| torben94 | 21.06.2015 22:28 |
Win 7/8.1 [Spacekace Ordner aufgetaucht]
Hey,
nach einem Download habe ich auf meinem Desktop-PC (Win7) sowie auf meinem Notebook (Win8.1), auf das ich die heruntergeladene Datei übertragen habe, merkwürdige Aktivitäten sowie das Auftauchen des Ordners "Spacekace" mit darin enthaltenem "deliversystem-log" bemerkt.
Mein Desktop-PC versucht sich ständig neu anzumelden und es werden dauerhaft Zeichen in das Kennwortfeld eingetragen.
Auf meinem Notebook wurden plötzlich zahlreiche versteckte Dateien angezeigt.
Hier meine logs: FRST: Code:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-06-2015 01
Ran by ***** (administrator) on TKAWKA-MOBIL on 21-06-2015 22:53:45
Running from C:\Users\*****\Downloads
Loaded Profiles: ***** (Available Profiles: *****)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Softex Inc.) C:\Program Files\Lenovo\Fingerprint Manager Pro\OmniServ.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files (x86)\Sierra Wireless Inc\Lenovo MBIM Toolkit\FirmwareUpdaterService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe
() C:\Program Files (x86)\Sierra Wireless Inc\Lenovo MBIM Toolkit\FirmwareApp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\dfrctl.exe
() C:\Program Files\Lenovo\Fingerprint Manager Pro\opvapp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe
(Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Password Manager\password_manager.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_metro.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe
() C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\McTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\shstat.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Lenovo) C:\Program Files (x86)\Lenovo\QuickConnect NFC Utility\QDTap.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\ProgramData\Avira\My Avira\Temp\avira_antivirus_de-de.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Avira Operations GmbH & Co. KG) C:\Windows\Temp\RarSFX0\presetup.exe
(Avira Operations GmbH & Co. KG) C:\Windows\Temp\RarSFX0\setup.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\*****\Downloads\Defogger.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [255480 2013-06-20] (Lenovo Group Limited)
HKLM\...\Run: [RtsCM] => C:\WINDOWS\RTSCM64.EXE [153816 2013-11-29] (Realtek Semiconductor Corp.)
HKLM\...\Run: [LENOVO.TPKNRRES] => rundll32.exe "C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll",AVStartupStub
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2810608 2014-04-07] (Synaptics Incorporated)
HKLM\...\Run: [PasswordManager] => C:\Program Files\Lenovo\Password Manager\password_manager.exe [1665824 2014-06-23] (Lenovo Group Limited)
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-04-03] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [LnvMobHotspotClient] => C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [937968 2014-08-12] (Lenovo)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe [9566192 2015-03-10] ()
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-12-03] (Intel Corporation)
HKLM-x32\...\Run: [McAfeeUpdaterUI] => C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe [337440 2013-06-25] (McAfee, Inc.)
HKLM-x32\...\Run: [ShStatEXE] => C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE [243560 2014-01-15] (McAfee, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020704 2014-08-05] (Wondershare)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124720 2014-10-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [134624 2014-07-23] (Check Point Software Technologies Ltd.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-119873911-3594701226-9607293-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-119873911-3594701226-9607293-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-119873911-3594701226-9607293-1001\...\Run: [GoogleChromeAutoLaunch_0FB652646B284E0FD5E34EA5286C1868] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-06-05] (Google Inc.)
HKU\S-1-5-21-119873911-3594701226-9607293-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-08-17]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ThinkPad OneLink Dock Management.lnk [2014-07-09]
ShortcutTarget: ThinkPad OneLink Dock Management.lnk -> C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe ()
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2014-11-03]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-119873911-3594701226-9607293-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-119873911-3594701226-9607293-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com/?pc=LNJB
HKU\S-1-5-21-119873911-3594701226-9607293-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-119873911-3594701226-9607293-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-119873911-3594701226-9607293-1001 -> {1ABEE4EF-4253-422F-BAC7-302CCD62DC03} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20140805103721.dll [2014-08-05] (McAfee, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20140805103721.dll [2014-08-05] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\r8x88jif.default
FF DefaultSearchEngine: Search By ZoneAlarm
FF SearchEngineOrder.1: Search By ZoneAlarm
FF SelectedSearchEngine: Search By ZoneAlarm
FF Homepage: hxxp://search.zonealarm.com/?src=hp&tbid=HFA5&Lan=DE&gu=b8e504a6d0054d37bc530fa0f80a7c10&tu=10G9z00KR1D30q0&sku=&tstsId=&ver=&
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_160.dll [2015-06-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_160.dll [2015-06-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-08-05] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2014-02-14] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\r8x88jif.default\user.js [2015-06-21]
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\r8x88jif.default\searchplugins\zonealarm.xml [2015-06-21]
FF Extension: Avira Browser Safety - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\r8x88jif.default\Extensions\abs@avira.com [2015-05-28]
FF Extension: zonealarm.com - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\r8x88jif.default\Extensions\ffxtlbr@zonealarm.com [2015-06-21]
FF Extension: ProxTube - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\r8x88jif.default\Extensions\ich@maltegoetz.de.xpi [2014-10-01]
FF Extension: Adblock Plus - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\r8x88jif.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-16]
FF Extension: UITBAutoInstaller - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2015-06-18]
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: McAfee ScriptScan for Firefox - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2014-08-05]
FF HKU\S-1-5-21-119873911-3594701226-9607293-1001\...\Firefox\Extensions: [{F74D5734-46F5-4B16-96F0-1E7FBF41B750}] - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12
FF Extension: ThinkVantage Password Manager - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12 [2014-08-05]
FF HKU\S-1-5-21-119873911-3594701226-9607293-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF HKU\S-1-5-21-119873911-3594701226-9607293-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\r8x88jif.default\extensions\cliqz@cliqz.com
Chrome:
=======
CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-21]
CHR Extension: (Google Docs) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-21]
CHR Extension: (Google Drive) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-21]
CHR Extension: (YouTube) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-21]
CHR Extension: (No Name) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-09]
CHR Extension: (Google Search) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-21]
CHR Extension: (Google Sheets) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-21]
CHR Extension: (No Name) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-09]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-16]
CHR Extension: (ThinkVantage Password Manager) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpdfbkehegfmedglgemnhbnpmfmioggj [2015-01-21]
CHR Extension: (Twitch Now) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2015-05-09]
CHR Extension: (Google Wallet) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-21]
CHR Extension: (Gmail) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-21]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lpdfbkehegfmedglgemnhbnpmfmioggj] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827184 2015-06-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [450808 2015-06-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-09] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1188360 2015-06-09] (Avira Operations GmbH & Co. KG)
S3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [599024 2014-07-22] (Lenovo Corporation)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [162096 2014-10-09] (Avira Operations GmbH & Co. KG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
R2 FirmwareUpdaterService; C:\Program Files (x86)\Sierra Wireless Inc\Lenovo MBIM Toolkit\FirmwareUpdaterService.exe [22016 2014-01-09] () [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-07-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-04-03] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-03] (Intel Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe [720760 2015-03-10] ()
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2014704 2014-08-29] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584632 2015-03-06] (LENOVO INCORPORATED.)
