Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Lenovo Thinkpad Yoga 15 Scroll nach unten/ Maus Problem (https://www.trojaner-board.de/166564-lenovo-thinkpad-yoga-15-scroll-unten-maus-problem.html)

Anteros1986 30.04.2015 11:42
Lenovo Thinkpad Yoga 15 Scroll nach unten/ Maus Problem
 
Hallo Liebes trojaner Board.

Viele Jahre hatte ich keinen Grund mehr hier was zu posten, nun ist es soweit

Zur Vorgeschichte,

Habe mir das neue Notebook vor ca 1 Monat geholt
eingerichtet und war fasziniert. Doch seit vorgestern macht mir ein Problem zu schaffen
verwende Windows 8.1 64 bit und in manchen Anwendungen (vorallem APPs) wie Wunderlist Facebook und co scrollt das Notebook nun immer ganz nach unten

Hab zuerst nach einem Hardware defekt gesucht, meine Maus, eine Performance MX von Logitech, auf einem anderen gerät probiert -> Funktioniert

Treiber sind die Aktuellesten

Lenovo Update gemacht: auch hier alles am neuesten Stand

Dann dachte ich vielleicht hängt eine Taste und siehe da wenn ich ESC drücke ist das Problem temporär gelöst, Kommt aber von zeit zu zeit wieder! (keine fixe wiederkehrungszeit)

Dann bin ich in die Systemsteuerung gegangen um zu sehen ob sich ein nicht gewolltes Programm eingeschlichen hat und siehe da auch hier scrollt die Maus wie verrückt,

weder in Chrome noch im normalen Dateiexplorer habe ich dieses Problem

Hab dann versucht zuerst über die Wiederherstellungskonsole zu arbeiten, das hatte keinen erfolg, Dann hab ich mein Wöchentliches Backup eingespielt (acronis Trueimage) , auch das hatte keinen erfolg, Problem kommt von Zeit zu Zeit

mittlerweile kommt es sehr häufig vor, dass ich die Maus zwar bewegen kann (sowohl Touchpad als auch Performance MX) jedoch keine Klicks angenommen werden. sprich System hängt, ALT TAB funktionieren jedoch, und ab und zu ist es so, dass ein links Doppelklick einen Rechtsklick bewirkt, wieder sowohl Maus als auch Touchpad. Wenn ich über STRG ENTF nun in den Taskmanager gehe ist das Problem sofort gelöst.

Habe Tuneup Wartung drüberlaufen lassen, auch das half nichts..

Anbei findet ihr meine Logs, leider funktioniert bei mir gmer nicht. solltet ihr diesen log noch unbedingt brauchen bitte ich um hilfe, Es kommt die Fehlermeldung das C:\Windows\system32\config\system: der Prozess kann nicht auf die Datei zugreife, da sie von einem anderen prozess verwendet wird.

Hab neustart probiert und natürlich firewall deaktiviert.

