Kalenderchen6, Malware, virus, wurm, was ist da los?

Namoi

Okay, folgendes ist passiert
ich war auf der suche nach freeware ... einem Terminkalender und fand Kalenderchen 6
voll cooles tool ... für lau.. zack auf den Rechner
und dann ging es los
google chrome hat eine neue oberfläche bekommen, eine andere suchmaschine hat sich eingestellt , der rechner stürzte ab
das pad macht seit dem manchmal was es will
und auch der rechner ist .. bis ich schon deinstallationen vornahm langsamer geworden.
ich habe also versucht die schäden zu beheben , dann wollte ich windows updaten und stellte fest das systemsicherheitsupdates nicht mehr funktionieren

nachtigal ich hör dir trapsen
ich konnte weder mit dem virenprogramm noch mit malwarebites eine lösung finden
auch die cpu ist seitdem immer schwankend aktiv ... machmal bis 20% obwohl gar nichts stattfindet ... und auch alle browserr geschlossen sind

da hab ich mir glaube ich tiefer was eingefangen

könnt ihr helfen?



hier alle logs die ich noch habe:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-10-2014 01
Ran by Tom at 2014-10-28 17:21:43
Running from C:\Users\Tom\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

PowerDVD Create 10 (x32 Version: 10.0.1.2704 - CyberLink Corp.) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.249 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.4.0 - IObit)
Analog Lab 1.1.0 (HKLM-x32\...\analoglab073_is1) (Version: 1.1.0 - Arturia)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.33.00 - )
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: - )
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon iP4800 series Benutzerregistrierung (HKLM-x32\...\Canon iP4800 series Benutzerregistrierung) (Version: - )
Canon iP4800 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4800_series) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version: - )
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5428.52 - CyberLink Corp.)
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.5 - IObit)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.8.1.14153 - Steinberg Media Technologies GmbH)
ESET Smart Security (HKLM\...\{F5A3E880-A737-48F2-A124-6F5D4CEA6AB4}) (Version: 7.0.302.26 - ESET, spol s r. o.)
FL Studio 9 (HKLM-x32\...\FL Studio 9) (Version: - Image-Line)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.5.129.617 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.2.802 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Hardcore (HKLM-x32\...\Hardcore) (Version: - Image-Line)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Integrated Camera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 5.13.911.32 - Vimicro)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.13.1402 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.0.4.25 - IObit)
Kalenderchen 6 (HKCU\...\Kalenderchen 6) (Version: - )
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.01 - )
Lenovo Dependency Package (HKLM-x32\...\Lenovo Dependency Package_is1) (Version: 1.5.37.0 - Lenovo Group Limited)
Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Peer Connect SDK (HKLM\...\{75C87855-9CBB-4892-B1A9-74C73A19CACA}_is1) (Version: 1.0.0.7 - Lenovo)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo QuickControl (HKLM-x32\...\{4855C42F-5197-4AAD-A50D-5066D2CC4647}) (Version: 2.20 - Lenovo Group Limited)
Lenovo Settings - Camera Audio (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 4.0.101.0 - Lenovo Corporation)
Lenovo Settings Dependency Package (HKLM\...\{3694BA2E-BE31-4B7E-886B-A0B559E69D4D}_is1) (Version: 1.2.2.3 - Lenovo Group Limited)
Lenovo Settings Mobile Hotspot (HKLM\...\{42603F7D-B08D-436B-B0D8-3E2DEF1AFD41}_is1) (Version: 1.1.0.60 - Lenovo)
Lenovo Solution Center (HKLM\...\{13BD494D-9ACD-420B-A291-E145DED92EF6}) (Version: 2.6.001.00 - Lenovo Group Limited)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0012.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Native Instruments Abbey Road 60s Drums Vintage (HKLM-x32\...\Native Instruments Abbey Road 60s Drums Vintage) (Version: - Native Instruments)
Native Instruments Abbey Road 60s Drums Vintage (Version: 1.1.0.002 - Native Instruments) Hidden
Native Instruments Audio 2 DJ Driver (HKLM-x32\...\Native Instruments Audio 2 DJ Driver) (Version: - Native Instruments)
Native Instruments Audio 2 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Audio 8 DJ Driver (HKLM-x32\...\Native Instruments Audio 8 DJ Driver) (Version: - Native Instruments)
Native Instruments Audio 8 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.7.0.150 - Native Instruments)
Native Instruments Controller Editor (Version: 1.7.0.150 - Native Instruments) Hidden
Native Instruments DrumMicA (Version: 1.0.0.002 - Native Instruments) Hidden
Native Instruments Guitar Rig 4 (HKLM-x32\...\Native Instruments Guitar Rig 4) (Version: - Native Instruments)
Native Instruments Guitar Rig 4 (Version: 4.2.2.2564 - Native Instruments) Hidden
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: 5.2.0.2770 - Native Instruments)
Native Instruments Guitar Rig 5 (Version: 5.2.0.2770 - Native Instruments) Hidden
Native Instruments Guitar Rig Elements for Maschine (HKLM-x32\...\Native Instruments Guitar Rig Elements for Maschine) (Version: - Native Instruments)
Native Instruments Guitar Rig Elements for Maschine (Version: 1.0.0.001 - Native Instruments) Hidden
Native Instruments Guitar Rig Mobile IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Mobile IO Driver) (Version: - Native Instruments)
Native Instruments Guitar Rig Mobile IO Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Guitar Rig Pro Library for Maschine (HKLM-x32\...\Native Instruments Guitar Rig Pro Library for Maschine) (Version: - Native Instruments)
Native Instruments Guitar Rig Pro Library for Maschine (Version: 1.0.0.001 - Native Instruments) Hidden
Native Instruments Guitar Rig Session IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Session IO Driver) (Version: - Native Instruments)
Native Instruments Guitar Rig Session IO Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Komplete Audio 6 (HKLM-x32\...\Native Instruments Komplete Audio 6) (Version: - Native Instruments)
Native Instruments Komplete Audio 6 (Version: 3.0.2.664 - Native Instruments) Hidden
Native Instruments Komplete Elements Mk2 (HKLM-x32\...\Native Instruments Komplete Elements Mk2) (Version: - Native Instruments)
Native Instruments Komplete Elements Mk2 (Version: 8.0.0.003 - Native Instruments) Hidden
Native Instruments Komplete Selection (HKLM-x32\...\Native Instruments Komplete Selection) (Version: - Native Instruments)
Native Instruments Komplete Selection (Version: 1.0.4.1 - Native Instruments) Hidden