S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [724976 2014-07-22] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [115184 2014-07-08] (Lenovo Group Limited)
R2 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [22576 2014-02-21] (Lenovo)
S3 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [474608 2014-08-12] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [470000 2014-06-10] ()
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1663880 2014-05-06] ()
R2 McAfeeFramework; C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [130080 2013-06-25] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [242448 2014-08-05] (McAfee, Inc.)
R2 McTaskManager; C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe [208416 2014-01-15] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [185280 2014-08-05] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-29] ()
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2014-02-14] (Nitro PDF Software)
R2 omniserv; C:\Program Files\Lenovo\Fingerprint Manager Pro\OmniServ.exe [94208 2014-06-25] (Softex Inc.) [File not signed]
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [36352 2010-11-08] () [File not signed]
S2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [61936 2014-06-11] (Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [327152 2014-06-11] (Lenovo Group Limited)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-06-18] ()
R2 valWBFPolicyService; C:\Windows\System32\valWBFPolicyService.exe [47504 2014-06-13] (Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [33280 2014-06-13] (Synaptics Incorporated) [File not signed]
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3596240 2014-07-23] (Check Point Software Technologies Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [93712 2014-07-03] (Check Point Software Technologies, Ltd.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-29] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-06-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132656 2015-06-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-07-23] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-04] (Avira Operations GmbH & Co. KG)
R3 BcmNfcIc; C:\Windows\System32\drivers\BcmNfcIc.sys [77528 2014-07-09] (Broadcom Corporation.)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions, Inc.)
R3 CM3218x; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 CPLMACPI; C:\Windows\system32\DRIVERS\CPLMACPI.sys [19592 2013-09-07] (Capella Microsystems, Inc.)
S3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [457496 2014-03-05] (Intel Corporation)
S3 FlashUSB; C:\Windows\System32\drivers\FlashUSB.sys [19968 2014-01-09] (Intel Mobile Communications)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [210888 2014-07-09] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-13] ()
R3 INETMON; C:\WINDOWS\System32\Drivers\INETMON.sys [25800 2014-04-03] ()
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [77992 2013-10-04] (Intel Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-02-03] ()
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2014-06-10] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2014-06-10] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2014-06-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [490080 2014-06-10] (Kaspersky Lab ZAO)
R3 LnvHIDHW; C:\Windows\System32\drivers\LnvHIDHW.sys [29496 2014-04-07] (Lenovo)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100824 2013-12-03] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-08-05] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-08-05] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69344 2014-08-05] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782968 2014-08-05] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [107032 2014-08-05] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344176 2014-08-05] (McAfee, Inc.)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3446240 2014-06-18] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R1 OMNISMI; C:\WINDOWS\SysWOW64\drivers\omnismi.sys [14776 2014-01-16] ()
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9100504 2013-11-29] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-04-07] (Synaptics Incorporated)
R1 SMIDriver; C:\Windows\System32\drivers\smi.sys [19760 2014-06-13] (Windows (R) Win 7 DDK provider)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-01-22] (BitDefender S.R.L.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [File not signed]
R1 Vsdatant; C:\Windows\System32\drivers\vsdatant.sys [450456 2014-07-23] (Check Point Software Technologies Ltd.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 wmbclass; C:\Windows\System32\drivers\wmbclass.sys [268288 2013-11-01] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-21 22:53 - 2015-06-21 22:54 - 00031511 _____ C:\Users\*****\Downloads\FRST.txt
2015-06-21 22:53 - 2015-06-21 22:53 - 00000000 ____D C:\FRST
2015-06-21 22:53 - 2015-06-21 22:53 - 00000000 _____ C:\Users\*****\defogger_reenable
2015-06-21 22:52 - 2015-06-21 22:53 - 00000486 _____ C:\Users\*****\Downloads\defogger_disable.log
2015-06-21 22:52 - 2015-06-21 22:52 - 00000258 _____ C:\Users\*****\Downloads\defogger_enable.log
2015-06-21 22:51 - 2015-06-21 22:51 - 02109952 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2015-06-21 22:51 - 2015-06-21 22:51 - 00050477 _____ C:\Users\*****\Downloads\Defogger.exe
2015-06-21 19:17 - 2015-06-21 19:18 - 00431395 _____ C:\WINDOWS\system32\Drivers\vsconfig.xml
2015-06-21 19:17 - 2015-06-21 19:17 - 00000778 _____ C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2015-06-21 19:17 - 2015-06-21 19:17 - 00000000 ____D C:\Users\*****\AppData\Roaming\Check Point Software Technologies LTD
2015-06-21 19:17 - 2015-06-21 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2015-06-21 19:17 - 2015-06-21 19:17 - 00000000 ____D C:\Program Files (x86)\CheckPoint
2015-06-21 19:17 - 2015-06-21 19:17 - 00000000 ____D C:\Program Files (x86)\Check Point Software Technologies LTD
2015-06-21 19:17 - 2014-06-10 15:44 - 07717984 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kl1.sys
2015-06-21 19:17 - 2014-06-10 15:44 - 00490080 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klif.sys
2015-06-21 19:17 - 2014-06-10 15:44 - 00092768 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klflt.sys
2015-06-21 19:10 - 2015-06-21 19:10 - 00173032 _____ C:\WINDOWS\PFRO.log
2015-06-21 19:04 - 2015-06-21 19:09 - 00000000 ____D C:\AdwCleaner
2015-06-21 19:04 - 2015-06-21 19:04 - 02231296 _____ C:\Users\*****\Downloads\AdwCleaner_4.206.exe
2015-06-21 19:03 - 2015-06-21 19:10 - 00002356 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-06-21 19:02 - 2015-06-21 19:03 - 226228264 _____ (Check Point Software Technologies Ltd.) C:\Users\*****\Downloads\zaSetup_133_052_000.exe
2015-06-21 18:59 - 2015-06-21 18:59 - 02071768 _____ C:\Users\*****\Downloads\AdAware116WebInstaller.exe
2015-06-21 18:58 - 2015-06-21 18:58 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\*****\Downloads\tdsskiller.exe
2015-06-21 18:34 - 2015-06-21 19:20 - 00000961 _____ C:\WINDOWS\setupact.log
2015-06-21 18:34 - 2015-06-21 18:34 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-06-21 18:33 - 2015-06-21 18:33 - 00000000 ____D C:\Users\*****\AppData\Roaming\LavasoftStatistics
2015-06-21 18:32 - 2015-06-21 19:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-06-21 18:31 - 2015-06-21 18:31 - 00000000 ____D C:\Program Files\Lavasoft
2015-06-21 18:30 - 2015-06-21 18:32 - 00000000 ____D C:\Users\*****\AppData\Roaming\Lavasoft
2015-06-21 18:30 - 2015-06-21 18:30 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2015-06-21 18:29 - 2015-06-21 18:32 - 00000000 ____D C:\ProgramData\Lavasoft
2015-06-20 18:49 - 2015-06-20 18:49 - 00000000 ____D C:\Users\*****\Desktop\DV
2015-06-16 00:49 - 2015-06-16 00:49 - 00000000 ____D C:\Users\*****\AppData\Roaming\LolClient
2015-06-15 22:42 - 2015-06-15 22:42 - 00000000 ____D C:\ProgramData\Riot Games
2015-06-15 22:41 - 2015-06-15 22:41 - 00000000 ____D C:\Riot Games
2015-06-15 22:40 - 2015-06-15 22:41 - 00000000 ____D C:\Users\*****\AppData\Roaming\Riot Games