Hier nun die logs
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2015 01
Ran by ##### (administrator) on FILMIC on 30-04-2015 12:06:23
Running from C:\Users\######\Downloads
Loaded Profiles: ###### (Available profiles: ###### & ###### Mitarbeiter)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\InstantOn\InstantOnSrv.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\MultiMode\MultiModeService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Plantronics, Inc.) C:\Program Files (x86)\Plantronics\Spokes3G\SpokesUpdateService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Forty One Ltd.) C:\Daten\Google Drive\03 Downloads\AudioSwitcher_1_6_4_0\AudioSwitcher.exe
(Docking Station) C:\Program Files (x86)\Lenovo\USB3.0 DVI Adapter\igpxtskmgn64win8.exe
(SunplusIT, Inc.) C:\Program Files (x86)\Integrated Camera\Monitor.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\PaperDisplay\PaperDisplaySysTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Dropbox, Inc.) C:\Users\######\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Plantronics, Inc.) C:\Program Files (x86)\Plantronics\Spokes3G\PLTHub.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\Logitech\QCDriver3\LVComS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(6 Wunderkinder GmbH) C:\Program Files\WindowsApps\6Wunderkinder.Wunderlist_3.3.0.7_neutral__b4cwydgxqx59r\Wunderlist.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\cammute.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvchlpr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\Integrator.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [341448 2014-11-07] (Lenovo Group Limited)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [317752 2015-01-16] (Alps Electric Co., Ltd.)
HKLM\...\Run: [TpShocks] => C:\WINDOWS\system32\TpShocks.exe [555760 2014-12-08] (Lenovo.)
HKLM\...\Run: [LnvMobHotspotClient] => C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [937928 2014-12-10] (Lenovo)
HKLM\...\Run: [LMCSSTART1] => C:\WINDOWS\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libmcsrdllb.dll,InitSubsystemProcesses
HKLM\...\Run: [LMCSSTART2] => C:\WINDOWS\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libstartstub2.dll,ProxyStart
HKLM\...\Run: [LMCSSTART3] => C:\WINDOWS\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libmcsrdllb.dll,SetupCamplusDrop
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [571192 2014-08-14] (Acronis)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1723040 2014-10-22] (SunplusIT, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [726320 2015-03-31] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5343272 2014-11-27] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [606096 2014-10-17] (Acronis International GmbH)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2014-12-03] (Adobe Systems Inc.)
HKLM-x32\...\Run: [PLTHub.exe] => C:\Program Files (x86)\Plantronics\Spokes3G\PLTHub.exe [3306896 2015-03-05] (Plantronics, Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [103768 2009-09-13] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Plantronics MyHeadset Updater] => C:\Program Files (x86)\Plantronics\MyHeadsetUpdater\MyHeadsetUpdater.exe [80384 2014-12-15] (Plantronics)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [LVCOMS] => C:\Program Files (x86)\Common Files\Logitech\QCDriver3\LVCOMS.EXE [127022 2002-12-10] (Logitech Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)
HKU\S-1-5-21-1931906367-3255308075-3261805128-1001\...\Run: [GoogleChromeAutoLaunch_8FD42D95AAF94900B79BC09FB8C22EDB] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [812872 2015-04-13] (Google Inc.)
HKU\S-1-5-21-1931906367-3255308075-3261805128-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [26232152 2015-02-19] (Google)
HKU\S-1-5-21-1931906367-3255308075-3261805128-1001\...\Run: [AudioSwitcher] => C:\Daten\Google Drive\03 Downloads\AudioSwitcher_1_6_4_0\AudioSwitcher.exe [456192 2015-03-03] (Forty One Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\igpxtskmgn.lnk [2015-03-15]
ShortcutTarget: igpxtskmgn.lnk -> C:\Program Files (x86)\Lenovo\USB3.0 DVI Adapter\igpxtskmgn64win8.exe (Docking Station)
Startup: C:\Users\######\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-03-24]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\######\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-03-24]
ShortcutTarget: Dropbox.lnk -> C:\Users\######\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\######\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk [2015-03-26]
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\######\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-27] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\######\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-27] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\######\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-27] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\######\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-27] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\######\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-27] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\######\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-27] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\######\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-27] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\######\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-27] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1931906367-3255308075-3261805128-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13-comm.msn.com/?pc=LNJB
HKU\S-1-5-21-1931906367-3255308075-3261805128-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com/?pc=LNJB
HKU\S-1-5-21-1931906367-3255308075-3261805128-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-1931906367-3255308075-3261805128-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1931906367-3255308075-3261805128-1001 -> DefaultScope {A09C74F7-AF6C-4DCD-A2EB-CB2E1D3397A0} URL =
SearchScopes: HKU\S-1-5-21-1931906367-3255308075-3261805128-1001 -> {A09C74F7-AF6C-4DCD-A2EB-CB2E1D3397A0} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-25] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-12-02] (Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-25] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-12-02] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-26] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-26] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-12-02] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1931906367-3255308075-3261805128-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-12-02] (Adobe Systems Incorporated)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\######\AppData\Roaming\Mozilla\Firefox\Profiles\qzrz6gyt.default
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-29] (Adobe Systems)
FF Plugin-x32: @dynamsoft.com/ImageCaptureSuitePlugin -> C:\WINDOWS\SysWOW64\dynamsoft\imagecapturesuite\NPImageCaptureSuiteTrial.dll [2014-03-13] (Dynamsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-23] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-29] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-03-23]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.at/
CHR StartupUrls: Default -> "hxxp://www.google.com/", "hxxp://facebook.com/"
CHR DefaultSearchKeyword: Default -> google.at_
CHR DefaultSearchURL: Default -> hxxp://www.google.at/search?q={searchTerms}
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\######\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Easy Auto Refresh) - C:\Users\######\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2015-04-28]
CHR Extension: (Logitech Unifying for Chrome) - C:\Users\######\AppData\Local\Google\Chrome\User Data\Default\Extensions\agpmgihmmmfkbhckmciedmhincdggomo [2015-04-28]
CHR Extension: (Google Drive) - C:\Users\######\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-28]
CHR Extension: (Adblock Plus) - C:\Users\######\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-28]
CHR Extension: (AirDroid New Tab Page) - C:\Users\######\AppData\Local\Google\Chrome\User Data\Default\Extensions\dikcaehehnanmmfjjaodjgdjagfpaeeg [2015-04-28]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\######\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2015-04-28]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\######\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-04-28]
CHR Extension: (My JDownloader) - C:\Users\######\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2015-04-28]
CHR Extension: (Chrome Remote Desktop) - C:\Users\######\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-04-28]
CHR Extension: (Bookmark Manager) - C:\Users\######\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-28]
CHR Extension: (AirDroid) - C:\Users\######\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgndiocipalkpejnpafdbdlfdjihomd [2015-04-28]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\######\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-28]
CHR Extension: (Top Eleven) - C:\Users\######\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljphpjlafmmdmegmfbkacafhbegjfkkn [2015-04-28]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\######\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-04-28]
CHR Extension: (Google Wallet) - C:\Users\######\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-28]
CHR Extension: (Wunderlist for Chrome) - C:\Users\######\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojcflmmmcfpacggndoaaflkmcoblhnbh [2015-04-28]
CHR HKU\S-1-5-21-1931906367-3255308075-3261805128-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\######FIL~1\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-04-28]
CHR HKU\S-1-5-21-1931906367-3255308075-3261805128-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-12-03]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [815920 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [434424 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [434424 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1004280 2015-03-31] (Avira Operations GmbH & Co. KG)
R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [87384 2014-11-06] (Alps Electric Co., Ltd.)
R2 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [560584 2015-01-21] (Lenovo Corporation)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9281840 2013-10-11] (DisplayLink Corp.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
S2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [125168 2014-12-12] (Intel Corporation)
S4 IDPhotoCaptureActivationService; C:\Program Files (x86)\Common Files\inPhoto IDPhoto Shared\Activation Service\ActivationService.exe [19968 2013-08-15] (IDPhotoCapture) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2015-01-20] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [95624 2015-01-23] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [619776 2015-01-15] (Lenovo)
R2 Lenovo Instant On; C:\Program Files\Lenovo\InstantOn\InstantOnSrv.exe [3204080 2014-08-28] (Lenovo Group Limited)
R2 Lenovo MultiMode Service; C:\Program Files (x86)\Lenovo\MultiMode\MultiModeService.exe [1792968 2015-01-29] (Lenovo Group Limited)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2019272 2015-02-09] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584632 2015-03-06] (LENOVO INCORPORATED.)
R3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [626120 2015-01-21] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [115184 2014-07-08] (Lenovo Group Limited)
R2 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [22576 2014-02-21] (Lenovo)
S3 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [475080 2015-01-21] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [469720 2015-01-09] ()
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272440 2015-03-09] (Lenovo)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-12-04] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 PlantronicsUpdateService; C:\Program Files (x86)\Plantronics\Spokes3G\SpokesUpdateService.exe [1058192 2015-03-05] (Plantronics, Inc.)
S2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [61232 2014-12-05] (Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [328488 2014-12-05] (Lenovo Group Limited)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-10-22] (Realtek Semiconductor)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [49136 2015-03-27] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-12-04] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-03-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-17] (Avira Operations GmbH & Co. KG)
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [296736 2015-03-23] (Acronis International GmbH)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [231152 2014-12-12] (Intel Corporation)
R1 InstantOn; C:\Program Files\Lenovo\InstantOn\InstantOn.sys [25856 2014-02-03] (Lenovo Group Limited)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79528 2014-09-05] (Intel Corporation)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
R3 LENOVODOCK; C:\Windows\system32\DRIVERS\LenovoDock.sys [572416 2014-07-18] (C-Media Inc.)
R3 LnvHIDHW; C:\Windows\System32\drivers\LnvHIDHW.sys [29496 2014-04-07] (Lenovo)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-30] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2014-10-30] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3494680 2014-12-08] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
S3 prl_virtual_sound; C:\Windows\system32\DRIVERS\prl_virtual_sound.sys [46824 2015-02-10] (Parallels Holdings, Ltd. and its affiliates.)
R3 RTLU3E8023-W8-64; C:\Windows\system32\DRIVERS\rtu30x64w8.sys [117464 2014-09-23] (Realtek                                            )
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [508120 2014-08-15] (Realsil Semiconductor Corporation)
R3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-21] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-21] (Microsoft Corporation)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [683040 2014-11-10] (Sunplus)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1328928 2015-03-23] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [234784 2015-03-23] (Acronis International GmbH)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-06-23] (TuneUp Software)
R3 VirtualButtons; C:\Windows\System32\drivers\VirtualButtons.sys [31512 2014-09-09] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 WsAudio_Device(1); C:\Windows\system32\drivers\VirtualAudio1.sys [31080 2014-11-26] (Wondershare)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-30 12:06 - 2015-04-30 12:06 - 00037156 _____ () C:\Users\######\Downloads\FRST.txt
2015-04-30 12:06 - 2015-04-30 12:06 - 00000000 ____D () C:\FRST
2015-04-30 12:05 - 2015-04-30 12:05 - 02101248 _____ (Farbar) C:\Users\######\Downloads\FRST64.exe
2015-04-30 12:05 - 2015-04-30 12:05 - 00000486 _____ () C:\Users\######\Downloads\defogger_disable.log
2015-04-30 12:05 - 2015-04-30 12:05 - 00000000 _____ () C:\Users\######\defogger_reenable
2015-04-30 12:04 - 2015-04-30 12:04 - 00050477 _____ () C:\Users\######\Downloads\Defogger.exe
2015-04-30 11:19 - 2015-04-30 11:19 - 00002019 _____ () C:\Users\######\Downloads\launch.ica
2015-04-30 10:33 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-04-30 10:33 - 2015-03-17 19:26 - 00467776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-04-30 10:33 - 2015-03-09 04:02 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-04-30 10:33 - 2015-01-06 05:01 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-04-30 10:33 - 2015-01-06 04:59 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-04-30 10:33 - 2015-01-06 03:12 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-04-30 10:33 - 2015-01-06 03:02 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2015-04-30 10:32 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-04-30 10:32 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-04-30 10:32 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-04-30 10:32 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-04-30 10:32 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-04-30 10:32 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-04-30 10:32 - 2015-03-14 04:03 - 04179968 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-04-30 10:32 - 2015-03-13 06:03 - 00239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-04-30 10:32 - 2015-03-13 06:03 - 00154432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-04-30 10:32 - 2015-03-13 04:59 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-04-30 10:32 - 2015-03-13 04:49 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-04-30 10:32 - 2015-03-13 04:38 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-04-30 10:32 - 2015-03-13 04:28 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-04-30 10:32 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-04-30 10:32 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-04-30 10:32 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-04-30 10:32 - 2015-03-13 02:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-04-30 10:32 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-04-30 10:32 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-04-30 10:32 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-04-30 10:32 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-04-30 10:32 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-04-30 10:32 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-04-30 10:32 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-04-30 10:32 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-04-30 10:32 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-04-30 10:32 - 2015-02-13 04:22 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-04-30 10:32 - 2015-02-13 03:46 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-04-30 10:32 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-04-29 00:48 - 2015-04-29 00:48 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2015-04-29 00:32 - 2015-04-29 00:43 - 00003956 _____ () C:\WINDOWS\System32\Tasks\Wiederherstellungspunkt
2015-04-28 23:26 - 2015-04-30 11:59 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-04-28 23:26 - 2015-04-28 23:26 - 00001129 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-28 23:26 - 2015-04-28 23:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-28 23:26 - 2015-04-28 23:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-28 23:26 - 2015-04-28 23:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-28 23:26 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-04-28 23:26 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-04-28 23:26 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-04-28 23:25 - 2015-04-28 23:25 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\######\Downloads\mbam-setup-2.1.6.1022.exe
2015-04-28 23:06 - 2015-04-28 23:06 - 02657967 _____ () C:\Users\######\Downloads\GetDataBack_NTFS.zip
2015-04-22 21:59 - 2015-04-22 21:59 - 00001791 _____ () C:\Users\Public\Desktop\Pillars of Eternity.lnk
2015-04-22 21:59 - 2015-04-22 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pillars of Eternity [GOG.com]
2015-04-22 21:50 - 2015-04-22 21:50 - 00000000 ____D () C:\GOG Games
2015-04-22 15:41 - 2015-04-22 19:50 - 00000000 ____D () C:\Users\######\Downloads\07cb93c41d142374918847d35c6d4421
2015-04-22 15:14 - 2015-04-22 16:55 - 00000000 ____D () C:\Users\######\Downloads\8155467a8a63feb8171eb0abc39482c9
2015-04-22 15:13 - 2015-04-22 15:14 - 00000000 ____D () C:\Users\######\Downloads\561u
2015-04-22 15:13 - 2015-04-22 15:13 - 00000000 ____D () C:\Users\######\Downloads\573u
2015-04-22 15:12 - 2015-04-22 15:39 - 00000000 ____D () C:\Users\######\Downloads\dbb48b422cce706f81e006b81a2d60eb
2015-04-22 14:17 - 2015-04-22 16:47 - 00000000 ____D () C:\Users\######\Downloads\FO45323fFFFTPTB
2015-04-22 14:17 - 2015-04-22 14:32 - 00000000 ____D () C:\Users\######\Downloads\3dm-gtav up3 crckv4
2015-04-22 12:29 - 2015-04-22 14:15 - 00000000 ____D () C:\Users\######\Downloads\rft-gtav v2
2015-04-22 12:25 - 2015-04-22 12:29 - 00000000 ____D () C:\Users\######\Downloads\Grand Theft Auto V MULTi12-ElAmigos
2015-04-22 11:38 - 2015-04-22 12:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElastoMania111
2015-04-18 14:54 - 2015-04-18 14:54 - 00000000 ____D () C:\Users\######\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\###### Mobile RIA
2015-04-16 11:58 - 2015-04-16 12:04 - 177479441 _____ () C:\Users\######\Downloads\Mission Direktkontakt.mp4
2015-04-16 11:49 - 2015-04-16 11:55 - 00000000 ____D () C:\Users\######\AppData\Roaming\Mozilla
2015-04-16 11:49 - 2015-04-16 11:55 - 00000000 ____D () C:\Users\######\AppData\Local\Mozilla
2015-04-16 11:49 - 2015-04-16 11:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-15 23:42 - 2015-04-15 23:42 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-04-15 15:49 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-04-15 15:49 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-04-15 15:49 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-04-15 15:49 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-04-15 15:49 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-04-15 15:49 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-04-15 15:49 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-04-15 15:49 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-04-15 15:49 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-04-15 15:49 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-04-15 15:49 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-04-15 15:49 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-04-15 15:49 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-04-15 15:49 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-04-15 15:49 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-04-15 15:49 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-04-15 15:49 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-04-15 15:49 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-04-15 15:49 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-04-15 15:49 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-04-15 15:49 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-04-15 15:49 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-04-15 15:49 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-04-15 15:49 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-04-15 15:49 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-04-15 15:49 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-04-15 15:49 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-04-15 15:49 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-04-15 15:49 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-04-15 15:49 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-04-15 15:49 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-04-15 15:49 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-04-15 15:49 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-04-15 15:49 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-04-15 15:49 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-04-15 15:49 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-04-15 15:49 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-04-15 15:49 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-04-15 15:49 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-04-15 15:49 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-04-15 15:49 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-04-15 15:49 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-04-15 15:49 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-04-15 15:49 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-04-15 15:49 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-04-15 15:49 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-04-15 15:49 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-04-15 15:49 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-04-15 15:49 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-04-15 15:49 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-04-15 15:49 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-04-15 15:49 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-04-15 15:49 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-04-15 15:49 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-04-15 15:49 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-04-15 15:49 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-04-15 15:49 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-04-15 15:49 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-04-15 15:49 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-04-15 15:48 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-04-15 15:48 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-04-15 15:48 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-04-15 15:48 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-04-15 15:48 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-04-15 15:48 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-04-15 15:48 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-04-15 15:48 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-04-15 15:48 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-04-15 15:48 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-04-15 15:48 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-04-15 15:48 - 2014-12-03 01:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-04-14 10:12 - 2015-04-14 10:12 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-04-14 10:12 - 2015-04-14 10:12 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-04-14 09:11 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2015-04-14 09:11 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2015-04-11 11:12 - 2015-04-11 11:13 - 00000000 ___HD () C:\WINDOWS\Icons
2015-04-08 15:37 - 2015-04-08 15:38 - 00000000 ____D () C:\Users\######\Documents\Eigene Etiketten
2015-04-06 16:54 - 2015-04-06 16:54 - 00000000 ____D () C:\Users\######\AppData\Local\Splashtop
2015-04-02 22:40 - 2014-09-05 07:05 - 00079528 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\IntelPcc.sys
2015-04-02 22:12 - 2015-04-02 22:13 - 00000000 ____D () C:\Program Files (x86)\AirDroid
2015-04-02 22:12 - 2015-04-02 22:12 - 00001912 _____ () C:\Users\Public\Desktop\AirDroid.lnk
2015-04-02 22:12 - 2015-04-02 22:12 - 00000000 ____D () C:\Users\######\Documents\AirDroid
2015-04-02 22:12 - 2015-04-02 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirDroid
2015-04-02 16:34 - 2015-04-02 16:34 - 00000994 _____ () C:\Users\Public\Desktop\CDex.lnk
2015-04-02 16:34 - 2015-04-02 16:34 - 00000000 ____D () C:\Users\######\AppData\Local\CDex
2015-04-02 16:34 - 2015-04-02 16:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDex
2015-04-02 16:34 - 2015-04-02 16:34 - 00000000 ____D () C:\Program Files (x86)\CDex
2015-04-02 14:14 - 2015-04-02 21:50 - 00000000 ____D () C:\Users\######\AppData\Roaming\MSE
2015-04-01 18:36 - 2015-04-08 04:51 - 00000000 ____D () C:\Users\######\AppData\Local\Microsoft Help
2015-04-01 01:59 - 2015-04-01 01:59 - 00000000 ____D () C:\Users\######\Documents\Benutzerdefinierte Office-Vorlagen
2015-04-01 01:31 - 2015-04-01 01:32 - 00000000 ____D () C:\Users\######\AppData\Local\BinaryNow
2015-04-01 01:30 - 2015-04-01 01:30 - 00001782 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scan2Encrypt.lnk
2015-04-01 01:30 - 2015-04-01 01:30 - 00000000 ____D () C:\Users\######\AppData\Roaming\Downloaded Installations
2015-04-01 01:30 - 2015-04-01 01:30 - 00000000 ____D () C:\ProgramData\BinaryNow
2015-04-01 01:30 - 2015-04-01 01:30 - 00000000 ____D () C:\Program Files (x86)\BinaryNow
2015-03-31 23:06 - 2015-04-18 17:54 - 00000000 ____D () C:\Users\######\AppData\Roaming\dvdcss
2015-03-31 13:53 - 2015-03-31 13:53 - 00001229 _____ () C:\Users\######\Desktop\Format Factory.lnk
2015-03-31 13:53 - 2015-03-31 13:53 - 00000000 ____D () C:\Users\Public\Documents\Baidu
2015-03-31 13:53 - 2015-03-31 13:53 - 00000000 ____D () C:\Users\######\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2015-03-31 13:53 - 2015-03-31 13:53 - 00000000 ____D () C:\ProgramData\Baidu
2015-03-31 13:53 - 2015-03-31 13:53 - 00000000 ____D () C:\Program Files (x86)\FreeTime
2015-03-31 13:50 - 2015-03-31 13:52 - 00000000 ____D () C:\Program Files (x86)\Aimersoft
2015-03-31 13:50 - 2015-03-31 13:50 - 00000000 ____D () C:\Users\######\AppData\Local\Aimersoft
2015-03-31 13:50 - 2014-11-26 13:49 - 00031080 _____ (Wondershare) C:\WINDOWS\system32\Drivers\VirtualAudio1.sys
2015-03-31 13:50 - 2014-11-26 13:44 - 00675840 _____ () C:\WINDOWS\SysWOW64\ac3filter.ax
2015-03-31 13:50 - 2014-11-26 13:44 - 00496640 _____ () C:\WINDOWS\SysWOW64\xvid.ax
2015-03-31 13:50 - 2014-11-26 13:43 - 00892928 _____ (Free Software Foundation) C:\WINDOWS\SysWOW64\iconv.dll
2015-03-31 13:44 - 2015-03-31 13:47 - 00000000 ____D () C:\Users\######\AppData\Local\Audible
2015-03-31 13:42 - 2015-04-30 09:10 - 00000000 ____D () C:\Users\Public\Documents\Audible
2015-03-31 13:42 - 2015-04-30 09:10 - 00000000 ____D () C:\Users\######\Documents\Audible
2015-03-31 13:42 - 2001-08-17 22:43 - 00024576 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2015-03-31 10:52 - 2015-04-10 10:30 - 00000000 ____D () C:\ProgramData\boost_interprocess

