Fehlermeldung: File corrpted. This application has been manipulated and maybe it is infected by a Virius

Hasso · 31.03.2015, 18:52

Hallo,

ich habe ein Lenovo Thinkpad Laptop. Mittlerweile knapp ein Jahr alt. Aus China hab ich mit des öfteren programmiergeräte für Fahrzeuge gekauft. Nunja irgendwann find es dann auch mit den Viren an. Seitdem kämpfe Ich dagegen jedoch wird es immer schlimmer. Zurzeit ist es so, sobald ich eine Software installiere, funktioniert diese in der Regel eine Woche und irgendwann, wenn Ich versuche das Programm zu starten, bekomme Ich diese Fehlermeldung:

File corrpted. This application has been manipulated and maybe it is infected by a Virius or cracked. This application
will not work anymore.

Außerdem habe ich gemerkt, dass sich seit heute irgendwie alle 10 min das Datum 3 Jahre zurückstellt und der Explorer dadurch nicht mehr funktionert. Kann mir jemand helfen, bitte bin total am zweifeln, ob es überhaupt möglich ist, dass problem zu lösen.

Danke

schrauber · 31.03.2015, 19:03

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Hasso · 31.03.2015, 19:22

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by HASSANEIN (administrator) on HASSANEIN-THINK on 31-03-2015 16:17:51
Running from C:\Users\HASSANEIN\Downloads
Loaded Profiles: HASSANEIN & Gast (Available profiles: HASSANEIN & Gast)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Validity Sensors, Inc.) C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
(Validity Sensors, Inc.) C:\Program Files\Lenovo Fingerprint Reader\SwipeMonitor.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Panasonic Corporation) C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
() C:\FGTech\EOBD2S.exe.delete_on_reboot
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
() C:\Program Files (x86)\Opera\28.0.1750.48\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Users\HASSANEIN\Downloads\zu9puvxy (1).exe
() C:\Users\HASSANEIN\AppData\Local\Temp\8BA4ABAA-5B4745D6-9C627ECE-F291E7CE\bivhH9cD9.exe
() C:\Users\HASSANEIN\AppData\Local\Temp\8BA4ABAA-5B4745D6-9C627ECE-F291E7CE\qkUX6D0zDfWE8R.exe
() C:\Users\HASSANEIN\AppData\Local\Temp\8BA4ABAA-5B4745D6-9C627ECE-F291E7CE\DuhDyNcQIqGQ.exe
() C:\Users\HASSAN~1\AppData\Local\Temp\wingqxji.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
() C:\FGTech\EOBD2S.exe.delete_on_reboot
() C:\Users\HASSAN~1\AppData\Local\Temp\wintmeog.exe
() C:\FGTech\EOBD2S.exe.delete_on_reboot
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2986224 2013-07-09] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [382248 2013-06-20] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [296952 2013-07-17] (Lenovo Group Limited)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-14] (Vimicro)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4315872 2011-06-01] (Lenovo, Inc.)
HKLM-x32\...\Run: [Fastboot] => C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [733936 2015-03-31] (Lenovo)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-06-27] (Geek Software GmbH)
HKLM-x32\...\Run: [767a59f92b9c30421dbaaf7719209dc5] => "C:\Users\HASSANEIN\AppData\Local\Temp\googlemap2.exe" .. <===== ATTENTION
HKLM-x32\...\Run: [googlemap1.exe] => "C:\Users\HASSAN~1\AppData\Local\Temp\googlemap1.exe" <===== ATTENTION
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-02-15] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4194908080-3589016638-193389046-1000\...\Run: [767a59f92b9c30421dbaaf7719209dc5] => "C:\Users\HASSANEIN\AppData\Local\Temp\googlemap2.exe" .. <===== ATTENTION
HKU\S-1-5-21-4194908080-3589016638-193389046-1000\...\Run: [googlemap1.exe] => "C:\Users\HASSAN~1\AppData\Local\Temp\googlemap1.exe" <===== ATTENTION
HKU\S-1-5-21-4194908080-3589016638-193389046-1000\...\Run: [PAS Plus] => C:\Program Files\PAS Plus\pas.exe
HKU\S-1-5-21-4194908080-3589016638-193389046-501\...\MountPoints2: {41b52b10-c033-11e3-8749-806e6f6e6963} - Q:\LenovoQDrive.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HD Writer.lnk
ShortcutTarget: HD Writer.lnk -> C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe (Panasonic Corporation)
Startup: C:\Users\HASSANEIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Renault Twingo Wegfahrsperre deaktivieren.mp3.lnk
ShortcutTarget: Renault Twingo Wegfahrsperre deaktivieren.mp3.lnk -> C:\ProgramData\{a0202a53-952b-9add-a020-02a53952a94e}\Renault Twingo Wegfahrsperre deaktivieren.mp3.exe (No File)
Startup: C:\Users\HASSANEIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ross-Tech VCDS DRV Updater-AIB.lnk
ShortcutTarget: Ross-Tech VCDS DRV Updater-AIB.lnk -> C:\Auto-Intern\VCDS-AIB\VCDS.exe (Ross-Tech, LLC)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-4194908080-3589016638-193389046-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4194908080-3589016638-193389046-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4194908080-3589016638-193389046-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4194908080-3589016638-193389046-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-4194908080-3589016638-193389046-501\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13-comm.msn.com/?pc=LNJB
HKU\S-1-5-21-4194908080-3589016638-193389046-501\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com/?pc=LNJB
HKU\S-1-5-21-4194908080-3589016638-193389046-501\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-4194908080-3589016638-193389046-501\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\HASSANEIN\AppData\Roaming\Mozilla\Firefox\Profiles\bj5tva07.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF NetworkProxy: "backup.ftp", "1080"
FF NetworkProxy: "backup.ftp_port", 30
FF NetworkProxy: "backup.socks", "1080"
FF NetworkProxy: "backup.socks_port", 30
FF NetworkProxy: "backup.ssl", "1080"
FF NetworkProxy: "backup.ssl_port", 30
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 1
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-26] ()
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-02-15] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-26] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-07-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-07-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2013-06-17] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll [2015-01-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll [2015-01-26] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-02-15] (Adobe Systems)
FF SearchPlugin: C:\Users\HASSANEIN\AppData\Roaming\Mozilla\Firefox\Profiles\bj5tva07.default\searchplugins\englische-ergebnisse.xml [2014-10-26]
FF SearchPlugin: C:\Users\HASSANEIN\AppData\Roaming\Mozilla\Firefox\Profiles\bj5tva07.default\searchplugins\gmx-suche.xml [2014-10-26]
FF SearchPlugin: C:\Users\HASSANEIN\AppData\Roaming\Mozilla\Firefox\Profiles\bj5tva07.default\searchplugins\lastminute.xml [2014-10-26]
FF SearchPlugin: C:\Users\HASSANEIN\AppData\Roaming\Mozilla\Firefox\Profiles\bj5tva07.default\searchplugins\webde-suche.xml [2014-10-26]
FF Extension: Amazon-Icon - C:\Users\HASSANEIN\AppData\Roaming\Mozilla\Firefox\Profiles\bj5tva07.default\Extensions\amazon-icon@giga.de [2015-02-25]
FF Extension: WEB.DE MailCheck - C:\Users\HASSANEIN\AppData\Roaming\Mozilla\Firefox\Profiles\bj5tva07.default\Extensions\toolbar@web.de [2015-02-28]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFF [2014-05-16]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn [2014-10-01]

