Here we go:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018
Ran by popp_000 (administrator) on ROLLS_PC (06-08-2018 13:41:15)
Running from C:\Users\popp_000\Downloads
Loaded Profiles: popp_000 (Available Profiles: Rolls & popp_000)
Platform: Windows 8.1 (Update) (X64) Language: Englisch (Vereinigte Staaten)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Dropbox, Inc.) C:\Users\popp_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Dropbox, Inc.) C:\Users\popp_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\popp_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-31] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2013-10-19] (Realtek semiconductor)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-01-20] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-01-20] (Lenovo(beijing) Limited)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-05-22] (Apple Inc.)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro7hook.exe [1775464 2011-10-24] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFCreHook] => C:\Program Files (x86)\Nuance\PDFCreate\pdfcreate7hook.exe [1771368 2011-10-24] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF7 Registry Controller] => C:\Program Files (x86)\Nuance\PDFCreate\RegistryController.exe [140136 2011-06-28] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Nuance PDF Create 7-reminder] => "C:\Program Files (x86)\Nuance\PDFCreate\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Create 7\Ereg\Ereg.ini"
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-419436004-3641650613-4044294934-1004\...\MountPoints2: {523c6574-72e9-11e7-82ea-fcf8ae81aa91} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-419436004-3641650613-4044294934-1004\...\MountPoints2: {523c6629-72e9-11e7-82ea-fcf8ae81aa91} - "E:\HiSuiteDownLoader.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2014-01-20]
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\Users\popp_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2018-08-02]
ShortcutTarget: Dropbox.lnk -> C:\Users\popp_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\popp_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2017-10-31]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 62.2.17.60 62.2.24.162 62.2.17.61 62.2.24.158
Tcpip\..\Interfaces\{4B58DD45-2EEF-4C3C-9D2B-9E19A7586E04}: [DhcpNameServer] 129.132.98.12 129.132.250.2
Tcpip\..\Interfaces\{A18FC3BF-B907-4373-9D7F-2A14F0C58609}: [DhcpNameServer] 62.2.17.60 62.2.24.162 62.2.17.61 62.2.24.158
Tcpip\..\Interfaces\{E9525CEC-B32C-409E-B026-B233ABEF911C}: [DhcpNameServer] 129.132.98.12 129.132.250.2
Internet Explorer:
==================
HKU\S-1-5-21-419436004-3641650613-4044294934-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-419436004-3641650613-4044294934-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-419436004-3641650613-4044294934-1004\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {7704B72C-290A-4241-8FA4-6772E6550A96} URL =
SearchScopes: HKU\.DEFAULT -> {7704B72C-290A-4241-8FA4-6772E6550A96} URL =
SearchScopes: HKU\S-1-5-21-419436004-3641650613-4044294934-1004 -> DefaultScope {7704B72C-290A-4241-8FA4-6772E6550A96} URL =
SearchScopes: HKU\S-1-5-21-419436004-3641650613-4044294934-1004 -> {7704B72C-290A-4241-8FA4-6772E6550A96} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-08-01] (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation)
BHO-x32: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> C:\Program Files (x86)\Nuance\PDFCreate\Bin\ZeonIEFavClient.dll [2011-03-26] (Zeon Corporation)
Toolbar: HKLM-x32 - DocuCom PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDFCreate\Bin\ZeonIEFavClient.dll [2011-03-26] (Zeon Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-01] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-01] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-01] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-01] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
FireFox:
========
FF DefaultProfile: 5zidvcdd.default-1533543114283
FF ProfilePath: C:\Users\popp_000\AppData\Roaming\Zotero\Zotero\Profiles\tco359nz.default [2016-06-17]
FF Extension: (Zotero LibreOffice Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroOpenOfficeIntegration@zotero.org [2016-06-07] [Legacy] [not signed]
FF Extension: (Zotero Word for Windows Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroWinWordIntegration@zotero.org [2016-06-07] [Legacy] [not signed]
FF ProfilePath: C:\Users\popp_000\AppData\Roaming\Mozilla\Firefox\Profiles\5zidvcdd.default-1533543114283 [2018-08-06]
FF Homepage: Mozilla\Firefox\Profiles\5zidvcdd.default-1533543114283 -> hxxps://www.google.ch/
FF Session Restore: Mozilla\Firefox\Profiles\5zidvcdd.default-1533543114283 -> is enabled.
FF Extension: (Session Sync) - C:\Users\popp_000\AppData\Roaming\Mozilla\Firefox\Profiles\5zidvcdd.default-1533543114283\Extensions\session-sync@gabrielivanica.com.xpi [2018-08-06]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-04] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\nppdf.dll [2011-02-16] (Zeon Corporation)
FF Plugin HKU\S-1-5-21-419436004-3641650613-4044294934-1004: pokki.com/PokkiDownloadHelper -> C:\Users\popp_000\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll [No File]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-04-27] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8851496 2018-07-22] (Microsoft Corporation)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-04-11] () [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-22] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-19] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-02] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [161072 2013-08-08] (PointGrab LTD)
S4 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [345408 2013-08-08] (PointGrab LTD)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-25] ()
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-01-20] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [140600 2013-07-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-06] (Motorola Solutions, Inc.)