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-30 12:05 - 2015-03-24 04:09 - 00000000 ____D () C:\Users\######
2015-04-30 12:01 - 2015-03-26 13:21 - 00019047 _____ () C:\WINDOWS\system32\lvcoinst.log
2015-04-30 12:01 - 2015-03-15 12:38 - 01967281 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-30 12:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-30 11:27 - 2015-03-23 21:22 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-30 11:13 - 2015-03-24 17:45 - 00005154 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for FILMIC-###### Filmic
2015-04-30 10:55 - 2015-03-23 21:15 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1931906367-3255308075-3261805128-1001
2015-04-30 10:50 - 2013-08-22 16:46 - 00042142 _____ () C:\WINDOWS\setupact.log
2015-04-30 10:40 - 2015-03-23 23:06 - 00000000 ____D () C:\Users\######\AppData\Roaming\Dropbox
2015-04-30 10:40 - 2015-03-23 23:03 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-04-30 10:40 - 2015-03-23 21:40 - 00000000 ___RD () C:\Users\######\OneDrive
2015-04-30 10:40 - 2015-03-23 21:22 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-30 10:39 - 2015-03-15 21:35 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-04-30 10:39 - 2015-03-15 21:35 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-04-30 10:39 - 2014-11-21 06:44 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-30 10:38 - 2015-03-15 12:49 - 00006469 _____ () C:\WINDOWS\SysWOW64\Gms.log
2015-04-30 10:35 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-30 10:35 - 2013-08-22 16:44 - 00510512 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-04-30 10:35 - 2013-08-22 15:25 - 00786432 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-30 10:34 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-04-30 10:34 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers
2015-04-30 10:33 - 2013-08-22 17:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-04-30 09:09 - 2015-03-23 23:58 - 00000000 ____D () C:\Users\######\AppData\Local\Plantronics
2015-04-29 20:57 - 2015-03-24 04:10 - 00000000 ____D () C:\Users\######\AppData\Roaming\Adobe
2015-04-29 20:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-04-29 00:57 - 2015-03-26 11:58 - 00007600 _____ () C:\Users\######\AppData\Local\resmon.resmoncfg
2015-04-29 00:51 - 2014-11-21 06:31 - 00195832 _____ () C:\WINDOWS\PFRO.log
2015-04-29 00:49 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-04-28 22:53 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-04-23 08:58 - 2015-03-23 22:49 - 00000000 ____D () C:\Users\######\AppData\Local\JDownloader v2.0
2015-04-22 22:00 - 2015-03-26 13:59 - 00081553 _____ () C:\WINDOWS\DirectX.log
2015-04-22 19:51 - 2015-03-24 00:13 - 00000000 ____D () C:\Users\######\AppData\Roaming\Kodi
2015-04-22 18:37 - 2015-03-15 12:40 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-22 14:45 - 2015-03-24 04:10 - 00000000 ____D () C:\Users\######\AppData\Local\Packages
2015-04-22 11:47 - 2015-03-26 23:12 - 00004898 _____ () C:\Users\######\Documents\TombRaider.log
2015-04-22 09:09 - 2015-03-23 23:03 - 00000994 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-04-19 15:15 - 2015-03-28 12:42 - 00000000 ____D () C:\Users\######\AppData\Roaming\vlc
2015-04-18 16:30 - 2015-03-23 21:23 - 00002206 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-18 14:54 - 2015-03-23 21:22 - 00000000 ____D () C:\Users\######\AppData\Local\Deployment
2015-04-17 16:37 - 2015-03-23 22:21 - 00000000 ___HD () C:\Daten
2015-04-16 10:44 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-04-16 09:16 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-04-15 23:42 - 2014-11-21 14:17 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-04-15 16:28 - 2015-03-23 22:43 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-04-15 16:24 - 2015-03-23 22:43 - 128913832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-04-15 15:51 - 2015-03-24 13:46 - 00001061 _____ () C:\Users\######\Desktop\Dropbox.lnk
2015-04-15 15:51 - 2015-03-24 13:45 - 00000000 ____D () C:\Users\######\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-14 01:24 - 2014-11-21 14:27 - 00792056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-04-14 01:24 - 2014-11-21 14:27 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-11 10:54 - 2015-03-23 23:25 - 00003696 _____ () C:\WINDOWS\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2015-04-11 10:50 - 2015-03-23 21:22 - 00004108 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-04-11 10:50 - 2015-03-23 21:22 - 00003872 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-04-08 15:37 - 2015-03-29 17:47 - 00000000 ____D () C:\Users\######\AppData\Roaming\Brother
2015-04-07 15:45 - 2015-03-15 12:52 - 00000000 ____D () C:\WINDOWS\System32\Tasks\TVT
2015-04-07 15:45 - 2015-03-15 12:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2015-04-07 15:45 - 2015-03-15 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-04-07 15:45 - 2015-03-15 12:40 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2015-04-07 15:45 - 2015-03-15 05:16 - 00000000 ____D () C:\ProgramData\Lenovo
2015-04-02 16:34 - 2015-03-24 04:10 - 00000000 ____D () C:\Users\######\AppData\Local\VirtualStore
2015-04-01 18:36 - 2015-03-24 17:49 - 00000000 ____D () C:\Users\######\Documents\OneNote-Notizbücher
2015-03-31 15:38 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2015-03-31 14:56 - 2015-03-26 22:32 - 00000000 ____D () C:\Users\###### Mitarbeiter\AppData\Local\Pokki
2015-03-31 14:02 - 2015-03-26 22:40 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1931906367-3255308075-3261805128-1002