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.4.1.211 - Native Instruments)
Native Instruments Kontakt 5 (Version: 5.4.1.211 - Native Instruments) Hidden
Native Instruments Kontakt Elements Selection R2 (HKLM-x32\...\Native Instruments Kontakt Elements Selection R2) (Version: - Native Instruments)
Native Instruments Kontakt Elements Selection R2 (Version: 1.1.0.003 - Native Instruments) Hidden
Native Instruments Maschine 2 (HKLM-x32\...\Native Instruments Maschine 2) (Version: 2.1.2.1444 - Native Instruments)
Native Instruments Maschine 2 (Version: 2.1.2.1444 - Native Instruments) Hidden
Native Instruments Maschine 2 Factory Library (HKLM-x32\...\Native Instruments Maschine 2 Factory Library) (Version: 1.1.0.7 - Native Instruments)
Native Instruments Maschine 2 Factory Library (Version: 1.1.0.7 - Native Instruments) Hidden
Native Instruments Maschine Controller Driver (HKLM-x32\...\Native Instruments Maschine Controller Driver) (Version: - Native Instruments)
Native Instruments Maschine Controller Driver (Version: 3.0.1.648 - Native Instruments) Hidden
Native Instruments Maschine Controller MK2 Driver (HKLM-x32\...\Native Instruments Maschine Controller MK2 Driver) (Version: - Native Instruments)
Native Instruments Maschine Controller MK2 Driver (Version: 3.0.4.719 - Native Instruments) Hidden
Native Instruments Maschine Mikro Driver (HKLM-x32\...\Native Instruments Maschine Mikro Driver) (Version: - Native Instruments)
Native Instruments Maschine Mikro Driver (Version: 3.0.2.664 - Native Instruments) Hidden
Native Instruments Maschine Mikro MK2 Driver (HKLM-x32\...\Native Instruments Maschine Mikro MK2 Driver) (Version: - Native Instruments)
Native Instruments Maschine Mikro MK2 Driver (Version: 3.0.4.719 - Native Instruments) Hidden
Native Instruments Maschine Studio Driver (HKLM-x32\...\Native Instruments Maschine Studio Driver) (Version: - Native Instruments)
Native Instruments Maschine Studio Driver (Version: 3.1.2.796 - Native Instruments) Hidden
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: 1.4.0.292 - Native Instruments)
Native Instruments Massive (Version: 1.4.0.292 - Native Instruments) Hidden
Native Instruments Rammfire (HKLM-x32\...\Native Instruments Rammfire) (Version: 2.0.0.4 - Native Instruments)
Native Instruments Rammfire (Version: 2.0.0.4 - Native Instruments) Hidden
Native Instruments Reaktor 5 (HKLM-x32\...\Native Instruments Reaktor 5) (Version: 5.9.2.1074 - Native Instruments)
Native Instruments Reaktor 5 (Version: 5.9.2.1074 - Native Instruments) Hidden
Native Instruments Reaktor Elements Selection (HKLM-x32\...\Native Instruments Reaktor Elements Selection) (Version: - Native Instruments)
Native Instruments Reaktor Elements Selection (Version: 1.1.0.003 - Native Instruments) Hidden
Native Instruments Reaktor Prism (HKLM-x32\...\Native Instruments Reaktor Prism) (Version: 1.4.0.10 - Native Instruments)
Native Instruments Reaktor Prism (Version: 1.4.0.10 - Native Instruments) Hidden
Native Instruments Reaktor Spark R2 (HKLM-x32\...\Native Instruments Reaktor Spark R2) (Version: 1.3.0.2 - Native Instruments)
Native Instruments Reaktor Spark R2 (Version: 1.3.0.2 - Native Instruments) Hidden
Native Instruments Rig Kontrol 3 Driver (HKLM-x32\...\Native Instruments Rig Kontrol 3 Driver) (Version: - Native Instruments)
Native Instruments Rig Kontrol 3 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Scarbee Mark I (HKLM-x32\...\Native Instruments Scarbee Mark I) (Version: 1.3.0.7 - Native Instruments)
Native Instruments Scarbee Mark I (Version: 1.3.0.7 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.4.1587 - Native Instruments)
Native Instruments Service Center (Version: 2.5.4.1587 - Native Instruments) Hidden
Native Instruments Solid Bus Comp FX (HKLM-x32\...\Native Instruments Solid Bus Comp FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments Solid Bus Comp FX (Version: 1.1.1.427 - Native Instruments) Hidden
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: - Native Instruments)
Native Instruments Traktor 2 (Version: 2.0.0.9833 - Native Instruments) Hidden
Native Instruments Traktor Audio 6 (HKLM-x32\...\Native Instruments Traktor Audio 6) (Version: - Native Instruments)
Native Instruments Traktor Audio 6 (Version: 2.9.6.517 - Native Instruments) Hidden
NVIDIA Grafiktreiber 327.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.62 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.141.953 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Systemsteuerung 327.62 (Version: 327.62 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
PoiZone (HKLM-x32\...\PoiZone) (Version: - Image-Line)
PowerDVD Create (HKLM-x32\...\InstallShield_{DE485075-8CD3-4A1E-9ABC-6412EBA44872}) (Version: 10.0 - CyberLink Corp.)
Protegere (HKLM-x32\...\Protegere) (Version: - )
RapidBoot HDD Accelerator (HKLM-x32\...\Fastboot) (Version: 2.1.1.0 - Lenovo)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.754.754.071213 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30161 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0227 - REALTEK Semiconductor Corp.)
Sawer (HKLM-x32\...\Sawer) (Version: - Image-Line)
Security Guard (HKLM-x32\...\Security Guard) (Version: - )
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Steinberg Cubase LE AI Elements 7 (HKLM-x32\...\{5C73FC14-D3B1-45FC-A50C-7B41CB0D9DED}) (Version: 7.0.7 - Steinberg Media Technologies GmbH)
Steinberg Cubase LE AI Elements 7 64bit (HKLM\...\{67E7C608-D0EA-4273-B374-50ABE42FBE08}) (Version: 7.0.7 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE (HKLM-x32\...\{EF7800A8-575E-4776-95A5-A9D904A85D5F}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.80.99066 - SugarSync, Inc.)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.4.13 - Synaptics Incorporated)
Toxic Biohazard (HKLM-x32\...\Toxic Biohazard) (Version: - Image-Line)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden
TuneUp Utilities 2014 (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden
VoiceSupport 1.2.01 (HKLM-x32\...\TC-Helicon VoiceSupport_is1) (Version: 1.2.01 build 38 - TC-Helicon Vocal Technologies Inc.)
WaveEditor (x32 Version: 1.0.1.4514 - CyberLink Corp.) Hidden
WaveLab LE 8 (64 bit) (HKLM\...\WaveLabLE8_64) (Version: 8.0.2.675 - Steinberg)
Windows-Treiberpaket - Intel Corporation (iaStorA) HDC (07/24/2013 12.7.3.1001) (HKLM\...\B7736F430D5061EB825C589EAABF709BAD04FAB9) (Version: 07/24/2013 12.7.3.1001 - Intel Corporation)
Windows-Treiberpaket - Lenovo 1.67.00.02 (04/17/2013 1.67.00.02) (HKLM\...\907DA143458FE258EFEB416B946DE8DF2B87A0BA) (Version: 04/17/2013 1.67.00.02 - Lenovo)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