S3 ew_usbccgpfilter; C:\windows\System32\drivers\ew_usbccgpfilter.sys [18944 2017-04-11] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-04-11] (Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [118728 2013-09-19] (Intel Corporation)
R3 ikbevent; C:\windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-02] ()
R3 imsevent; C:\windows\system32\DRIVERS\imsevent.sys [21920 2013-08-02] ()
R3 INETMON; C:\windows\System32\Drivers\INETMON.sys [29088 2013-08-02] ()
R3 ISCT; C:\windows\System32\drivers\ISCTD64.sys [46568 2013-08-02] ()
R3 MEIx64; C:\windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 NETwNb64; C:\windows\system32\DRIVERS\NETwbw02.sys [3607520 2013-10-14] (Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
S3 pwdrvio; C:\windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 RTSPER; C:\windows\system32\DRIVERS\RtsPer.sys [423128 2013-07-25] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\windows\system32\DRIVERS\rtsuvc.sys [8876248 2013-10-19] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-15] (Synaptics Incorporated)
S1 vflt; C:\windows\system32\DRIVERS\vfilter.sys [24064 2013-07-01] (Shrew Soft Inc) [File not signed]
S3 vnet; C:\windows\system32\DRIVERS\virtualnet.sys [17408 2013-07-01] (Shrew Soft Inc) [File not signed]
S0 WdBoot; C:\windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 vpnva; \SystemRoot\system32\DRIVERS\vpnva64-6.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-08-06 13:14 - 2018-08-06 13:16 - 000000000 ____D C:\AdwCleaner
2018-08-06 13:11 - 2018-08-06 13:11 - 007417040 _____ (Malwarebytes) C:\Users\popp_000\Downloads\adwcleaner_7.2.2(2).exe
2018-08-06 13:11 - 2018-08-06 13:11 - 007417040 _____ (Malwarebytes) C:\Users\popp_000\Downloads\adwcleaner_7.2.2(1).exe
2018-08-06 12:38 - 2018-08-06 13:01 - 000237050 _____ C:\TDSSKiller.3.1.0.17_06.08.2018_12.38.13_log.txt
2018-08-06 12:37 - 2018-08-06 12:37 - 004949824 _____ (AO Kaspersky Lab) C:\Users\popp_000\Downloads\tdsskiller.exe
2018-08-06 10:46 - 2018-08-06 10:46 - 000005330 _____ C:\Users\popp_000\Downloads\session_buddy_export_2018_08_06_10_46_08.txt
2018-08-06 10:46 - 2018-08-06 10:46 - 000005330 _____ C:\Users\popp_000\Desktop\session_buddy_export_2018_08_06_10_46_08.txt
2018-08-06 10:12 - 2018-08-06 10:12 - 000000000 ____D C:\Users\popp_000\Desktop\Alte Firefox-Daten
2018-08-06 09:59 - 2018-08-06 09:59 - 000394390 _____ C:\Users\popp_000\Desktop\bookmarks_06.08.18.html
2018-08-06 09:53 - 2018-07-17 00:02 - 000563832 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2018-08-06 09:22 - 2018-08-06 09:22 - 000001061 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2018-08-06 09:22 - 2018-08-06 09:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2018-08-06 09:22 - 2018-08-06 09:22 - 000000000 ____D C:\Program Files\VS Revo Group
2018-08-06 09:21 - 2018-08-06 09:21 - 007197480 _____ (VS Revo Group ) C:\Users\popp_000\Downloads\revosetup205.exe
2018-08-05 18:18 - 2018-08-05 18:18 - 000845448 _____ C:\Users\popp_000\Downloads\SCLiteFix_299026.exe
2018-08-05 18:18 - 2018-08-05 18:18 - 000000000 ____D C:\Users\Rolls\Documents\HpReg_Backup
2018-08-05 18:02 - 2018-08-05 18:02 - 000002900 _____ C:\windows\System32\Tasks\Toolbox.exe_{7CE34131-9F3C-48E6-A2A7-95C2FD7A9928}
2018-08-05 18:01 - 2018-08-05 18:01 - 000002231 _____ C:\Users\Public\Desktop\HP Officejet Pro 8600.lnk
2018-08-05 18:01 - 2018-08-05 18:01 - 000001183 _____ C:\Users\Public\Desktop\Shop for Supplies - HP Officejet Pro 8600.lnk
2018-08-05 18:01 - 2018-08-05 18:01 - 000000978 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2018-08-05 18:01 - 2018-08-05 18:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2018-08-05 18:01 - 2018-08-05 18:01 - 000000000 ____D C:\ProgramData\HP
2018-08-05 18:01 - 2018-08-05 18:01 - 000000000 ____D C:\Program Files (x86)\HP
2018-08-05 18:01 - 2012-10-17 04:31 - 000741480 ____N (Hewlett-Packard Co.) C:\windows\system32\HPDiscoPM5912.dll
2018-08-05 18:00 - 2018-08-05 18:00 - 000000000 ____D C:\Users\Rolls\AppData\Local\HP
2018-08-05 17:55 - 2018-08-05 17:57 - 140667048 _____ C:\Users\Rolls\Downloads\OJ8600_Full_WebPack_28.0.1315_2.exe
2018-08-04 12:15 - 2018-08-05 21:04 - 000050279 _____ C:\Users\popp_000\Downloads\Addition.txt
2018-08-04 12:12 - 2018-08-06 13:41 - 000018718 _____ C:\Users\popp_000\Downloads\FRST.txt
2018-08-04 12:12 - 2018-08-06 13:41 - 000000000 ____D C:\FRST
2018-08-04 12:11 - 2018-08-04 12:11 - 002412544 _____ (Farbar) C:\Users\popp_000\Downloads\FRST64.exe
2018-08-03 11:44 - 2018-08-03 11:44 - 007417040 _____ (Malwarebytes) C:\Users\popp_000\Downloads\adwcleaner_7.2.2 (1).exe
2018-08-03 11:28 - 2018-08-03 11:28 - 007417040 _____ (Malwarebytes) C:\Users\popp_000\Downloads\adwcleaner_7.2.2.exe
2018-08-03 11:01 - 2018-08-03 11:01 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-08-03 11:01 - 2018-08-03 11:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2018-08-03 10:35 - 2018-08-03 10:35 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2018-08-03 10:35 - 2018-08-03 10:35 - 000002237 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2018-08-02 12:05 - 2018-08-02 12:05 - 001318374 _____ C:\Users\popp_000\Downloads\foreignpolicy.com-Why I Didnt Sign Up to Defend the International Order.pdf
2018-08-02 11:33 - 2018-08-02 11:33 - 000000000 ____D C:\Users\popp_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-07-31 13:47 - 2018-03-27 01:24 - 000029352 _____ (Microsoft Corporation) C:\windows\SysWOW64\aspnet_counters.dll
2018-07-31 13:47 - 2018-03-27 01:24 - 000019088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr100_clr0400.dll
2018-07-31 13:47 - 2018-03-27 01:17 - 000030888 _____ (Microsoft Corporation) C:\windows\system32\aspnet_counters.dll
2018-07-31 13:47 - 2018-03-27 01:17 - 000019088 _____ (Microsoft Corporation) C:\windows\system32\msvcr100_clr0400.dll
2018-07-30 13:38 - 2018-07-30 13:38 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-07-30 13:22 - 2018-07-30 13:22 - 001540104 _____ (CHIP Digital GmbH) C:\Users\popp_000\Downloads\Malwarebytes Malware Scanner - CHIP-Installer.exe
2018-07-25 17:19 - 2018-07-25 17:19 - 000158109 _____ C:\Users\popp_000\Desktop\Bell_QuestioningGlobalTurn_2014.pdf
2018-07-25 17:19 - 2018-07-25 17:19 - 000065607 _____ C:\Users\popp_000\Desktop\Burton_MethodScaleWH_2007.pdf
2018-07-25 17:17 - 2018-07-25 17:17 - 000131170 _____ C:\Users\popp_000\Desktop\Tsing_EconomyAppearances_2000.pdf