2015-06-10 11:57 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-10 11:57 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-10 11:57 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-10 11:57 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-10 11:57 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-10 11:57 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-10 11:57 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-10 11:57 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-10 11:57 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-10 11:57 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-10 11:57 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-10 11:57 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-10 11:57 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-10 11:57 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-10 11:57 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-10 11:57 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-10 11:57 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-10 11:57 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-10 11:57 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-10 11:57 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-10 11:57 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-10 11:57 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-10 11:57 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-10 11:57 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-10 11:57 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-10 11:57 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-10 11:57 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-10 11:57 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-10 11:57 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-10 11:57 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-10 11:57 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-10 11:57 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-10 11:57 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-10 11:57 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-10 11:57 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-10 11:57 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-10 11:57 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-10 11:57 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-10 11:57 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-10 11:57 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-10 11:57 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-10 11:57 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-10 11:57 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-09 19:10 - 2015-06-09 19:13 - 00042815 _____ C:\Users\*****\Desktop\DV_Ü19.xlsx
2015-06-03 14:30 - 2015-06-21 18:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-01 23:07 - 2015-06-01 23:07 - 00000000 ____D C:\Users\*****\AppData\Local\GWX
2015-06-01 20:17 - 2015-06-02 12:19 - 01422662 _____ C:\Users\*****\Desktop\TE.pptx
2015-05-31 11:02 - 2015-05-31 11:02 - 00046080 _____ C:\Users\*****\Downloads\PO_2009__Pr_BEng__KIA__Aushang__SS_2015_(1).xls
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-21 22:53 - 2014-08-05 09:32 - 00000000 ____D C:\Users\*****
2015-06-21 22:50 - 2015-01-21 23:34 - 00001144 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-21 22:50 - 2014-07-09 23:25 - 01506557 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-21 22:42 - 2014-09-10 17:33 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-06-21 22:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-21 19:50 - 2015-01-21 23:34 - 00001140 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-21 19:38 - 2014-08-05 09:37 - 00003592 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-119873911-3594701226-9607293-1001
2015-06-21 19:21 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-21 19:17 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-06-21 19:16 - 2014-07-10 09:21 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2015-06-21 19:16 - 2014-07-10 09:21 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2015-06-21 19:16 - 2013-10-07 20:27 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-21 19:11 - 2015-05-17 12:48 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-21 19:10 - 2014-07-09 23:52 - 00000000 ____D C:\ProgramData\Validity
2015-06-21 19:10 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-21 19:09 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-06-21 19:08 - 2014-08-06 00:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-06-21 18:59 - 2013-08-22 17:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-21 18:55 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Portable Devices
2015-06-21 18:55 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\servicing
2015-06-21 18:54 - 2015-04-24 21:43 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-21 18:54 - 2015-04-08 22:37 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-06-21 18:54 - 2015-04-08 22:37 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-06-21 18:54 - 2015-03-14 17:27 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-21 18:54 - 2014-08-05 12:27 - 00000000 ___RD C:\WINDOWS\BrowserChoice
2015-06-21 18:54 - 2014-07-10 09:21 - 00000000 ____D C:\WINDOWS\SysWOW64\de
2015-06-21 18:54 - 2014-07-10 09:21 - 00000000 ____D C:\WINDOWS\system32\de
2015-06-21 18:54 - 2013-10-07 20:06 - 00000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2015-06-21 18:54 - 2013-08-22 21:12 - 00000000 ____D C:\WINDOWS\ShellNew
2015-06-21 18:54 - 2013-08-22 21:12 - 00000000 ____D C:\Program Files\Windows Journal
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 __RSD C:\WINDOWS\Media
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 __RHD C:\Users\Public\Libraries
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ___SD C:\WINDOWS\system32\dsc
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\WinStore
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HK
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\uk-UA
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\th-TH
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Latn-RS
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Latn-CS
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\sppui
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\sl-SI
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\sk-SK
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\ro-RO
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Recovery
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\ras
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MSDRM
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\hr-HR
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\he-IL
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\bg-BG
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\ar-SA
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\zh-HK
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\uk-UA
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\th-TH
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-RS
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sppui
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sl-SI
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sk-SK
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\setup
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\ro-RO
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\ras
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\MSDRM
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\migwiz
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\icsxml
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\ias
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\hr-HR
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\he-IL
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\et-EE
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\en-GB
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\Com
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\Bthprops
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\bg-BG
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\ar-SA
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system\Speech
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\IME
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\FileManager
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Cursors
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Camera
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\addins
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\System
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\Services
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2015-06-21 18:54 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-06-21 18:54 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-06-21 18:54 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\SysWOW64\downlevel
2015-06-21 18:54 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-06-21 18:54 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2015-06-21 18:54 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-06-21 18:54 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-06-21 18:54 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\downlevel
2015-06-21 18:54 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-06-21 18:54 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2015-06-21 18:52 - 2014-07-09 23:51 - 00000000 ____D C:\WINDOWS\System32\Tasks\TVT
2015-06-21 18:52 - 2014-07-09 23:50 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2015-06-21 18:52 - 2014-07-09 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-06-21 18:52 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-06-21 18:52 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\restore
2015-06-21 18:51 - 2015-05-17 12:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-06-21 18:51 - 2015-05-05 10:31 - 00000000 ____D C:\Program Files\CCleaner
2015-06-21 18:51 - 2015-05-04 18:32 - 00000000 ____D C:\Program Files\Bonjour
2015-06-21 18:51 - 2015-05-04 18:32 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-06-21 18:51 - 2015-04-01 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-06-21 18:51 - 2015-04-01 21:21 - 00000000 ____D C:\Program Files (x86)\Free Codec Pack
2015-06-21 18:51 - 2015-04-01 21:21 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2015-06-21 18:51 - 2015-04-01 21:20 - 00000000 ____D C:\Users\*****\AppData\Roaming\DVDVideoSoft
2015-06-21 18:51 - 2015-01-21 23:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-21 18:51 - 2015-01-19 19:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2015-06-21 18:51 - 2015-01-05 11:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blobby Volley 2 Version 1.0
2015-06-21 18:51 - 2015-01-05 11:24 - 00000000 ____D C:\Program Files (x86)\Blobby Volley 2 Version 1.0
2015-06-21 18:51 - 2014-12-16 13:45 - 00000000 ____D C:\Users\*****\AppData\Roaming\Cliqz
2015-06-21 18:51 - 2014-12-10 11:07 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-06-21 18:51 - 2014-12-10 11:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-06-21 18:51 - 2014-11-24 13:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blobby Volley 2.0 Version 0.9b
2015-06-21 18:51 - 2014-11-24 13:11 - 00000000 ____D C:\Program Files (x86)\Blobby Volley 2.0 Version 0.9b
2015-06-21 18:51 - 2014-11-13 00:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-06-21 18:51 - 2014-11-13 00:06 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-06-21 18:51 - 2014-11-13 00:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-06-21 18:51 - 2014-10-29 11:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-06-21 18:51 - 2014-10-29 11:01 - 00000000 ____D C:\Users\*****\Desktop\Spiele
2015-06-21 18:51 - 2014-10-21 18:00 - 00000000 ____D C:\Users\*****\AppData\Roaming\Teeworlds
2015-06-21 18:51 - 2014-10-21 17:58 - 00000000 ____D C:\Users\*****\Documents\teeworlds-0.6.2-win32
2015-06-21 18:51 - 2014-10-08 10:22 - 00000000 ____D C:\Users\*****\AppData\Local\Microsoft Help
2015-06-21 18:51 - 2014-09-30 09:53 - 00000000 ____D C:\Users\*****\AppData\Roaming\.minecraft
2015-06-21 18:51 - 2014-09-19 12:27 - 00000000 ____D C:\Users\*****\Documents\MAGIX Speed
2015-06-21 18:51 - 2014-09-18 19:28 - 00000000 ____D C:\Users\*****\AppData\Roaming\vlc
2015-06-21 18:51 - 2014-09-16 13:15 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-06-21 18:51 - 2014-09-16 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-06-21 18:51 - 2014-09-16 13:15 - 00000000 ____D C:\Program Files\WinRAR
2015-06-21 18:51 - 2014-08-20 15:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2015-06-21 18:51 - 2014-08-20 15:48 - 00000000 ____D C:\Program Files (x86)\OpenVPN
2015-06-21 18:51 - 2014-08-19 19:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-06-21 18:51 - 2014-08-19 19:36 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-06-21 18:51 - 2014-08-17 00:47 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-06-21 18:51 - 2014-08-06 19:35 - 00000000 ___RD C:\Users\*****\Documents\Uni
2015-06-21 18:51 - 2014-08-06 00:37 - 00000000 ___RD C:\Users\*****\Documents\DESKTOPicons
2015-06-21 18:51 - 2014-08-05 10:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-06-21 18:51 - 2014-08-05 10:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2015-06-21 18:51 - 2014-08-05 10:27 - 00000000 ____D C:\Program Files\Dolby Digital Plus
2015-06-21 18:51 - 2014-08-05 09:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-06-21 18:51 - 2014-08-05 09:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-21 18:51 - 2014-08-05 09:32 - 00000000 ___RD C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-21 18:51 - 2014-08-05 09:32 - 00000000 ___RD C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-21 18:51 - 2014-08-05 09:32 - 00000000 ___RD C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-06-21 18:51 - 2014-08-05 09:32 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-21 18:51 - 2014-08-05 09:32 - 00000000 ____D C:\Users\*****\AppData\Local\VirtualStore
2015-06-21 18:51 - 2014-07-09 23:55 - 00000000 ____D C:\Program Files (x86)\SymSilent
2015-06-21 18:51 - 2014-07-09 23:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gesture Control
2015-06-21 18:51 - 2014-07-09 23:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2015-06-21 18:51 - 2014-07-09 23:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-06-21 18:51 - 2014-07-09 23:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2015-06-21 18:51 - 2014-07-09 23:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-06-21 18:51 - 2014-07-09 23:41 - 00000000 ____D C:\Program Files (x86)\Lenovo
2015-06-21 18:51 - 2014-07-09 17:03 - 00000000 ____D C:\ProgramData\Lenovo
2015-06-21 18:51 - 2013-08-22 17:36 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-06-21 18:51 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Help
2015-06-21 18:48 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\registration
2015-06-21 18:43 - 2014-08-05 09:32 - 00000000 ____D C:\Users\*****\AppData\Local\Packages
2015-06-21 18:42 - 2014-08-27 12:34 - 00000000 __RHD C:\MSOCache
2015-06-21 18:32 - 2014-09-21 16:39 - 00222208 ___SH C:\Users\*****\Desktop\Thumbs.db
2015-06-20 19:39 - 2014-10-13 12:04 - 00000000 ____D C:\QUARANTINE
2015-06-20 19:39 - 2014-10-13 12:03 - 63318156 _____ C:\Users\*****\Downloads\N.zip
2015-06-17 18:55 - 2014-08-05 11:33 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-15 20:55 - 2014-08-05 09:38 - 00003974 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9330D229-60EB-4A48-B196-BA3C12FBCF18}
2015-06-13 23:38 - 2014-07-09 23:42 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-12 16:07 - 2014-08-19 19:53 - 00000000 ____D C:\Users\*****\AppData\Local\Adobe
2015-06-12 15:09 - 2014-09-10 17:33 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-06-10 13:48 - 2013-08-22 16:44 - 00485232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-10 12:51 - 2015-01-21 23:35 - 00002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-09 09:59 - 2014-08-06 00:29 - 00153256 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-06-09 09:59 - 2014-08-06 00:29 - 00132656 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-06-08 13:31 - 2014-10-13 12:06 - 00000000 ____D C:\Users\*****\AppData\Roaming\Nidhogg
2015-06-03 18:18 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-03 18:18 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-02 00:31 - 2015-01-19 19:03 - 00000000 ____D C:\Users\*****\Documents\Bilder
2015-05-25 17:52 - 2014-08-05 09:48 - 00003118 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-119873911-3594701226-9607293-1001
2015-05-25 17:52 - 2014-08-05 09:48 - 00000000 ___RD C:\Users\*****\OneDrive
==================== Files in the root of some directories =======
2014-08-05 09:32 - 2014-08-05 09:32 - 0000193 _____ () C:\Users\*****\AppData\Local\RegisteredPackageInformation.xml
2014-07-09 23:42 - 2014-07-09 23:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\*****\AppData\Local\Temp\avgnt.exe
C:\Users\*****\AppData\Local\Temp\oct50D8.tmp.exe
C:\Users\*****\AppData\Local\Temp\Quarantine.exe
C:\Users\*****\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-21 19:38
==================== End of log ============================
Addition: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-06-2015 01
Ran by ***** at 2015-06-21 22:54:33
Running from C:\Users\*****\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-119873911-3594701226-9607293-500 - Administrator - Disabled)
Gast (S-1-5-21-119873911-3594701226-9607293-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-119873911-3594701226-9607293-1003 - Limited - Enabled)
***** (S-1-5-21-119873911-3594701226-9607293-1001 - Administrator - Enabled) => C:\Users\*****
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: McAfee VirusScan Enterprise (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ZoneAlarm Antivirus (Disabled - Up to date) {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9}
AS: ZoneAlarm Anti-Spyware (Disabled - Up to date) {98D733EE-E4E4-BC7B-FCCD-3C9EA3D3AC14}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: McAfee VirusScan Enterprise Antispyware Module (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Ad-Aware Antivirus (HKLM\...\{FF054A8C-C0A4-4C78-8910-E2A459BEFF05}_AdAwareUpdater) (Version: 11.6.306.7947 - Lavasoft)
AdAwareInstaller (Version: 11.6.306.7947 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.6.306.7947 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.172 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.160 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
AntimalwareEngine (Version: 3.0.98.0 - Lavasoft) Hidden
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.41.00 - )
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Avira (HKLM-x32\...\{9bd9b85e-7792-483b-a318-cc51ff0877ed}) (Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.574 - Avira Operations GmbH & Co. KG)
Blobby Volley 2 Version 1.0 (HKLM-x32\...\Blobby Volley 2 Version 1.0_is1) (Version: - )
Blobby Volley 2.0 Version 0.9b (HKLM-x32\...\Blobby Volley 2.0 Version 0.9b_is1) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Capella Micro CM3218x SPB Driver (HKLM-x32\...\CM3218x) (Version: 1.1.1.0 - Capella Microsystems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.31 - Cliqz.com)
Dependency Package Update (Version: 1.6.26.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.36.00 - Lenovo Inc.) Hidden
Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7/8 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Dungeon Siege III Demo (HKLM-x32\...\Steam App 39230) (Version: - Obsidian Entertainment)
Free YouTube to MP3 Converter version 3.12.57.324 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.57.324 - DVDVideoSoft Ltd.)
Gesture Control (HKLM-x32\...\{22794117-534A-4E06-B96C-17C5DA240287}) (Version: 4.0.116.4 - Lenovo)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Inst5676 (Version: 8.01.18 - Softex Inc.) Hidden
Integrated Camera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10252 - Realtek Semiconductor Corp.)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1015 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 19.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{7228EFBA-512B-4EB3-B8A7-E2C331475DF4}) (Version: 5.0.10.2808 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{3A7490F5-AB3B-4667-808F-FFABFC62DF2C}) (Version: 17.0.1428.01 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.12 - )
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.36.00 - Lenovo Group Limited)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.19.0 - Lenovo)
Lenovo Fingerprint Manager Pro (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.18(x64) - Lenovo)
Lenovo Fingerprint Manager Pro (Version: 8.01.18(x64) - Lenovo) Hidden
Lenovo HID HW Radio Driver 1.0.0.58 (HKLM\...\{E5325F32-D15A-4131-B029-4A5B7609E532}_is1) (Version: 1.0.0.58 - Lenovo)
Lenovo MBIM Toolkit (HKLM-x32\...\{84ABD6F5-0309-4750-9062-1E8E4D05FD0F}) (Version: 1.0.10420.4043 - Sierra Wireless)
Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Peer Connect SDK (HKLM\...\{75C87855-9CBB-4892-B1A9-74C73A19CACA}_is1) (Version: 1.0.0.7 - Lenovo)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo QuickConnect NFC Utility (HKLM-x32\...\{7C8A2D9F-10CF-4071-BFE4-6B0843A6302E}_is1) (Version: 2.0.0.54 - Lenovo Group Limited)
Lenovo QuickControl (HKLM-x32\...\{4855C42F-5197-4AAD-A50D-5066D2CC4647}) (Version: 2.20 - Lenovo Group Limited)
Lenovo Settings - Camera Audio (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 4.3.4.0 - Lenovo Corporation)
Lenovo Settings - Location Awareness (HKLM-x32\...\{C79D4402-E622-4922-9C02-89F9080BF081}_is1) (Version: 1.3.0.13 - Lenovo Group Limited)
Lenovo Settings Dependency Package (HKLM\...\{3694BA2E-BE31-4B7E-886B-A0B559E69D4D}_is1) (Version: 2.3.1.32 - Lenovo Group Limited)
Lenovo Settings Mobile Hotspot (HKLM\...\{42603F7D-B08D-436B-B0D8-3E2DEF1AFD41}_is1) (Version: 2.3.0.85 - Lenovo)
Lenovo Settings Service (HKLM\...\{8C6F1EBA-17F1-4481-B688-9777E63E985F}_is1) (Version: 2.3.2.9 - Lenovo Group Limited)
Lenovo Settings UMDF driver (HKLM\...\{2BDC7413-65EA-4B99-8C4B-02F11075BE6D}_is1) (Version: 1.2.0.3 - Lenovo Group Limited)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.4.0 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{2F45A217-E9C7-4984-B0AC-5BE31FF4712B}) (Version: 2.4.003.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0016 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0012.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
McAfee Agent (HKLM-x32\...\{1FDB8EC6-BAF1-42F9-8E09-4D9AB369F1B5}) (Version: 4.8.0.887 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
McAfee VirusScan Enterprise (HKLM-x32\...\{CE15D1B6-19B6-4D4D-8F43-CF5D2C3356FF}) (Version: 8.8.04001 - McAfee, Inc.)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office Home and Business 2013 - de-de (HKLM\...\HomeBusinessRetail - de-de) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-119873911-3594701226-9607293-1001\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
Nitro Pro 9 (HKLM\...\{237990BC-415C-4CE8-B279-37892516D9F2}) (Version: 9.0.6.20 - Nitro)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
OpenVPN 2.1.4 (HKLM-x32\...\OpenVPN) (Version: 2.1.4 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7188 - Realtek Semiconductor Corp.)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics WBF DDK 5011 (HKLM\...\{491728AE-BFF0-44F2-A9F1-9AE218E36E2D}) (Version: 4.5.263.0 - Synaptics)
Synaptics WBF DDK 5011 (HKLM\...\{4D70781C-36A9-4335-9568-565C6F61B5EB}) (Version: 4.5.263.0 - )
ThinkPad OneLink Dock (HKLM-x32\...\{8E1CACF5-2493-4950-9AD5-189903FE57E7}) (Version: 1.08.24 - Lenovo)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.7.40 - Synaptics Incorporated)
Thinkpad USB 3.0 Ethernet Adapter Driver (HKLM-x32\...\{D8102684-7BA1-4948-88B9-535F84E6E588}) (Version: 8.8.911.2013 - Lenovo)
ThinkVantage Password Manager (HKLM-x32\...\{70EE2BAA-F82A-4B8A-950E-649EFD64D5B9}) (Version: 4.60.4.0 - Lenovo Group Limited)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows-Treiberpaket - Intel (e1dexpress) Net (07/02/2013 12.9.16.0) (HKLM\...\023677FE062B918F6118988706661111844C0205) (Version: 07/02/2013 12.9.16.0 - Intel)
Windows-Treiberpaket - Intel Corporation (iaStorA) HDC (11/15/2013 12.8.10.1005) (HKLM\...\D25E6F494D3225DFE05884186452E2C79AF2E506) (Version: 11/15/2013 12.8.10.1005 - Intel Corporation)
Windows-Treiberpaket - Lenovo 1.67.04.05 (12/17/2013 1.67.04.05) (HKLM\...\68ECF461D6E85BB67AFC110D2FEBF1955C9F26B5) (Version: 12/17/2013 1.67.04.05 - Lenovo)
Windows-Treiberpaket - Synaptics (SmbDrv) System (02/25/2014 18.0.7.34) (HKLM\...\BBCACF7AB7B74509B9506D886F8848A6F9948752) (Version: 02/25/2014 18.0.7.34 - Synaptics)
Windows-Treiberpaket - Synaptics (SynTP) Mouse (02/25/2014 18.0.7.34) (HKLM\...\8204BE335A7EB81A42BA39FE41BDB3301B14C2E5) (Version: 02/25/2014 18.0.7.34 - Synaptics)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
ZoneAlarm Antivirus (x32 Version: 13.3.052.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (x32 Version: 13.3.052.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Antivirus + Firewall (HKLM-x32\...\ZoneAlarm Free Antivirus + Firewall) (Version: 13.3.052.000 - Check Point)
ZoneAlarm Security (x32 Version: 13.3.052.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security Toolbar (HKLM-x32\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
ZoneAlarm Security Toolbar (HKU\S-1-5-21-119873911-3594701226-9607293-1001\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-119873911-3594701226-9607293-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-119873911-3594701226-9607293-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\*****\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
29-05-2015 20:10:28 Geplanter Prüfpunkt
08-06-2015 20:54:01 Geplanter Prüfpunkt
15-06-2015 21:33:17 DirectX wurde installiert
21-06-2015 18:29:40 AA11
21-06-2015 18:41:43 Wiederherstellungsvorgang
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {249D4CE3-C2AA-4C5D-AC0F-3BAF2043010A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-05-06] (Lenovo)
Task: {25E817FB-B30B-451E-9253-EF18425674C5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {29C89789-7E5E-4AD8-8B50-B958B21B4DAF} - System32\Tasks\Lenovo\Gesture Control => C:\Program Files (x86)\eyeSight\Gesture Control\GestureControl.exe [2013-11-22] (Lenovo)
Task: {2DF37478-AA7D-4C33-BAA5-78F984B49796} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {33E341BD-FEBD-470B-9CC6-CC540F37371B} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {350666B3-AB84-4380-A8FF-959DA1F81476} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-119873911-3594701226-9607293-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {352A27FA-479A-4DC5-BACA-190FC759F081} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-05-06] (Lenovo)
Task: {3BF38B50-BFE3-4377-97D6-459ADDC0E5A4} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {3D3B4048-459D-44E1-A79C-59FD4E2524B2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {3DAE4D7C-5A10-46E3-91CD-906CDC5E58B5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-14] (Microsoft Corporation)
Task: {3FDF1F03-4694-43A6-A844-23FDD1DAE73B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {4C7C87F0-C469-414C-8F0B-58BC62D47029} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {4D6143C1-2B95-4DEE-B75D-4C35D797C473} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Time-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {50234D29-320A-49F9-93DD-A94C0108CFE2} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-05-06] ()
Task: {5215A0E5-8F9D-4DF5-84E2-3F997E3908D3} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2014-06-18] ()
Task: {5B8FA388-C947-4FE6-8205-D72599E3A362} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {633C53DE-EB13-480C-BD7F-7656CF1D3E41} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-21] (Google Inc.)
Task: {6654E816-328C-4251-886F-B271ED6B4A3B} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-05-06] ()
Task: {86D93B66-C194-417C-9BD8-EFCA56E9B26E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-21] (Google Inc.)
Task: {8812D288-3032-460D-9710-8C032C9B0A45} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {941643E2-DBFE-47E2-BA39-F6E2AFE949F8} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {9B2DD1C2-50B4-4454-983A-1A7F25C17567} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-02-24] (Realtek Semiconductor)
Task: {A1878D4B-2228-4245-AAD7-3B8C21396494} - System32\Tasks\Lenovo\Lenovo Settings Power => Rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
Task: {B4C6447A-86A5-484D-B793-0C50FB3BB3EE} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {B8629CAF-1688-4B09-B9E9-7DA7E46ED44E} - System32\Tasks\TVT\LenovoWERMonitor => C:\Program Files (x86)\Common Files\lenovo\SUP\sup_wermonitor.exe [2014-05-27] (Lenovo)
Task: {B9D8FC93-4567-40F1-9F07-093C876DCF26} - System32\Tasks\LenovoQuickDisplay => C:\Program Files (x86)\Lenovo\QuickConnect NFC Utility\qdtap.exe [2014-03-05] (Lenovo)
Task: {C103B60B-3F17-4FF0-A81C-5702A1E9D4DD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {D51E97BA-4F46-402A-B885-6481CF800109} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-02-25] (Realtek Semiconductor)
Task: {D6DBF947-08C1-469B-BD6D-7D3753C66FD7} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-02-25] (Realtek Semiconductor)
Task: {E6CF88DC-DE26-4277-9EF3-FB05EF9E875A} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-03-06] ()
Task: {EEA882BB-C91E-481A-9A44-D14064428EFC} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {F3101E86-996F-4A34-90EC-5769F6D18448} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-07-30] (Lenovo)
Task: {F4ABE010-5DAC-4AFE-AF65-AF061F05226B} - System32\Tasks\Lenovo\Experience Improvement Logon => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2014-12-19] (Lenovo)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2014-06-25 13:35 - 2014-06-25 13:35 - 00021504 _____ () C:\Program Files\Lenovo\Fingerprint Manager Pro\cryptodll.dll
2014-06-25 13:35 - 2014-06-25 13:35 - 00035328 _____ () C:\Program Files\Lenovo\Fingerprint Manager Pro\ssplogon.dll
2014-06-25 13:35 - 2014-06-25 13:35 - 00055296 _____ () C:\Program Files\Lenovo\Fingerprint Manager Pro\RandomPass.dll
2014-06-25 13:49 - 2014-06-25 13:49 - 00288656 _____ () C:\Program Files\Lenovo\Fingerprint Manager Pro\mstrpwd.dll
2014-10-01 12:03 - 2014-08-05 07:47 - 00117760 _____ () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.dll
2014-08-05 09:42 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-01-09 15:53 - 2014-01-09 15:53 - 00022016 _____ () C:\Program Files (x86)\Sierra Wireless Inc\Lenovo MBIM Toolkit\FirmwareUpdaterService.exe
2014-04-03 14:57 - 2014-04-03 14:57 - 00209712 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2014-04-03 14:57 - 2014-04-03 14:57 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-04-03 14:56 - 2014-04-03 14:56 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTEncryptionCheck.dll
2014-04-03 14:57 - 2014-04-03 14:57 - 00037168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2015-03-10 18:47 - 2015-03-10 18:47 - 00720760 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
2015-03-10 18:51 - 2015-03-10 18:51 - 00107024 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_thread-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00024080 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_system-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00055320 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_date_time-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00125464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_filesystem-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00033296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_chrono-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 12745216 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareServiceKernel.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 03396064 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\RCF.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00785936 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_regex-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00744960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareActivation.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00480272 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareApplicationUpdater.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00812032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareGamingMode.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00099312 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareReset.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00119792 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTime.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00963088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareDefinitionsUpdater.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00868896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareDefinitionsUpdaterScheduler.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01108992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareIgnoreList.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00247808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareQuarantine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01013256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiMalwareEngine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00211464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiRootkitEngine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01177608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScannerHistory.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01302008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScanner.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00034832 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_timer-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00977416 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScannerScheduler.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01143824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareRealTimeProtection.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00237568 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareIncompatibles.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00893432 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiSpam.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00847872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiPhishing.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 03104776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareParentalControl.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 02958848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareWebProtection.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01288712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareEmailProtection.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00053272 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_iostreams-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01293832 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareNetworkProtection.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00969200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwarePromo.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00366584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareFeedback.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 02787344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareThreatWorkAlliance.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01232888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwarePinCode.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00969208 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareNotice.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00963576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAvcEngine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01184792 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareRealTimeProtectionHistory.dll
2014-01-09 15:53 - 2014-01-09 15:53 - 00562176 _____ () C:\Program Files (x86)\Sierra Wireless Inc\Lenovo MBIM Toolkit\FirmwareApp.exe
2015-03-10 18:50 - 2015-03-10 18:50 - 02756616 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareShellExtension.dll
2014-06-25 13:41 - 2014-06-25 13:41 - 00065024 _____ () C:\Program Files\Lenovo\Fingerprint Manager Pro\opvapp.exe
2014-10-01 12:03 - 2014-08-05 07:47 - 00117760 _____ () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2014-07-09 17:10 - 2014-03-08 01:21 - 00080312 _____ () C:\WINDOWS\system32\IGFXEXPS.DLL
2014-08-05 10:20 - 2014-06-23 20:47 - 00601376 _____ () C:\Program Files\Lenovo\Password Manager\pwm_website_config.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 09566192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe
2015-03-10 18:51 - 2015-03-10 18:51 - 00499728 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_locale-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 02144248 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\HtmlFramework.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00869896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTrayDefaultSkin.dll
2014-07-09 23:41 - 2013-10-09 18:31 - 00915968 _____ () C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe
2015-06-21 18:56 - 2015-06-21 19:11 - 223935400 _____ () C:\ProgramData\Avira\My Avira\Temp\avira_antivirus_de-de.exe
2014-07-09 23:55 - 2014-06-10 17:35 - 00470000 _____ () C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
2014-07-09 23:55 - 2014-06-10 17:35 - 00014320 _____ () C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
2015-06-21 22:51 - 2015-06-21 22:51 - 00050477 _____ () C:\Users\*****\Downloads\Defogger.exe
2007-04-18 20:30 - 2007-04-18 20:30 - 00393216 _____ () C:\Program Files (x86)\McAfee\Common Framework\cryptocme2.dll
2007-04-18 20:30 - 2007-04-18 20:30 - 00471040 _____ () C:\Program Files (x86)\McAfee\Common Framework\ccme_base.dll
2014-11-01 17:39 - 2014-11-01 17:39 - 00797696 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Networking\e1a2f3f274995f1f847c00f962657943\Windows.Networking.ni.dll
2014-08-05 10:49 - 2014-08-05 10:49 - 01282048 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Devices\bf5509cf3a0d2e3afbd0c33e9153ecbd\Windows.Devices.ni.dll
2015-01-23 20:10 - 2015-01-23 20:10 - 00228864 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\f7e726805e56676bd7b8662a3d842b0e\Windows.Foundation.ni.dll
2014-06-23 20:44 - 2014-06-23 20:44 - 00546592 _____ () C:\Program Files (x86)\Lenovo\Password Manager\pwm_website_config.dll
2014-11-19 21:06 - 2014-11-19 21:06 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2014-07-09 23:42 - 2013-12-03 07:36 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-01-27 16:43 - 2014-01-27 16:43 - 00065936 _____ () C:\Program Files (x86)\CheckPoint\ZoneAlarm\Community.CsharpSqlite.SQLiteClient.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-119873911-3594701226-9607293-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.0.1 - 192.168.0.2
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-119873911-3594701226-9607293-1001\...\StartupApproved\Run: => "Pokki"
HKU\S-1-5-21-119873911-3594701226-9607293-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-119873911-3594701226-9607293-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-119873911-3594701226-9607293-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_0FB652646B284E0FD5E34EA5286C1868"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{44CE1D30-EA39-4B42-B009-2869C885EEC5}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [{B39988C8-A303-4A9A-A304-8883766F70D0}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [{E08A3E44-EC22-4215-84BE-74DE420BEB1B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{DF74D9C4-8FA5-4EF4-9B26-93ED375DD95A}] => (Allow) C:\Users\*****\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{91F65210-1187-4DC9-A1D6-11A9B6527A38}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{BAADB489-71D4-4E2D-BC21-B64731A107C3}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{46365AAD-0A46-4743-A2AD-F2B1331850F7}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{100AEC00-05AD-4845-BCF7-3630625FCC66}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{692216EF-DBC4-487C-AC16-AC0B7F7A602A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{73F048D5-1480-4912-B1F4-35E65BE90022}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{21932FC0-7619-45CE-B94E-51B2A0B2EB87}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{14B41AFF-1D64-4035-B6E5-40AA9AC3A62D}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\MfeServiceMgr.exe
FirewallRules: [{3DFE92F4-033B-480B-86F1-F6B2C70E285D}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\MfeServiceMgr.exe
FirewallRules: [{C65C859A-52E3-470B-89FD-A6723F8CF866}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{C32C5A69-7E17-4E64-8ADA-CAEA5B8EFF3D}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{212F20E9-D777-4D74-B26D-435B2900B279}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\MfeServiceMgr.exe
FirewallRules: [{2A4E5D9F-410A-4003-9ED7-E3E2B4BC3B0A}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\MfeServiceMgr.exe
FirewallRules: [{EC479786-38B9-42F2-9310-CF4C862104C4}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{E778591B-2615-4E53-9AE1-587A491D1A86}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{02750CA1-87B7-480A-BA2E-09E4010A4A6F}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\MfeServiceMgr.exe
FirewallRules: [{1B7EA48D-911D-4DFB-9894-D89C8EDBDFCE}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\MfeServiceMgr.exe
FirewallRules: [TCP Query User{3E096DAA-9C46-4101-B6F2-703A76C651DF}C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe] => (Allow) C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe
FirewallRules: [UDP Query User{A7109449-1592-4394-A0C3-E5004A26ADB7}C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe] => (Allow) C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe
FirewallRules: [TCP Query User{82650E52-0797-45B6-B4E4-E64F1CE1193E}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{8906E6DC-D5FF-498E-B6CE-7D64955251D5}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{A321A6FA-3F7C-4F78-AF57-D62FFA3479CA}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{88CAF1AF-85C6-4120-BF99-CFDC1DA33970}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{3A4B6AF2-B0F9-480F-9E81-BB229F45FB33}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1765E539-7B6A-4F9A-A371-B2E8C4C2D420}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{085993FD-8E49-48C5-A8B4-7A4581B4CB19}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{AC60B190-B2B5-4030-9C54-B2B27B19DE30}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{FBB1B9D0-99EE-4D8B-B894-33E864EED69C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{002C9C71-3A5D-4CAC-AB67-D440B8B8A89C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C86D0E91-2EA4-4EC6-9B43-FE50D2B20410}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3F689FD4-AC88-4BA4-8692-211A1B957FA4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C2FAF045-B49C-4DD0-B097-EBFFF23DA11B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{57EB6807-CCDB-4D04-9AD6-E8F1699687E5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{62446F1F-2C06-47A6-879C-9836D10553A1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BE614723-2B15-41F1-8C51-9F2C05E724E2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4DE994D9-8443-4829-98EE-73C8478B17A9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{831F1238-E5C5-45FD-87C1-DCA47EF7500A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Siege III - Demo\Dungeon Siege III.exe