24-10-2014 19:05:59 Windows Update
28-10-2014 11:03:23 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00398802-10B3-4759-A4A3-A2B3899BC734} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2014-09-03] (Lenovo)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {06FD988A-E085-485F-861F-C06B43884723} - System32\Tasks\CLMLSvc => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2013-03-06] (CyberLink)
Task: {099E7483-957D-43C9-9CA0-EAB5EE915E34} - System32\Tasks\GoogleUpdateTaskMachineCore1cf73611fcb18c3 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0F397AC4-2B80-4F7B-B047-31DA8B863B1C} - System32\Tasks\Uninstaller_SkipUac_Tom => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-10-14] (IObit)
Task: {12390BC3-55E7-43CB-A4F8-E7F2D4040648} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2FA15D82-B206-40D1-A668-60B461A691E7} - System32\Tasks\Lenovo\LenovoUserguidesCopy => C:\Program Files\lenovo\SystemAgent\UserguidesCopy.exe [2013-06-05] ()
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3D93F472-ED44-4C38-8455-754283E19B28} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-08-17] (Realtek Semiconductor) <==== ATTENTION
Task: {43995C28-52A2-46C1-95F7-FAA1441972E6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {49581ED3-0A51-41AE-B926-98BE340F3B91} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {524B0AF1-445C-468B-B129-3C4A6F7A4462} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-10-14] (IObit)
Task: {52C1D7F6-A304-4769-8899-669FFFDB4014} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {549E1E20-C4C1-4C1D-9258-D949649F1C51} - System32\Tasks\GoogleUpdateTaskMachineCore1cf92d8104633f4 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {54BFA220-1247-4F8B-866E-7CA391146716} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-09-03] (Lenovo)
Task: {5780E472-398A-4793-9BCB-7CE28DBF3411} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {6022DFB6-3CC7-4192-9C92-B904F9643FA5} - System32\Tasks\Lenovo\LenovoDependencyVersionTask => C:\Program Files\lenovo\SystemAgent\DependencyVersion.exe [2013-06-05] ()
Task: {62091F62-5FD3-4283-B77C-79E94F78CDA8} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-09-03] ()
Task: {661D15B8-AE84-4C47-917D-964FE8971C65} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {68827C1D-98A1-4C28-9DD3-0ADB89655D50} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {69B83979-D359-4D50-B1C7-F2281AD15DF5} - System32\Tasks\Lenovo\LenovoWarrantyChinaTask => C:\Program Files\lenovo\SystemAgent\ChinaWarrantyService.exe [2013-06-05] ()
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6D4D9621-728A-41B1-92B0-1465CA5521F5} - System32\Tasks\StartPowerDVDService => C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe [2013-06-28] (CyberLink Corp.)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6E454BEE-FD37-4541-BADB-67FB8C4EA528} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {713F3E30-DF59-4BE6-BB60-F5934191397E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {718E7B24-CD46-45A2-93F0-E295876903F8} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7A3949DB-684E-474E-A626-91132F1C9F3A} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe
Task: {7A55A9B3-1EF1-43D3-A773-3CAA073078D5} - System32\Tasks\ASC7_SkipUac_Tom => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2014-08-22] (IObit)
Task: {7FF24135-D1DE-4332-AFAD-ADA032AD77D4} - System32\Tasks\TVT\LenovoWERMonitor => C:\Program Files (x86)\Common Files\lenovo\SUP\sup_wermonitor.exe [2014-05-27] (Lenovo)
Task: {826B4038-034A-4176-8700-B59BB7C8D2F3} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-09-03] (Lenovo)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {90363B1B-B7BD-45E0-8D88-E5D30C5BB01F} - System32\Tasks\Absolute Reminder => C:\Program Files (x86)\Absolute Software\Absolute Reminder\AbsoluteReminder.exe
Task: {95C7C196-453C-4BF3-9D13-91BFC36829D0} - System32\Tasks\PMTask => C:\PROGRA~2\ThinkPad\UTILIT~1\PwmIdTsv.exe
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AD1C40FA-3477-4305-AEE9-3F0A1643510A} - System32\Tasks\Driver Booster SkipUAC (Tom) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-08-06] (IObit)
Task: {AEE1E565-F129-45DC-B867-3DB242877BF3} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {C29F5E6E-60B3-4D3C-98B0-95CFC69B7325} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-17] (Adobe Systems Incorporated)
Task: {C35024EF-3026-4766-A84C-0FAC89C53523} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe [2014-08-20] (IObit)
Task: {C6566179-8752-46CC-81FF-DCACF6B21117} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E26BCC9B-1C7F-4697-BEF4-413FE23346C6} - System32\Tasks\Lenovo\LenovoMachineInformation => C:\Program Files\lenovo\SystemAgent\MachineInformation.exe [2013-06-05] ()
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F1807637-76A8-4382-AAA0-1B82EBD4F1AB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-10-17] (Microsoft Corporation)
Task: {F87DB7CA-BDB8-457E-9D38-BEFB471A7335} - System32\Tasks\GoogleUpdateTaskMachineCore1cf54ddf087c23e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\ASC7_SkipUac_Tom.job => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Tom.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Loaded Modules (whitelisted) =============