2018-07-24 20:33 - 2018-07-24 20:33 - 002092858 _____ C:\Users\popp_000\Desktop\Tsing_GlobalSituation_2000.pdf
2018-07-23 19:48 - 2018-07-23 19:48 - 000055476 _____ C:\Users\popp_000\Desktop\GoodeRevonCollier_2018.pdf
2018-07-23 19:45 - 2018-07-23 19:45 - 001227292 _____ C:\Users\popp_000\Desktop\Rovner_LongWarEast_2018.pdf
2018-07-23 19:44 - 2018-07-23 19:44 - 000985481 _____ C:\Users\popp_000\Desktop\Kroenig_D&STRT_NucleNonprolif_2018.pdf
2018-07-23 19:22 - 2018-07-23 19:22 - 000282576 _____ C:\Users\popp_000\Desktop\Porter_HabitUSGrandStrategy_2018.pdf
2018-07-23 19:19 - 2018-07-23 19:19 - 000176411 _____ C:\Users\popp_000\Desktop\VielhaberBleek_ShadoiwwarsReview_2012.pdf
2018-07-23 19:06 - 2018-07-23 19:06 - 000527232 _____ C:\Users\popp_000\Desktop\MillerVolpe_SaudiNukes_2018.pdf
2018-07-23 19:06 - 2018-07-23 19:06 - 000417636 _____ C:\Users\popp_000\Desktop\Nephew_SanctionsRelief_2018.pdf
2018-07-23 19:04 - 2018-07-23 19:04 - 000501283 _____ C:\Users\popp_000\Desktop\Glaser_IllusionofAmericDecline_2018.pdf
2018-07-22 11:57 - 2018-07-22 11:57 - 000001333 _____ C:\Users\Public\Desktop\Skype.lnk
2018-07-22 11:57 - 2018-07-22 11:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-07-16 19:25 - 2018-07-16 19:25 - 000060349 _____ C:\Users\popp_000\Downloads\CAE17-09 Additional Information.pdf
2018-07-16 10:41 - 2018-07-16 10:41 - 000041845 _____ C:\Users\popp_000\Downloads\Buchungsdetail 20180716104127.pdf
2018-07-15 13:07 - 2018-06-29 00:07 - 000835064 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2018-07-15 13:07 - 2018-06-29 00:07 - 000179704 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-07-14 06:45 - 2018-07-14 06:52 - 000385911 _____ C:\Users\popp_000\Desktop\Passport.pdf
2018-07-12 10:19 - 2018-06-20 22:01 - 007398232 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2018-07-12 10:19 - 2018-06-20 21:44 - 001676064 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2018-07-12 10:19 - 2018-06-20 21:44 - 001536120 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2018-07-12 10:19 - 2018-06-20 20:48 - 000095744 ____C (Microsoft Corporation) C:\windows\system32\Drivers\amdk8.sys
2018-07-12 10:19 - 2018-06-20 20:48 - 000027136 ____C (Microsoft Corporation) C:\windows\system32\Drivers\fxppm.sys
2018-07-12 10:19 - 2018-06-20 18:58 - 000098816 ____C (Microsoft Corporation) C:\windows\system32\Drivers\intelppm.sys
2018-07-12 10:19 - 2018-06-20 18:58 - 000098816 ____C (Microsoft Corporation) C:\windows\system32\Drivers\amdppm.sys
2018-07-12 10:19 - 2018-06-20 18:58 - 000092672 ____C (Microsoft Corporation) C:\windows\system32\Drivers\processr.sys
2018-07-12 10:19 - 2018-06-15 05:01 - 004169216 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2018-07-12 10:19 - 2018-06-12 10:00 - 022374248 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2018-07-12 10:19 - 2018-06-12 09:57 - 019790760 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2018-07-12 10:19 - 2018-06-11 18:55 - 025744896 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2018-07-12 10:19 - 2018-06-11 18:36 - 003119616 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2018-07-12 10:19 - 2018-06-11 18:14 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2018-07-12 10:19 - 2018-06-11 18:06 - 005779968 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2018-07-12 10:19 - 2018-06-11 18:04 - 000794624 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2018-07-12 10:19 - 2018-06-11 17:39 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2018-07-12 10:19 - 2018-06-11 17:36 - 015283200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2018-07-12 10:19 - 2018-06-11 17:31 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2018-07-12 10:19 - 2018-06-11 17:22 - 003241472 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2018-07-12 10:19 - 2018-06-11 17:11 - 001545216 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2018-07-12 10:19 - 2018-06-11 16:59 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2018-07-12 10:19 - 2018-06-09 18:40 - 020286976 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2018-07-12 10:19 - 2018-06-09 18:26 - 002712064 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2018-07-12 10:19 - 2018-06-09 18:09 - 000498176 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2018-07-12 10:19 - 2018-06-09 17:59 - 000662016 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2018-07-12 10:19 - 2018-06-09 17:37 - 004496384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2018-07-12 10:19 - 2018-06-09 17:37 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2018-07-12 10:19 - 2018-06-09 17:36 - 013680128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2018-07-12 10:19 - 2018-06-09 17:32 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2018-07-12 10:19 - 2018-06-09 17:11 - 002767872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2018-07-12 10:19 - 2018-06-09 17:08 - 001313792 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2018-07-12 10:19 - 2018-06-09 17:06 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2018-07-12 10:19 - 2018-06-09 04:47 - 002176072 _____ (Microsoft Corporation) C:\windows\system32\combase.dll
2018-07-12 10:19 - 2018-06-09 03:44 - 001565528 _____ (Microsoft Corporation) C:\windows\SysWOW64\combase.dll
2018-07-12 10:19 - 2018-06-08 20:26 - 000440832 _____ (Microsoft Corporation) C:\windows\system32\zipfldr.dll
2018-07-12 10:19 - 2018-06-08 19:54 - 000656384 _____ (Microsoft Corporation) C:\windows\system32\dnsapi.dll
2018-07-12 10:19 - 2018-06-08 19:53 - 000252416 _____ (Microsoft Corporation) C:\windows\system32\dnsrslvr.dll
2018-07-12 10:19 - 2018-06-08 19:07 - 000404992 _____ (Microsoft Corporation) C:\windows\SysWOW64\zipfldr.dll
2018-07-12 10:19 - 2018-06-08 18:44 - 000499200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnsapi.dll
2018-07-12 10:19 - 2018-06-07 20:51 - 000074240 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mpsdrv.sys
2018-07-12 10:19 - 2018-05-24 23:29 - 002449752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2018-07-12 10:19 - 2018-05-24 23:29 - 000428888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2018-07-12 10:19 - 2018-05-15 10:42 - 000590680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys
2018-07-12 10:19 - 2018-05-04 01:02 - 000439640 ____C (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2018-07-12 10:19 - 2018-05-04 01:02 - 000325456 ____C (Microsoft Corporation) C:\windows\system32\Drivers\USBXHCI.SYS