==================== Files in the root of some directories =======

2015-03-24 13:51 - 2015-03-24 14:26 - 0006728 _____ () C:\Users\######\AppData\Local\parallels-pax.log
2015-03-26 11:58 - 2015-04-29 00:57 - 0007600 _____ () C:\Users\######\AppData\Local\resmon.resmoncfg
2015-03-15 12:46 - 2015-03-15 12:46 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-03-23 23:37 - 2015-03-23 23:37 - 0000092 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Files to move or delete:
====================
C:\Users\######\ParallelsAccess-2.5.1-29529-win.exe


Some content of TEMP:
====================
C:\Users\######\AppData\Local\Temp\avgnt.exe
C:\Users\######\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppglnxb.dll
C:\Users\###### Mitarbeiter\AppData\Local\Temp\avgnt.exe
C:\Users\###### Mitarbeiter\AppData\Local\Temp\octB53.tmp.exe


Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\dlumd10.dll
C:\Windows\SysWOW64\dlumd11.dll
C:\Windows\SysWOW64\dlumd9.dll
C:\Windows\System32\dlumd10.dll
C:\Windows\System32\dlumd11.dll
C:\Windows\System32\dlumd9.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-28 23:41

==================== End Of Log ===========================

Anteros1986 30.04.2015 11:43
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2015 01
Ran by ##### ##### at 2015-04-30 12:06:51
Running from C:\Users\##### #####\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1931906367-3255308075-3261805128-500 - Administrator - Disabled)
Gast (S-1-5-21-1931906367-3255308075-3261805128-501 - Limited - Disabled)
##### ##### (S-1-5-21-1931906367-3255308075-3261805128-1001 - Administrator - Enabled) => C:\Users\##### #####
##### Mitarbeiter (S-1-5-21-1931906367-3255308075-3261805128-1002 - Limited - Enabled) => C:\Users\##### Mitarbeiter