2013-11-14 17:11 - 2013-07-05 07:42 - 00117248 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2013-04-19 11:50 - 2013-04-19 11:50 - 00463352 _____ () C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
2013-12-26 19:42 - 2013-12-26 19:42 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-04-19 11:50 - 2013-04-19 11:50 - 00014328 _____ () C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
2014-10-03 16:36 - 2014-10-03 16:36 - 00457616 _____ () C:\WINDOWS\system32\igfxTray.exe
2014-09-01 15:34 - 2013-10-25 11:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll
2013-11-14 17:05 - 2013-11-14 17:05 - 00033520 ____N () C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBServiceps.dll
2013-11-14 17:09 - 2013-07-03 19:40 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-10-17 14:35 - 2014-10-17 14:35 - 00797696 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Networking\e1a2f3f274995f1f847c00f962657943\Windows.Networking.ni.dll
2014-10-17 14:35 - 2014-10-17 14:35 - 00228864 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\f7e726805e56676bd7b8662a3d842b0e\Windows.Foundation.ni.dll
2014-04-23 16:21 - 2014-04-23 16:21 - 01282048 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Devices\bf5509cf3a0d2e3afbd0c33e9153ecbd\Windows.Devices.ni.dll
2014-09-01 15:34 - 2013-01-15 17:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madExcept_.bpl
2014-09-01 15:34 - 2013-01-15 17:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madBasic_.bpl
2014-09-01 15:34 - 2013-01-15 17:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madDisAsm_.bpl
2014-09-01 15:34 - 2013-01-15 17:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll
2013-03-06 21:49 - 2013-03-06 21:49 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2013-03-06 21:52 - 2013-03-06 21:52 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-10-18 23:32 - 2014-10-10 03:03 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
2014-10-18 23:32 - 2014-10-10 03:03 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
2014-10-18 23:32 - 2014-10-10 03:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
2014-10-18 23:32 - 2014-10-10 03:03 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
2014-10-18 23:32 - 2014-10-10 03:04 - 14902600 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Users\Tom\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "LenovoOptMouseUpdate"
HKLM\...\StartupApproved\Run: => "LENOVO.TPKNRRES"
HKLM\...\StartupApproved\Run: => "LnvMobHotspotClient"
HKLM\...\StartupApproved\Run: => "BtServer"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "CanonSolutionMenuEx"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"

