Tasks\TVT\TVSUUpdateTask_Johannes-PC_Johannes_2 => C:\Program Files (x86)\Lenovo\System Update\tvsu.exe [2012-08-15] ()
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {70252431-9192-4D5C-B222-90DD112D2B11} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe [2012-08-15] (Microsoft Corporation)
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {74A5FF28-E5B0-482D-B6C6-087D82C51823} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-05-17] (Lenovo)
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {96C06877-EB1B-438C-9A28-17E445E93491} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2013-05-17] (Lenovo)
Task: {985D3F30-F3D3-4779-85DE-4AEECD2858EA} - System32\Tasks\AdobeAAMUpdater-1.0-Johannes-PC-Johannes_2 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {994E042D-DED4-4404-B0CB-EC7B7212D0E2} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {9FF2532F-5ACA-4116-8318-A61D0CA42F08} - System32\Tasks\Intel\Intel Service Manager => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [2012-07-12] (Intel Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\WSClient.dll [2012-09-20] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {A8132B39-5395-4964-B2A8-192E970B34E0} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {AFFDBABB-BCFB-4787-8BB9-B6B53B894884} - System32\Tasks\Absolute Reminder => C:\Program Files (x86)\Absolute Software\Absolute Reminder\AbsoluteReminder.exe [2012-07-06] (Absolute Software)
Task: {B44D3C3B-C8FB-4E7B-AD2C-87BDD018774A} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\WINDOWS\System32\lpksetup.exe [2012-09-20] (Microsoft Corporation)
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {BD04124B-70A4-4A35-B492-3E4C08AB6200} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1160456912-2462130871-4204107674-1002
Task: {BF2B1DF3-DEBE-456E-8DD2-AE7D45BA963D} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2013-05-17] (Lenovo)
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\System32\Windows.Storage.ApplicationData.dll [2012-07-26] (Microsoft Corporation)
Task: {C8C26483-1CA1-4F14-AC06-2744EE93010F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software)
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {D08CC490-EBDB-4752-B04E-C9517A807C35} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation)
Task: {EA56E589-A944-4F3F-9F49-F988226F519A} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {EAD237E7-D276-4257-9F16-51DF41548733} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\System32\Startupscan.dll [2012-07-26] (Microsoft Corporation)
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: {FBCCEB1D-48B9-43F3-98CC-B6E9CE7D9AB2} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1160456912-2462130871-4204107674-1001
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-06-05 19:17 - 2013-06-05 19:17 - 00164016 _____ (Dropbox, Inc.) C:\Users\Johannes_2\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
2011-03-17 00:07 - 2011-03-17 00:07 - 04297568 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-05-14 19:39 - 2012-05-14 19:39 - 00463952 _____ (SugarSync, Inc.) C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll
2012-08-17 11:23 - 2012-08-17 11:23 - 00044408 _____ () C:\Program Files\ThinkPad\Bluetooth Software\BtwLeAPI.dll
2012-08-31 05:43 - 2012-08-31 05:43 - 00171880 _____ (AuthenTec) C:\Program Files\Lenovo Fingerprint Reader\TSLog.dll
2012-08-31 05:42 - 2012-08-31 05:42 - 02501992 _____ (AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\biolayer.dll