FirewallRules: [{F9E201FE-54D5-46C4-9AE3-DB06E23D07A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Siege III - Demo\Dungeon Siege III.exe
FirewallRules: [{7863C3DA-1E53-4565-AEB8-F9C9665C82E4}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{72424092-464C-446E-839A-488E40F74FA4}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{13767959-B95A-4A7A-BE06-394FE5BFAD91}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{2DC5FF61-0A98-4DC1-A3A3-C8148874AF04}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
==================== Faulty Device Manager Devices =============
Name: Intel(R) Ethernet Connection I218-LM
Description: Intel(R) Ethernet Connection I218-LM
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: e1dexpress
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Sierra Wireless EM7345 4G LTE
Description: Generischer Adapter für das mobile Breitband
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: wmbclass
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: TAP-Win32 Adapter V9
Description: TAP-Win32 Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Win32 Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/21/2015 10:30:18 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database
Error: (06/21/2015 07:09:44 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters Net Detect: Net Detect Supported Error Getting Adapter List Error=0x80040302\n
Error: (06/21/2015 07:09:44 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters Net Detect: Net Detect Supported Error Getting Adapter List Error=0x80040302\n
Error: (06/21/2015 07:09:14 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters Net Detect: Net Detect Supported Error Getting Adapter List Error=0x80040302\n
Error: (06/21/2015 07:09:14 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters Net Detect: Net Detect Supported Error Getting Adapter List Error=0x80040302\n
Error: (06/21/2015 07:00:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1496) SRUJet: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\WINDOWS\system32\SRU\SRU00F67.log.
Error: (06/21/2015 06:56:04 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!
Error: (06/21/2015 06:41:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service ZoneAlarm Privacy Service since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (06/21/2015 06:30:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avguard.exe, Version: 15.0.11.572, Zeitstempel: 0x555f17a4
Name des fehlerhaften Moduls: MSVCR120.dll, Version: 12.0.21005.1, Zeitstempel: 0x524f7ce6
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000a46a9
ID des fehlerhaften Prozesses: 0x7a8
Startzeit der fehlerhaften Anwendung: 0xavguard.exe0
Pfad der fehlerhaften Anwendung: avguard.exe1
Pfad des fehlerhaften Moduls: avguard.exe2
Berichtskennung: avguard.exe3
Vollständiger Name des fehlerhaften Pakets: avguard.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avguard.exe5
Error: (06/20/2015 08:13:24 PM) (Source: McLogEvent) (EventID: 259) (User: tkawka-mobil)
Description: Der Scan hat Entdeckungen gefunden. Scan-Modul der Version 5700.7163 DAT-Version 7838.
System errors:
=============
Error: (06/21/2015 07:38:57 PM) (Source: DCOM) (EventID: 10010) (User: tkawka-mobil)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (06/21/2015 07:38:27 PM) (Source: DCOM) (EventID: 10010) (User: tkawka-mobil)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (06/21/2015 07:10:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ZoneAlarm Privacy Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/21/2015 07:09:46 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll
Error: (06/21/2015 07:09:46 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll
Error: (06/21/2015 07:09:39 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll
Error: (06/21/2015 07:09:25 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.21
registriert werden. Der Computer mit IP-Adresse 192.168.0.11 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (06/21/2015 07:09:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/21/2015 07:09:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/21/2015 07:09:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Smart Connect Technology Agent" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Microsoft Office:
=========================
Error: (06/21/2015 10:30:18 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: -2147024883
Error: (06/21/2015 07:09:44 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters Net Detect: Net Detect Supported Error Getting Adapter List Error=0x80040302\n
Error: (06/21/2015 07:09:44 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters Net Detect: Net Detect Supported Error Getting Adapter List Error=0x80040302\n
Error: (06/21/2015 07:09:14 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters Net Detect: Net Detect Supported Error Getting Adapter List Error=0x80040302\n
Error: (06/21/2015 07:09:14 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters Net Detect: Net Detect Supported Error Getting Adapter List Error=0x80040302\n
Error: (06/21/2015 07:00:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost1496SRUJet: C:\WINDOWS\system32\SRU\SRU00F67.log-1811 (0xfffff8ed)
Error: (06/21/2015 06:56:04 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: 0x0
Error: (06/21/2015 06:41:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service ZoneAlarm Privacy Service since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (06/21/2015 06:30:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: avguard.exe15.0.11.572555f17a4MSVCR120.dll12.0.21005.1524f7ce6c0000409000a46a97a801d0ab77fee4109fC:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exeC:\Program Files (x86)\Avira\AntiVir Desktop\MSVCR120.dlld481782b-1832-11e5-8286-c232cbc09e0d
Error: (06/20/2015 08:13:24 PM) (Source: McLogEvent) (EventID: 259) (User: tkawka-mobil)
Description: Der Scan hat Entdeckungen gefunden. Scan-Modul der Version 5700.7163 DAT-Version 7838.
CodeIntegrity Errors:
===================================
Date: 2015-04-07 22:41:05.306
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-04-01 21:49:17.501
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-04-01 21:21:06.216
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-04-01 19:12:17.882
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-04-01 17:33:09.316
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-03-31 22:52:13.168
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-03-31 20:27:39.270
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-03-24 23:07:47.583
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-03-24 16:08:21.962
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-03-24 12:01:05.387
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4600U CPU @ 2.10GHz
Percentage of memory in use: 49%
Total physical RAM: 8076.86 MB
Available physical RAM: 4058.15 MB
Total Pagefile: 9356.86 MB
Available Pagefile: 4985.63 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:216.59 GB) (Free:140.68 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: A2AD55BA)
Partition: GPT Partition Type.
==================== End of log ============================
GMER: Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-06-21 23:02:39
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000038 LITEONIT_LGT-256M6G rev.2G87901 238,47GB
Running: Gmer-19357.exe; Driver: C:\Users\TORBEN~1\AppData\Local\Temp\pwlcipob.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable fffff9600009fd00 15 bytes [00, A9, F3, 01, 80, 64, 6D, ...]
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 16 fffff9600009fd10 11 bytes [00, 91, FC, FF, 00, BF, CA, ...]
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\csrss.exe [560:584] fffff9600082c2d0
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Schonmal Danke im Vorraus! |
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
WARNUNG an die MITLESER: 