========================= Accounts: ==========================

Administrator (S-1-5-21-1800612341-941125145-2720928169-500 - Administrator - Disabled)
Gast (S-1-5-21-1800612341-941125145-2720928169-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1800612341-941125145-2720928169-1006 - Limited - Enabled)
Malou (S-1-5-21-1800612341-941125145-2720928169-1007 - Limited - Enabled) => C:\Users\Malou
Tom (S-1-5-21-1800612341-941125145-2720928169-1002 - Administrator - Enabled) => C:\Users\Tom
UpdatusUser (S-1-5-21-1800612341-941125145-2720928169-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (10/28/2014 04:42:18 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (10/28/2014 04:41:48 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (10/28/2014 04:41:18 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (10/28/2014 04:40:38 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (10/28/2014 04:40:08 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (10/28/2014 04:39:38 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (10/28/2014 04:39:08 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (10/28/2014 04:38:38 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (10/28/2014 04:38:08 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2014-04-14 19:35:20.298
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AppxAllUserStore.dll that did not meet the Windows signing level requirements.

Date: 2014-04-14 19:35:19.980
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AppxAllUserStore.dll that did not meet the Windows signing level requirements.

Date: 2014-04-14 19:35:19.531
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AppxAllUserStore.dll that did not meet the Windows signing level requirements.

Date: 2014-04-14 19:35:19.106
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AppxAllUserStore.dll that did not meet the Windows signing level requirements.

Date: 2014-04-14 19:35:18.398
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AppxAllUserStore.dll that did not meet the Windows signing level requirements.

Date: 2014-04-14 19:35:18.142
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AppxAllUserStore.dll that did not meet the Windows signing level requirements.

Date: 2014-04-14 19:35:17.553
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AppxAllUserStore.dll that did not meet the Windows signing level requirements.

Date: 2014-04-14 19:35:16.500
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AppxAllUserStore.dll that did not meet the Windows signing level requirements.

Date: 2014-04-14 19:35:07.430
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AppxAllUserStore.dll that did not meet the Windows signing level requirements.

Date: 2014-04-14 19:34:57.353
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AppxAllUserStore.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz
Percentage of memory in use: 29%
Total physical RAM: 8089.81 MB
Available physical RAM: 5741.78 MB
Total Pagefile: 16281.81 MB
Available Pagefile: 13730.26 MB
Total Virtual: 131072 MB
Available Virtual: 131071.74 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:916.83 GB) (Free:800.72 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 23CF280C)

Partition: GPT Partition Type.

==================== End Of Log ============================




GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-10-28 17:34:53
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000029 ST1000LM024_HN-M101MBB rev.2BA30001 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\Tom\AppData\Local\Temp\fxryrpog.sys


---- Kernel code sections - GMER 2.1 ----

.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable fffff96000106e00 15 bytes [00, F1, F6, 01, 40, 8F, 6C, ...]
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 16 fffff96000106e10 11 bytes [00, 6D, FC, FF, 00, A3, C3, ...]