2018-07-12 10:19 - 2018-05-04 01:02 - 000187728 ____C (Microsoft Corporation) C:\windows\system32\Drivers\UCX01000.SYS
2018-07-12 10:19 - 2018-04-26 15:43 - 000918296 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll
2018-07-12 10:19 - 2018-04-26 15:43 - 000065880 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-07-12 10:19 - 2018-04-26 15:43 - 000021848 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-07-12 10:19 - 2018-04-26 15:43 - 000018776 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-12 10:19 - 2018-04-26 15:43 - 000017240 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-07-12 10:19 - 2018-04-26 15:43 - 000017240 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-12 10:19 - 2018-04-26 15:43 - 000015704 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-12 10:19 - 2018-04-26 15:43 - 000015192 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-07-12 10:19 - 2018-04-26 15:43 - 000013656 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-07-12 10:19 - 2018-04-26 15:43 - 000013152 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-12 10:19 - 2018-04-26 15:43 - 000012120 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-07-12 10:19 - 2018-04-26 15:43 - 000012120 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-07-12 10:19 - 2018-04-26 15:43 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-07-12 10:19 - 2018-04-26 15:43 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-07-12 10:19 - 2018-04-26 15:43 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-07-12 10:19 - 2018-04-26 15:43 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-07-12 10:19 - 2018-04-26 15:19 - 000998912 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2018-07-12 10:19 - 2018-04-26 15:19 - 000063832 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-07-12 10:19 - 2018-04-26 15:19 - 000020824 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-07-12 10:19 - 2018-04-26 15:19 - 000019288 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-12 10:19 - 2018-04-26 15:19 - 000017752 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-07-12 10:19 - 2018-04-26 15:19 - 000017752 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-12 10:19 - 2018-04-26 15:19 - 000016216 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-12 10:19 - 2018-04-26 15:19 - 000015704 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-07-12 10:19 - 2018-04-26 15:19 - 000014168 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-07-12 10:19 - 2018-04-26 15:19 - 000013656 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-12 10:19 - 2018-04-26 15:19 - 000012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-07-12 10:19 - 2018-04-26 15:19 - 000012632 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-07-12 10:19 - 2018-04-26 15:19 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-07-12 10:19 - 2018-04-26 15:19 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-07-12 10:19 - 2018-04-26 15:19 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-07-12 10:19 - 2018-04-26 15:19 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-07-12 10:19 - 2018-04-25 19:38 - 000243200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2018-07-12 10:02 - 2018-06-12 21:01 - 000149632 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2018-07-12 10:02 - 2018-06-08 15:15 - 002860032 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2018-07-12 10:02 - 2018-06-08 15:15 - 001602048 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2018-07-12 10:02 - 2018-06-08 15:15 - 000783872 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2018-07-12 10:02 - 2018-06-08 15:15 - 000680960 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2018-07-12 10:02 - 2018-06-08 15:15 - 000612352 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2018-07-12 10:02 - 2018-06-08 15:15 - 000470016 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2018-07-12 10:02 - 2018-06-08 15:15 - 000443392 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2018-07-12 10:02 - 2018-06-08 15:15 - 000301056 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2018-07-12 10:02 - 2018-06-08 15:15 - 000246272 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2018-07-09 17:51 - 2018-07-09 17:51 - 000111660 _____ C:\Users\popp_000\Downloads\RAC 15-148.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-08-06 13:25 - 2014-03-04 15:03 - 000003596 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-419436004-3641650613-4044294934-1004
2018-08-06 13:21 - 2016-11-26 19:26 - 000000000 ____D C:\Users\popp_000\AppData\LocalLow\Mozilla
2018-08-06 13:20 - 2014-03-04 14:59 - 000000000 ___DO C:\Users\popp_000\SkyDrive
2018-08-06 13:19 - 2016-11-19 20:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-08-06 13:19 - 2016-06-04 17:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-08-06 13:19 - 2013-08-22 16:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-08-06 13:18 - 2014-01-20 08:43 - 000027136 _____ C:\windows\system32\VfService.trf
2018-08-06 13:18 - 2013-08-22 15:25 - 000524288 ___SH C:\windows\system32\config\BBI
2018-08-06 13:12 - 2015-06-19 15:42 - 000001254 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-419436004-3641650613-4044294934-1004UA.job
2018-08-06 12:12 - 2015-06-19 15:42 - 000001202 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-419436004-3641650613-4044294934-1004Core.job
2018-08-06 11:47 - 2014-02-24 22:06 - 000000000 ____D C:\Program Files (x86)\Google
2018-08-06 11:46 - 2013-08-22 17:36 - 000000000 ____D C:\windows\AppReadiness
2018-08-06 10:11 - 2016-06-04 17:45 - 000001182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-08-06 10:00 - 2014-02-26 16:35 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2018-08-06 09:57 - 2014-12-15 17:35 - 000000000 ____D C:\Program Files (x86)\Java
2018-08-06 09:41 - 2014-02-24 22:22 - 000000000 ____D C:\Users\Rolls\AppData\Roaming\Avira
2018-08-06 09:35 - 2014-01-20 08:13 - 000000000 ____D C:\ProgramData\Package Cache
2018-08-06 09:34 - 2013-08-22 17:36 - 000000000 ____D C:\windows\LiveKernelReports
2018-08-06 09:24 - 2014-04-19 16:02 - 000003938 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{54A7945E-525E-4DB2-8A31-5A7A5A8E8137}
2018-08-05 21:04 - 2013-08-22 15:36 - 000000000 ____D C:\windows\Inf
2018-08-05 18:17 - 2014-03-04 14:56 - 000000000 ____D C:\Users\popp_000\AppData\Local\Packages