2012-08-31 05:43 - 2012-08-31 05:43 - 08675176 _____ (HP) C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteDlg.dll
2012-08-31 05:42 - 2012-08-31 05:42 - 02553192 _____ (AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\AutoSoftwareUpdate.dll
2012-08-31 05:43 - 2012-08-31 05:43 - 01130344 _____ () C:\Program Files\Lenovo Fingerprint Reader\DataManager.dll
2012-07-16 07:59 - 2012-07-16 07:59 - 06593384 _____ (AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueAPI.dll
2012-08-31 05:43 - 2012-08-31 05:43 - 00087400 _____ () C:\Program Files\Lenovo Fingerprint Reader\ssutil.dll
2012-08-31 05:43 - 2012-08-31 05:43 - 00332648 _____ (Authentec Inc.) C:\Program Files\Lenovo Fingerprint Reader\TokenMachine.dll
2012-11-02 14:21 - 2012-08-24 12:52 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrDEU.lrc
2012-11-02 14:21 - 2012-08-24 12:52 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-11-02 14:17 - 2012-08-16 08:23 - 01046328 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2012-11-02 14:17 - 2012-08-16 08:23 - 00228664 _____ (Synaptics Incorporated) C:\WINDOWS\SYSTEM32\SynTPAPI.dll
2009-03-30 15:58 - 2009-03-30 15:58 - 00254464 _____ (Nikon Corp.) C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkRSSLib.dll
2009-07-31 15:33 - 2009-07-31 15:33 - 00253440 _____ (Nikon Corporation) C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2RuleLibrary.dll
2009-07-31 15:31 - 2009-07-31 15:31 - 00247808 _____ (Nikon Corporation) C:\Program Files (x86)\Nikon\Nikon Message Center 2\ProductInfoLib.dll
2009-12-10 15:49 - 2009-12-10 15:49 - 00259072 _____ (Nikon Corporation) C:\Program Files (x86)\Nikon\Nikon Message Center 2\MCARecLib.dll
2009-12-18 14:10 - 2009-12-18 14:10 - 00197632 _____ (Nikon Corporation) C:\Program Files (x86)\Nikon\Nikon Message Center 2\Localization\DE\NkMC2Lang.dll
2010-11-17 13:16 - 2010-11-17 13:16 - 00053024 _____ (Open Source Software community project) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-08-30 23:05 - 2011-08-30 23:05 - 00085864 _____ (Apple Inc.) C:\WINDOWS\SYSTEM32\dnssd.dll
2013-08-18 22:11 - 2013-08-14 19:55 - 03551640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2012-11-02 14:30 - 2012-07-12 11:31 - 00215304 _____ () C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\System.ComponentModel.Composition.dll
2012-11-02 14:30 - 2012-07-12 11:31 - 00051464 _____ () C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\Interop.TaskScheduler.dll
2012-08-31 05:45 - 2012-08-31 05:45 - 01510248 _____ (AuthenTec, Inc) C:\Program Files\Lenovo Fingerprint Reader\npffwloplugin.dll
2012-08-31 05:44 - 2012-08-31 05:44 - 00150888 _____ (AuthenTec) C:\Program Files\Lenovo Fingerprint Reader\x86\TSLog.dll
2012-08-31 05:43 - 2012-08-31 05:43 - 01865064 _____ (AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\x86\BioLayer.dll
2012-08-31 05:44 - 2012-08-31 05:44 - 08672616 _____ (HP) C:\Program Files\Lenovo Fingerprint Reader\x86\TrueSuiteDlg.dll
2012-08-31 05:44 - 2012-08-31 05:44 - 00900456 _____ () C:\Program Files\Lenovo Fingerprint Reader\x86\DataManager.dll
2012-07-16 07:59 - 2012-07-16 07:59 - 05901160 _____ (AuthenTec, Inc.) C:\Program Files (x86)\Common Files\AuthenTec\TrueAPI.dll
2012-08-31 05:43 - 2012-08-31 05:43 - 00293736 _____ (AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\x86\BioLayerAdapter.dll
2012-08-31 05:43 - 2012-08-31 05:43 - 01865064 _____ (AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\x86\biolayer.dll