---- User code sections - GMER 2.1 ----

.text C:\WINDOWS\System32\spoolsv.exe[1576] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffddb27169a 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\System32\spoolsv.exe[1576] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffddb2716a2 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\System32\spoolsv.exe[1576] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffddb27181a 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\System32\spoolsv.exe[1576] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffddb271832 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[4112] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffddb27169a 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[4112] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffddb2716a2 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[4112] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffddb27181a 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[4112] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffddb271832 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNEL32.DLL!K32GetModuleInformation 00007ffdd9ab28c0 7 bytes JMP 00007ffed96e02d0
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNEL32.DLL!RegQueryValueExW 00007ffdd9ab43d8 7 bytes JMP 00007ffed96e0308
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNEL32.DLL!RegSetValueExA 00007ffdd9b61f20 7 bytes JMP 00007ffed96e0378
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNEL32.DLL!RegSetValueExW 00007ffdd9b640b4 7 bytes JMP 00007ffed96e03b0
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNEL32.DLL!RegDeleteValueW 00007ffdd9b64510 7 bytes JMP 00007ffed96e0340
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNEL32.DLL!K32GetModuleFileNameExW 00007ffdd9b64af0 7 bytes JMP 00007ffed96e0260
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNEL32.DLL!K32EnumProcessModulesEx 00007ffdd9b8cea0 7 bytes JMP 00007ffed96e0228
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNEL32.DLL!K32GetMappedFileNameW 00007ffdd9b8cf10 7 bytes JMP 00007ffed96e0298
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNELBASE.dll!GetModuleHandleW 00007ffdd96f299c 7 bytes JMP 00007ffed96e00d8
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNELBASE.dll!FreeLibrary 00007ffdd96f54c8 5 bytes JMP 00007ffed96e0180
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNELBASE.dll!LoadLibraryExW 00007ffdd96f55b0 5 bytes JMP 00007ffed96e0148
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNELBASE.dll!GetModuleHandleExW 00007ffdd96f5e58 5 bytes JMP 00007ffed96e0110
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\USER32.dll!CreateWindowExW 00007ffdd9ceb6f4 10 bytes JMP 00007ffed96e0490
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\USER32.dll!EnumDisplayDevicesW 00007ffdd9cf45e8 5 bytes JMP 00007ffed96e0458
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\USER32.dll!DisplayConfigGetDeviceInfo 00007ffdd9cf4760 1 byte JMP 00007ffed96e03e8
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\USER32.dll!DisplayConfigGetDeviceInfo + 2 00007ffdd9cf4762 7 bytes {JMP 0xffffffffff9ebc88}
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\USER32.dll!EnumDisplayDevicesA 00007ffdd9d04fc0 5 bytes JMP 00007ffed96e0420
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\GDI32.dll!D3DKMTGetDisplayModeList 00007ffddb341500 8 bytes JMP 00007ffed96e01b8
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\GDI32.dll!D3DKMTQueryAdapterInfo 00007ffddb341750 8 bytes JMP 00007ffed96e01f0
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\System32\dxgi.dll!CreateDXGIFactory1 00007ffdd7387a88 5 bytes JMP 00007ffed7200110
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\System32\dxgi.dll!CreateDXGIFactory 00007ffdd7394990 5 bytes JMP 00007ffed72000d8
.text C:\WINDOWS\system32\nvvsvc.exe[2644] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffddb27169a 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\system32\nvvsvc.exe[2644] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffddb2716a2 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\system32\nvvsvc.exe[2644] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffddb27181a 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\system32\nvvsvc.exe[2644] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffddb271832 4 bytes [27, DB, FD, 7F]
.text C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE[3640] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffddb27169a 4 bytes [27, DB, FD, 7F]
.text C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE[3640] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffddb2716a2 4 bytes [27, DB, FD, 7F]
.text C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE[3640] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffddb27181a 4 bytes [27, DB, FD, 7F]
.text C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE[3640] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffddb271832 4 bytes [27, DB, FD, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2912] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffddb27169a 4 bytes [27, DB, FD, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2912] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffddb2716a2 4 bytes [27, DB, FD, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2912] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffddb27181a 4 bytes [27, DB, FD, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2912] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffddb271832 4 bytes [27, DB, FD, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[5708] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffddb27169a 4 bytes [27, DB, FD, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[5708] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffddb2716a2 4 bytes [27, DB, FD, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[5708] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffddb27181a 4 bytes [27, DB, FD, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[5708] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffddb271832 4 bytes [27, DB, FD, 7F]

---- Threads - GMER 2.1 ----

Thread System [4:716] ffffe001ca8a5ce0
Thread C:\WINDOWS\system32\csrss.exe [3648:2708] fffff96000920b90
Thread C:\WINDOWS\explorer.exe [2868:4260] 00007ffdcb48d73c

---- Disk sectors - GMER 2.1 ----

Disk \Device\Harddisk0\DR0 unknown MBR code

---- EOF - GMER 2.1 ----


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.14.2014:1)
OS: Windows 8.1 x64
Ran by Tom on 18.10.2014 at 22:35:39,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [File] C:\Users\Tom\AppData\Roaming\mozilla\firefox\profiles\ljqt246l.default\user.js



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.10.2014 at 22:37:50,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 16:28:14, on 28.10.2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Unable to get Internet Explorer version!

FIREFOX: 28.0 (de)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Tom\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPlugin_Protection.dll
O4 - HKLM\..\Run: [331BigDog] "C:\Program Files (x86)\USB Camera\VM331STI.EXE"
O4 - HKLM\..\Run: [Fastboot] "C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe" /analysis
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AVControlCenter - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: FastbootService - Lenovo - C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Corporation - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem55.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Service - Lenovo Group Limited - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
O23 - Service: Lenovo AVFramework Camera Privacy Controller (LENOVO.CAMMUTE) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\cammute.exe
O23 - Service: Lenovo AVFramework Microphone Volume Controller and Dolby Interface (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
O23 - Service: Lenovo AVFramework Virtual Camera Controller Service (LENOVO.TVTVCAM) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: lnvDiscoveryWinSvc - Lenovo - C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
O23 - Service: Location Task Manager (LocationTaskManager) - Unknown owner - C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Lenovo QuickControl Master Service (QuickControlMasterSvc) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
O23 - Service: Lenovo QuickControl Service (QuickControlService) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9806 bytes


===============================
2014-04-14 21:57:43 772 UPGRADE TIP


2014-04-14 21:57:45 817 4 1
2014-04-14 21:57:45 818 4 2
2014-04-14 21:57:45 819 4 3
2014-04-14 21:57:45 820 5 3
===============================


IFRT Tool log
Connect to Server CreateFile() successful.
svc_write_buffer->InBufferSize ==> 12
svc_write_buffer->SvcCommand ==> 0
Sent message to server successful.
Read was successfull
Connect to Server CreateFile() successful.
svc_write_buffer->InBufferSize ==> 12
svc_write_buffer->SvcCommand ==> 0
Sent message to server successful.
Read was successfull
Connect to Server CreateFile() successful.
svc_write_buffer->InBufferSize ==> 12
svc_write_buffer->SvcCommand ==> 0
Sent message to server successful.
Read was successfull
Connect to Server CreateFile() successful.
svc_write_buffer->InBufferSize ==> 12
svc_write_buffer->SvcCommand ==> 0
Sent message to server successful.
Read was successfull
Connect to Server CreateFile() successful.
svc_write_buffer->InBufferSize ==> 12
svc_write_buffer->SvcCommand ==> 0
Sent message to server successful.
Read was successfull
Connect to Server CreateFile() successful.
svc_write_buffer->InBufferSize ==> 12
svc_write_buffer->SvcCommand ==> 0
Sent message to server successful.
Read was successfull
Connect to Server CreateFile() successful.
svc_write_buffer->InBufferSize ==> 12
svc_write_buffer->SvcCommand ==> 0
Sent message to server successful.
Read was successfull
Connect to Server CreateFile() successful.
svc_write_buffer->InBufferSize ==> 12
svc_write_buffer->SvcCommand ==> 0
Sent message to server successful.
Read was successfull
Connect to Server CreateFile() successful.
svc_write_buffer->InBufferSize ==> 12
svc_write_buffer->SvcCommand ==> 0
Sent message to server successful.
Read was successfull


Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 18.10.2014 10:22:40, SYSTEM, LENOVO-PC, Scheduler, Malware Database, 2014.10.17.7, 2014.10.18.3,
Protection, 18.10.2014 10:22:40, SYSTEM, LENOVO-PC, Protection, Refresh, Starting,
Protection, 18.10.2014 10:22:40, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Stopping,
Protection, 18.10.2014 10:22:40, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Stopped,
Protection, 18.10.2014 10:23:13, SYSTEM, LENOVO-PC, Protection, Refresh, Success,
Protection, 18.10.2014 10:23:13, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Starting,
Protection, 18.10.2014 10:23:13, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Started,
Scan, 18.10.2014 10:37:20, SYSTEM, LENOVO-PC, Manual, Start: % 1 "% 2", Dauer: % 1 min 14 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, 0-Malwareerkennung,
Update, 18.10.2014 14:04:41, SYSTEM, LENOVO-PC, Scheduler, Malware Database, 2014.10.18.3, 2014.10.18.4,
Protection, 18.10.2014 14:04:42, SYSTEM, LENOVO-PC, Protection, Refresh, Starting,
Protection, 18.10.2014 14:04:42, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Stopping,
Protection, 18.10.2014 14:04:42, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Stopped,
Protection, 18.10.2014 14:04:46, SYSTEM, LENOVO-PC, Protection, Refresh, Success,
Protection, 18.10.2014 14:04:46, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Starting,
Protection, 18.10.2014 14:04:47, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Started,
Scan, 18.10.2014 14:50:21, SYSTEM, LENOVO-PC, Manual, Start: % 1 "% 2", Dauer: % 1 min 20 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, 0-Malwareerkennung,
Update, 18.10.2014 16:09:06, SYSTEM, LENOVO-PC, Scheduler, Malware Database, 2014.10.18.4, 2014.10.18.5,
Protection, 18.10.2014 16:09:06, SYSTEM, LENOVO-PC, Protection, Refresh, Starting,
Protection, 18.10.2014 16:09:06, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Stopping,
Protection, 18.10.2014 16:09:06, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Stopped,
Protection, 18.10.2014 16:10:46, SYSTEM, LENOVO-PC, Protection, Refresh, Success,
Protection, 18.10.2014 16:10:46, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Starting,
Protection, 18.10.2014 16:10:46, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Started,
Protection, 18.10.2014 18:26:16, SYSTEM, LENOVO-PC, Protection, Malware Protection, Starting,
Protection, 18.10.2014 18:26:16, SYSTEM, LENOVO-PC, Protection, Malware Protection, Started,
Protection, 18.10.2014 18:26:16, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Starting,
Protection, 18.10.2014 18:27:18, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Started,
Protection, 18.10.2014 18:41:35, SYSTEM, LENOVO-PC, Protection, Malware Protection, Starting,
Protection, 18.10.2014 18:41:35, SYSTEM, LENOVO-PC, Protection, Malware Protection, Started,
Protection, 18.10.2014 18:41:35, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Starting,
Protection, 18.10.2014 18:42:37, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Started,
Protection, 18.10.2014 19:38:31, SYSTEM, LENOVO-PC, Protection, Malware Protection, Starting,
Protection, 18.10.2014 19:38:32, SYSTEM, LENOVO-PC, Protection, Malware Protection, Started,
Protection, 18.10.2014 19:38:32, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Starting,
Protection, 18.10.2014 19:39:25, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Started,
Scan, 18.10.2014 19:54:50, SYSTEM, LENOVO-PC, Manual, Start: % 1 "% 2", Dauer: % 1 min 0 Sekunden, Bedrohungs-Suchlauf, Abgebrochen, 0 Malwareerkennung, 0-Malwareerkennung,
Update, 18.10.2014 20:55:41, SYSTEM, LENOVO-PC, Scheduler, Malware Database, 2014.10.18.5, 2014.10.18.6,
Protection, 18.10.2014 20:55:42, SYSTEM, LENOVO-PC, Protection, Refresh, Starting,
Protection, 18.10.2014 20:55:42, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Stopping,
Protection, 18.10.2014 20:55:43, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Stopped,
Protection, 18.10.2014 20:56:49, SYSTEM, LENOVO-PC, Protection, Refresh, Success,
Protection, 18.10.2014 20:56:49, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Starting,
Protection, 18.10.2014 20:56:50, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Started,
Protection, 18.10.2014 22:29:53, SYSTEM, LENOVO-PC, Protection, Malware Protection, Starting,
Protection, 18.10.2014 22:29:54, SYSTEM, LENOVO-PC, Protection, Malware Protection, Started,
Protection, 18.10.2014 22:29:54, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Starting,
Protection, 18.10.2014 22:30:46, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Started,
Scan, 18.10.2014 22:49:54, SYSTEM, LENOVO-PC, Manual, Start: % 1 "% 2", Dauer: % 1 min 11 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, 0-Malwareerkennung,
Protection, 18.10.2014 23:50:56, SYSTEM, LENOVO-PC, Protection, Malware Protection, Starting,
Protection, 18.10.2014 23:50:56, SYSTEM, LENOVO-PC, Protection, Malware Protection, Started,
Protection, 18.10.2014 23:54:42, SYSTEM, LENOVO-PC, Protection, Malware Protection, Stopping,
Protection, 18.10.2014 23:54:42, SYSTEM, LENOVO-PC, Protection, Malware Protection, Stopped,
Scan, 18.10.2014 23:55:10, SYSTEM, LENOVO-PC, Manual, Dauer: % 1 min 0 Sekunden, Bedrohungs-Suchlauf, Fehlgeschlagen, 0 Malwareerkennung, 0-Malwareerkennung,
Update, 18.10.2014 23:56:26, SYSTEM, LENOVO-PC, Manual, Rootkit Database, 0.0.0.0, 2014.10.17.1,
Update, 18.10.2014 23:56:26, SYSTEM, LENOVO-PC, Manual, Remediation Database, 0.0.0.0, 2013.10.16.1,
Update, 18.10.2014 23:56:37, SYSTEM, LENOVO-PC, Manual, Malware Database, 0.0.0.0, 2014.10.18.6,

(end)

Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 27.10.2014 09:13:23, SYSTEM, LENOVO-PC, Manual, Failed, Unable to access update server,
Update, 27.10.2014 09:13:29, SYSTEM, LENOVO-PC, Manual, Failed, Unable to access update server,
Update, 27.10.2014 09:22:13, SYSTEM, LENOVO-PC, Manual, Failed, Unable to access update server,
Update, 27.10.2014 09:22:52, SYSTEM, LENOVO-PC, Manual, Failed, Unable to access update server,
Scan, 27.10.2014 09:31:39, SYSTEM, LENOVO-PC, Manual, Start: % 1 "% 2", Dauer: % 1 min 8 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, 0-Malwareerkennung,

(end)