2018-08-05 18:10 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-08-05 18:00 - 2014-02-24 22:06 - 000000000 ____D C:\Users\Rolls\AppData\Local\Google
2018-08-05 17:57 - 2014-02-24 22:01 - 000003596 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-419436004-3641650613-4044294934-1001
2018-08-05 17:53 - 2014-02-24 22:05 - 000003926 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{A46B4F47-A843-440D-8F40-7D4F461E4A56}
2018-08-05 17:53 - 2014-01-20 08:44 - 000000000 ____D C:\windows\System32\Tasks\Lenovo
2018-08-05 17:53 - 2014-01-20 08:43 - 000000000 ____D C:\Program Files\Lenovo
2018-08-04 19:17 - 2014-03-26 05:20 - 000000000 ____D C:\Users\Rolls\AppData\Local\Viber
2018-08-04 18:28 - 2013-08-22 17:36 - 000000000 ____D C:\windows\rescache
2018-08-04 11:30 - 2017-09-16 11:44 - 000007594 _____ C:\Users\Rolls\AppData\Local\Resmon.ResmonCfg
2018-08-03 11:05 - 2013-08-22 17:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-08-03 11:01 - 2017-05-02 11:20 - 000002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-08-03 11:01 - 2017-05-02 11:20 - 000002533 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-08-03 11:01 - 2017-05-02 11:20 - 000002512 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-08-03 11:01 - 2017-05-02 11:20 - 000002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-08-03 11:01 - 2017-05-02 11:20 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-08-03 11:01 - 2017-05-02 11:20 - 000002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-08-03 10:59 - 2014-01-20 08:34 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-08-03 10:54 - 2013-08-22 17:36 - 000000000 ____D C:\windows\tracing
2018-08-02 11:34 - 2014-03-04 15:59 - 000000000 ____D C:\Users\popp_000\AppData\Roaming\Dropbox
2018-08-01 11:33 - 2014-01-20 08:31 - 000157476 _____ C:\windows\system32\perfc00C.dat
2018-08-01 11:33 - 2014-01-20 08:31 - 000081754 _____ C:\windows\system32\perfh00C.dat
2018-08-01 11:33 - 2014-01-20 08:26 - 000761160 _____ C:\windows\system32\perfh007.dat
2018-08-01 11:33 - 2014-01-20 08:26 - 000157652 _____ C:\windows\system32\perfc007.dat
2018-08-01 11:33 - 2013-10-07 20:27 - 002015868 _____ C:\windows\system32\PerfStringBackup.INI
2018-07-31 13:59 - 2013-08-22 17:20 - 000000000 ____D C:\windows\CbsTemp
2018-07-30 17:51 - 2014-03-04 16:03 - 000000000 ___RD C:\Users\popp_000\Dropbox
2018-07-28 21:45 - 2015-02-28 09:37 - 000000000 ____D C:\ProgramData\Garmin
2018-07-28 21:45 - 2015-02-28 09:37 - 000000000 ____D C:\Program Files (x86)\Garmin
2018-07-25 17:59 - 2014-03-04 22:53 - 000000000 ____D C:\Users\popp_000\AppData\Local\CrashDumps
2018-07-24 21:31 - 2017-11-17 11:34 - 000000000 ____D C:\Users\popp_000\Desktop\LATER
2018-07-24 16:36 - 2018-05-07 11:13 - 001091675 _____ C:\Users\popp_000\Desktop\Kennedy_WoodrowWWI_2018.pdf
2018-07-22 11:57 - 2016-01-24 17:30 - 000000000 ___RD C:\Program Files (x86)\Skype
2018-07-22 11:57 - 2014-03-25 21:31 - 000000000 ____D C:\ProgramData\Skype
2018-07-22 11:55 - 2014-03-25 21:31 - 000000000 ____D C:\Users\popp_000\AppData\Roaming\Skype
2018-07-18 22:51 - 2017-07-29 11:49 - 000003178 _____ C:\windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-419436004-3641650613-4044294934-1004
2018-07-18 22:51 - 2017-05-02 11:26 - 000002377 _____ C:\Users\popp_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2018-07-15 13:23 - 2014-01-20 08:44 - 000000000 ____D C:\ProgramData\Energy Manager
2018-07-15 13:04 - 2013-08-22 16:44 - 000500816 _____ C:\windows\system32\FNTCACHE.DAT
2018-07-15 12:58 - 2015-04-18 18:10 - 000000000 ____D C:\windows\system32\appraiser
2018-07-15 12:58 - 2013-08-22 17:36 - 000000000 ___RD C:\windows\ToastData
2018-07-15 12:57 - 2013-08-22 17:36 - 000000000 ____D C:\windows\system32\NDF
2018-07-12 15:38 - 2014-03-04 15:58 - 000000000 ____D C:\windows\system32\MRT
2018-07-12 15:31 - 2014-03-04 15:58 - 134675576 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2018-07-12 09:52 - 2018-05-09 10:30 - 000685568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2018-07-10 17:05 - 2014-03-04 14:56 - 000000000 ____D C:\Users\popp_000\AppData\Local\VirtualStore
2018-07-09 16:52 - 2015-11-09 17:52 - 000000424 _____ C:\windows\Tasks\DriverEasy Scheduled Scan.job
Some files in TEMP:
====================
2018-08-05 17:38 - 2016-12-06 21:39 - 000050720 _____ (HP Inc.) C:\Users\popp_000\AppData\Local\Temp\ACLMInstaller.exe
2014-03-04 14:58 - 2014-04-13 17:45 - 000000000 ____D () C:\Users\popp_000\AppData\Local\Temp\avgnt.exe
2014-02-24 22:16 - 2014-04-13 17:45 - 000000000 ____D () C:\Users\Rolls\AppData\Local\Temp\avgnt.exe
2015-11-09 17:47 - 2015-11-09 17:47 - 064809432 _____ (SweetLabs,Inc.) C:\Users\Rolls\AppData\Local\Temp\oct5CEE.tmp.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-07-31 13:45
==================== End of FRST.txt ============================
--- --- ---
Und Addition.txt:
[CODE]Additional
FRST Logfile: Code:
scan result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by popp_000 (06-08-2018 13:43:27)
Running from C:\Users\popp_000\Downloads
Windows 8.1 (Update) (X64) (2014-02-24 19:54:36)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-419436004-3641650613-4044294934-500 - Administrator - Disabled)
Guest (S-1-5-21-419436004-3641650613-4044294934-501 - Limited - Disabled)
popp_000 (S-1-5-21-419436004-3641650613-4044294934-1004 - Administrator - Enabled) => C:\Users\popp_000
Rolls (S-1-5-21-419436004-3641650613-4044294934-1001 - Administrator - Enabled) => C:\Users\Rolls
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Apple Application Support (32-Bit) (HKLM-x32\...\{C56BA005-F02C-461B-ACA5-A0CE3E32578F}) (Version: 6.5 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C8087B7C-8496-45BE-92FB-91D31EB73969}) (Version: 6.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{64695C4A-C68F-46B5-A734-50EBF124A68E}) (Version: 11.3.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-419436004-3641650613-4044294934-1004\...\Dropbox) (Version: 54.4.90 - Dropbox, Inc.)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.32 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.32 - Lenovo)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.5.129.617 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.5.624 - Foxit Corporation)
GentiumPlus 1.510 (HKLM-x32\...\GentiumPlus) (Version: - )
GitHub (HKU\S-1-5-21-419436004-3641650613-4044294934-1004\...\5f7eb300e2ea4ebf) (Version: 1.2.11.0 - GitHub, Inc.)
