| lab-star | 01.06.2015 21:44 |
PUA/iLivid.Gen auf Win7x64 Notebook Teil 2
Defogger: Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 21:22 on 01/06/2015 (Andreas)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
SPTD -> Already disabled
-=E.O.F=-
FRST: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by Andreas (administrator) on ANDREAS-PC on 01-06-2015 21:28:17
Running from C:\Users\Andreas\Desktop
Loaded Profiles: Andreas (Available Profiles: Andreas & TEST)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() C:\Windows\System32\DTS.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(AuthenTec, Inc.) C:\Windows\System32\ATService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Intel Corporation) C:\Program Files (x86)\Intel\AMT\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics, Inc.) C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Lenovo Group Limited) C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Avanquest Software ) C:\Program Files (x86)\Digital Line Detect\DLG.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\RotateImage\RCIMGDIR.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Lenovo Group Limited) C:\Program Files (x86)\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BluetoothHeadsetProxy.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\System32\xpsrchvw.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2011-03-29] (Lenovo.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKLM\...\Run: [picon] => C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe [358424 2009-08-04] (Intel Corporation)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [60920 2013-05-29] (Lenovo Group Limited)
HKLM\...\Run: [FingerPrintSoftwareSplashScreen] => C:\Program Files\Lenovo Fingerprint Software\SplashScreen.exe [107520 2010-10-21] (AuthenTec, Inc.)
HKLM\...\Run: [FingerPrintSoftware] => C:\Program Files\Lenovo Fingerprint Software\fpapp.exe [1582400 2010-10-21] (AuthenTec)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63832 2014-03-14] (Lenovo)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-11-15] (Synaptics Incorporated)
HKLM\...\Run: [PasswordManager] => C:\Program Files\Lenovo\Password Manager\password_manager.exe [1665824 2014-06-23] (Lenovo Group Limited)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\RotateImage\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [704512 2015-05-28] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2012-05-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2103261752-1737089908-2043903725-1001\...\RunOnce: [Uninstall C:\Users\Andreas\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Andreas\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2103261752-1737089908-2043903725-1001\...\Policies\Explorer: [DisallowCpl] 1
HKU\S-1-5-21-2103261752-1737089908-2043903725-1001\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2103261752-1737089908-2043903725-1001\...\MountPoints2: {7d517441-7729-11e1-936b-001fe2e855a4} - F:\Startme.exe
HKU\S-1-5-21-2103261752-1737089908-2043903725-1001\...\MountPoints2: {b632db5f-2dcd-11df-89ad-806e6f6e6963} - F:\AutoRun.exe
HKU\S-1-5-21-2103261752-1737089908-2043903725-1001\...\MountPoints2: {b632db97-2dcd-11df-89ad-001fe2e855a4} - F:\AutoRun.exe
HKU\S-1-5-21-2103261752-1737089908-2043903725-1001\...\MountPoints2: {b632dc39-2dcd-11df-89ad-001fe2e855a4} - F:\AutoRun.exe
Lsa: [Notification Packages] scecli ACGina
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-06-27]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk [2013-06-27]
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files (x86)\Digital Line Detect\DLG.exe (Avanquest Software )
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10397&gct=hp&dc=EU&locale=de_AT
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-2103261752-1737089908-2043903725-1001 -> {0DAD6D0C-0E15-4156-BA95-9D9E8E157B43} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2010-05-28] (Hewlett-Packard Co.)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-09-24] (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-09-24] (Sun Microsystems, Inc.)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2010-05-28] (Hewlett-Packard Co.)
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\eb4qzeqm.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-06-01] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-06-01] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_37 -> C:\Windows\SysWOW64\npdeployJava1.dll [2012-09-24] (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll [2012-09-24] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-09-17]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-06-26]
FF HKU\S-1-5-21-2103261752-1737089908-2043903725-1001\...\Firefox\Extensions: [{F74D5734-46F5-4B16-96F0-1E7FBF41B750}] - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12
FF Extension: ThinkVantage Password Manager - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12 [2014-06-30]
FF HKU\S-1-5-21-2103261752-1737089908-2043903725-1001\...\Firefox\Extensions: [{FCF36B88-1BBA-487f-B64B-D2E8980A9293}] - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lpdfbkehegfmedglgemnhbnpmfmioggj] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ADMonitor; C:\Windows\system32\ADMonitor.exe [130048 2010-10-21] () [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-05-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-05-28] (Avira Operations GmbH & Co. KG)
R2 ATService; C:\Windows\system32\ATService.exe [2715456 2010-10-21] (AuthenTec, Inc.)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320560 2014-03-20] (Lenovo.)