==================== Alternate Data Streams (whitelisted) ==========



==================== Faulty Device Manager Devices =============

Name: WAN-Miniport (Netzwerkmonitor)
Description: WAN-Miniport (Netzwerkmonitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (09/21/2013 01:55:25 PM) (Source: Location Task Manager) (User: )
Description: (CheckLpdVersion()): Die Datei "common_lpd.xml" konnte nicht geöffnet werden. Überprüfen Sie, ob "Location Awareness" installiert ist: C:\ProgramData\Lenovo\LocationAware\common_lpd.xml

Error: (09/21/2013 01:55:25 PM) (Source: Location Task Manager) (User: )
Description: (CheckLpdVersion()): "user_lpd.xml" konnte nicht gefunden werden. Überprüfen Sie, ob "Lenovo Settings" installiert ist: C:\Users\Johannes_2\AppData\Local\Packages\LenovoCorporation.LenovoSettings_4642shxvsv8s2\LocalState\user_lpd.xml

Error: (09/21/2013 09:38:23 AM) (Source: MsiInstaller) (User: Johannes-PC)
Description: Produkt: Ask Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren:

Mozilla Firefox

Error: (09/21/2013 09:23:11 AM) (Source: Location Task Manager) (User: )
Description: (CheckLpdVersion()): Die Datei "common_lpd.xml" konnte nicht geöffnet werden. Überprüfen Sie, ob "Location Awareness" installiert ist: C:\ProgramData\Lenovo\LocationAware\common_lpd.xml

Error: (09/21/2013 09:23:11 AM) (Source: Location Task Manager) (User: )
Description: (CheckLpdVersion()): "user_lpd.xml" konnte nicht gefunden werden. Überprüfen Sie, ob "Lenovo Settings" installiert ist: C:\Users\Johannes_2\AppData\Local\Packages\LenovoCorporation.LenovoSettings_4642shxvsv8s2\LocalState\user_lpd.xml

Error: (09/21/2013 09:20:17 AM) (Source: PostgreSQL) (User: )
Description: postgres kann nicht auf die Serverkonfigurationsdatei �C:/Program Files (x86)/PostgreSQL/9.0/data/postgresql.conf� zugreifen: No such file or directory

Error: (09/21/2013 07:06:11 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (09/21/2013 07:06:07 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (09/21/2013 03:03:29 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (09/21/2013 03:03:28 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (09/21/2013 01:53:24 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/21/2013 01:53:24 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/21/2013 01:53:19 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/21/2013 01:53:19 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/21/2013 01:53:09 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "postgresql-x64-9.0 - PostgreSQL Server 9.0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/21/2013 01:53:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Mascom internet. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (09/21/2013 01:53:08 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Mascom internet. OUC erreicht.

Error: (09/21/2013 01:52:19 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0

Error: (09/21/2013 09:20:23 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/21/2013 09:20:23 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


Microsoft Office Sessions:
=========================
Error: (09/21/2013 01:55:25 PM) (Source: Location Task Manager)(User: )
Description: (CheckLpdVersion()): Die Datei "common_lpd.xml" konnte nicht geöffnet werden. Überprüfen Sie, ob "Location Awareness" installiert ist: C:\ProgramData\Lenovo\LocationAware\common_lpd.xml

Error: (09/21/2013 01:55:25 PM) (Source: Location Task Manager)(User: )
Description: (CheckLpdVersion()): "user_lpd.xml" konnte nicht gefunden werden. Überprüfen Sie, ob "Lenovo Settings" installiert ist: C:\Users\Johannes_2\AppData\Local\Packages\LenovoCorporation.LenovoSettings_4642shxvsv8s2\LocalState\user_lpd.xml

Error: (09/21/2013 09:38:23 AM) (Source: MsiInstaller)(User: Johannes-PC)
Description: Produkt: Ask Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren:

Mozilla Firefox(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/21/2013 09:23:11 AM) (Source: Location Task Manager)(User: )
Description: (CheckLpdVersion()): Die Datei "common_lpd.xml" konnte nicht geöffnet werden. Überprüfen Sie, ob "Location Awareness" installiert ist: C:\ProgramData\Lenovo\LocationAware\common_lpd.xml

Error: (09/21/2013 09:23:11 AM) (Source: Location Task Manager)(User: )
Description: (CheckLpdVersion()): "user_lpd.xml" konnte nicht gefunden werden. Überprüfen Sie, ob "Lenovo Settings" installiert ist: C:\Users\Johannes_2\AppData\Local\Packages\LenovoCorporation.LenovoSettings_4642shxvsv8s2\LocalState\user_lpd.xml

Error: (09/21/2013 09:20:17 AM) (Source: PostgreSQL)(User: )
Description: postgres kann nicht auf die Serverkonfigurationsdatei �C:/Program Files (x86)/PostgreSQL/9.0/data/postgresql.conf� zugreifen: No such file or directory

Error: (09/21/2013 07:06:11 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Johannes_2\Downloads\esetsmartinstaller_enu.exe

Error: (09/21/2013 07:06:07 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Johannes_2\Downloads\esetsmartinstaller_enu.exe

Error: (09/21/2013 03:03:29 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (09/21/2013 03:03:28 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKEngine.dll


CodeIntegrity Errors:
===================================
  Date: 2013-09-19 17:33:46.375
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 44%
Total physical RAM: 3854.22 MB
Available physical RAM: 2136.98 MB
Total Pagefile: 11278.22 MB
Available Pagefile: 9451.78 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:453.38 GB) (Free:373.6 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (INTENSO) (Removable) (Total:29.79 GB) (Free:29.79 GB) FAT32
Drive f: () (Removable) (Total:3.68 GB) (Free:2.69 GB) FAT32
Drive g: () (Removable) (Total:3.8 GB) (Free:1.37 GB) FAT32
Drive j: () (Removable) (Total:1.86 GB) (Free:1.85 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 89AE697D)

Partition: GPT Partition Type
========================================================
Disk: 1 (Size: 2 GB) (Disk ID: 00000000)

========================================================
Disk: 2 (Size: 30 GB) (Disk ID: 00000000)
Partition 1: (Active) - (Size=30 GB) - (Type=0C)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 4 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=4 GB) - (Type=0B)

========================================================
Disk: 4 (Size: 4 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0B)

==================== End Of Log ============================
Code:
Datentr„ger in Laufwerk C: ist Windows8_OS
 Volumeseriennummer: 88DC-EF2A

 Verzeichnis von C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Scripting\Sample Scripts\VBScript

07.04.2010  02:12            2.012 ApplyStyle.vbs
07.04.2010  02:12            4.684 BatchProcess.vbs
07.04.2010  02:12            2.333 ClipboardInteraction.vbs
07.04.2010  02:12            2.320 CreateAndExecuteAction.vbs
07.04.2010  02:12            1.307 CreateNewTextArt.vbs
07.04.2010  02:12            2.366 Crop.vbs
07.04.2010  02:12              589 DocumentByName.vbs
07.04.2010  02:12            1.860 DuplicateLayers.vbs
07.04.2010  02:12            2.473 ExecuteAction.vbs
07.04.2010  02:12              508 ExecuteJavaScript.vbs
07.04.2010  02:12            2.692 Filters.vbs
07.04.2010  02:12            2.404 HistoryState.vbs
07.04.2010  02:12            1.520 OpenDocument.vbs
07.04.2010  02:12            3.657 SaveAsFormats.vbs
07.04.2010  02:12            2.304 Selection.vbs
07.04.2010  02:12            1.880 SelectionEffects.vbs
07.04.2010  02:12            3.959 TextArt.vbs
07.04.2010  02:12            2.624 TextArtCenter.vbs
07.04.2010  02:12            1.819 Trim.vbs
              19 Datei(en),        43.311 Bytes

 Verzeichnis von C:\Program Files (x86)\Adobe\Adobe Photoshop CS5\Scripting\Sample Scripts\VBScript

07.04.2010  02:12            2.012 ApplyStyle.vbs
07.04.2010  02:12            4.684 BatchProcess.vbs
07.04.2010  02:12            2.333 ClipboardInteraction.vbs
07.04.2010  02:12            2.320 CreateAndExecuteAction.vbs
07.04.2010  02:12            1.307 CreateNewTextArt.vbs
07.04.2010  02:12            2.366 Crop.vbs
07.04.2010  02:12              589 DocumentByName.vbs
07.04.2010  02:12            1.860 DuplicateLayers.vbs
07.04.2010  02:12            2.473 ExecuteAction.vbs
07.04.2010  02:12              508 ExecuteJavaScript.vbs
07.04.2010  02:12            2.692 Filters.vbs
07.04.2010  02:12            2.404 HistoryState.vbs
07.04.2010  02:12            1.520 OpenDocument.vbs
07.04.2010  02:12            3.657 SaveAsFormats.vbs
07.04.2010  02:12            2.304 Selection.vbs
07.04.2010  02:12            1.880 SelectionEffects.vbs
07.04.2010  02:12            3.959 TextArt.vbs
07.04.2010  02:12            2.624 TextArtCenter.vbs
07.04.2010  02:12            1.819 Trim.vbs
              19 Datei(en),        43.311 Bytes

 Verzeichnis von C:\Program Files (x86)\Common Files\Adobe\Bridge CS5 Extensions\Adobe Output Module\mediagallery\resources\flashgallery

03.04.2009  17:19                48 AUTORUN.inf
              1 Datei(en),            48 Bytes

 Verzeichnis von C:\Program Files (x86)\Microsoft Office\Office14

06.03.2010  03:30            49.433 OSPP.VBS
              1 Datei(en),        49.433 Bytes

 Verzeichnis von C:\ProgramData\Microsoft\OEMOffice14\Office14

18.02.2011  21:23              175 autorun.inf
              1 Datei(en),            175 Bytes

 Verzeichnis von C:\Users\All Users\Microsoft\OEMOffice14\Office14

18.02.2011  21:23              175 autorun.inf
              1 Datei(en),            175 Bytes

 Verzeichnis von C:\Users\Johannes\AppData\Local\temp\jrt

03.02.2013  14:34              370 clean_shortcut.vbs
              1 Datei(en),            370 Bytes

 Verzeichnis von C:\Users\Johannes_2

15.08.2013  17:46            59.525 angry birds.vbe
              1 Datei(en),        59.525 Bytes

 Verzeichnis von C:\Users\Johannes_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

15.08.2013  17:46            59.525 angry birds.vbe
              1 Datei(en),        59.525 Bytes

 Verzeichnis von C:\Windows\System32

02.06.2012  16:31            43.980 gatherNetworkInfo.vbs
02.06.2012  16:33          135.866 slmgr.vbs
02.06.2012  16:34          204.105 winrm.vbs
              3 Datei(en),        383.951 Bytes

 Verzeichnis von C:\Windows\System32\Printing_Admin_Scripts\de-DE

02.11.2012  23:05          106.798 prncnfg.vbs
02.11.2012  23:05            51.986 prndrvr.vbs
02.11.2012  23:05            70.574 prnjobs.vbs
02.11.2012  23:05            82.080 prnmngr.vbs
02.11.2012  23:05            57.556 prnport.vbs
02.11.2012  23:05            51.806 prnqctl.vbs
02.11.2012  23:05            7.518 pubprn.vbs
              7 Datei(en),        428.318 Bytes

 Verzeichnis von C:\Windows\SysWOW64

02.06.2012  16:33          135.866 slmgr.vbs
02.06.2012  16:34          204.105 winrm.vbs
              2 Datei(en),        339.971 Bytes

 Verzeichnis von C:\Windows\SysWOW64\Printing_Admin_Scripts\de-DE

02.11.2012  23:05          106.798 prncnfg.vbs
02.11.2012  23:05            51.986 prndrvr.vbs
02.11.2012  23:05            70.574 prnjobs.vbs
02.11.2012  23:05            82.080 prnmngr.vbs
02.11.2012  23:05            57.556 prnport.vbs
02.11.2012  23:05            51.806 prnqctl.vbs
02.11.2012  23:05            7.518 pubprn.vbs
              7 Datei(en),        428.318 Bytes

 Verzeichnis von C:\Windows\WinSxS\amd64_microsoft-hyper-v-guest-installer_31bf3856ad364e35_6.2.9200.16384_none_ca6ea893ab872de8

02.06.2012  16:31              130 autorun.inf
              1 Datei(en),            130 Bytes

 Verzeichnis von C:\Windows\WinSxS\amd64_microsoft-hyper-v-guest-installer_31bf3856ad364e35_6.2.9200.16433_none_caa3b9cbab5f8603

02.06.2012  16:31              130 autorun.inf
              1 Datei(en),            130 Bytes

 Verzeichnis von C:\Windows\WinSxS\amd64_microsoft-hyper-v-guest-installer_31bf3856ad364e35_6.2.9200.20534_none_cb2e56e0c47c3f24

02.06.2012  16:31              130 autorun.inf
              1 Datei(en),            130 Bytes

 Verzeichnis von C:\Windows\WinSxS\amd64_microsoft-windows-iis-legacyscripts_31bf3856ad364e35_6.2.9200.16384_none_d710144e00fb34b4

02.06.2012  16:31            98.133 adsutil.vbs
02.06.2012  16:31            41.401 IIsExt.vbs
              2 Datei(en),        139.534 Bytes

 Verzeichnis von C:\Windows\WinSxS\amd64_microsoft-windows-nettrace-netsh-helper_31bf3856ad364e35_6.2.9200.16384_none_f3f707bbfa181135

02.06.2012  16:31            43.980 gatherNetworkInfo.vbs
              1 Datei(en),        43.980 Bytes

 Verzeichnis von C:\Windows\WinSxS\amd64_microsoft-windows-p..inscripts.resources_31bf3856ad364e35_6.2.9200.16384_de-de_be863161e7367cae

02.11.2012  23:05          106.798 prncnfg.vbs
02.11.2012  23:05            51.986 prndrvr.vbs
02.11.2012  23:05            70.574 prnjobs.vbs
02.11.2012  23:05            82.080 prnmngr.vbs
02.11.2012  23:05            57.556 prnport.vbs
02.11.2012  23:05            51.806 prnqctl.vbs
02.11.2012  23:05            7.518 pubprn.vbs
              7 Datei(en),        428.318 Bytes

 Verzeichnis von C:\Windows\WinSxS\amd64_microsoft-windows-security-spp-tools_31bf3856ad364e35_6.2.9200.16384_none_9e62ed8348e4943d

02.06.2012  16:33          135.866 slmgr.vbs
              1 Datei(en),        135.866 Bytes

 Verzeichnis von C:\Windows\WinSxS\amd64_microsoft-windows-w..for-management-core_31bf3856ad364e35_6.2.9200.16384_none_232f1cc436cc024c

02.06.2012  16:34          204.105 winrm.vbs
              1 Datei(en),        204.105 Bytes

 Verzeichnis von C:\Windows\WinSxS\wow64_microsoft-windows-iis-legacyscripts_31bf3856ad364e35_6.2.9200.16384_none_e164bea0355bf6af

02.06.2012  16:31            41.401 IIsExt.vbs
              1 Datei(en),        41.401 Bytes

 Verzeichnis von C:\Windows\WinSxS\wow64_microsoft-windows-w..for-management-core_31bf3856ad364e35_6.2.9200.16384_none_2d83c7166b2cc447

02.06.2012  16:34          204.105 winrm.vbs
              1 Datei(en),        204.105 Bytes

schrauber 21.09.2013 16:54
Mach mal folgendes:

Auf den Sticks bitte versteckte Dateien anzeigen lassen, Haken raus bei geschützte Systemdateien ausblenden, Stick im Explorer öffnen, Screenshot.

Von jedem Stick.

falke99 21.09.2013 17:22
Liste der Anhänge anzeigen (Anzahl: 4)
Habe einen USB Stick formatiert, und neu bespielt. Aha, jetzt sehe ich auch die Dateiordner zu den Verknüpfungen.


Alle Zeitangaben in WEZ +1. Es ist jetzt 02:28 Uhr.
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19