Google Earth Pro (HKLM-x32\...\{BF354C72-AC4C-4A87-8D42-B089862BAE58}) (Version: 7.3.2.5491 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{77d93eea-f5c2-4db5-9c2d-25bc5a2e0ec9}) (Version: 28.0.1316.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3277 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{D6FBF816-ACB8-46CC-ACC6-C8BBA85F497D}) (Version: 4.2.40.2418 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{105fa5c4-72e1-41f2-a82c-884d8aa4b381}) (Version: 16.6.0 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{CF713F23-4866-4A5D-91CC-A5F42111C82A}) (Version: 12.7.5.9 - Apple Inc.)
jpgtopdf_setup (HKLM-x32\...\{6C1A8DBD-C0AA-4FD0-93C8-33934FD3F396}) (Version: 1.0.0.1 - jpgtopdf_setup_caudio) Hidden
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.)
Lenovo Motion Control (HKLM-x32\...\{A7B68D5F-A468-493F-AD3D-625001293E19}) (Version: 2.0.0.0807 - PointGrab) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{A7B68D5F-A468-493F-AD3D-625001293E19}) (Version: 2.0.0.0807 - PointGrab)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
MailStore Home 10.1.2.12457 (HKLM-x32\...\MailStore Home_universal1) (Version: 10.1.2.12457 - MailStore Software GmbH)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.10325.20082 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.10325.20082 - Microsoft Corporation)
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM-x32\...\{90150000-001F-0407-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-419436004-3641650613-4044294934-1004\...\OneDriveSetup.exe) (Version: 18.111.0603.0006 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 61.0.1 (x64 de) (HKLM\...\Mozilla Firefox 61.0.1 (x64 de)) (Version: 61.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 61.0.1.6759 - Mozilla)
Nuance PDF Create 7 (HKLM\...\{CD7A262C-287E-41DD-A0F7-733856252C6B}) (Version: 7.10.2364 - Nuance Communications, Inc.)
Nuance PDF Create 7 (HKLM-x32\...\{CD7A262C-287E-41DD-A0F7-733856252C6B}) (Version: 7.10.2364 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{042A6F10-F770-4886-A502-B795DCF2D3B5}) (Version: 7.10.3211 - Nuance Communications, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10325.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.10325.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.10325.20082 - Microsoft Corporation) Hidden
Proxy Searcher (HKLM-x32\...\{7EA74723-FE48-410D-A24E-949870747174}) (Version: 5.10.0000 - Proxy Searcher)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7032 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
ScanSoft PaperPort Viewer 7.0 (HKLM-x32\...\ScanSoft PaperPort Viewer 7.0) (Version: - )
Scansoft PDF Create (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version: - ) Hidden
Skype Version 8.25 (HKLM-x32\...\Skype_is1) (Version: 8.25 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.9.1 - Synaptics Incorporated)
UserGuide (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
VoiceOver Kit (HKLM\...\{703D47B8-2869-4A50-B988-BDE18772A474}) (Version: 1.43.128.3 - Apple Inc.)
vpnui.exe custom database (HKLM\...\{f0fbb653-f915-4899-a129-43562c94b062}.sdb) (Version: - )
Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Zotero Standalone 4.0.29.10 (x86 en-US) (HKLM-x32\...\Zotero Standalone 4.0.29.10 (x86 en-US)) (Version: 4.0.29.10 - Zotero)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-419436004-3641650613-4044294934-1004_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\popp_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-419436004-3641650613-4044294934-1004_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\popp_000\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-419436004-3641650613-4044294934-1004_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\popp_000\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-419436004-3641650613-4044294934-1004_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\popp_000\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-419436004-3641650613-4044294934-1004_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\popp_000\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-419436004-3641650613-4044294934-1004_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\popp_000\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-419436004-3641650613-4044294934-1004_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\popp_000\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-419436004-3641650613-4044294934-1004_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\popp_000\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-419436004-3641650613-4044294934-1004_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\popp_000\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-419436004-3641650613-4044294934-1004_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\popp_000\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-419436004-3641650613-4044294934-1004_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\popp_000\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-419436004-3641650613-4044294934-1004_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\popp_000\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-419436004-3641650613-4044294934-1004_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\popp_000\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-419436004-3641650613-4044294934-1004_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\popp_000\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\popp_000\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\popp_000\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\popp_000\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\popp_000\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\popp_000\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\popp_000\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\popp_000\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\popp_000\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\popp_000\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\popp_000\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\popp_000\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll -> No File
ContextMenuHandlers4: [FolderColorize] -> {3443FE61-F294-403D-A4A6-53E034FC9B3F} => C:\Program Files\Folder Colorizer\FolderColorShlExt.dll [2014-01-13] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2013-08-20] (Intel Corporation)
ContextMenuHandlers1_S-1-5-21-419436004-3641650613-4044294934-1004: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\popp_000\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-419436004-3641650613-4044294934-1004: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\popp_000\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-419436004-3641650613-4044294934-1004: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\popp_000\AppData\Roaming\Dropbox\bin\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02F4CE79-06CA-4303-A37C-26CA69BE3F22} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-08-01] (Microsoft Corporation)
Task: {068104A3-5675-4238-9026-045B63E0D3D3} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2015-10-27] (Easeware)
Task: {10897403-78B3-453F-8453-EAAE728CA5E1} - System32\Tasks\hpUtility.exe_{1FD8EFFC-18DD-488E-9CDF-EC604B6F653F} => C:\Program Files\HP\HP Officejet Pro 8600\Bin\utils\hpUtility.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {1E4AC7AD-ADB7-4DCA-A270-CFA07CD9A84B} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-08-01] (Microsoft Corporation)
Task: {2B08E8BB-4DE4-4513-8075-F9B3C496CFAA} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-15] (Synaptics Incorporated)
Task: {41671B78-33B2-4C59-8810-8634BD91284F} - System32\Tasks\Toolbox.exe_{7CE34131-9F3C-48E6-A2A7-95C2FD7A9928} => C:\Program Files\HP\HP Officejet Pro 8600\Bin\Toolbox.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {4628405A-5EC5-4F87-957D-EF91998BCCD7} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-419436004-3641650613-4044294934-1004Core => C:\Users\popp_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {5A3BC59F-04FF-4C84-B674-6425C0E1B186} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-07-22] (Microsoft Corporation)
Task: {5DDEF067-DF8C-400C-A61B-62987371BC65} - System32\Tasks\{4C60E858-8717-427F-A063-A9F37A05AE0C} => "c:\program files\internet explorer\iexplore.exe" hxxps://ui.skype.com/ui/0/7.39.0.102/de/go/help.faq.installer?LastError=1618
Task: {61D5C79C-9035-49A2-8EE3-17C071B74E61} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-08-01] (Microsoft Corporation)
Task: {89FEC6CB-C260-4AEA-98E6-3A843C16877A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)
Task: {908145CB-C602-4BA9-B3EE-9E2F18FF97B2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-07-22] (Microsoft Corporation)
Task: {A818AF8D-5DF5-46CD-B00B-93683AE6326F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {BF48C6F6-1196-4BFE-9C08-5941B148C9C1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-08-01] (Microsoft Corporation)