R2 dtsvc; C:\Windows\system32\DTS.exe [117760 2010-10-21] () [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited)
R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [174616 2009-09-14] (Intel Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2012-03-23] () [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 ScrybeUpdater; C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe [1300264 2011-05-11] (Synaptics, Inc.)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155320 2012-01-18] (Avanquest Software) [File not signed]
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [49136 2015-05-15] ()
R2 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1028096 2009-09-25] (Lenovo Group Limited) [File not signed]
R3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1475896 2010-07-06] (Lenovo Group Limited)
R2 UNS; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2058776 2009-08-04] (Intel Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 5U875UVC; C:\Windows\System32\DRIVERS\RCUVCMNP.sys [220032 2009-10-23] (Ricoh co.,Ltd.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-05-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-05-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-01-02] (Avira Operations GmbH & Co. KG)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [31744 2011-05-09] (Google Inc)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [11776 2010-10-20] (HandSet Incorporated)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2013-11-15] (Synaptics Incorporated)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-01-27] (Duplex Secure Ltd.)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [41536 2009-07-02] (Lenovo (United States) Inc.)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 zghsdiag; C:\Windows\System32\DRIVERS\zghsdiag.sys [129304 2010-10-18] (ZTE Incorporated)
S3 zghsmdm; C:\Windows\System32\DRIVERS\zghsmdm.sys [127056 2010-10-18] (ZTE Incorporated)
S3 zghsnmea; C:\Windows\System32\DRIVERS\zghsnmea.sys [129304 2010-10-18] (ZTE Incorporated)
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
R3 PCDSRVC{127174DC-C366ED8B-06020101}_0; \??\c:\program files\pc-doctor\pcdsrvc_x64.pkms [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-01 21:28 - 2015-06-01 21:30 - 00019969 _____ () C:\Users\Andreas\Desktop\FRST.txt
2015-06-01 21:27 - 2015-06-01 21:28 - 00000000 ____D () C:\FRST
2015-06-01 21:26 - 2015-06-01 21:26 - 02108928 _____ (Farbar) C:\Users\Andreas\Desktop\FRST64.exe
2015-06-01 20:53 - 2015-06-01 21:03 - 00000000 ___SD () C:\Windows\system32\GWX
2015-06-01 20:53 - 2015-06-01 20:53 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-29 08:48 - 2015-05-29 08:48 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-05-29 08:48 - 2015-05-29 08:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-05-29 08:44 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-29 08:44 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-29 08:36 - 2015-05-29 08:36 - 00767664 _____ () C:\Users\Andreas\Desktop\Trojanerboard_Anleitung.xps
2015-05-29 08:10 - 2015-06-01 21:22 - 00000528 _____ () C:\Users\Andreas\Desktop\defogger_disable.log
2015-05-29 08:10 - 2015-05-29 08:10 - 00000020 _____ () C:\Users\Andreas\defogger_reenable
2015-05-29 08:09 - 2015-05-29 08:09 - 00050477 _____ () C:\Users\Andreas\Desktop\Defogger.exe
2015-05-29 00:10 - 2015-05-29 00:10 - 00003856 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1422026928
2015-05-28 23:51 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-28 23:51 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-28 23:51 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-28 23:51 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-28 23:51 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-28 23:51 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-28 23:51 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-28 23:51 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-28 23:51 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-28 23:51 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-28 23:51 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-28 23:51 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-28 23:51 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-28 23:51 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-28 23:51 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-28 23:51 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-28 23:51 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-28 23:51 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-28 23:51 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-28 23:51 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-28 23:51 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-28 23:51 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-28 23:51 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-28 23:51 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-28 23:51 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-28 23:51 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-28 23:51 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-28 23:51 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-28 23:51 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-28 23:51 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-28 23:51 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-28 23:51 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-28 23:51 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-28 23:51 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-28 23:51 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-28 23:51 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-28 23:51 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-28 23:51 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-28 23:51 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-28 23:51 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-28 23:51 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-28 23:51 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-28 23:51 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-28 23:51 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-28 23:51 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-28 23:51 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-28 23:51 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-28 23:51 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-28 23:51 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-28 23:51 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-28 23:51 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-28 23:51 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-28 23:51 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-28 23:51 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-28 23:51 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-28 23:51 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-28 23:51 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-28 23:51 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-28 23:51 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-28 23:51 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-28 23:51 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-28 23:51 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-28 23:51 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-28 23:51 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-28 23:51 - 2015-04-04 05:29 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-28 23:51 - 2015-04-04 05:29 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-28 23:51 - 2015-04-04 05:22 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-28 23:51 - 2015-04-04 05:22 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-28 23:51 - 2015-04-04 05:22 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-28 23:51 - 2015-04-04 05:22 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-28 23:51 - 2015-04-04 05:22 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-28 23:51 - 2015-04-04 05:22 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-28 23:51 - 2015-04-04 05:22 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-28 23:51 - 2015-04-04 05:22 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-28 23:51 - 2015-04-04 05:22 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-28 23:51 - 2015-04-04 05:22 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-28 23:51 - 2015-04-04 05:20 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-28 23:51 - 2015-04-04 05:20 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-28 23:51 - 2015-04-04 05:17 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-28 23:51 - 2015-04-04 05:17 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-28 23:51 - 2015-04-04 05:15 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-28 23:51 - 2015-04-04 05:05 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-28 23:51 - 2015-04-04 05:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-28 23:51 - 2015-04-04 05:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-28 23:51 - 2015-04-04 05:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-28 23:51 - 2015-04-04 05:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-28 23:51 - 2015-04-04 05:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-28 23:51 - 2015-04-04 05:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-28 23:51 - 2015-04-04 05:04 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-28 23:51 - 2015-04-04 05:04 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-28 23:51 - 2015-04-04 05:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-28 23:51 - 2015-04-04 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-28 23:51 - 2015-04-04 04:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-28 23:50 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-28 23:50 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-28 23:50 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-28 23:50 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-28 23:50 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-28 23:50 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-28 23:50 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-28 23:50 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-28 23:49 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-05-28 23:49 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-05-28 23:49 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-05-28 23:49 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-05-28 23:49 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-05-28 23:49 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-05-28 23:49 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-05-28 23:49 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-05-28 23:49 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-05-28 23:49 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-05-28 23:49 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-05-28 23:49 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-05-28 