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\HASSANEIN\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\HASSANEIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-26]
CHR Extension: (Amazon) - C:\Users\HASSANEIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj [2015-02-25]
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\HASSANEIN\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2015-02-25]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

Locked "241006737" service could not be unlocked. <===== ATTENTION

S2 4072cbd7; c:\Program Files (x86)\SectionLogistics\SectionLogistics.dll [1636864 2015-02-13] () [File not signed]
S3 Browser7Maintenance; C:\Program Files (x86)\Browser 7 Maintenance Service\maintenanceservice.exe [114488 2015-01-27] (Deutsche Telekom AG)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2013-08-01] (Lenovo.)
R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [140016 2013-08-15] (Lenovo)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-07-16] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-07-16] (Intel Corporation)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [199160 2013-07-17] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-10-16] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-17] ()
S2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-06-17] (Nitro PDF Software)
R2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [59384 2013-07-16] (Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [138744 2013-07-16] (Lenovo Group Limited)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-06-18] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
R2 ValBioService; C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe [24112 2013-05-22] (Validity Sensors, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-04-10] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-17] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 241006737; C:\Windows\System32\Drivers\241006737.sys [25056 2015-03-31] () [File not signed]
S3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20140510.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1385272 2013-08-08] (Motorola Solutions, Inc.)
S3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1405000.01C\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-30] (Intel Corporation)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-05-16] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-05-16] (Symantec Corporation) [File not signed]
S3 Fastboot; C:\Windows\System32\DRIVERS\fastboot.sys [54000 2013-08-15] (Windows (R) Win 7 DDK provider)
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [113096 2013-08-07] (Intel Corporation)
S3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20140522.001\IDSvia64.sys [525016 2014-05-15] (Symantec Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-04-15] ()
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20140522.009\ENG64.SYS [126040 2014-05-16] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20140522.009\EX64.SYS [2099288 2014-05-16] (Symantec Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw02.sys [3434976 2014-04-16] (Intel Corporation)
R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [424664 2013-08-02] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2013-07-09] (Synaptics Incorporated)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1405000.01C\SRTSP64.SYS [796760 2013-05-15] (Symantec Corporation)
S3 SRTSPX; C:\Windows\system32\drivers\NISx64\1405000.01C\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
S3 SymDS; C:\Windows\system32\drivers\NISx64\1405000.01C\SYMDS64.SYS [493656 2013-05-20] (Symantec Corporation)
S3 SymEFA; C:\Windows\system32\drivers\NISx64\1405000.01C\SYMEFA64.SYS [1139800 2013-05-22] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2014-04-10] (Symantec Corporation)
S3 SymIRON; C:\Windows\system32\drivers\NISx64\1405000.01C\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation)
S3 SymNetS; C:\Windows\System32\Drivers\NISx64\1405000.01C\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)
R3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-08] (ThinkVantage Communications Utility)
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [206744 2013-06-20] (Windows (R) Win 7 DDK provider)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1049984 2013-04-30] (Vimicro Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2012-12-30] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-31 18:29 - 2015-03-31 18:29 - 00069112 _____ () C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-31 18:29 - 2015-03-31 18:29 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Leadertech
2015-03-31 18:29 - 2015-03-31 18:29 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\ControlCenter4
2015-03-31 18:29 - 2015-03-31 18:29 - 00000000 ____D () C:\Users\Gast\AppData\Local\Lenovo
2015-03-31 18:29 - 2015-03-31 18:29 - 00000000 ____D () C:\Users\Gast\AppData\Local\Adobe
2015-03-31 18:28 - 2015-03-31 18:29 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Adobe
2015-03-31 18:28 - 2015-03-31 18:28 - 00002258 _____ () C:\Users\Gast\Desktop\Google Chrome.lnk
2015-03-31 18:28 - 2015-03-31 18:28 - 00001432 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-31 18:28 - 2015-03-31 18:28 - 00000020 ___SH () C:\Users\Gast\ntuser.ini
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 _SHDL () C:\Users\Gast\Vorlagen
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 _SHDL () C:\Users\Gast\Startmenü
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 _SHDL () C:\Users\Gast\Netzwerkumgebung
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 _SHDL () C:\Users\Gast\Lokale Einstellungen
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 _SHDL () C:\Users\Gast\Eigene Dateien
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 _SHDL () C:\Users\Gast\Druckumgebung
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 _SHDL () C:\Users\Gast\Documents\Eigene Musik
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 _SHDL () C:\Users\Gast\Documents\Eigene Bilder
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 _SHDL () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 _SHDL () C:\Users\Gast\AppData\Local\Verlauf
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 _SHDL () C:\Users\Gast\AppData\Local\Anwendungsdaten
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 _SHDL () C:\Users\Gast\Anwendungsdaten
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Intel
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 ____D () C:\Users\Gast\AppData\Local\VirtualStore
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 ____D () C:\Users\Gast
2015-03-31 18:28 - 2014-06-26 10:54 - 00002131 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2015-03-31 18:28 - 2014-04-10 00:33 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Macromedia
2015-03-31 18:28 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-31 18:28 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-31 17:52 - 2015-03-31 17:52 - 00000589 _____ () C:\Users\Public\Desktop\Galletto Win7.lnk
2015-03-31 17:51 - 2015-03-31 17:51 - 00361233 _____ () C:\Users\HASSANEIN\Downloads\Galletto win7 NO HW ID.rar
2015-03-31 17:50 - 2015-03-31 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Galletto Win7
2015-03-31 17:50 - 2015-03-31 17:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FGTech
2015-03-31 17:50 - 2015-03-31 15:57 - 00000000 ____D () C:\FGTech
2015-03-31 17:50 - 2013-07-06 22:51 - 00000412 _____ () C:\Windows\SysWOW64\regkey.dat
2015-03-31 17:50 - 2013-03-29 16:53 - 00206144 _____ () C:\Windows\SysWOW64\fgt2xx.dll
2015-03-31 16:17 - 2015-03-31 16:18 - 00028196 _____ () C:\Users\HASSANEIN\Downloads\FRST.txt
2015-03-31 16:17 - 2015-03-31 16:17 - 02095616 _____ (Farbar) C:\Users\HASSANEIN\Downloads\FRST64.exe
2015-03-31 15:57 - 2015-03-31 15:57 - 00025056 _____ () C:\Windows\system32\Drivers\241006737.sys
2015-03-31 09:56 - 2015-03-31 09:56 - 00033627 _____ () C:\Users\HASSANEIN\Downloads\F5019000651.rar
2015-03-31 09:36 - 2015-03-31 09:37 - 01087136 _____ () C:\Windows\Minidump\033115-22370-01.dmp
2015-03-30 22:16 - 2015-03-30 22:16 - 00001646 _____ () C:\Users\HASSANEIN\Desktop\ECU_REPAIR_NEW (User-24b92d7e3e) - Verknüpfung.lnk
2015-03-30 13:37 - 2015-03-30 13:37 - 00000000 ____D () C:\Device
2015-03-30 13:12 - 2015-03-30 13:12 - 00000000 ____D () C:\ProgramData\Doctor Web
2015-03-30 13:11 - 2015-03-30 13:37 - 00000000 ____D () C:\Users\HASSANEIN\Doctor Web
2015-03-30 12:16 - 2015-03-30 13:06 - 164662696 _____ () C:\Users\HASSANEIN\Downloads\zu9puvxy (1).exe
2015-03-30 12:16 - 2015-03-30 12:17 - 164662696 _____ () C:\Users\HASSANEIN\Downloads\zu9puvxy.exe
2015-03-29 17:28 - 2015-03-29 17:28 - 01494694 _____ () C:\Users\HASSANEIN\Downloads\wpshopgermany_latest (2).zip
2015-03-29 17:28 - 2015-03-29 17:28 - 01494694 _____ () C:\Users\HASSANEIN\Desktop\wpshopgermany_latest (2).zip
2015-03-29 16:43 - 2015-03-29 16:43 - 00027342 _____ () C:\Users\HASSANEIN\AppData\Local\recently-used.xbel
2015-03-29 16:37 - 2015-03-29 16:37 - 01494694 _____ () C:\Users\HASSANEIN\Downloads\wpshopgermany_latest (1).zip
2015-03-29 16:36 - 2015-03-29 16:37 - 01494694 _____ () C:\Users\HASSANEIN\Downloads\wpshopgermany_latest.zip
2015-03-28 15:53 - 2015-03-28 15:53 - 00000000 ____D () C:\ProgramData\Licenses
2015-03-28 15:53 - 2015-03-28 15:53 - 00000000 ____D () C:\Bdm-To-Go Files
2015-03-28 15:39 - 2015-03-28 15:41 - 00000000 ____D () C:\Users\HASSANEIN\Documents\EVC
2015-03-27 21:15 - 2015-03-27 21:15 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-03-27 16:06 - 2015-03-27 16:06 - 00000280 _____ () C:\Users\HASSANEIN\Downloads\audi a6.rar
2015-03-27 16:05 - 2015-03-27 16:05 - 00000292 _____ () C:\Users\HASSANEIN\Downloads\A6_24C04_off.rar
2015-03-27 16:04 - 2015-03-27 16:04 - 00000218 _____ () C:\Users\HASSANEIN\Downloads\immo of.rar
2015-03-26 15:38 - 2015-03-26 15:38 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-03-26 15:32 - 2015-03-26 15:32 - 00000000 ____D () C:\ProgramData\McAfee
2015-03-26 15:30 - 2015-03-26 15:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-26 15:29 - 2015-03-26 15:29 - 00321472 _____ () C:\Users\HASSANEIN\Downloads\Firefox Setup Stub 36.0.4.exe
2015-03-25 18:33 - 2015-03-25 18:33 - 00001055 _____ () C:\Users\Public\Desktop\Tango.lnk
2015-03-25 18:32 - 2015-03-25 18:34 - 00000000 ____D () C:\Program Files (x86)\Tango Scorpio-LK
2015-03-25 12:09 - 2015-03-11 06:06 - 00943616 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-25 12:09 - 2015-03-11 06:06 - 00760832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-25 12:09 - 2015-03-11 06:06 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-25 12:09 - 2015-03-11 06:06 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-25 12:09 - 2015-03-11 06:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-25 12:09 - 2015-03-11 06:05 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-25 12:09 - 2015-03-11 06:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-03-25 12:09 - 2015-03-11 06:02 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-24 19:21 - 2015-03-26 10:57 - 01721166 _____ () C:\Users\HASSANEIN\Downloads\Video.MOV
2015-03-24 19:21 - 2015-03-24 19:21 - 01721166 _____ () C:\Users\HASSANEIN\Downloads\Video (1).MOV
2015-03-24 02:44 - 2015-03-24 02:44 - 00091541 _____ () C:\Users\HASSANEIN\Downloads\FERTIGGESTELLT KundenNr. ST50009 KR12262.zip
2015-03-22 22:12 - 2015-03-22 22:12 - 00140091 _____ () C:\Users\HASSANEIN\Downloads\kefico (mass (air) flow sensor).rar
2015-03-20 15:09 - 2015-03-20 15:09 - 00144493 _____ () C:\Users\HASSANEIN\Downloads\IAS (Citroen Jumper (Immo Off Version incl. DTCs (Chk)) - 363534)(2).rar
2015-03-20 15:08 - 2015-03-20 15:08 - 00144493 _____ () C:\Users\HASSANEIN\Downloads\IAS (Citroen Jumper (Immo Off Version incl. DTCs (Chk)) - 363534).rar
2015-03-20 15:08 - 2015-03-20 15:08 - 00144493 _____ () C:\Users\HASSANEIN\Downloads\IAS (Citroen Jumper (Immo Off Version incl. DTCs (Chk)) - 363534)(1).rar
2015-03-19 12:22 - 2015-03-19 12:22 - 00000205 _____ () C:\Users\HASSANEIN\Downloads\GOLF_3_WFS_BOX1H0953257B_immo_yes (2).rar
2015-03-19 12:20 - 2015-03-19 12:20 - 00000205 _____ () C:\Users\HASSANEIN\Downloads\GOLF_3_WFS_BOX1H0953257B_immo_yes (1).rar
2015-03-19 12:18 - 2015-03-19 12:18 - 00000191 _____ () C:\Users\HASSANEIN\Downloads\GOLF_3_WFS_BOX1H0953257B_immo_yes.rar
2015-03-19 11:49 - 2015-03-19 11:49 - 00033830 _____ () C:\Users\HASSANEIN\Downloads\GOLF 1.6 BOSCH 314-5 EPROM-87C510 Immo Off.rar
2015-03-19 11:47 - 2015-03-19 11:47 - 00000179 _____ () C:\Users\HASSANEIN\Downloads\golf 3_off.rar
2015-03-19 11:28 - 2015-03-19 11:28 - 00000169 _____ () C:\Users\HASSANEIN\Downloads\OriginalHc05.rar
2015-03-19 11:20 - 2015-03-19 11:20 - 17189552 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-03-18 15:34 - 2015-03-18 15:35 - 02171392 _____ () C:\Users\HASSANEIN\Downloads\adwcleaner_4.112.exe
2015-03-17 00:25 - 2015-03-17 00:25 - 00033485 _____ () C:\Users\HASSANEIN\Downloads\vr6 0261203568 569 .rar
2015-03-16 23:57 - 2015-03-16 23:57 - 08912597 _____ () C:\Users\HASSANEIN\Downloads\edc17.7z
2015-03-16 23:50 - 2015-03-16 23:50 - 00000447 _____ () C:\Users\HASSANEIN\Downloads\a3_18t_immo_ON.rar
2015-03-16 23:22 - 2015-03-28 15:32 - 00000020 _____ () C:\Users\HASSANEIN\AppData\Roaming\appdataFr3.bin
2015-03-15 18:17 - 2015-03-15 18:38 - 2100000000 _____ () C:\Users\HASSANEIN\Downloads\AllData.10.53_Service.Advisor_SA201Q313.part2.rar
2015-03-15 17:56 - 2015-03-15 18:06 - 2100000000 _____ () C:\Users\HASSANEIN\Downloads\AllData.10.53_Service.Advisor_SA201Q313.part1.rar
2015-03-15 17:44 - 2015-03-15 17:52 - 1105765655 _____ () C:\Users\HASSANEIN\Downloads\AllData.10.53_Service.Advisor_SA101Q313.part2.rar
2015-03-15 17:19 - 2015-03-15 17:36 - 2100000000 _____ () C:\Users\HASSANEIN\Downloads\AllData.10.53_Service.Advisor_SA101Q313.part1.rar
2015-03-15 17:18 - 2015-03-15 17:18 - 05368232 _____ () C:\Users\HASSANEIN\Downloads\AllData.10.53_How.to.Install_Run.From.HD_Manual.Info.rar
2015-03-15 17:18 - 2015-03-15 17:18 - 00028859 _____ () C:\Users\HASSANEIN\Downloads\AllData.10.53_2013Q3_Full_Set_DVD_Contain.txt
2015-03-15 17:18 - 2015-03-15 17:18 - 00028859 _____ () C:\Users\HASSANEIN\Downloads\AllData.10.53_2013Q3_Full_Set_DVD_Contain (1).txt
2015-03-15 17:17 - 2015-03-15 17:17 - 89516239 _____ () C:\Users\HASSANEIN\Downloads\AllData.10.53.1000.101_Install_Disk_2013.08.rar
2015-03-15 17:17 - 2015-03-15 17:17 - 02376082 _____ () C:\Users\HASSANEIN\Downloads\AllData.10.52_Crack.only.rar
2015-03-15 17:16 - 2015-03-15 17:16 - 32195618 _____ () C:\Users\HASSANEIN\Downloads\AD.Support_Utilities.rar
2015-03-15 17:16 - 2015-03-15 17:16 - 03193693 _____ () C:\Users\HASSANEIN\Downloads\AD1053_Disable.the.Rearm.of.Activation.for.Ace.rar
2015-03-15 17:00 - 2015-03-15 17:00 - 00002529 _____ () C:\Users\HASSANEIN\Downloads\AllData_Full_Set_LINKS (1).zip
2015-03-15 16:51 - 2015-03-15 16:51 - 00007307 _____ () C:\Users\HASSANEIN\Downloads\All_Data_10.52_Full_Set_LINKS.zip
2015-03-15 16:45 - 2015-03-15 16:45 - 00002529 _____ () C:\Users\HASSANEIN\Downloads\AllData_Full_Set_LINKS.zip
2015-03-11 11:38 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 11:38 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 11:38 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 11:38 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 11:38 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 11:38 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 11:38 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 11:38 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 11:38 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 11:38 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 11:37 - 2015-02-03 05:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 11:37 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 11:37 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 11:37 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 11:37 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 11:37 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 11:37 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 11:37 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 11:37 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 11:37 - 2015-02-03 05:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 11:37 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 11:37 - 2015-02-03 05:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 11:37 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 11:37 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 11:37 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 11:37 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 11:37 - 2015-02-03 05:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 11:37 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 11:37 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 11:37 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 11:37 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 11:37 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 11:37 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 11:37 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 11:37 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 11:37 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 11:37 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 11:37 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 11:37 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 11:37 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 11:35 - 2015-03-06 07:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 11:35 - 2015-03-06 07:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 11:35 - 2015-03-06 07:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 11:35 - 2015-03-06 07:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 11:35 - 2015-03-06 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 11:35 - 2015-03-06 07:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 11:35 - 2015-03-06 07:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 11:35 - 2015-03-06 07:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 11:35 - 2015-03-06 07:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 11:35 - 2015-03-06 07:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 11:35 - 2015-03-06 07:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 11:35 - 2015-03-06 07:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 11:35 - 2015-03-06 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 11:35 - 2015-03-06 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 11:35 - 2015-03-06 07:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 11:35 - 2015-03-06 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 11:35 - 2015-03-06 07:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 11:35 - 2015-03-06 07:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 11:35 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 11:35 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 11:35 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 11:35 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 11:35 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 11:35 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 11:35 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 11:35 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 11:35 - 2015-03-06 07:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 11:35 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 11:35 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 11:35 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 11:35 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 11:35 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 11:34 - 2015-02-26 05:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 11:34 - 2015-02-24 05:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 11:34 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 11:34 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 11:34 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 11:34 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 11:34 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 11:34 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 11:34 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 11:34 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 11:34 - 2015-02-20 05:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 11:34 - 2015-02-20 05:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 11:34 - 2015-02-20 04:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 11:34 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 11:34 - 2015-02-20 04:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 11:34 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 11:34 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 11:34 - 2015-02-20 04:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 11:34 - 2015-02-20 04:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 11:34 - 2015-02-20 04:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 11:34 - 2015-02-20 04:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 11:34 - 2015-02-20 04:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 11:34 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 11:34 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 11:34 - 2015-02-20 04:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 11:34 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 11:34 - 2015-02-20 04:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 11:34 - 2015-02-20 04:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 11:34 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 11:34 - 2015-02-20 04:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 11:34 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 11:34 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 11:34 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 11:34 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 11:34 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 11:34 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 11:34 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 11:34 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 11:34 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 11:34 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 11:34 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 11:34 - 2015-02-20 03:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 11:34 - 2015-02-20 03:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 11:34 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 11:34 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 11:34 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 11:34 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 11:34 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 11:34 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 11:34 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 11:34 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 11:34 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 11:34 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 11:34 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 11:34 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 11:34 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 11:34 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 11:34 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 11:34 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 11:34 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 11:34 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-11 11:34 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 11:34 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 11:34 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 11:34 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 11:34 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 11:34 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-10 02:16 - 2015-03-10 02:16 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-03-10 02:10 - 2015-03-10 02:10 - 00000755 _____ () C:\Users\HASSANEIN\Downloads\WinOLS_LINKS.zip
2015-03-09 19:58 - 2015-03-09 21:48 - 00000119 _____ () C:\Users\HASSANEIN\Desktop\Koranverse interessant.txt
2015-03-08 21:08 - 2015-03-08 21:08 - 00672944 _____ (Adobe Systems Incorporated) C:\Users\HASSANEIN\Downloads\CreativeCloudSet-Up (1).exe
2015-03-08 19:10 - 2015-03-08 19:10 - 00000000 ____D () C:\ProgramData\8707925833061247103
2015-03-08 18:50 - 2015-03-30 13:38 - 00000000 ____D () C:\Program Files (x86)\StatMaker
2015-03-07 15:06 - 2015-03-07 15:12 - 1266477072 _____ (Adobe Systems Incorporated) C:\Users\HASSANEIN\Downloads\FlashPro_12_LS4.exe
2015-03-07 14:54 - 2015-03-07 14:54 - 00001129 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2014.lnk
2015-03-07 14:45 - 2015-03-07 14:45 - 00000999 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Flash Professional CC 2014.lnk
2015-03-07 14:42 - 2015-03-25 18:19 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-03-07 14:40 - 2015-03-08 21:33 - 00000000 ____D () C:\Program Files\Adobe
2015-03-07 14:34 - 2015-03-07 14:34 - 00000000 ___RD () C:\Users\HASSANEIN\Creative Cloud Files
2015-03-07 14:21 - 2015-03-07 14:21 - 00001320 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-03-07 14:12 - 2015-03-07 14:12 - 00672944 _____ (Adobe Systems Incorporated) C:\Users\HASSANEIN\Downloads\CreativeCloudSet-Up.exe
2015-03-05 16:50 - 2015-03-05 16:50 - 00000248 _____ () C:\Users\HASSANEIN\Downloads\6N0909603_HC05B16_crash_clear.rar
2015-03-05 16:49 - 2015-03-05 16:49 - 00000219 _____ () C:\Users\HASSANEIN\Downloads\LKclear.rar
2015-03-05 11:49 - 2015-03-05 11:49 - 00499929 _____ () C:\Users\HASSANEIN\Downloads\Outlook.com (1).zip
2015-03-03 09:33 - 2015-03-03 09:33 - 01203488 _____ () C:\Users\HASSANEIN\Downloads\VLC media player 64 Bit - CHIP-Installer.exe
2015-03-03 02:09 - 2015-03-03 02:11 - 00000000 ____D () C:\Users\HASSANEIN\Desktop\Formulare erstellen
2015-03-03 02:04 - 2015-03-03 02:04 - 00001883 _____ () C:\Users\HASSANEIN\Downloads\iphorm-form-builder.php
2015-03-02 16:28 - 2015-03-02 16:28 - 00824237 _____ () C:\Users\HASSANEIN\Downloads\d01ad202.sql
2015-03-02 15:56 - 2015-03-02 15:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-03-02 15:56 - 2015-03-02 15:56 - 00000000 ____D () C:\Program Files\7-Zip
2015-03-02 15:55 - 2015-03-02 15:55 - 01376768 _____ () C:\Users\HASSANEIN\Downloads\7z920-x64.msi
2015-03-02 11:56 - 2015-03-02 11:58 - 42883064 _____ () C:\Users\HASSANEIN\Downloads\template_39030_69F6xHrM0dCh4R2ciWES.zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-31 18:20 - 2014-05-16 16:34 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-31 17:37 - 2014-04-10 00:12 - 01308134 _____ () C:\Windows\WindowsUpdate.log
2015-03-31 17:36 - 2014-06-17 00:34 - 00000000 ____D () C:\Users\HASSANEIN\AppData\Local\Adobe
2015-03-31 17:32 - 2014-04-10 09:37 - 00699342 _____ () C:\Windows\system32\perfh007.dat
2015-03-31 17:32 - 2014-04-10 09:37 - 00149450 _____ () C:\Windows\system32\perfc007.dat
2015-03-31 17:32 - 2009-07-14 07:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-31 16:17 - 2014-10-01 09:48 - 00000000 ____D () C:\FRST
2015-03-31 16:16 - 2009-07-14 06:45 - 00034208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-31 16:16 - 2009-07-14 06:45 - 00034208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-31 16:15 - 2015-01-26 11:10 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-31 09:36 - 2014-05-21 16:34 - 966248467 _____ () C:\Windows\MEMORY.DMP
2015-03-31 09:36 - 2014-05-21 16:34 - 00000000 ____D () C:\Windows\Minidump
2015-03-30 15:41 - 2014-05-20 04:35 - 00044554 _____ () C:\Windows\SysWOW64\QuickControlService.dmp
2015-03-30 15:26 - 2014-07-31 15:19 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-03-30 13:38 - 2015-02-13 12:06 - 00000000 ____D () C:\ProgramData\{a0202a53-952b-9add-a020-02a53952a94e}
2015-03-30 13:11 - 2014-05-16 10:27 - 00000000 ____D () C:\Users\HASSANEIN
2015-03-30 12:03 - 2014-05-24 21:31 - 00000000 ____D () C:\Users\HASSANEIN\AppData\Local\CrashDumps
2015-03-29 16:43 - 2015-02-25 16:15 - 00000000 ____D () C:\Users\HASSANEIN\.gimp-2.8
2015-03-28 15:53 - 2014-04-10 00:37 - 00000000 ____D () C:\ProgramData\Temp
2015-03-28 15:51 - 2015-02-08 15:57 - 00000000 ____D () C:\Program Files\EVC
2015-03-28 15:38 - 2014-05-16 10:30 - 00000000 ____D () C:\Users\HASSANEIN\AppData\Local\VirtualStore
2015-03-27 21:15 - 2014-04-10 00:33 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-27 21:11 - 2014-08-12 00:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-26 15:57 - 2014-05-16 18:32 - 00000000 ____D () C:\Users\HASSANEIN\AppData\Roaming\Nitro PDF
2015-03-26 15:38 - 2014-04-10 00:33 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-03-26 15:32 - 2014-05-16 16:34 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-26 15:32 - 2014-05-16 16:34 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-26 15:32 - 2014-05-16 16:34 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-26 15:30 - 2014-08-12 00:37 - 00001170 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-26 15:30 - 2014-08-12 00:37 - 00001158 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-26 04:19 - 2014-12-12 04:17 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-26 04:19 - 2014-05-20 04:10 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-25 18:33 - 2014-11-26 11:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tango Scorpio-LK
2015-03-25 18:19 - 2014-05-16 10:31 - 00000000 ____D () C:\Users\HASSANEIN\AppData\Roaming\Adobe
2015-03-24 02:43 - 2014-10-17 11:35 - 00000000 ____D () C:\HDW51_TMP
2015-03-18 15:49 - 2014-07-31 15:19 - 00003866 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1406812780
2015-03-18 15:38 - 2014-10-06 10:12 - 00000000 ____D () C:\AdwCleaner
2015-03-17 10:41 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-13 22:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-03-13 04:27 - 2009-07-14 06:45 - 00306656 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-13 04:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-13 04:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-11 20:55 - 2015-02-25 16:58 - 00000000 ____D () C:\Users\HASSANEIN\AppData\Local\gtk-2.0
2015-03-09 00:17 - 2014-12-18 12:37 - 00081920 ___SH () C:\Users\HASSANEIN\Thumbs.db
2015-03-07 14:20 - 2014-04-10 00:20 - 00000000 ____D () C:\ProgramData\Package Cache

==================== Files in the root of some directories =======

2014-05-16 10:27 - 2014-05-19 00:48 - 0005408 _____ () C:\Users\HASSANEIN\AppData\Roaming\AbsoluteReminder.xml
2015-03-16 23:22 - 2015-03-28 15:32 - 0000020 _____ () C:\Users\HASSANEIN\AppData\Roaming\appdataFr3.bin
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\HASSANEIN\AppData\Roaming\QEFL
2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\HASSANEIN\AppData\Roaming\SXLAIST
2015-03-29 16:43 - 2015-03-29 16:43 - 0027342 _____ () C:\Users\HASSANEIN\AppData\Local\recently-used.xbel
2014-05-16 17:05 - 2014-05-16 17:06 - 0034499 _____ () C:\Users\HASSANEIN\AppData\Local\WiDiSetupLog.20140516.170550.wdl
2014-04-10 00:27 - 2014-04-10 00:27 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-04-10 00:39 - 2014-04-10 00:40 - 0000107 _____ () C:\ProgramData\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}.log
2014-04-10 00:37 - 2014-04-10 00:38 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2014-04-10 00:38 - 2014-04-10 00:39 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2014-04-10 00:39 - 2014-04-10 00:39 - 0000115 _____ () C:\ProgramData\{D6E853EC-8960-4D44-AF03-7361BB93227C}.log

Some content of TEMP:
====================
C:\Users\HASSANEIN\AppData\Local\Temp\dateinj01.dll
C:\Users\HASSANEIN\AppData\Local\Temp\SpOrder.dll
C:\Users\HASSANEIN\AppData\Local\Temp\sqlite3.dll
C:\Users\HASSANEIN\AppData\Local\Temp\tf00294823.dll
C:\Users\HASSANEIN\AppData\Local\Temp\wingqxji.exe
C:\Users\HASSANEIN\AppData\Local\Temp\wintmeog.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-25 14:16

==================== End Of Log ============================

--- --- ---

--- --- ---

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by HASSANEIN at 2015-03-31 16:19:08
Running from C:\Users\HASSANEIN\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.0.0.19 - Absolute Software)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.1.474 - Adobe Systems Incorporated)
Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.310 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Professional CC 2014 (HKLM-x32\...\{AA704223-E11C-11E3-8A38-C09A633B72AF}) (Version: 14.2 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.0.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Brother MFL-Pro Suite MFC-7360N (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Browser 7 der Telekom 35.0.11 (x86 de) (HKLM-x32\...\Browser 7 der Telekom 35.0.11 (x86 de)) (Version: 35.0.11 - Deutsche Telekom AG)
Browser 7 Maintenance Service (HKLM-x32\...\Browser7MaintenanceService) (Version: 35.0.11 - Deutsche Telekom AG)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.8.2 - Bloodshed Software)
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7/8 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.62.10 - Lenovo Group Limited)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.2.802 - Foxit Corporation)
Freemake Video Converter Version 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
Full Screen (HKLM-x32\...\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}) (Version:  - ) <==== ATTENTION
Galletto version 1.0 (HKLM-x32\...\{40DCEDEA-401A-485C-B238-D9E9FADDB132}_is1) (Version: 1.0 - )
Galletto Win7 version 1.1 (HKLM-x32\...\{BF9D514F-E44F-4EF4-AB03-925F44BD3F8E}_is1) (Version: 1.1 - )
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
HD Writer AE 5.1 (HKLM-x32\...\{0303619A-9690-4007-A9D8-CEF5B2CF5A0C}) (Version: 5.01.012.1031 - Panasonic Corporation)
HxD Hex Editor Version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
Integrated Camera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 5.13.514.3 - Vimicro)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.13.1402 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3272 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1332.1) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0366 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{6555226B-7295-4CFD-9D5B-9C8F394BE03A}) (Version: 4.1.41.2234 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{F949AE30-83D1-41B2-92D2-F44478DD058A}) (Version: 4.2.24.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{75895d95-3e4b-42b6-8440-97a0e234aeb3}) (Version: 17.0.2 - Intel Corporation)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.01 - )
Lenovo Fingerprint Manager (HKLM\...\{45CC6269-15F2-4734-A7D1-46A032E85CAE}) (Version: 4.5.127.0 - Validity Sensors, Inc.)
Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.00.02 - )
Lenovo QuickCast (HKLM-x32\...\Lenovo QuickCast_is1) (Version: 2.0.10.0 - Lenovo Group Limited)
Lenovo QuickControl (HKLM-x32\...\{4855C42F-5197-4AAD-A50D-5066D2CC4647}) (Version: 1.10 - Lenovo Group Limited)
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.3 - Lenovo Inc.)
Lenovo Solution Center (HKLM\...\{4C2B6F96-3AED-4E3F-8DCE-917863D1E6B1}) (Version: 2.7.003.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0016 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}) (Version: 3.1.0022.00 - Lenovo Group Limited)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-4194908080-3589016638-193389046-1000\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 36.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 de)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.4 - Mozilla)
MultiEcuX UHDS version 2.01.2.3 (HKLM-x32\...\{2D4186EB-B904-497F-A293-129145AAC143}_is1) (Version: 2.01.2.3 - Smok)
MultiProg version 1.37.0.8 (HKLM-x32\...\{90F9C7B5-E80C-4D74-8E40-1AF3034B3951}_is1) (Version: 1.37.0.8 - Smok)
Nitro Pro 8 (HKLM\...\{C97CFB86-B083-4BAE-90B2-D141500A5ACA}) (Version: 8.5.5.2 - Nitro)
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Opera Stable 28.0.1750.48 (HKLM-x32\...\Opera 28.0.1750.48) (Version: 28.0.1750.48 - Opera Software ASA)
PDF24 Creator 6.6.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
RapidBoot HDD Accelerator (HKLM-x32\...\Fastboot) (Version: 1.1.1.1 - Lenovo)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21237 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7064 - Realtek Semiconductor Corp.)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
Shopping Helper Smartbar Engine (HKU\S-1-5-21-4194908080-3589016638-193389046-1000\...\{1c400b46-f9de-47e8-97ed-bdff5cd99760}) (Version: 11.113.63.19229 - ReSoft Ltd.) <==== ATTENTION
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Tango Version 1.94 (HKLM-x32\...\{58C6F81E-2619-4CDF-A427-B540563B0A00}_is1) (Version: 1.94 - Scorpio-LK Ltd.)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.39052 - TeamViewer)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.4.27 - )
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.1.5.0 - Lenovo)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.77.0.26 - Lenovo)
UltraProg (HKLM-x32\...\UltraProg 14.5.5.0) (Version: 3.2.7.0 - UltraProg.co.uk)
UltraProg (Version: 14.5.5.0 - UltraProg.co.uk) Hidden
VCDS AIB 12.12 (HKLM-x32\...\VCDS AIB) (Version: AIB 12.12 - Auto-Intern GmbH)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Auto-Intern USB-Treiber (03/30/2010 2.06.02) (HKLM\...\42B17F23052FF114E91E57E2287CCEEDF216888D) (Version: 03/30/2010 2.06.02 - Auto-Intern)
Windows-Treiberpaket - Auto-Intern Virtueller COM-Port-Treiber (03/30/2010 2.06.02) (HKLM\...\5EFB68C2F0CD0DB3442B0733C6FAB545A71A88FF) (Version: 03/30/2010 2.06.02 - Auto-Intern)
Windows-Treiberpaket - FTDI CDM Driver Package (02/17/2009 2.04.16) (HKLM\...\2DC0AA065FA83047D7ECD51C7000C1620D79A4C5) (Version: 02/17/2009 2.04.16 - FTDI)
Windows-Treiberpaket - FTDI CDM Driver Package (02/17/2009 2.04.16) (HKLM\...\51A4D522DD31538335EF5736F0E7F588C70BCB12) (Version: 02/17/2009 2.04.16 - FTDI)
Windows-Treiberpaket - Intel (e1dexpress) Net  (05/30/2013 12.8.33.0) (HKLM\...\F7EF7D3FC047624123718E936825427CBE9603C0) (Version: 05/30/2013 12.8.33.0 - Intel)
Windows-Treiberpaket - Lenovo 1.67.00.02 (04/17/2013 1.67.00.02) (HKLM\...\907DA143458FE258EFEB416B946DE8DF2B87A0BA) (Version: 04/17/2013 1.67.00.02 - Lenovo)
Windows-Treiberpaket - Synaptics (SmbDrv) System  (07/09/2013 16.6.4.27) (HKLM\...\DD595BFA8811E95794F6C59241A045308186FF6D) (Version: 07/09/2013 16.6.4.27 - Synaptics)
Windows-Treiberpaket - Synaptics (SynTP) Mouse  (07/09/2013 16.6.4.27) (HKLM\...\B9820F573E0DD3A982ABE811E2913896FAFE911A) (Version: 07/09/2013 16.6.4.27 - Synaptics)
Winols 2.24 (HKLM-x32\...\Winols 2.24) (Version: 2.24 - OLS)
WinRAR 5.10 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4194908080-3589016638-193389046-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\HASSANEIN\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4194908080-3589016638-193389046-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\HASSANEIN\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4194908080-3589016638-193389046-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\HASSANEIN\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4194908080-3589016638-193389046-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\HASSANEIN\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

20-03-2015 11:37:56 Windows Update
24-03-2015 10:20:51 Windows Update
26-03-2015 04:00:15 Windows Update
31-03-2015 09:42:33 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-10-06 10:35 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0B8E07A9-048E-4136-8722-EAEA7D8C5C06} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {0C64D015-8A13-4459-977F-AAC5494DAFB9} - System32\Tasks\{17243A97-9C53-4E6E-A533-773F5FB45F50} => pcalua.exe -a "C:\Program Files (x86)\SupTab\uninstall.exe" -d "C:\Program Files (x86)\SupTab"
Task: {25E1814A-1F77-4998-833C-E1F5308F0ACE} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\WSCStub.exe
Task: {2E265404-1831-4A7F-BCFC-5A85140F9A4B} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-10-16] (Lenovo)
Task: {4115DED7-78A9-426E-AB82-196F4BF4D72D} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2014-06-18] ()
Task: {4BE9FCB5-AB74-497C-A23F-5F794B05E651} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2014-10-16] (Lenovo)
Task: {4C31115C-1D52-4014-9CA6-37444B11E533} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-10-16] (Lenovo)
Task: {4E5520E8-F165-405B-90DB-506CBEAD07AF} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-10-16] ()
Task: {4F71817B-8B48-4D72-99AF-D61A734F78F1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-26] (Google Inc.)
Task: {50B96AAA-77CF-45CF-A47B-D309F12499B6} - System32\Tasks\{3F3EF4A8-AC32-4103-B641-9AEA49902109} => pcalua.exe -a "C:\Program Files (x86)\SupTab\uninstall.exe" -d "C:\Program Files (x86)\SupTab"
Task: {63B90E29-F6CC-4443-B7A6-81709127EE33} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe
Task: {760C4046-289E-4558-8BC4-835A16D20B7E} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-10-04] (Realtek Semiconductor)
Task: {99D06051-E696-43C7-AD13-3C785C16361D} - System32\Tasks\SXLAIST => C:\Users\HASSANEIN\AppData\Roaming\SXLAIST.exe <==== ATTENTION
Task: {99F2E6B8-717E-4B01-A127-C1A05ED75B58} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-26] (Adobe Systems Incorporated)
Task: {9BE80658-FAB4-4C35-BF9D-E6AA3289A077} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2013-08-01] (Lenovo Group Limited)
Task: {9CF6874D-E7AF-4B3E-899E-B5626344661B} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-10-14] (Realtek Semiconductor)
Task: {A6F0A362-192F-4B09-9318-CE1A32288B67} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-26] (Google Inc.)
Task: {B219AE13-638C-4523-B530-E36225F2E319} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {CE616928-C475-41E5-9F8F-FA728CCF66A0} - System32\Tasks\StartPowerDVDService => C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
Task: {D5861008-D825-4F7F-9B71-81752660D372} - System32\Tasks\Opera scheduled Autoupdate 1406812780 => C:\Program Files (x86)\Opera\launcher.exe [2015-03-16] (Opera Software)
Task: {DFC59160-4643-4269-B49B-02E89542A2E2} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe
Task: {E74AB2B2-9D8B-4459-93FB-65BA1B8818C6} - System32\Tasks\QEFL => C:\Users\HASSANEIN\AppData\Roaming\QEFL.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\QEFL.job => C:\Users\HASSANEIN\AppData\Roaming\QEFL.exe <==== ATTENTION
Task: C:\Windows\Tasks\SXLAIST.job => C:\Users\HASSANEIN\AppData\Roaming\SXLAIST.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) ==============

2013-04-15 15:45 - 2013-04-15 15:45 - 00182760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-04-15 15:45 - 2013-04-15 15:45 - 00060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2015-02-11 16:13 - 2015-02-11 16:13 - 00997536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-04-10 00:31 - 2013-08-01 00:02 - 00117248 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2015-02-11 16:12 - 2015-02-11 16:12 - 05739680 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2015-03-31 17:50 - 2015-03-31 15:57 - 00165376 _____ () C:\FGTech\EOBD2S.exe
2015-03-18 15:49 - 2015-03-18 15:49 - 00484472 _____ () C:\Program Files (x86)\Opera\28.0.1750.48\opera_crashreporter.exe
2015-03-30 12:16 - 2015-03-30 13:06 - 164662696 _____ () C:\Users\HASSANEIN\Downloads\zu9puvxy (1).exe
2012-12-30 18:32 - 2012-12-30 18:32 - 02134440 _____ () c:\users\hassanein\appdata\local\temp\8BA4ABAA-5B4745D6-9C627ECE-F291E7CE\bivhH9cD9.exe
2012-12-30 18:32 - 2012-12-30 18:32 - 07154944 _____ () c:\users\hassanein\appdata\local\temp\8BA4ABAA-5B4745D6-9C627ECE-F291E7CE\qkUX6D0zDfWE8R.exe
2012-12-30 18:32 - 2012-12-30 18:32 - 00442680 _____ () c:\users\hassanein\appdata\local\temp\8BA4ABAA-5B4745D6-9C627ECE-F291E7CE\DuhDyNcQIqGQ.exe
2012-12-30 18:34 - 2012-12-30 18:34 - 00012970 ____N () C:\Users\HASSAN~1\AppData\Local\Temp\wingqxji.exe
2012-12-30 17:39 - 2012-12-30 17:39 - 00049834 ____N () C:\Users\HASSAN~1\AppData\Local\Temp\wintmeog.exe
2014-04-10 00:35 - 2013-08-15 06:26 - 00033520 ____N () C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBServiceps.dll
2014-04-10 00:33 - 2011-08-02 20:58 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2014-04-10 00:33 - 2011-08-02 20:58 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2014-05-16 22:57 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-04-10 00:37 - 2013-07-16 09:39 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-02-15 15:58 - 2015-02-15 15:58 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2015-03-18 15:49 - 2015-03-18 15:49 - 01488504 _____ () C:\Program Files (x86)\Opera\28.0.1750.48\libglesv2.dll
2015-03-18 15:49 - 2015-03-18 15:49 - 00079992 _____ () C:\Program Files (x86)\Opera\28.0.1750.48\libegl.dll
2015-03-18 15:49 - 2015-03-18 15:49 - 09625720 _____ () C:\Program Files (x86)\Opera\28.0.1750.48\pdf.dll
2015-02-15 15:58 - 2015-02-15 15:58 - 00746160 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libglesv2.dll
2015-02-15 15:58 - 2015-02-15 15:58 - 00136368 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libegl.dll
2015-03-19 11:20 - 2015-03-19 11:20 - 14964912 _____ () C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_310.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:E8956AB5
AlternateDataStreams: C:\ProgramData\Temp:EFB09287

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MyOSProtect => ""="service" <==== ATTENTION

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4194908080-3589016638-193389046-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\HASSANEIN\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-4194908080-3589016638-193389046-501\Control Panel\Desktop\\Wallpaper -> C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-4194908080-3589016638-193389046-500 - Administrator - Disabled)
Gast (S-1-5-21-4194908080-3589016638-193389046-501 - Limited - Enabled) => C:\Users\Gast
HASSANEIN (S-1-5-21-4194908080-3589016638-193389046-1000 - Administrator - Enabled) => C:\Users\HASSANEIN
HomeGroupUser$ (S-1-5-21-4194908080-3589016638-193389046-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/30/2012 06:26:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/30/2012 05:57:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/31/2015 09:37:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/30/2015 08:38:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/30/2015 03:41:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: QuickControlService.exe, Version: 1.1.0.38, Zeitstempel: 0x51e5b1b2
Name des fehlerhaften Moduls: QuickControlService.exe, Version: 1.1.0.38, Zeitstempel: 0x51e5b1b2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000eb9a
ID des fehlerhaften Prozesses: 0xd28
Startzeit der fehlerhaften Anwendung: 0xQuickControlService.exe0
Pfad der fehlerhaften Anwendung: QuickControlService.exe1
Pfad des fehlerhaften Moduls: QuickControlService.exe2
Berichtskennung: QuickControlService.exe3

Error: (03/30/2015 03:21:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/30/2015 03:17:12 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Der Filterhostprozess kann nicht initialisiert werden. Der Vorgang wird abgebrochen.


Details:
	Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.  (HRESULT : 0x800705b4) (0x800705b4)

Error: (03/30/2015 03:13:10 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Der Filterhostprozess kann nicht initialisiert werden. Der Vorgang wird abgebrochen.


Details:
	Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.  (HRESULT : 0x800705b4) (0x800705b4)

Error: (03/30/2015 03:09:08 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Der Filterhostprozess kann nicht initialisiert werden. Der Vorgang wird abgebrochen.


Details:
	Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.  (HRESULT : 0x800705b4) (0x800705b4)

Error: (03/30/2015 03:05:06 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Der Filterhostprozess kann nicht initialisiert werden. Der Vorgang wird abgebrochen.


Details:
	Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.  (HRESULT : 0x800705b4) (0x800705b4)


System errors:
=============
Error: (12/30/2012 06:32:30 PM) (Source: Schannel) (EventID: 4113) (User: HASSANEIN-THINK)
Description: Das vom Remoteserver empfangene Zertifikat ist abgelaufen. Fehler bei der SSL-Verbindungsanforderung. Die angefügten Daten enthalten das Serverzertifikat.

Error: (12/30/2012 06:32:30 PM) (Source: Schannel) (EventID: 4120) (User: HASSANEIN-THINK)
Description: Es wurde eine schwerwiegende Warnung generiert: 45. Der interne Fehlerstatus lautet: 552.

Error: (12/30/2012 06:32:18 PM) (Source: Schannel) (EventID: 4113) (User: HASSANEIN-THINK)
Description: Das vom Remoteserver empfangene Zertifikat ist abgelaufen. Fehler bei der SSL-Verbindungsanforderung. Die angefügten Daten enthalten das Serverzertifikat.

Error: (12/30/2012 06:32:18 PM) (Source: Schannel) (EventID: 4120) (User: HASSANEIN-THINK)
Description: Es wurde eine schwerwiegende Warnung generiert: 45. Der interne Fehlerstatus lautet: 552.

Error: (12/30/2012 06:32:10 PM) (Source: Schannel) (EventID: 4113) (User: HASSANEIN-THINK)
Description: Das vom Remoteserver empfangene Zertifikat ist abgelaufen. Fehler bei der SSL-Verbindungsanforderung. Die angefügten Daten enthalten das Serverzertifikat.

Error: (12/30/2012 06:32:10 PM) (Source: Schannel) (EventID: 4120) (User: HASSANEIN-THINK)
Description: Es wurde eine schwerwiegende Warnung generiert: 45. Der interne Fehlerstatus lautet: 552.

Error: (12/30/2012 06:32:04 PM) (Source: Schannel) (EventID: 4113) (User: HASSANEIN-THINK)
Description: Das vom Remoteserver empfangene Zertifikat ist abgelaufen. Fehler bei der SSL-Verbindungsanforderung. Die angefügten Daten enthalten das Serverzertifikat.

Error: (12/30/2012 06:32:04 PM) (Source: Schannel) (EventID: 4120) (User: HASSANEIN-THINK)
Description: Es wurde eine schwerwiegende Warnung generiert: 45. Der interne Fehlerstatus lautet: 552.

Error: (03/31/2015 06:29:23 PM) (Source: DCOM) (EventID: 10016) (User: HASSANEIN-THINK)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}HASSANEIN-THINKGastS-1-5-21-4194908080-3589016638-193389046-501LocalHost (unter Verwendung von LRPC)

Error: (03/31/2015 06:29:23 PM) (Source: DCOM) (EventID: 10016) (User: HASSANEIN-THINK)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}HASSANEIN-THINKGastS-1-5-21-4194908080-3589016638-193389046-501LocalHost (unter Verwendung von LRPC)


Microsoft Office Sessions:
=========================
Error: (12/30/2012 06:26:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/30/2012 05:57:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/31/2015 09:37:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/30/2015 08:38:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/30/2015 03:41:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: QuickControlService.exe1.1.0.3851e5b1b2QuickControlService.exe1.1.0.3851e5b1b2c00000050000eb9ad2801d06aec80efc12fC:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exeC:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe7e7aa939-d6e2-11e4-a57c-7c7a916bf5d9

Error: (03/30/2015 03:21:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/30/2015 03:17:12 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: 
Details:
	Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.  (HRESULT : 0x800705b4) (0x800705b4)

Error: (03/30/2015 03:13:10 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: 
Details:
	Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.  (HRESULT : 0x800705b4) (0x800705b4)

Error: (03/30/2015 03:09:08 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: 
Details:
	Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.  (HRESULT : 0x800705b4) (0x800705b4)

Error: (03/30/2015 03:05:06 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: 
Details:
	Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.  (HRESULT : 0x800705b4) (0x800705b4)


CodeIntegrity Errors:
===================================
  Date: 2014-10-06 10:31:56.359
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-06 10:31:56.297
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-14 16:45:32.112
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-14 16:45:31.993
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-14 16:45:31.854
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-14 16:45:31.694
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-14 16:45:31.575
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-14 16:45:31.444
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-14 16:45:31.332
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-14 16:45:31.204
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz
Percentage of memory in use: 67%
Total physical RAM: 3816.56 MB
Available physical RAM: 1222.94 MB
Total Pagefile: 7631.31 MB
Available Pagefile: 3670.44 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:347.6 GB) (Free:259.22 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Win XP) (Fixed) (Total:101.75 GB) (Free:100.7 GB) NTFS
Drive q: (Lenovo_Recovery) (Fixed) (Total:14.94 GB) (Free:3.63 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: F1860EA5)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=347.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=101.8 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================

--- --- ---

schrauber · 01.04.2015, 08:33

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

Full Screen

Shopping Helper Smartbar Engine (HKU\S-1-5-21-4194908080-3589016638-193389046-1000\...\{1c400b46-f9de-47e8-97ed-bdff5cd99760}) (Version: 11.113.63.19229 - ReSoft Ltd.) <==== ATTENTION
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Fehlermeldung: File corrpted. This application has been manipulated and maybe it is infected by a Virius

Log-Analyse und Auswertung: Fehlermeldung: File corrpted. This application has been manipulated and maybe it is infected by a Virius