Task: {C702572B-4429-46B6-8280-73D782C1AF5E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-419436004-3641650613-4044294934-1004UA => C:\Users\popp_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {E6A819D5-CD25-4DFB-BEC9-00A7FC3B875E} - System32\Tasks\hpUtility.exe_{2ACCD369-2718-4BF0-A782-E60BACC6BC4E} => C:\Program Files\HP\HP Officejet Pro 8600\Bin\utils\hpUtility.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {F00D1283-7716-4DF5-988C-964C5DFBFBFC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)
Task: {FCB9F069-DED1-4964-A9F9-CB798A52F837} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {FE5AE8E6-FE05-4179-B7D8-9BEC959260A9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)
Task: {FE761E11-6BE7-4893-BDD0-9D35E3F6A5AB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)
Task: {FE80D603-E2B5-408F-8636-46A3C4992485} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-419436004-3641650613-4044294934-1004Core.job => C:\Users\popp_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-419436004-3641650613-4044294934-1004UA.job => C:\Users\popp_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-12-08 02:48 - 2017-12-08 02:48 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-05-15 18:58 - 2018-05-15 18:58 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-04-11 04:17 - 2017-04-11 04:17 - 000192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2013-08-02 03:31 - 2013-08-02 03:31 - 000198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-08-02 03:31 - 2013-08-02 03:31 - 000054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-08-02 03:31 - 2013-08-02 03:31 - 000034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2014-01-20 08:41 - 2012-04-25 04:43 - 000390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-01-20 08:43 - 2014-01-20 08:43 - 000068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2014-01-20 08:43 - 2014-01-20 08:43 - 000669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2018-08-02 11:33 - 2018-07-31 03:25 - 001108672 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2018-08-02 11:33 - 2018-07-31 03:25 - 002247872 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\dropbox_crashpad.dll
2018-08-02 11:33 - 2018-07-31 03:28 - 000021704 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\tornado.speedups.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:26 - 000022752 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:25 - 000135840 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\_cffi_backend.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:26 - 001881816 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:26 - 000023768 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:25 - 000111760 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\pywintypes35.dll
2018-08-02 11:33 - 2018-07-31 03:25 - 000103576 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\win32api.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:27 - 000069320 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:26 - 000080064 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\fastpath.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:25 - 000400016 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\pythoncom35.dll
2018-08-02 11:33 - 2018-07-31 03:25 - 000024728 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\win32event.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:25 - 000043680 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\win32process.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:25 - 000021656 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\mmapfile.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:25 - 000125080 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\win32file.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:25 - 000114848 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\win32security.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:28 - 000392392 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\win32com.shell.shell.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:28 - 000030432 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:25 - 000024736 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\win32clipboard.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:25 - 000175768 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\win32gui.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:25 - 000024728 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\win32pipe.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:25 - 000026264 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\win32job.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:25 - 000048800 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\win32service.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:25 - 000058016 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\win32evtlog.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:28 - 000024784 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\winshell.compiled._winshell.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:26 - 000022728 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:28 - 000026336 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:28 - 000070360 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:26 - 000025296 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\crashpad.compiled._Crashpad.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:28 - 000029904 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\winreindex.compiled._winreindex.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:27 - 003866304 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:28 - 000089272 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\sip.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:27 - 001800896 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:27 - 001960640 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:25 - 000028824 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\win32ts.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:27 - 000155856 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:27 - 000521920 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:27 - 000051400 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineCore.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:27 - 000043720 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:27 - 000131264 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:27 - 000220872 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:27 - 000205512 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:25 - 000061080 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\win32print.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:28 - 000056536 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:25 - 000024224 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\win32profile.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:28 - 000025304 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:28 - 000023776 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:28 - 000022752 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:28 - 000023768 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:26 - 000028392 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:25 - 000348312 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\winxpgui.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:27 - 000102088 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\PyQt5.QtWinExtras.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:28 - 000024800 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:26 - 000026840 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:25 - 000036496 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\librsync.dll
2018-08-02 11:33 - 2018-07-31 03:28 - 000023776 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:26 - 000181432 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2018-08-02 11:33 - 2018-07-31 03:28 - 000031952 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\wind3d11.compiled._wind3d11.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:26 - 000024752 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\libEGL.DLL
2018-08-02 11:33 - 2018-07-31 03:26 - 001638576 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2018-08-02 11:33 - 2018-07-31 03:28 - 000027352 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:27 - 000547008 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.cp35-win32.pyd
2018-08-02 11:33 - 2018-07-31 03:27 - 000360128 _____ () C:\Users\popp_000\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.cp35-win32.pyd
2014-01-20 08:11 - 2013-09-04 17:53 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-08-18 09:15 - 2018-08-01 11:55 - 001038512 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\ADDINS\UmOutlookAddin.dll
2017-08-18 09:15 - 2018-06-29 10:45 - 000164536 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\JitV.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2015-11-22 17:35 - 000000824 _____ C:\windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-419436004-3641650613-4044294934-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\popp_000\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