23:49 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-05-28 23:49 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-05-28 23:49 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-05-28 23:49 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-05-28 23:49 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-05-28 23:49 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-05-28 23:49 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-05-28 23:49 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-05-28 23:49 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-05-28 23:49 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-05-28 23:49 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-05-28 23:49 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-05-28 23:49 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-28 23:49 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-28 23:49 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-28 23:49 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-28 23:49 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-28 23:49 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-28 23:49 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-28 23:49 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-28 23:49 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-28 23:49 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-28 23:49 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-28 23:49 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-28 23:49 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-28 23:49 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-28 23:49 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-28 23:49 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-28 23:49 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-28 23:49 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-28 23:49 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-28 23:49 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-28 23:49 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-28 23:49 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-28 23:49 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-28 23:49 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-28 23:49 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-28 23:49 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-28 23:49 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-28 23:49 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-28 23:49 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-28 23:49 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-28 23:49 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-05-28 23:49 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-05-28 23:49 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-05-28 23:49 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-05-28 23:49 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-05-28 23:49 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-05-28 23:49 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-28 23:49 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-28 23:48 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-05-28 23:48 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-28 23:48 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-05-28 23:48 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-28 23:48 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-28 23:48 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-28 23:48 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-28 23:48 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-28 23:48 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-05-28 23:48 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-28 23:48 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-05-28 23:48 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-28 23:48 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-28 23:33 - 2015-05-28 23:33 - 00001095 _____ () C:\Users\Public\Desktop\Avira.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-01 21:27 - 2010-01-20 01:12 - 01795489 _____ () C:\Windows\WindowsUpdate.log
2015-06-01 21:21 - 2011-07-29 08:38 - 00003500 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-06-01 21:21 - 2011-07-29 08:38 - 00003448 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
2015-06-01 21:21 - 2011-07-29 08:38 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2015-06-01 21:14 - 2013-02-13 17:18 - 00000550 _____ () C:\Windows\Tasks\MATLAB R2012b Startup Accelerator.job
2015-06-01 21:13 - 2009-07-14 06:45 - 00025552 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-01 21:13 - 2009-07-14 06:45 - 00025552 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-01 21:03 - 2013-06-13 09:34 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-01 21:03 - 2013-06-13 09:34 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-01 21:03 - 2012-04-08 13:22 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-01 21:03 - 2011-06-08 08:23 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-01 20:59 - 2015-01-21 00:32 - 00004795 _____ () C:\Windows\setupact.log
2015-06-01 20:59 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-06-01 20:58 - 2009-07-14 06:45 - 00541624 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-06-01 20:56 - 2009-07-14 19:58 - 00751858 _____ () C:\Windows\system32\perfh007.dat
2015-06-01 20:56 - 2009-07-14 19:58 - 00170598 _____ () C:\Windows\system32\perfc007.dat
2015-06-01 20:56 - 2009-07-14 07:13 - 01768306 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-06-01 20:54 - 2014-12-13 15:13 - 00000000 ____D () C:\Windows\system32\appraiser
2015-06-01 20:54 - 2014-05-06 23:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-06-01 20:54 - 2009-07-14 20:18 - 00000000 ____D () C:\Program Files\Windows Journal
2015-06-01 20:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-29 09:02 - 2010-01-20 01:59 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-29 09:01 - 2010-06-15 16:53 - 01742586 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-05-29 09:00 - 2013-08-18 12:49 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-29 08:48 - 2013-09-09 21:10 - 00000000 ____D () C:\ProgramData\Skype
2015-05-29 08:43 - 2012-05-20 11:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-29 08:43 - 2012-05-20 11:08 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-29 08:43 - 2012-05-20 11:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-29 08:35 - 2012-10-15 19:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-29 08:10 - 2010-01-20 01:18 - 00000000 ____D () C:\Users\Andreas
2015-05-29 08:07 - 2015-01-20 23:00 - 00000000 ____D () C:\Users\Andreas\Desktop\Adware Infizierung
2015-05-29 08:07 - 2010-10-27 22:18 - 00000000 ____D () C:\Users\Andreas\Johanna
2015-05-29 07:54 - 2010-02-15 13:56 - 00000000 ____D () C:\ProgramData\Lenovo
2015-05-29 07:45 - 2011-02-16 20:04 - 00000000 ___HD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2015-05-29 07:45 - 2010-04-15 21:17 - 00000000 ____D () C:\Windows\System32\Tasks\TVT
2015-05-29 07:45 - 2010-01-20 02:32 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2015-05-29 07:43 - 2010-01-20 03:06 - 00000000 ____D () C:\Windows\Downloaded Installations
2015-05-29 02:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-05-29 00:10 - 2010-04-15 21:12 - 00000000 ____D () C:\SWSHARE
2015-05-29 00:10 - 2010-01-20 01:38 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-05-28 23:57 - 2014-12-14 13:24 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-28 23:42 - 2010-12-10 16:47 - 00000000 ____D () C:\Users\Andreas\Geschäftlich
2015-05-28 23:33 - 2014-09-26 13:50 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-28 23:33 - 2013-06-27 00:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-05-28 23:33 - 2013-06-27 00:06 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-05-28 23:20 - 2013-06-27 00:07 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-05-28 23:20 - 2013-06-27 00:06 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-05-28 23:20 - 2013-06-27 00:06 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-05-28 23:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-28 23:04 - 2014-09-24 10:51 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
==================== Files in the root of some directories =======
2013-05-08 23:14 - 2013-06-26 22:41 - 0000697 _____ () C:\Users\Andreas\AppData\Roaming\ConvAPIPlugin.log
2011-01-30 15:38 - 2011-05-06 14:35 - 0038423 _____ () C:\Users\Andreas\AppData\Roaming\Kommagetrennte Werte (DOS).ADR
2011-05-06 14:49 - 2011-05-06 14:49 - 0012955 _____ () C:\Users\Andreas\AppData\Roaming\Kommagetrennte Werte (DOS).CAL
2013-06-14 15:05 - 2013-11-19 16:09 - 0000600 _____ () C:\Users\Andreas\AppData\Roaming\winscp.rnd
2010-05-05 00:50 - 2015-03-21 01:16 - 0021504 _____ () C:\Users\Andreas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-14 15:52 - 2013-11-19 16:09 - 0000600 _____ () C:\Users\Andreas\AppData\Local\PUTTY.RND
2011-10-21 16:26 - 2011-10-21 16:26 - 0001472 _____ () C:\Users\Andreas\AppData\Local\RecConfig.xml
2014-05-23 13:31 - 2014-05-23 13:31 - 0000857 _____ () C:\Users\Andreas\AppData\Local\recently-used.xbel
2011-03-03 18:27 - 2013-11-22 10:21 - 0007608 _____ () C:\Users\Andreas\AppData\Local\resmon.resmoncfg
2010-01-21 21:16 - 2014-02-08 22:32 - 0038412 _____ () C:\ProgramData\hpzinstall.log
Some files in TEMP:
====================
C:\Users\Andreas\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-29 02:00
==================== End of log ============================
Addition: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by Andreas at 2015-06-01 21:31:08
Running from C:\Users\Andreas\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2103261752-1737089908-2043903725-500 - Administrator - Disabled)
Andreas (S-1-5-21-2103261752-1737089908-2043903725-1001 - Administrator - Enabled) => C:\Users\Andreas
Gast (S-1-5-21-2103261752-1737089908-2043903725-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2103261752-1737089908-2043903725-1002 - Limited - Enabled)
TEST (S-1-5-21-2103261752-1737089908-2043903725-1006 - Limited - Enabled) => C:\Users\TEST
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
6500_E709_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
6500_E709_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
6500_E709a (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Access Help (HKLM-x32\...\{C6FA39A7-26B1-480A-BC74-6D17531AC222}) (Version: 3.00 - Lenovo)
ACD/Labs Software in C:\ACDFREE12\ (HKLM-x32\...\ACDLabs in C__ACDFREE12_) (Version: v12.00, FREE - ACD/Labs)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Agenda (HKU\S-1-5-21-2103261752-1737089908-2043903725-1001\...\Agenda) (Version: - Leonardo Javier Alassia)
AMD Catalyst Install Manager (HKLM\...\{72DECC0F-58E0-0618-C857-43B4D3DB7B75}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.73.01 - )
ATI Uninstaller (HKLM\...\ATI Uninstaller) (Version: 8.792.5.2-120504a-138564C-Lenovo - ATI Technologies, Inc.)
AuthenTec TrueSuite (HKLM\...\{E6C44758-FF49-47D1-8182-65E3818ACE23}) (Version: 2.0.0.57 - AuthenTec, Inc.)
Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 15.0.8.656 - Avira)
B110 (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
CamStudio (HKLM-x32\...\CamStudio) (Version: - )
ccc-core-static (x32 Version: 2012.0504.2334.40448 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
ChemSep 6.96 (HKLM-x32\...\ChemSepL6v96) (Version: 6.96 - ChemSep)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.03103 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.03103 - Cisco Systems, Inc.) Hidden
COCO (HKLM\...\COCO) (Version: 2.7 - AmsterCHEM)
Command & Conquer The First Decade (HKLM-x32\...\{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}) (Version: 1.00.0000 - Electronic Arts)
Conexant 20561 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.92.10.0 - Conexant)
COSMOthermCO-LITE-C30-1201 (HKLM-x32\...\COSMOthermCO-LITE-C30-1201) (Version: - )
Crystal Reports Basic Runtime for Visual Studio 2008 (HKLM-x32\...\{CE26F10F-C80F-4377-908B-1B7882AE2CE3}) (Version: 10.5.0.0 - Business Objects)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Dienstprogramm "ThinkPad UltraNav" (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
DocMgr (x32 Version: 140.0.65.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 140.0.100.000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-2103261752-1737089908-2043903725-1001\...\Dropbox) (Version: 2.6.7 - Dropbox, Inc.)
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.65.1 - Lenovo Group Limited)
Excel CAPE-OPEN Unit Operation (HKLM-x32\...\ExcelUO) (Version: - AmsterCHEM)
FastSum 1.7 Standard Edition and FastSum 1.9 Command-Line Editi (HKLM-x32\...\FastSum_is1) (Version: - Kirill Zinov)
Fax (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Flashtool (HKLM-x32\...\Flashtool) (Version: 0.6.8.0 - Androxyde)
Foxit Reader 5.1 (HKLM-x32\...\Foxit Reader_is1) (Version: 5.1.4.104 - Foxit Corporation)
Free YouTube Download version 3.0.20.1228 (HKLM-x32\...\Free YouTube Download_is1) (Version: - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.56.301 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.56.301 - DVDVideoSoft Ltd.)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
GO Contact Sync Mod (HKLM-x32\...\{82126A52-6AB6-4D1B-A89C-8F1C7790B55A}) (Version: 3.5.1 - WebGear, Create Software, Stru.be, saller.NET)
Google Calendar Sync (HKLM-x32\...\Google Calendar Sync) (Version: - )
GPBaseService2 (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.09) (Version: 9.09 - Artifex Software Inc.)
GraphCalc v4.0.1 (HKLM-x32\...\GraphCalc v4.0.1_is1) (Version: - )
Greenshot 1.1.5.2643 (HKLM\...\Greenshot_is1) (Version: 1.1.5.2643 - Greenshot)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 6500 E709 Series (HKLM\...\{58D79E62-CFC8-4331-8469-3A1B16E1769C}) (Version: 14.0 - HP)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{014E482A-0C27-47E3-BA82-307E9DCA2F47}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.021 - HTC Corporation)
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.27.00 - Hyperionics Technology LLC)
ImageJ 1.44p (HKLM-x32\...\ImageJ_is1) (Version: - NIH)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Inkscape 0.48.2 (HKLM-x32\...\Inkscape) (Version: 0.48.2 - )
Integrated Camera Driver Installer Package Ver.1.32.500.0 (HKLM-x32\...\{82EB6CEA-749A-410F-8AD2-372A286BA3BE}) (Version: 1.32.500.0 - RICOH)
Intel PROSet Wireless (x32 Version: - ) Hidden
Intel(R) Management Engine Interface (HKLM\...\HECI) (Version: - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 16.1 - Intel)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{25FBDA9A-E868-4B3B-B9FF-D923818511A1}) (Version: 14.2.0000 - Intel Corporation)
Intel® Active-Management-Technologie (HKLM\...\MESOL) (Version: - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
Java(TM) 6 Update 37 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.370 - Oracle)
Java(TM) SE Development Kit 6 Update 17 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160170}) (Version: 1.6.0.170 - Sun Microsystems, Inc.)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.00 - )
Lenovo Fingerprint Software (HKLM\...\{2ED326C9-A4E6-4884-B3F0-9A6CFB0A1141}) (Version: 3.3.2.43 - AuthenTec, Inc.)
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0037 - Lenovo)
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5802.24 - PC-Doctor, Inc.)
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.9.8 - Magical Jelly Bean)
MarketResearch (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Mathcad 15 M010 (HKLM-x32\...\{8FD0167F-A752-467A-86BE-3728D71F68B8}) (Version: 15.0.1.0 - PTC)
Mathcad 8 Professional (HKLM-x32\...\Mathcad 8 Professional) (Version: - )
Mathcad PDSi viewable support (HKLM-x32\...\Mathcad PDSi viewable support) (Version: 9.0.0 - Adobe Systems)
Mathcad PDSi viewable support (x32 Version: 9.0.0 - Adobe Systems) Hidden
Mathcad Prime 1.0 (HKLM-x32\...\{A52BF788-47BD-48E4-975A-AE5F107D559E}) (Version: 1.0 - PTC)
MathType 6 (HKLM-x32\...\DSMT6) (Version: 6.0 - Design Science, Inc.)
MATLAB R2012b (HKLM\...\Matlab R2012b) (Version: 8.0 - The MathWorks, Inc.)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft – Speichern als PDF – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B0-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Math Add-in for Word 2007 (HKLM-x32\...\{47D0C5E6-9FBA-49DB-8F88-BFAA5BA38646}) (Version: 3.5.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0080-0407-0000-0000000FF1CE}) (Version: 14.0.6106.5001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2103261752-1737089908-2043903725-1001\...\OneDriveSetup.exe) (Version: 17.0.4029.0217 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server Management Objects Collection (HKLM\...\{E735E90E-FE0B-4B10-90D5-4AC6D3899BFD}) (Version: 9.00.3042.00 - Microsoft Corporation)
Microsoft SQL Server Management Studio Express (HKLM\...\{CBCDC8C3-8783-4AAC-BB72-31FB8A5E63CB}) (Version: 9.00.3042.00 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 35.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 de)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)
Mozilla Thunderbird 31.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.4.0 (x86 de)) (Version: 31.4.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.1 - F.J. Wechselberger)
Nero 9 Lite (HKLM-x32\...\{34d62ea3-2b56-46fe-b845-4d09ed66c415}) (Version: - Nero AG)
NetBeans IDE 6.8 (HKLM-x32\...\nbi-nb-base-6.8.0.0.0) (Version: 6.8 - NetBeans.org)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{AF88496B-4BBA-4922-97E9-2582D3A28358}) (Version: 7.1.48.0 - Nokia)
Nokia Map Loader (HKLM-x32\...\{45D4F727-43B5-49CD-B474-B9866A8F4FB8}) (Version: 3.0.28 - Nokia)
Nokia Software Updater (HKLM-x32\...\{889D48DA-457F-4C8B-9095-6458F2793B12}) (Version: 3.0.605 - Nokia Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.6.8 - )
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Olympus NDT TomoViewer 2.9R10 (HKLM-x32\...\{F7CAEFDF-CEAE-4BBB-AAEF-0F9F93517A4D}) (Version: 2.9.263 - Olympus NDT)
OpenRA (HKLM-x32\...\OpenRA) (Version: - OpenRA developers)
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Opera Stable 29.0.1795.60 (HKLM-x32\...\Opera 29.0.1795.60) (Version: 29.0.1795.60 - Opera Software ASA)
PC Connectivity Solution (HKLM-x32\...\{55EB7967-5BB1-4EA2-8AFF-B2F9E487E553}) (Version: 11.5.13.0 - Nokia)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
pdfsam (HKLM-x32\...\pdfsam) (Version: 2.1.0 - )
Presenter version 1.27 (HKLM-x32\...\{F5A954ED-07FE-4DFB-8763-F4AD47D79218}_is1) (Version: 1.27 - Ratisbonsoft)
ProductContext (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
PS_AIO_07_B110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
'PTC Places' Namespace Shell Extension (HKLM-x32\...\{A9FAD2D5-1C42-4C5C-B5DD-291DA9863BEA}) (Version: 1.1.16 - PTC)
PuTTY version 0.60 (HKLM-x32\...\PuTTY_is1) (Version: 0.60 - Simon Tatham)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Rescue and Recovery (HKLM-x32\...\{B383F243-0ABC-4E56-AA30-923B8D85076E}) (Version: 4.30.0027.00 - Lenovo Group Limited)
RICOH R5U8xx Media Driver ver.3.64.02 (HKLM-x32\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.64.02 - RICOH)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.5.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.167.000 - Hewlett-Packard) Hidden
Scientific WorkPlace 5.0 (HKLM-x32\...\{DA6B13CF-A177-42DF-B416-A1EFDD8E7693}) (Version: - )
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Sony Ericsson Update Service (HKLM-x32\...\Update Service) (Version: 2.11.12.5 - Sony Ericsson Mobile Communications AB)
Sony PC Companion 2.10.030 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.030 - Sony)
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
Synaptics Gesture Suite featuring SYNAPTICS | Scrybe (HKLM-x32\...\{147DFAD8-34C3-4DE1-9FCA-ACEFDE9EF810}) (Version: 1.6.5.17120 - Synaptics Inc.)
System Migration Assistant (HKLM-x32\...\{8A4DB1CA-8206-4ADC-805C-66ACF1611DA3}) (Version: 6.00.0009 - Lenovo Group Limited.)
The Battle for Middle-earth (tm) (HKLM-x32\...\{3F290582-3F4E-4B96-009C-E0BABAA40C42}) (Version: - )
The Battle for Middle-earth (tm) II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version: - )
The Lord of the Rings, The Rise of the Witch-king (HKLM-x32\...\{B931FB80-537A-4600-00AD-AC5DEDB6C25B}) (Version: - )
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.3100 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.42 - )
ThinkPad Modem Adapter (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.8.50 - Conexant Systems)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.13 - )
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.21 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.11.0.0 - Lenovo)
ThinkVantage Password Manager (HKLM-x32\...\{70EE2BAA-F82A-4B8A-950E-649EFD64D5B9}) (Version: 4.60.4.0 - Lenovo Group Limited)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.79.00.03 - Lenovo)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
USEPA Cape Open Class Library with WAR Add-In (HKLM-x32\...\{174EB4DF-7074-4405-A775-361B205C9BE1}) (Version: 1.4.17 - USEPA)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualDubMOD 1.5.10.3 US (HKLM-x32\...\{B158F76F-76AB-4115-A4F0-4C6EF6956093}_is1) (Version: 1.5.10.3 - Trad-Fr)
VLC media player 1.0.3 (HKLM-x32\...\VLC media player) (Version: 1.0.3 - VideoLAN Team)
VNC Free Edition 4.1.3 (HKLM-x32\...\RealVNC_is1) (Version: 4.1.3 - RealVNC Ltd.)
WebReg (x32 Version: 140.0.213.017 - Hewlett-Packard) Hidden
Windchill ProductPoint Client Manager-2.0_2011.01.10.001 (HKLM-x32\...\{371E8B48-2AF1-491B-8F35-BD60D18CB927}) (Version: 2.0.2310 - PTC)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Acer, Inc (androidusb) USB (12/20/2011 1.0.0010.00000) (HKLM\...\3A22385941281AFEE4CDB6EE09AB8D0BF418CE17) (Version: 12/20/2011 1.0.0010.00000 - Acer, Inc)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430) (HKLM\...\DE7217D2A8B057F15EC6E52329FDAB84231521E8) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407) (HKLM\...\3932CA781A7894D20116FDF60F878301800EA8AB) (Version: 09/11/2009 6.2.0.9407 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Driver Package - Linux Developer Community Net (12/08/2011 5.1.2600.2781) (HKLM\...\AAA1ACCA6262EC232B355F1427BDDE4D745AFBC1) (Version: 12/08/2011 5.1.2600.2781 - Linux Developer Community)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - AuthenTec Inc. (ATSwpWDF) Biometric (07/02/2010 8.6.0.29) (HKLM\...\05FBE63CF9C9B3424152207E7278CD6DA193C56C) (Version: 07/02/2010 8.6.0.29 - AuthenTec Inc.)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinSCP 4.2.7 (HKLM-x32\...\winscp3_is1) (Version: 4.2.7 - Martin Prikryl)
ZTE Handset USB Driver 5.2066.1.7 (HKLM\...\{EBED0919-4BD0-4718-BA7A-5D2B503F9BC6}_is1) (Version: 5.2066.1.7 - ZTE Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2103261752-1737089908-2043903725-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2103261752-1737089908-2043903725-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2103261752-1737089908-2043903725-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2103261752-1737089908-2043903725-1001_Classes\CLSID\{E4A346EA-B80E-47fe-ADAC-EF43A52BF356}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2103261752-1737089908-2043903725-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2103261752-1737089908-2043903725-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2103261752-1737089908-2043903725-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2103261752-1737089908-2043903725-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2103261752-1737089908-2043903725-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2103261752-1737089908-2043903725-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
==================== Restore Points =========================
21-03-2015 00:01:49 Windows Update
29-05-2015 02:06:22 Geplanter Prüfpunkt
29-05-2015 08:41:56 Windows Update
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05718F80-448E-4010-9C23-25849BBF655A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-01] (Adobe Systems Incorporated)
Task: {072AED09-DD63-41EF-AB5E-32F01C0528AD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {07A9F85D-8E51-4ACA-A7A5-D6BC6B2B3CB8} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {11A746E8-3AB4-4BCD-923C-C8B0650E8499} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {16F9E1ED-1AA1-4AC3-B9D4-AFDD075668E4} - System32\Tasks\{39506F0F-CD8D-46BA-9422-C10D88883F52} => D:\Setup.exe
Task: {1B69203F-63D9-43A7-8CFF-FAE74E9311A4} - System32\Tasks\TVT\UpdateRnR => %TVTCOMMON%\Scheduler\tvtsetsched.exe
Task: {2EB36D48-F07C-44F2-871D-692BB444E4E3} - System32\Tasks\{2FE0267F-1FAB-482C-98DE-C1F07701BF33} => C:\Program Files (x86)\VideoLAN\VLC\vlc.exe [2009-10-30] ()
Task: {31AF6D2D-2BDB-4A63-A440-957EBB8B67F1} - System32\Tasks\{99FE7198-08E1-4F54-860E-B44DBD051CD3} => E:\SETUP95\INSTALL.EXE
Task: {37334EF3-47AA-4F1C-B024-741F169A90FF} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2014-03-20] (Lenovo Group Limited)
Task: {386B503B-38DD-456C-B73D-E5050AD8CAEC} - System32\Tasks\{50E4B636-85BC-44FE-A51C-F5A51004987B} => pcalua.exe -a C:\Users\Andreas\Desktop\8-12_vista32_dd_ccc_wdm_enu_72275.exe -d C:\Users\Andreas\Desktop
Task: {40C5A3DC-FF6E-4D51-93F4-065E69C9119D} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {553A62E9-1204-4A7D-98BC-A8219BF29A39} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2015-05-15] ()
Task: {69833B16-9DFA-4FCD-A581-15AF6D229E0C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {7AE66627-B97D-4D0E-8EEC-F58D379F0B1C} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-04-01] (PC-Doctor, Inc.)
Task: {7EA3B71C-7460-4D02-A7C2-33D71838AC58} - System32\Tasks\{CBEEF266-B7E8-4694-99C4-6718FCB5900D} => C:\GAMES\REDALERT\RA95.EXE
Task: {82B0F8A8-3D1D-4707-B07C-2BD564BD7FB5} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2011-04-01] (PC-Doctor, Inc.)
Task: {8794ACF2-3BA9-4197-83FC-2ECDE42F73A9} - System32\Tasks\{B63769F4-D412-4D11-B866-3033C7EE7875} => pcalua.exe -a C:\Users\Andreas\Desktop\MATLAB\MLA1206_common\MLA1206\setup.exe -d C:\Users\Andreas\Desktop\MATLAB\MLA1206_common\MLA1206
Task: {9198042A-1D7E-40B8-81E7-FB3173E383BF} - System32\Tasks\TVT\LaunchRnR => %RR%\rrcmd.exe
Task: {927C67FB-9760-45BC-8FA8-062CD04C684C} - System32\Tasks\{6E14B4E6-07B5-4C21-8DA7-3F7785D42904} => pcalua.exe -a C:\Users\Andreas\Desktop\winsdk_web.exe -d C:\Users\Andreas\Desktop
Task: {96ECBF4F-BBF9-4307-A6E3-9A86D84F4F3A} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-04-01] (PC-Doctor, Inc.)
Task: {99D5640A-2108-491D-8143-4B9EDF4ECA1E} - System32\Tasks\{2DB39F84-50E8-4986-AC48-68825432A62A} => pcalua.exe -a C:\Users\Andreas\Desktop\sl-6530\SL-6530\Setup.EXE -d C:\Users\Andreas\Desktop\sl-6530\SL-6530
Task: {9AADE869-6C63-424A-8EE3-8F657B175E99} - System32\Tasks\{BAE541B2-E271-4E81-B824-F709B6B50037} => E:\SETUP95\INSTALL.EXE
Task: {A4849CDF-25CA-4054-96B6-C9A5EEF190AE} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {AC0DCD99-6363-488F-BA9B-707D361E4138} - System32\Tasks\Opera scheduled Autoupdate 1422026928 => C:\Program Files (x86)\Opera\launcher.exe [2015-05-18] (Opera Software)
Task: {B96546EF-4E1E-4E98-B763-696B5FEA4602} - System32\Tasks\{1E965D09-068E-482B-B218-A9375DD26C1F} => pcalua.exe -a D:\setup.exe -d D:\
Task: {BFDE13BB-CDB7-473F-8025-7D7EFE094EEA} - System32\Tasks\{E83CFB57-C5AD-4E52-804C-A22E7CACAB3C} => pcalua.exe -a D:\Setup.exe -d D:\
Task: {C53E76E8-ABEB-40A5-818E-876CDAEFA5F2} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {CD53BEBF-59FC-48E0-BF57-FAE38109BE8A} - System32\Tasks\MATLAB R2012b Startup Accelerator => C:\Program Files\MATLAB\R2012b\bin\win64\MATLABStartupAccelerator.exe [2012-07-20] ()
Task: {D9B8676D-859A-4189-AEBA-74647678DE89} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-23] (Microsoft Corporation)
Task: {F1432B67-F238-4878-B78B-13B1989BF8B3} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {F5753209-18EC-4BC5-ACD9-BA86C3AE0EA4} - System32\Tasks\TVT\ChangePWD => %RR%\rrcmd.exe
Task: {FACA914E-1A15-412E-9497-A74228094406} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\MATLAB R2012b Startup Accelerator.job => C:\Program Files\MATLAB\R2012b\bin\win64\MATLABStartupAccelerator.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exeq-backgroundmon scripts\backgroundmon.xml
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe
==================== Loaded Modules (Whitelisted) ==============
2010-10-21 04:09 - 2010-10-21 04:09 - 00117760 _____ () C:\Windows\system32\DTS.exe
2011-07-27 21:07 - 2011-07-27 21:07 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-03-01 20:47 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2012-03-23 14:25 - 2012-03-23 14:25 - 00087040 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2010-01-20 02:21 - 2014-03-20 06:05 - 00117760 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2009-11-25 01:36 - 2009-11-25 01:36 - 00125440 _____ () C:\Program Files (x86)\Notepad++\NppShell_01.dll
2011-01-24 13:28 - 2011-01-24 13:28 - 00173344 _____ () C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll
2011-11-09 10:55 - 2011-11-09 10:55 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2012-05-04 23:33 - 2012-05-04 23:33 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-03-26 17:44 - 2013-03-26 17:44 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-03-14 17:47 - 2014-03-14 17:47 - 00092504 _____ () C:\Program Files (x86)\Lenovo\Access Connections\AcWrpc.dll
2009-09-25 16:16 - 2009-09-25 16:16 - 00241664 _____ () C:\Program Files (x86)\Lenovo\Rescue and Recovery\CDRecord.dll
2009-09-25 16:29 - 2009-09-25 16:29 - 00247096 _____ () C:\Program Files (x86)\Common Files\Lenovo\CDRecord.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:A2C6D38F
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2103261752-1737089908-2043903725-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Google Calendar Sync.lnk => C:\Windows\pss\Google Calendar Sync.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scrybe.lnk => C:\Windows\pss\Scrybe.lnk.CommonStartup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: GoogleContactSync => C:\Program Files (x86)\WebGear\GO Contact Sync\GOContactSync.exe
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPDLR => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: NokiaMServer => C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
MSCONFIG\startupreg: NSU_agent => "C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
MSCONFIG\startupreg: PicPick Start => C:\Program Files (x86)\PicPick\picpick.exe /startup
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{CD13AF83-2A16-4451-951C-6944D37ACAE9}C:\program files (x86)\opera\opera.exe] => (Allow) C:\program files (x86)\opera\opera.exe
FirewallRules: [UDP Query User{7EE4F072-E5D4-47E1-842D-3AF29DAC619D}C:\program files (x86)\opera\opera.exe] => (Allow) C:\program files (x86)\opera\opera.exe
FirewallRules: [{59C04CF6-3F73-48F3-AB9F-F9AB74B7C839}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{6E2E3A15-0C57-45B9-A649-E5903531D56A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{5AE5F262-D642-409A-A968-05B9CA375B21}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{508D3E22-457E-4975-B97A-8E9083DC4E42}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{1D93FCEF-751E-47F8-9057-B8CA0D92EC0C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{C425CAA4-C8E0-492E-88E9-0A4E5BB51391}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{D2A34483-34E5-454B-8037-BF73FA013318}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{5287D644-46C3-4E40-848D-42953DD35E17}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{04ED88F0-7C0C-4966-885C-3130ABC80DD7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{A1E9B521-A9A9-4067-ADE3-C8BA6A781E95}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{2BABE91E-9E74-4728-A073-E4ED3AE7DEB2}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{070D0525-278E-43BA-8AD9-37681A50B6AB}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{E4051789-9CFC-461E-AB5E-FE0CC1F8F158}] => (Allow) C:\Program Files (x86)\EA GAMES\The Battle for Middle-earth (tm)\game.dat
FirewallRules: [{BD805E2D-B834-4846-BD0C-AF7A36522D19}] => (Allow) C:\Program Files (x86)\EA GAMES\The Battle for Middle-earth (tm)\game.dat
FirewallRules: [TCP Query User{77FE98A9-7DD5-4AEC-B779-B6F8EAC28F1A}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{92D32FD6-9C0C-4149-8DF8-98794B3AE9BB}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{1C2BC07E-1E3E-4487-A544-AA1D1DA34E3E}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat
FirewallRules: [{F75CA605-472C-44D0-80A2-E5E455E8A5F3}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat
FirewallRules: [TCP Query User{3D5DB7B9-C4AD-4543-80EF-372121DD6897}C:\program files (x86)\electronic arts\the battle for middle-earth (tm) ii\patchget.dat] => (Allow) C:\program files (x86)\electronic arts\the battle for middle-earth (tm) ii\patchget.dat
FirewallRules: [UDP Query User{791525DA-52A6-43BA-9279-FE79514FBB86}C:\program files (x86)\electronic arts\the battle for middle-earth (tm) ii\patchget.dat] => (Allow) C:\program files (x86)\electronic arts\the battle for middle-earth (tm) ii\patchget.dat
FirewallRules: [TCP Query User{2DABC5E3-49D6-4BB2-92C2-5735E98B84A9}C:\users\andreas\spielchen\blobby volley\volley.exe] => (Block) C:\users\andreas\spielchen\blobby volley\volley.exe
FirewallRules: [UDP Query User{4DAD26D6-1612-4108-B34F-7F2ECEECEB55}C:\users\andreas\spielchen\blobby volley\volley.exe] => (Block) C:\users\andreas\spielchen\blobby volley\volley.exe
FirewallRules: [TCP Query User{9F3D79E4-EBA2-4031-A004-8453A965F1AF}C:\program files (x86)\java\jdk1.6.0_17\bin\javaw.exe] => (Block) C:\program files (x86)\java\jdk1.6.0_17\bin\javaw.exe
FirewallRules: [UDP Query User{ED5D03D5-2007-47CD-B3D4-D41A469814C6}C:\program files (x86)\java\jdk1.6.0_17\bin\javaw.exe] => (Block) C:\program files (x86)\java\jdk1.6.0_17\bin\javaw.exe
FirewallRules: [{75234E7A-F5ED-4DF1-B5BF-EEA275201E64}] => (Allow) D:\setup\hpznui40.exe
FirewallRules: [{2A066565-C0F5-4615-8250-D87B38119787}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [TCP Query User{D225E120-2256-4540-BD5E-1FC7E07DB03D}C:\users\andreas\spielchen\dune 2000\dune 2000\dune 2000\dune2000.dat] => (Block) C:\users\andreas\spielchen\dune 2000\dune 2000\dune 2000\dune2000.dat
FirewallRules: [UDP Query User{C234421C-0484-4D14-A6BE-315B65AD081A}C:\users\andreas\spielchen\dune 2000\dune 2000\dune 2000\dune2000.dat] => (Block) C:\users\andreas\spielchen\dune 2000\dune 2000\dune 2000\dune2000.dat
FirewallRules: [TCP Query User{8356792D-A5F9-45EE-856F-7D68BA495587}C:\users\andreas\spielchen\dune 2000\dune 2000\dune 2000\dune2000.dat] => (Block) C:\users\andreas\spielchen\dune 2000\dune 2000\dune 2000\dune2000.dat
FirewallRules: [UDP Query User{B3D895B4-8D6C-49D6-81EA-0AA2DCA706D4}C:\users\andreas\spielchen\dune 2000\dune 2000\dune 2000\dune2000.dat] => (Block) C:\users\andreas\spielchen\dune 2000\dune 2000\dune 2000\dune2000.dat
FirewallRules: [{83D4107C-0FE4-47A2-A9CF-6518FE3645EE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{125F49D8-0CFD-41A9-985D-C35BC475AC2E}] => (Allow) LPort=2869
FirewallRules: [{304C10F8-C016-4EB8-9A13-59982577D4AD}] => (Allow) LPort=1900
FirewallRules: [{B5E96182-9A71-4F08-AB8A-5E95C358A910}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Service\Update Service.exe
FirewallRules: [{7BDBE009-579F-4B29-B6DE-C5EE78A4CF12}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Service\Update Service.exe
FirewallRules: [{C656EA67-E720-483D-919B-3C0945BE5F7F}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{6BBD4A9C-B5A3-44DA-9E3D-D561B974C531}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{BACFFDF0-F72F-47BA-9F01-C127A9C651A4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{2C19A513-5347-40DB-920B-50E2E1D29023}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{461B4D83-BC4F-4BFC-BFBF-10F1A8B81FCF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{DF03B86B-D61A-4545-80FC-4B52BBC889A5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{A6741337-C832-4EDA-A1FE-21BD49B557B3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{105AD552-18CA-4D17-B9B7-AED8EC2B054C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FF71AC5D-FE06-4BE0-9B91-C3EA67420331}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{2AC40E4A-AE14-41E0-A706-D0320EB6BD3D}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{3427CBAA-D3D8-4A3A-951E-A5B22ED2FB97}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\game.dat
FirewallRules: [{3506EF8F-5FD9-49F5-88E1-22713EED8EEA}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\game.dat
FirewallRules: [{A3F53041-E8C3-4BD7-837C-557E76B2B60C}] => (Allow) C:\Users\Andreas\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{874F5915-5456-4A89-8FFF-2D7A82DCD8BC}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{EBBC009B-75F7-4BAE-BC20-F3C1FDFEB72F}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{EEBF623C-714A-4C1D-8387-0E72EEFE6BE5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8A9DD803-0FE3-4902-AB16-C005009497EC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Faulty Device Manager Devices =============
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/01/2015 09:26:06 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (5452) Asapi: (21:26:06:9560)(5452) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.button.text locale: PCDLocale: language = de, customer = lenovo, variant = ltt
Error: (06/01/2015 09:26:06 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (5452) Asapi: (21:26:06:9400)(5452) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.button.text locale: PCDLocale: language = en, customer = lenovo, variant = ltt
Error: (06/01/2015 09:26:06 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (5452) Asapi: (21:26:06:9090)(5452) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.body locale: PCDLocale: language = de, customer = lenovo, variant = ltt
Error: (06/01/2015 09:26:06 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (5452) Asapi: (21:26:06:8470)(5452) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.title locale: PCDLocale: language = de, customer = lenovo, variant = ltt
Error: (06/01/2015 09:24:10 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (5452) Asapi: (21:24:10:7320)(5452) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExtendWarranty.button.text locale: PCDLocale: language = de, customer = lenovo, variant = ltt
Error: (06/01/2015 09:24:10 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (5452) Asapi: (21:24:10:7320)(5452) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExtendWarranty.button.text locale: PCDLocale: language = en, customer = lenovo, variant = ltt
Error: (06/01/2015 09:24:10 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (5452) Asapi: (21:24:10:7310)(5452) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExtendWarranty.body locale: PCDLocale: language = de, customer = lenovo, variant = ltt
Error: (06/01/2015 09:24:10 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (5452) Asapi: (21:24:10:7310)(5452) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExtendWarranty.title locale: PCDLocale: language = de, customer = lenovo, variant = ltt
Error: (06/01/2015 09:24:10 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (5452) Asapi: (21:24:10:7270)(5452) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExpiringWarranty.button.text locale: PCDLocale: language = en, customer = lenovo, variant = ltt
Error: (06/01/2015 09:24:10 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (5452) Asapi: (21:24:10:7270)(5452) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExpiringWarranty.button.text locale: PCDLocale: language = de, customer = lenovo, variant = ltt
System errors:
=============
Error: (06/01/2015 09:05:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet:
%%16405
Error: (06/01/2015 09:03:02 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (06/01/2015 08:55:45 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "Data Transfer Service" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (06/01/2015 08:53:12 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (05/29/2015 09:04:16 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "Data Transfer Service" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (05/29/2015 08:14:22 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (05/29/2015 08:11:10 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "Data Transfer Service" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (05/29/2015 06:36:26 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (05/29/2015 06:33:34 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "Data Transfer Service" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (05/28/2015 11:08:18 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Microsoft Office:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-10-01 19:24:41.998
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\igdpmd64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-01 19:24:41.652
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\igdpmd64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-04-19 10:48:52.466
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Andreas\AppData\Local\Temp\OnlineScanner\Anti-Virus\fsgk.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-04-19 10:48:52.403
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Andreas\AppData\Local\Temp\OnlineScanner\Anti-Virus\fsgk.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU P9500 @ 2.53GHz
Percentage of memory in use: 43%
Total physical RAM: 8088.03 MB
Available physical RAM: 4582.75 MB
Total Pagefile: 16174.25 MB
Available Pagefile: 12393.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:292.33 GB) (Free:38.81 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 1669C708)
Partition 1: (Active) - (Size=292.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=5.8 GB) - (Type=12)
==================== End of log ============================
|
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
WARNUNG an die MITLESER: 