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acronis True Image 2015 (HKLM-x32\...\{08DC7D7A-1CA0-4E96-B12F-9B9577FCF0F8}Visible) (Version: 18.0.6525 - Acronis)
Acronis True Image 2015 (x32 Version: 18.0.6525 - Acronis) Hidden
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.10 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)
AirDroid 3.0.4.0 (HKLM-x32\...\AirDroid) (Version: 3.0.4.0 - Sand Studio)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.51.01 - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.9.504 - Avira Operations GmbH & Co. KG)
Bonjour (HKLM\...\{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}) (Version: 2.0.4.0 - Apple Inc.)
Brother P-touch Address Book 1.1 (HKLM-x32\...\InstallShield_{B2023017-DEE4-44F7-8A71-CA6084BF534C}) (Version: 1.1.100 - Brother Industries, Ltd.)
Brother P-touch Address Book 1.1 (x32 Version: 1.1.100 - Brother Industries, Ltd.) Hidden
Brother P-touch Editor 5.0 (HKLM-x32\...\InstallShield_{DF9A6075-9308-4572-8932-A4316243C4D9}) (Version: 5.0.110 - Brother Industries, Ltd.)
Brother P-touch Editor 5.0 (x32 Version: 5.0.110 - Brother Industries, Ltd.) Hidden
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.78.0.2015 - Georgy Berdyshev)
Citrix Online Plug-in - Web (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 11.2.0.31560 - Citrix Systems, Inc.)
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.32.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.36.00 - Lenovo Inc.) Hidden
Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden
DisplayLink Core Software (HKLM\...\{BB07E020-7224-4EC3-864E-2AA0BF42A7DD}) (Version: 7.4.51572.0 - DisplayLink Corp.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-1931906367-3255308075-3261805128-1001\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)
Dropbox 15 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Drive (HKLM-x32\...\{6C36881B-0E51-4231-9D02-BF2149664D34}) (Version: 1.20.8672.3137 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
ImageCapture Suite 9.3 Trial (HKLM-x32\...\{EBC426BF-74D6-4228-BFED-97C84504B5D3}) (Version: 9.3.0 - Dynamsoft)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
inPhoto ID Webcam 3.1.12 (HKLM-x32\...\inPhoto ID Webcam) (Version:  - IDPhotoCapture)
inPhoto/IDPhoto Activation Service (HKLM-x32\...\inPhoto IDPhoto Activation Service) (Version: 1.7 - inPhoto/IDPhoto Products)
Integrated Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.7.37 - SunplusIT)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4099 - Intel Corporation)
Intel(R) Technology Access (HKLM-x32\...\{a3294ccc-6d01-43c2-9249-3f50bd113bb8}) (Version: 1.3.2.1030 - Intel Corporation)
Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.0.0.17 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{4A86E113-A881-4DE7-81A2-6DADCE9183AF}) (Version: 17.1.1450.0402 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{a9888f41-68ae-43df-bd7d-d93405a44106}) (Version: 17.13.11 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kodi (HKU\S-1-5-21-1931906367-3255308075-3261805128-1001\...\Kodi) (Version:  - XBMC-Foundation)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.13 - )
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.36.00 - Lenovo Group Limited)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.19.0 - Lenovo)
Lenovo HID HW Radio Driver 1.0.0.58 (HKLM\...\{E5325F32-D15A-4131-B029-4A5B7609E532}_is1) (Version: 1.0.0.58 - Lenovo)
Lenovo Multimedia and Communications Core Runtime (HKLM\...\{033DC0E0-DA89-4C33-B66C-89B64D312CD1}_is1) (Version: 5.0.13.94 - Lenovo Corporation)
Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Peer Connect SDK (HKLM\...\{75C87855-9CBB-4892-B1A9-74C73A19CACA}_is1) (Version: 1.0.0.7 - Lenovo)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.09.03 - )
Lenovo QuickControl (HKLM-x32\...\{ABA0A3F7-649E-4338-BDC9-18437D9699D6}) (Version: 2.40 - Lenovo Group Limited)
Lenovo Settings - Camera Audio (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 4.3.19.209 - Lenovo Corporation)
Lenovo Settings - Location Awareness (HKLM-x32\...\{C79D4402-E622-4922-9C02-89F9080BF081}_is1) (Version: 1.4.0.5 - Lenovo Group Limited)
Lenovo Settings - MultiMode (HKLM-x32\...\{2DCC613D-E94E-4BA6-9642-77C4CA45DB7B}_is1) (Version: 1.1.0.8 - Lenovo Group Limited)
Lenovo Settings Dependency Package (HKLM\...\{3694BA2E-BE31-4B7E-886B-A0B559E69D4D}_is1) (Version: 2.3.3.37 - Lenovo Group Limited)
Lenovo Settings Mobile Hotspot (HKLM\...\{42603F7D-B08D-436B-B0D8-3E2DEF1AFD41}_is1) (Version: 2.3.0.88 - Lenovo)
Lenovo Settings Service (HKLM\...\{8C6F1EBA-17F1-4481-B688-9777E63E985F}_is1) (Version: 2.3.3.10 - Lenovo Group Limited)
Lenovo Settings UMDF driver (HKLM\...\{2BDC7413-65EA-4B99-8C4B-02F11075BE6D}_is1) (Version: 1.2.0.7 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{1CA74803-5CB2-4C03-BDBE-061EDC81CC7F}) (Version: 2.8.004.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0034 - Lenovo)
Lenovo USB Graphics (HKLM\...\{7257526E-B74A-488E-BA2E-56327482B06B}) (Version: 7.4.51587.0 - Lenovo)
Lenovo USB3.0 to DVI VGA Monitor Adapter (HKLM-x32\...\{454D32AD-C149-49BE-9F2E-8C089C3D6620}) (Version: 1.07.15 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0012.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Logitech Unifying-Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
MASnet Version 6.3.9 (HKLM-x32\...\MASnet) (Version:  - Merkur Versicherung AG)
Metal Gear Solid V Ground Zeroes (HKLM-x32\...\Metal Gear Solid V Ground Zeroes_is1) (Version: 1.0 - PLAZA)
Metric Collection SDK (x32 Version: 1.1.0008.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4701.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1931906367-3255308075-3261805128-1001\...\OneDriveSetup.exe) (Version: 17.3.4726.0226 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 37.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)
NÜRNBERGER Tarifrechner (HKLM-x32\...\{C51206D1-26B0-4450-981B-2F5C97713D12}) (Version: 7.10 - NÜRNBERGER Versicherung Aktiengesellschaft Österreich)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 345.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 345.20 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
#####_Mobile_RIA_extern (HKU\S-1-5-21-1931906367-3255308075-3261805128-1001\...\854bf6f10f4d3ef2) (Version: 2.5.0.431 - ##### Mobile RIA)
Password Safe Pro (HKLM-x32\...\{4D12E739-1DDC-403A-B04F-42580EDEB2AF}) (Version: 3.4.27.0 - Kuffs Software)
Pillars of Eternity (HKLM-x32\...\1207666813_is1) (Version: 2.0.0.1 - GOG.com)
Plantronics Calisto Driver (64-bit) (Version: 3.4.50964.14834 - Plantronics, Inc.) Hidden
Plantronics CSR Driver (64-bit) (Version: 3.4.50964.14834 - Plantronics, Inc.) Hidden
Plantronics CsrDfu Installer (x32 Version: 3.1.50883.11482 - Plantronics, Inc.) Hidden
Plantronics CsrDfu Installer (x32 Version: 3.4.50964.14834 - Plantronics, Inc.) Hidden
Plantronics HidDfu Installer (x32 Version: 3.1.50883.11482 - Plantronics, Inc.) Hidden
Plantronics HidDfu Installer (x32 Version: 3.4.50964.14834 - Plantronics, Inc.) Hidden
Plantronics Hub DFU Handlers (32-bit) (x32 Version: 3.4.50964.14834 - Plantronics, Inc.) Hidden
Plantronics Hub Install Check (x32 Version: 3.4.50964.14834 - Plantronics, Inc.) Hidden
Plantronics Hub Native Runtime (x32 Version: 3.4.50964.14834 - Plantronics, Inc.) Hidden
Plantronics Hub Plugins (32-bit) (x32 Version: 3.4.50964.14834 - Plantronics, Inc.) Hidden
Plantronics Hub Runtime (x32 Version: 3.4.50964.14834 - Plantronics, Inc.) Hidden
Plantronics Hub Software (HKLM-x32\...\{ddd867da-abc0-494c-8b8a-a97dee816af0}) (Version: 3.4.50964.14834 - Plantronics, Inc.)
Plantronics Hub Startup (x32 Version: 3.4.50964.14834 - Plantronics, Inc.) Hidden
Plantronics Hub Update Service (x32 Version: 3.4.50964.14834 - Plantronics, Inc.) Hidden
Plantronics Hub WMP Plugin (64-bit) (Version: 3.4.50964.14834 - Plantronics, Inc.) Hidden
Plantronics Legacy Hub SDK (x32 Version: 3.0.0.0 - Plantronics, Inc.) Hidden
Plantronics MyHeadset Updater (HKLM-x32\...\{782cbc1e-3ae8-4a3f-9b3a-fa2206396621}) (Version: 3.1.50883.11482 - Plantronics, Inc.)
Plantronics MyHeadset Updater (x32 Version: 3.1.50883.11482 - Plantronics, Inc.) Hidden
Plantronics MyHeadset Updater Device Handlers (32-bit) (x32 Version: 3.1.50883.11482 - Plantronics, Inc.) Hidden
Plantronics MyHeadset Updater DFU Handlers (32-bit) (x32 Version: 3.1.50883.11482 - Plantronics, Inc.) Hidden
Plantronics MyHeadset Updater MLS (Version: 3.0.0.0 - Plantronics, Inc.) Hidden
Plantronics MyHeadset Updater Runtime (x32 Version: 3.1.50883.11482 - Plantronics, Inc.) Hidden
Plantronics MyHeadset Updater Startup (x32 Version: 3.1.50883.11482 - Plantronics, Inc.) Hidden
Polar FlowSync Version 2.3.8 (HKLM-x32\...\{A1538F5C-7B65-4DB6-9FFB-FFC0DF2E85D8}_is1) (Version: 2.3.8 - Polar Electro Oy)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.1.0.3 - Lenovo, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21260 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7363 - Realtek Semiconductor Corp.)
Scan2Encrypt 2 (HKLM-x32\...\{07092199-993B-4D17-B72F-532B59C1658F}) (Version: 21.14.13 - BinaryNow, Inc.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.15.0 - Lenovo Group Limited)
SHARP MX/MX-M Series PCL/PS Printer Driver (HKLM-x32\...\SHARP MX-2310U PCL PS Printer Driver) (Version: 1.00.000 - SHARP)
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Sigma Data Center 4.0 (HKLM-x32\...\Sigma Data Center4.0) (Version: 4.0 - Sigma Elektro GmbH)
SimpleMind desktop Pro 1.9.4d (HKLM-x32\...\SMPRO1_is1) (Version: 1.9.4d - ModelMaker Tools BV)
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.6.2.4 - Splashtop Inc.)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)
ThinkPad OneLink Dock (HKLM-x32\...\{8E1CACF5-2493-4950-9AD5-189903FE57E7}) (Version: 1.08.30 - Lenovo)
ThinkPad UltraNav Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.216.1616.118 - ALPS ELECTRIC CO., LTD.)
Thinkpad USB Ethernet Adapter Driver (HKLM-x32\...\{D8102684-7BA1-4948-88B9-535F84E6E588}) (Version: 8.18.923.2014 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.80.03.00 - Lenovo)
Tomb Raider (HKLM-x32\...\Tomb Raider_is1) (Version:  - )
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
UltraISO Premium V9.62 (HKLM-x32\...\UltraISO_is1) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows-Treiberpaket - Cambridge Silicon Radio (CSRBC) USB  (10/26/2012 2.4.0.0) (HKLM\...\20C7EDA3129B3FF8F72F9BF59252B718B554FBDC) (Version: 10/26/2012 2.4.0.0 - Cambridge Silicon Radio)
Windows-Treiberpaket - Intel Corporation (iaStorA) HDC  (07/25/2014 13.2.4.1000) (HKLM\...\17BBDB2CE6FC18A4FA7D02835BA704A72B196AC1) (Version: 07/25/2014 13.2.4.1000 - Intel Corporation)
Windows-Treiberpaket - Lenovo 1.67.09.03 (11/07/2014 1.67.09.03) (HKLM\...\FA3F6F3D6E8958FDDEE1E09CC77DFA71B0D7835A) (Version: 11/07/2014 1.67.09.03 - Lenovo)
Windows-Treiberpaket - Plantronics, Inc. (usbser.ntamd64) Ports  (04/21/2009 5.1) (HKLM\...\07AFE62D73C8799E9E5689F86FB9F48389717BA3) (Version: 04/21/2009 5.1 - Plantronics, Inc.)
Windows-Treiberpaket - SIGMA Elektro GmbH (usbser) Ports  (04/27/2012 5.1.2600.5512) (HKLM\...\A4116E16EA28F359FEA424C9A3780F9D6A08961B) (Version: 04/27/2012 5.1.2600.5512 - SIGMA Elektro GmbH)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1931906367-3255308075-3261805128-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\##### #####\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1931906367-3255308075-3261805128-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1931906367-3255308075-3261805128-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\##### #####\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1931906367-3255308075-3261805128-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\##### #####\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1931906367-3255308075-3261805128-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\##### #####\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1931906367-3255308075-3261805128-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\##### #####\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1931906367-3255308075-3261805128-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\##### #####\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1931906367-3255308075-3261805128-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\##### #####\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1931906367-3255308075-3261805128-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\##### #####\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1931906367-3255308075-3261805128-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\##### #####\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1931906367-3255308075-3261805128-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\##### #####\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1931906367-3255308075-3261805128-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\##### #####\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points  =========================

29-04-2015 00:17:38 Windows Update
29-04-2015 00:25:24 test

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1748DFB1-44B6-4D45-AEE5-C572B766AB49} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-23] (Google Inc.)
Task: {1B6734BF-D35B-4D6A-A698-22E61968C49D} - System32\Tasks\Lenovo\Lenovo Settings Power => Rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
Task: {28192926-D5B2-4D20-9049-D2D4C77A5B38} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-10-22] (Realtek Semiconductor)
Task: {2A663F74-ABAD-4FA2-AD60-976E8566F799} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-10-22] (Realtek Semiconductor)
Task: {33A6387D-8F38-4CC2-9346-F81149CB463D} - System32\Tasks\Lenovo\Experience Improvement Logon => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2015-03-23] (Lenovo)
Task: {347E0EAD-FE1D-4A9A-9BF6-E27A7CE14628} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {3E3B9804-ADFD-49B1-A85A-17A07C7CA03E} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2014-12-12] ()
Task: {42A35C62-0785-4C0F-A17D-51E7DEA65082} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-02-09] (Lenovo)
Task: {43BB0EB1-6721-45DC-8120-727C6444DFCB} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {4B2B8275-C3DB-4DBD-BB99-D6BAC80B08E1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-23] (Google Inc.)
Task: {4B443148-8367-4641-AD9C-E8A4CB92FFBB} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-07-16] (TuneUp Software)
Task: {4D0D0E3D-DDBB-4003-936D-FA73C138F3A9} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {57C65E26-F246-48A3-8663-769D5C9FB3FD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-15] (Microsoft Corporation)
Task: {75393540-DFDE-4580-ABAC-B3FA22B36EA8} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-02-09] (Lenovo)
Task: {80F60CCA-6746-49C4-9868-BC66E575BA7A} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {8E0EBF37-04AA-4D4B-8732-C3EC512CEE5E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-03-25] (Microsoft Corporation)
Task: {9094427C-3D6D-40DD-8CE2-53BF95ED12D2} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {969D29CB-68D8-4C4F-8FAC-0CD03FC13543} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2015-03-27] ()
Task: {9E185FF6-65F0-4BF2-B628-A50C874C2E1C} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1931906367-3255308075-3261805128-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {A0F91848-A460-43A6-92DB-F4586504DD37} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-10-22] (Realtek Semiconductor)
Task: {A2EC308E-F564-4A7D-B461-63F7CD76DA97} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {A7F3A355-5824-41FC-94FA-ACAA9C86E8F5} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {ACEF3972-7E5F-4173-8329-6D4929BD628B} - System32\Tasks\Wiederherstellungspunkt => C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe [2014-11-21] (Microsoft Corporation)
Task: {B0052C6C-F89D-4002-A3AB-989AD143FA01} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {B5A2FD9B-D46E-42FC-AB3E-5983530CF015} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {CDB16075-46AA-475F-A3E1-25984DDEDD1D} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: {E8E36D13-36C2-445C-A588-23BF17FD17C4} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-03-09] (Lenovo)
Task: {EA590EC7-A500-4057-889C-9F437A7C3E66} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-03-07] (Oracle Corporation)
Task: {ED17EC25-A09F-443C-8E24-C9945579D0F7} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-03-06] ()
Task: {ED3560BD-8525-4FBA-A7EC-9F02384715EE} - System32\Tasks\Microsoft Office 15 Sync Maintenance for FILMIC-##### ##### Filmic => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-03-25] (Microsoft Corporation)
Task: {F48E4E4E-DB7B-4224-9771-2EEC7E8BE981} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {F6F63C55-7A58-45FC-8A07-432D71D8372C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-09-02] (Lenovo)
Task: {FFEE4757-1B0F-4A35-9CB3-F3457BA98F7F} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-03-09] (Lenovo)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2015-03-15 12:43 - 2015-02-04 22:29 - 00115912 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-24 17:44 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-01-23 17:42 - 2015-01-23 17:42 - 00087552 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\libglog.dll
2015-01-23 17:58 - 2015-01-23 17:58 - 01795976 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\cpprest120_1_4.dll
2015-01-23 17:58 - 2015-01-23 17:58 - 00357768 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\JsonCpp.dll
2014-07-16 11:24 - 2014-07-16 11:24 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2015-03-15 12:54 - 2015-01-16 08:49 - 00118272 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.dll
2015-03-15 12:54 - 2015-01-09 16:40 - 00469720 _____ () C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
2015-03-15 12:54 - 2015-01-09 16:40 - 00013528 _____ () C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
2015-03-15 12:54 - 2015-01-16 08:49 - 00118272 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2015-04-28 22:52 - 2015-04-28 22:52 - 00025088 _____ () C:\Users\##### #####\AppData\Local\Temp\c35c5300abdcd94c37a763bb4ae0bd20\3a60df686e81c6d8e65a072aa3075313.dll
2015-04-28 22:52 - 2015-04-28 22:52 - 00057856 _____ () C:\Users\##### #####\AppData\Local\Temp\c35c5300abdcd94c37a763bb4ae0bd20\0082901dfdda40649ecb9b24468a98d7.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2015-03-15 12:46 - 2014-10-22 08:33 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2012-09-23 21:43 - 2012-09-23 21:43 - 00024064 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Locale\de_de\ADIST64.deu
2015-03-15 12:50 - 2015-03-15 12:50 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-10-10 10:37 - 2014-10-10 10:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-03-25 06:59 - 2015-03-25 06:59 - 00799232 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Networking\7b6f5d791c7cd68b32aafd29acb2e71c\Windows.Networking.ni.dll
2015-03-25 06:59 - 2015-03-25 06:59 - 00228864 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\833b8df73b9caf0c73759a6d4b85c6be\Windows.Foundation.ni.dll
2014-11-27 11:42 - 2014-11-27 11:42 - 00034624 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2014-11-27 11:47 - 2014-11-27 11:47 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2014-11-27 11:44 - 2014-11-27 11:44 - 00129344 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\EXPAT.dll
2015-03-25 19:35 - 2015-03-25 19:35 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2015-03-25 06:59 - 2015-03-25 06:59 - 01282048 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Devices\bd9568d53459ad96625ccca026823507\Windows.Devices.ni.dll
2015-04-18 16:30 - 2015-04-13 23:55 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libglesv2.dll
2015-04-18 16:30 - 2015-04-13 23:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libegl.dll
2015-04-30 10:40 - 2015-04-30 10:40 - 00098816 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\win32api.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 00110080 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\pywintypes27.dll
2015-04-30 10:40 - 2015-04-30 10:40 - 00364544 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\pythoncom27.dll
2015-04-30 10:40 - 2015-04-30 10:40 - 00045568 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\_socket.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 01161216 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\_ssl.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 00320512 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\win32com.shell.shell.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 00713216 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\_hashlib.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 01175040 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\wx._core_.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 00805888 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\wx._gdi_.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 00811008 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\wx._windows_.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 01062400 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\wx._controls_.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 00735232 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\wx._misc_.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 00682496 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\pysqlite2._sqlite.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 00128512 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\_elementtree.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 00127488 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\pyexpat.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 00087552 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\_ctypes.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 00119808 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\win32file.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 00108544 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\win32security.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 00007168 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\hashobjs_ext.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 00167936 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\win32gui.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 00018432 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\win32event.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 00038912 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\win32inet.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 00011264 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\win32crypt.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 00070656 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\wx._html2.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 00027136 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\_multiprocessing.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 00020480 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\_yappi.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 00035840 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\win32process.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 00686080 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\unicodedata.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 00122368 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\wx._wizard.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 00024064 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\win32pipe.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 00010240 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\select.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 00025600 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\win32pdh.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 00525640 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\windows._lib_cacheinvalidation.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 00017408 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\win32profile.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 00022528 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\win32ts.pyd
2015-04-30 10:40 - 2015-04-30 10:40 - 00078336 _____ () C:\Users\##### #####\AppData\Local\Temp\_MEI83122\wx._animate.pyd
2015-03-25 19:29 - 2015-03-25 19:29 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2015-04-30 10:40 - 2015-04-30 10:40 - 00043008 _____ () c:\Users\##### #####\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppglnxb.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\##### #####\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\##### #####\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\##### #####\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\##### #####\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-11-27 11:42 - 2014-11-27 11:42 - 00037696 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_icontray_ex.dll
2012-09-23 21:43 - 2012-09-23 21:43 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu
2015-03-05 17:59 - 2015-03-05 17:59 - 36625920 _____ () C:\Program Files (x86)\Plantronics\Spokes3G\libcef.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-13 01:39 - 2012-09-13 01:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2015-03-25 06:59 - 2015-03-25 06:59 - 03530752 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI.Xaml\0103f05d0b0a57a74f732b78ed30c54e\Windows.UI.Xaml.ni.dll
2015-03-25 06:59 - 2015-03-25 06:59 - 01131008 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.App640a3541#\748a5c72e270d3ba99456fa9eb215c80\Windows.ApplicationModel.ni.dll
2015-03-25 07:00 - 2015-03-25 07:00 - 01340928 _____ () C:\Users\##### #####\AppData\Local\Packages\6Wunderkinder.Wunderlist_b4cwydgxqx59r\AC\Microsoft\CLR_v4.0_32\NativeImages\ReactiveUI\94f9c954389e90cbff8d487d6630b378\ReactiveUI.ni.dll
2015-03-25 07:00 - 2015-03-25 07:00 - 00304640 _____ () C:\Users\##### #####\AppData\Local\Packages\6Wunderkinder.Wunderlist_b4cwydgxqx59r\AC\Microsoft\CLR_v4.0_32\NativeImages\Splat\8df336410e4077341c5794bd91256839\Splat.ni.dll
2015-03-25 06:59 - 2015-03-25 06:59 - 00960000 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI\2413ca0672d32a711bb597067f1f9f39\Windows.UI.ni.dll
2015-03-25 07:00 - 2015-03-25 07:00 - 00021504 _____ () C:\Users\##### #####\AppData\Local\Packages\6Wunderkinder.Wunderlist_b4cwydgxqx59r\AC\Microsoft\CLR_v4.0_32\NativeImages\AdjustWS\d267ce05feab8c0b668f44f5e64bd8e1\AdjustWS.ni.dll
2015-03-25 07:00 - 2015-03-25 07:00 - 00193024 _____ () C:\Users\##### #####\AppData\Local\Packages\6Wunderkinder.Wunderlist_b4cwydgxqx59r\AC\Microsoft\CLR_v4.0_32\NativeImages\WindowsPcl\7c7f39df335dd0bd0d54b753b5dda377\WindowsPcl.ni.dll
2015-03-25 06:59 - 2015-03-25 06:59 - 00808448 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Storage\ea5a0a1c726e8cf0533fea3a74382fa0\Windows.Storage.ni.dll
2015-03-25 06:59 - 2015-03-25 06:59 - 00402432 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Security\203b89de94bc0e8dc616d0b77000c07c\Windows.Security.ni.dll
2015-03-25 06:59 - 2015-03-25 06:59 - 00304128 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Graphics\5fb69d21200f184c89b8b0b170835844\Windows.Graphics.ni.dll
2015-03-25 06:59 - 2015-03-25 06:59 - 00133120 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.System\8a0a0788d2ff4a5c78aec753ec9dddcb\Windows.System.ni.dll
2015-04-29 21:48 - 2015-04-29 21:48 - 00149504 _____ () C:\Users\##### #####\AppData\Local\Packages\6Wunderkinder.Wunderlist_b4cwydgxqx59r\AC\Microsoft\CLR_v4.0_32\NativeImages\StoreSerializer\c2b7dff6dba1725992bbdca5226aeb85\StoreSerializer.ni.dll
2015-03-25 06:59 - 2015-03-25 06:59 - 00337920 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Data\fa785161bc5d323c3bc888599f4b0fd7\Windows.Data.ni.dll
2015-03-25 07:00 - 2015-03-25 07:00 - 00092672 _____ () C:\Users\##### #####\AppData\Local\Packages\6Wunderkinder.Wunderlist_b4cwydgxqx59r\AC\Microsoft\CLR_v4.0_32\NativeImages\WindowsUap\430c73692fce7719fe3cffd417585fd2\WindowsUap.ni.dll
2015-03-25 07:00 - 2015-03-25 07:00 - 00069120 _____ () C:\Users\##### #####\AppData\Local\Packages\6Wunderkinder.Wunderlist_b4cwydgxqx59r\AC\Microsoft\CLR_v4.0_32\NativeImages\PCLStorage.0cbfed36#\85376483da6df559762d7f297ed80532\PCLStorage.Abstractions.ni.dll
2015-03-25 07:00 - 2015-03-25 07:00 - 00150528 _____ () C:\Users\##### #####\AppData\Local\Packages\6Wunderkinder.Wunderlist_b4cwydgxqx59r\AC\Microsoft\CLR_v4.0_32\NativeImages\PCLStorage\eaf06bcf09a896d55aa74490bb671cb4\PCLStorage.ni.dll
2015-03-25 07:00 - 2015-03-25 07:00 - 00011264 _____ () C:\Users\##### #####\AppData\Local\Packages\6Wunderkinder.Wunderlist_b4cwydgxqx59r\AC\Microsoft\CLR_v4.0_32\NativeImages\WindowsPclNet40\e3a7e1153e739bb323a97cd890648e39\WindowsPclNet40.ni.dll
2015-03-15 12:54 - 2015-01-07 10:29 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2015-03-15 12:54 - 2015-01-07 10:29 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2014-07-16 11:21 - 2014-07-16 11:21 - 00611128 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\TUKernel.bpl
2014-07-16 11:21 - 2014-07-16 11:21 - 00152888 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\TUBasic.bpl
2014-07-16 11:21 - 2014-07-16 11:21 - 00820024 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\MainControls.bpl
2014-07-16 11:21 - 2014-07-16 11:21 - 00119096 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\TUTransl.bpl
2014-07-16 11:21 - 2014-07-16 11:21 - 00129336 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\SchedAgent_2007.bpl
2014-07-16 11:22 - 2014-07-16 11:22 - 00278840 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\AppInitialization.bpl
2014-07-16 11:21 - 2014-07-16 11:21 - 00493368 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\Html.bpl
2014-07-16 11:21 - 2014-07-16 11:21 - 00449848 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\GR32_D6.bpl
2014-07-16 11:21 - 2014-07-16 11:21 - 00335672 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\TUCompression.bpl
2014-07-16 11:21 - 2014-07-16 11:21 - 00307000 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\ntrtl60.bpl
2014-07-16 11:21 - 2014-07-16 11:21 - 00307000 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\DEC.bpl
2014-07-16 11:21 - 2014-07-16 11:21 - 00210744 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\XMLComponents.bpl
2014-07-16 11:22 - 2014-07-16 11:22 - 00470328 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\SysInfo.bpl
2014-07-16 11:22 - 2014-07-16 11:22 - 00458040 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\PowerManager.bpl
2014-07-16 11:21 - 2014-07-16 11:21 - 00154424 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\cefcomponent.bpl
2014-07-16 11:22 - 2014-07-16 11:22 - 00423224 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\VisControls.bpl
2014-07-16 11:22 - 2014-07-16 11:22 - 00144184 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\TUIcoEngineerDirTree.bpl
2014-07-16 11:21 - 2014-07-16 11:21 - 00076600 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\TUShell.bpl
2014-07-16 11:22 - 2014-07-16 11:22 - 00069944 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\dxGDIPlusD12.bpl
2014-07-16 11:22 - 2014-07-16 11:22 - 00044856 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\dxCoreD12.bpl
2014-07-16 11:22 - 2014-07-16 11:22 - 00632632 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\TUDiskCleanerClass.bpl
2014-07-16 11:22 - 2014-07-16 11:22 - 00656184 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\MSI_D6.bpl
2014-07-16 11:22 - 2014-07-16 11:22 - 00092984 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\TUApps.bpl
2014-07-16 11:22 - 2014-07-16 11:22 - 00215864 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\ProgramRating.bpl
2014-07-16 11:22 - 2014-07-16 11:22 - 00962872 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\TuningWizard.bpl
2014-07-16 11:22 - 2014-07-16 11:22 - 00068408 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\SysControls.bpl
2014-07-16 11:22 - 2014-07-16 11:22 - 00047928 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\TUApplications.bpl
2014-07-16 11:21 - 2014-07-16 11:21 - 00083256 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\TUOperaClass.bpl
2014-07-16 11:22 - 2014-07-16 11:22 - 00107320 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\Internet.bpl
2014-07-16 11:22 - 2014-07-16 11:22 - 00489272 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\Traces.bpl
2014-07-16 11:22 - 2014-07-16 11:22 - 00042808 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\TUSafariClass.bpl
2014-07-16 11:22 - 2014-07-16 11:22 - 01145144 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\dxBarD12.bpl
2014-07-16 11:22 - 2014-07-16 11:22 - 00852280 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\cxLibraryD12.bpl
2014-07-16 11:22 - 2014-07-16 11:22 - 00055608 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\dxThemeD12.bpl
2014-07-16 11:21 - 2014-07-16 11:21 - 00033080 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\TUBase.bpl
2014-07-16 11:22 - 2014-07-16 11:22 - 00609080 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\VirtualTreesR.bpl
2014-07-16 11:22 - 2014-07-16 11:22 - 00207672 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\dxBarExtItemsD12.bpl
2014-07-16 11:22 - 2014-07-16 11:22 - 00809272 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\dxSkinsCoreD12.bpl
2014-07-16 11:22 - 2014-07-16 11:22 - 00329016 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\dxDockingD12.bpl
2014-07-16 11:22 - 2014-07-16 11:22 - 00928056 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\dxRibbonD12.bpl
2014-07-16 11:22 - 2014-07-16 11:22 - 00140088 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\CommonForms.bpl
2014-07-16 11:21 - 2014-07-16 11:21 - 00161080 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\PerlRegEx.bpl
2014-07-16 11:22 - 2014-07-16 11:22 - 00107320 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\TUShredder.bpl
2014-07-16 11:21 - 2014-07-16 11:21 - 00065848 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\TUIECacheClass.bpl
2014-07-16 11:21 - 2014-07-16 11:21 - 00042808 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\TURar.bpl
2014-07-16 11:22 - 2014-07-16 11:22 - 00016184 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\dxComnD12.bpl
2014-06-23 09:44 - 2014-06-23 09:44 - 13417496 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\##### #####\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SplashtopRemoteService => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1931906367-3255308075-3261805128-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\##### #####\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1931906367-3255308075-3261805128-1001\...\StartupApproved\StartupFolder: => "Logitech . Produktregistrierung.lnk"

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{981E0391-422B-4C88-B542-551543A4AE04}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{242EC7E7-0AF0-483A-BC03-216CF50820B0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C76086AA-29AC-4FFA-87CD-570A2DA9300B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{CF039633-6540-4406-A338-0781E9430D04}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [{9324AEAB-41B9-4054-8C4E-E64F357381E9}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [{194ABEB3-1601-423C-87B0-0ED15CEE7BF1}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{588D3554-168F-4DB1-A192-706AF3F06BF8}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{F2DFDCB1-6ABB-486B-96FD-B471124546BC}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{F25773FE-DB7C-4E6A-AF06-1D941E0C859D}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{A2AF4803-4663-4407-ACA4-76F723D6A16C}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{AA76CCDD-9BBE-47C6-89D9-A436426B9303}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [TCP Query User{559B3184-1556-484F-8F46-A671B16F1BD9}C:\program files (x86)\kuffs software\kps\kps.exe] => (Allow) C:\program files (x86)\kuffs software\kps\kps.exe
FirewallRules: [UDP Query User{AEC43A9E-FD6C-47D8-81FF-2E8EF2824B37}C:\program files (x86)\kuffs software\kps\kps.exe] => (Allow) C:\program files (x86)\kuffs software\kps\kps.exe
FirewallRules: [{3ADE76A5-E674-468F-A869-A91570C538A5}] => (Allow) LPort=5354
FirewallRules: [{9AB95035-4B16-4BAA-AEA6-7CC5A26D0EB9}] => (Allow) LPort=5354
FirewallRules: [{CA1E24CC-4B86-4315-8F73-F71A1BCA28D8}] => (Allow) LPort=5354
FirewallRules: [{A7AD1126-2EB8-49E1-9F11-3EB12AB64778}] => (Allow) LPort=5354
FirewallRules: [{807DB919-E4A5-4EA3-AD69-A7CBDDE3894C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{152BA465-4FC0-48EE-B11C-C00A88D0ADA0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{5C3CA3AE-0573-4AD5-8E60-19DF0AE90D39}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{55B46992-3222-4414-A90F-6EACAA44A775}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{95F3635C-BDE9-4D6A-8742-483706AAFF8B}C:\users\##### #####\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\##### #####\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{BD49444F-C1B5-441C-8005-7E320C539AC1}C:\users\##### #####\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\##### #####\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{DFF4D469-1F79-4FCD-BC1F-E371AFFD3F07}] => (Allow) C:\Program Files (x86)\ModelMakerTools\SimpleMind\1.9.4\iPhoneLink.exe
FirewallRules: [{323730A7-274A-4973-8B5D-A529CD1D152D}] => (Allow) C:\Users\##### #####\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{2EE7AF2E-C80E-428A-A2D7-4A97EB46E226}] => (Allow) C:\Users\##### #####\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{6BFD09BA-E5FA-43F5-9AD8-28DF4CA67AC1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [TCP Query User{F4CBEFC7-25EA-4730-8AF1-52C75C72063A}C:\program files (x86)\modelmakertools\simplemind\1.9.4\iphonelink.exe] => (Allow) C:\program files (x86)\modelmakertools\simplemind\1.9.4\iphonelink.exe
FirewallRules: [UDP Query User{8BD95462-7F00-4440-8BF6-560ABC027834}C:\program files (x86)\modelmakertools\simplemind\1.9.4\iphonelink.exe] => (Allow) C:\program files (x86)\modelmakertools\simplemind\1.9.4\iphonelink.exe
FirewallRules: [TCP Query User{98730808-EE81-4593-B963-6F04061400AA}C:\merkur\masnet\java\bin\javaw.exe] => (Allow) C:\merkur\masnet\java\bin\javaw.exe
FirewallRules: [UDP Query User{06824DF2-69D1-4ECA-9A41-0A0708E26130}C:\merkur\masnet\java\bin\javaw.exe] => (Allow) C:\merkur\masnet\java\bin\javaw.exe
FirewallRules: [{21585B97-240B-4064-AC18-B4800240B5CF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E90DFAE3-D5A1-4F6F-B581-4CC2656018F2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A942849C-78F8-4FA0-96B5-0E687523C697}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F1B23F77-EEBB-409A-8B94-324D7C2E7DC2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{99A68734-688D-47E9-A279-EB67C8FBC80E}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{45C119DD-053E-40CA-B697-F96F76C47D2E}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{4902D01A-1BEB-4805-B913-91E708139361}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [UDP Query User{7F3F2CC2-4EF7-4FD7-A200-F5F626E13BDD}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [{8FB57E47-73EC-4D58-9D21-27E414062A00}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{2AC02B9A-FC78-426C-BA93-C3F3E4FA0493}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{808A98A9-B7F7-406C-9D64-2263BDE5A3E6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7DB65F50-92F4-4ED0-951F-FB3473B699CF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{34F11DF1-3E55-4F58-887A-8EC27A330ADD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{3C0216F3-4900-4E82-BCBE-C2C1E602E7C4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{6502AABA-E9E3-4C33-BECB-9114CD22E1B6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{EC7FDB9D-ADF2-473F-A39D-4963E419EB61}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C6735267-2227-4FBF-BA63-E4D5A1A55697}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4EB2125F-4A8E-46CA-B923-63E6C3A7B1DD}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
FirewallRules: [{173E1D2A-4B12-4A5E-A76B-6D2B9614C0AC}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
FirewallRules: [{3D2CDCCD-F797-4910-83A2-B2F0A2808054}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\DataProxy.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/30/2015 11:19:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wfcrun32.exe, Version: 11.2.0.31560, Zeitstempel: 0x4aac1955
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f42c2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00018ad9
ID des fehlerhaften Prozesses: 0x2824
Startzeit der fehlerhaften Anwendung: 0xwfcrun32.exe0
Pfad der fehlerhaften Anwendung: wfcrun32.exe1
Pfad des fehlerhaften Moduls: wfcrun32.exe2
Berichtskennung: wfcrun32.exe3
Vollständiger Name des fehlerhaften Pakets: wfcrun32.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: wfcrun32.exe5

Error: (04/30/2015 11:19:47 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/30/2015 10:43:14 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/30/2015 10:43:13 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/30/2015 10:40:52 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/30/2015 09:09:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wfcrun32.exe, Version: 11.2.0.31560, Zeitstempel: 0x4aac1955
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f42c2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00018ad9
ID des fehlerhaften Prozesses: 0x2728
Startzeit der fehlerhaften Anwendung: 0xwfcrun32.exe0
Pfad der fehlerhaften Anwendung: wfcrun32.exe1
Pfad des fehlerhaften Moduls: wfcrun32.exe2
Berichtskennung: wfcrun32.exe3
Vollständiger Name des fehlerhaften Pakets: wfcrun32.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: wfcrun32.exe5

Error: (04/30/2015 09:09:51 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/29/2015 08:57:29 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/29/2015 08:57:29 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/29/2015 03:31:36 PM) (Source: NV) (EventID: 0) (User: )
Description: Fehler: ForceDelete4Vista fehlgeschlagen, Der Zugriff auf den Pfad wurde verweigert.


System errors:
=============
Error: (04/30/2015 10:35:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Gruppenrichtlinienclient" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (04/30/2015 10:35:00 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst gpsvc erreicht.

Error: (04/30/2015 10:34:30 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Appinfo erreicht.

Error: (04/30/2015 09:10:32 AM) (Source: DCOM) (EventID: 10010) (User: FILMIC)
Description: {D085A4AB-CAB1-4729-9DF8-FCEEDDBD19E4}

Error: (04/30/2015 09:08:58 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SplashtopRemoteService erreicht.

Error: (04/30/2015 09:07:34 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Appinfo erreicht.

Error: (04/30/2015 09:07:34 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Acronis Sync Agent Service konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (04/29/2015 00:55:05 AM) (Source: DCOM) (EventID: 10010) (User: FILMIC)
Description: {D085A4AB-CAB1-4729-9DF8-FCEEDDBD19E4}

Error: (04/29/2015 00:53:49 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎29.‎04.‎2015 um 00:52:08 unerwartet heruntergefahren.

Error: (04/29/2015 00:51:36 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Appinfo erreicht.


Microsoft Office Sessions:
=========================
Error: (04/30/2015 11:19:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: wfcrun32.exe11.2.0.315604aac1955ntdll.dll6.3.9600.17736550f42c2c000000500018ad9282401d08326cda12b48C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exeC:\WINDOWS\SYSTEM32\ntdll.dll0b6c31e0-ef1a-11e4-8270-6057185ffe64

Error: (04/30/2015 11:19:47 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80.DLL

Error: (04/30/2015 10:43:14 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80.DLL

Error: (04/30/2015 10:43:13 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80.DLL

Error: (04/30/2015 10:40:52 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80.DLL

Error: (04/30/2015 09:09:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: wfcrun32.exe11.2.0.315604aac1955ntdll.dll6.3.9600.17736550f42c2c000000500018ad9272801d08314a41f289bC:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exeC:\WINDOWS\SYSTEM32\ntdll.dlle68a778e-ef07-11e4-826f-6057185ffe64

Error: (04/30/2015 09:09:51 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80.DLL

Error: (04/29/2015 08:57:29 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80.DLL

Error: (04/29/2015 08:57:29 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80.DLL

Error: (04/29/2015 03:31:36 PM) (Source: NV) (EventID: 0) (User: )
Description: Fehler: ForceDelete4Vista fehlgeschlagen, Der Zugriff auf den Pfad wurde verweigert.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 30%
Total physical RAM: 16294.39 MB
Available physical RAM: 11309.14 MB
Total Pagefile: 18726.39 MB
Available Pagefile: 12922.35 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:462.56 GB) (Free:91.66 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: () (Removable) (Total:31.99 GB) (Free:23.99 GB) FAT32
Drive z: () (Network) (Total:3664.62 GB) (Free:2443.43 GB)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: D8614434)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 58.8 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

schrauber 30.04.2015 13:24
Hi,

sicher dass das Laptop-interne Keyboard keinen Macken hat? Du sagst ja es hört auf wenn Du ESC drückst.

Zitat:
Dann dachte ich vielleicht hängt eine Taste und siehe da wenn ich ESC drücke ist das Problem temporär gelöst, Kommt aber von zeit zu zeit wieder! (keine fixe wiederkehrungszeit)
Das ist eigentlich ein eindeutiges Zeichen.

Anteros1986 30.04.2015 13:26
grundsätzlich war das ja auch mein Verdacht, die frage ist nur warum lässt sich das problem nicht immer mit esc beheben?

ist für dich im Log irgendwas an malware zu entdecken?

schrauber 01.05.2015 06:30
Nein, keine Malware. ESC muss ja nit immer funktionieren. Wenn das Ding gerade richtig klemmt oder das Signal einer anderen Taste dauerhaft sendet, bleibt auch ESC ohne Funktion.


Alle Zeitangaben in WEZ +1. Es ist jetzt 22:26 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131