DNS Servers: 62.2.17.60 - 62.2.24.162
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "PDFCreHook"
HKLM\...\StartupApproved\Run32: => "PDFProHook"
HKLM\...\StartupApproved\Run32: => "PDF7 Registry Controller"
HKU\S-1-5-21-419436004-3641650613-4044294934-1004\...\StartupApproved\Run: => "World of Tanks"
HKU\S-1-5-21-419436004-3641650613-4044294934-1004\...\StartupApproved\Run: => "Skype for Desktop"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C3EC1C83-ED75-4491-B69D-9C40FAD13721}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{6FCD0814-38FE-47D2-816C-72C1415D1D9D}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{E620D2F9-0BA9-4DFE-8D6B-9C59F1F71526}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{1077B56E-1938-4248-A619-9B854EE3AFD9}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{AFFD236C-2F03-4514-9493-28D4A9C50B77}] => (Allow) C:\Users\Rolls\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [TCP Query User{F288F15D-002F-40A2-A40C-97E28F56AA80}C:\users\popp_000\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\popp_000\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{AD2DB122-CC56-424D-8E16-AA4AAECF4344}C:\users\popp_000\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\popp_000\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{3EF055D5-32DE-4CA6-BE7C-F5665694844B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{D21787BE-28FE-4C10-A07A-1CCFE3E7B79D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{FB099CB8-CA09-4117-99D4-B42CDBB28D90}] => (Allow) C:\Users\Rolls\AppData\Local\Viber\Viber.exe
FirewallRules: [{965D02E2-997F-4A1B-9984-1738A0E2A113}] => (Allow) C:\Users\popp_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CE0097F9-DC40-4522-87F1-1051989D5C39}] => (Allow) C:\Users\popp_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D889966A-1277-4A5D-9DA8-ED3C03A0E9C0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BDDE8199-B36C-41F3-AA66-04834F80B129}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3907E02F-601D-4C7F-B2FA-D854CBCE60F4}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{0B084486-00AB-497C-885E-F03C9EA3A10F}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{04F273D0-6AE9-4E96-B78C-3ACFB71DE717}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{C62B610C-F3DB-4EFA-92DC-01B1BDB6CE37}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{E8091B04-83D8-4214-92CC-9E6103FBD59F}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{33047F60-F67D-430B-B231-902153223054}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2B912316-B9F7-4E28-9106-2F194B2C3068}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8A7C5277-E975-4A7B-A51E-0F21B6A95CE6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{22D86146-2671-4E3D-92CB-8F6C06857C3F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8ACE25C7-A358-4542-9ABA-01AD445562AF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{2BAD3012-6736-4535-87B5-A0A267A5B46F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{471A0AF8-318E-4228-97DE-AEE58A161E68}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{9F29F59E-3EB9-415A-9AAA-8F8ED2C6BB02}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{58B67CA2-55C1-4E7C-A94C-E5EE6356A156}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
FirewallRules: [{482ACE75-C913-4551-9331-C71867CD1F66}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
FirewallRules: [{51BDC310-D994-4A47-8101-79384BB345A0}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
FirewallRules: [{C86843FA-327B-4DE6-90BE-74CCD769C022}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
FirewallRules: [{38384A8F-9AE9-4016-BC0A-47E96E1FDBC9}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{C1248B25-D45A-4C8E-916C-9BA0E641D10A}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
==================== Restore Points =========================
19-07-2018 16:27:24 Scheduled Checkpoint
28-07-2018 20:19:37 Scheduled Checkpoint
05-08-2018 17:15:42 Removed Free JPG to PDF Converter
06-08-2018 09:25:43 Revo Uninstaller's restore point - Avira
06-08-2018 09:34:33 Revo Uninstaller's restore point - Avira
06-08-2018 09:39:31 Revo Uninstaller's restore point - Avira Antivirus
06-08-2018 09:42:52 Revo Uninstaller's restore point - 7-Zip 9.20
06-08-2018 09:56:14 Revo Uninstaller's restore point - Java 8 Update 60
06-08-2018 09:56:49 Removed Java 8 Update 60
06-08-2018 10:00:06 Revo Uninstaller's restore point - VLC media player 2.1.3
06-08-2018 11:45:42 Revo Uninstaller's restore point - Google Chrome
06-08-2018 13:03:45 Revo Uninstaller's restore point - Free JPG to PDF Converter
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/06/2018 09:31:05 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (08/06/2018 09:25:41 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Access is denied.
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {368fae31-7e4f-43c6-85a7-d54e6cc5f63d}
Error: (08/05/2018 05:36:21 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: ROLLS_PC)
Description: Die Anwendung oder der Dienst "ScanToPCActivationApp" konnte nicht heruntergefahren werden.
Error: (08/05/2018 03:04:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15222516
Error: (08/05/2018 03:04:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15222516
Error: (08/05/2018 03:04:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/05/2018 10:43:39 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (08/04/2018 11:17:47 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (08/06/2018 01:18:15 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\windows\System32\IWMSSvc.dll
Error: (08/06/2018 01:18:15 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\windows\System32\IWMSSvc.dll
Error: (08/06/2018 01:18:12 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\windows\System32\IWMSSvc.dll
Error: (08/06/2018 01:18:12 PM) (Source: DCOM) (EventID: 10010) (User: ROLLS_PC)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (08/06/2018 01:18:12 PM) (Source: DCOM) (EventID: 10010) (User: ROLLS_PC)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (08/06/2018 01:18:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/06/2018 01:18:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Bluetooth Device Monitor" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/06/2018 01:18:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Bluetooth OBEX Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Windows Defender:
===================================
Date: 2018-08-06 13:00:58.759
Description:
Die Windows Defender-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {4A1782A7-57A3-4B5F-8C4D-989F1214D485}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: Rolls_PC\popp_000
Date: 2018-08-06 10:08:38.758
Description:
Die Windows Defender-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {593A4A19-935F-456C-8C17-7803CBB9B14F}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT AUTHORITY\SYSTEM
Date: 2018-08-06 09:54:06.162
Description:
Fehler des Windows Defender-Echtzeitschutz-Features.
Feature: Netzwerkinspektionssystem
Fehlercode: 0x80070002
Fehlerbeschreibung: The system cannot find the file specified.
Ursache: Dem System fehlen erforderliche Updates zum Ausführen des Netzwerkinspektionssystems. Installieren Sie die Updates, und starten Sie den Computer neu.
Date: 2017-05-04 16:39:21.013
Description:
Fehler von Windows Defender beim Laden von Signaturen. Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen.
Betroffene Signaturen: Aktuell
Fehlercode: 0x80073aba
Fehlerbeschreibung: The resource is too old to be compatible.
Signaturversion: 1.155.266.0;1.155.266.0
Modulversion: 1.1.9700.0
CodeIntegrity:
===================================
Date: 2018-08-06 13:19:14.671
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-08-06 10:05:32.928
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-08-05 20:56:36.953
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-08-05 18:04:32.203
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-08-05 17:49:44.141
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-08-05 17:10:27.313
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-08-03 11:42:33.517
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-08-03 11:42:31.189
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 53%
Total physical RAM: 8104.27 MB
Available physical RAM: 3789.39 MB
Total Virtual: 13480.27 MB
Available Virtual: 9203 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:283.73 GB) (Free:154.88 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:164.36 GB) (Free:98.53 GB) NTFS
\\?\Volume{544d8d37-33b0-411c-bcb9-194636f9170a}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.6 GB) NTFS
\\?\Volume{f521da69-fec1-4e43-a83f-ac8ca729b84c}\ (PBR_DRV) (Fixed) (Total:15.34 GB) (Free:5.69 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 22404104)
Partition: GPT.
==================== End of Addition.txt ============================
--- --- --- |
SecurityCheck und:
Lesestoff: