eddie_88 | 08.07.2014 07:38 | Danke, hier die Log-files:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-07-2014 01
Ran by Christian (administrator) on CHRISTIAN-PC on 08-07-2014 08:31:46
Running from C:\Users\Christian\Downloads
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Lenovo) C:\Windows\System32\ibmpmsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Lenovo) C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Lenovo) C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Lenovo) C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(National Instruments Corporation) C:\Windows\System32\nipalsm.exe
(National Instruments Corporation) C:\Windows\System32\nipalsm.exe
(Lenovo) C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Lenovo) C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\System Update\SUService.exe
(Lenovo.) C:\Windows\System32\TPHDEXLG.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [cssauth] => C:\Program Files\Lenovo\Client Security Solution\cssauth.exe [3093816 2009-03-04] (Lenovo Group Limited)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [181536 2009-02-02] (Lenovo.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [750160 2014-06-26] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [AMD AVT] => C:\Program Files\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [187984 2014-06-30] (Avira Operations GmbH & Co. KG)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [280576 2013-05-01] (Microsoft Corporation)
HKU\S-1-5-21-3407049698-559278020-2232788308-1003\...\MountPoints2: {7c1322fb-ffae-11e3-a33b-00247e6ea802} - D:\Startme.exe
Lsa: [Notification Packages] scecli ACGina
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
BHO: IePasswordManagerHelper Class - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\uh5auo9h.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: www.google.de
FF SearchEngineOrder.1: www.google.de
FF SearchEngineOrder.2: www.google.de
FF SelectedSearchEngine: www.google.de
FF Homepage: hxxp://www.tagesschau.de/
FF Keyword.URL: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\uh5auo9h.default\Extensions\abs@avira.com [2014-07-02]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-29]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff [2012-12-28]
Chrome:
=======
CHR HomePage: hxxp://www.tagesschau.de/
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Christian\AppData\Local\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Christian\AppData\Local\Google\Chrome\Application\30.0.1599.69\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Christian\AppData\Local\Google\Chrome\Application\30.0.1599.69\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.140.8) - C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U14) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll No File
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Musicnotes) - C:\Program Files\Musicnotes\npmusicn.dll No File
CHR Plugin: (ScorchPlugin) - C:\Program Files\Musicnotes\npsibelius.dll No File
CHR Plugin: (MetaStream 3 Plugin) - C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-01-14]
CHR Extension: (Google-Suche) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-01-14]
CHR Extension: (New Tab) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnpmlnedpdikbgdghljdepnljfpkhccn [2013-03-04]
CHR Extension: (AdBlock) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-09-15]
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-01-06]
CHR Extension: (Chrome In-App Payments service) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-14]
CHR Extension: (Google Mail) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-01-14]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2012-12-28]
========================== Services (Whitelisted) =================
S3 ADMonitor; C:\Windows\system32\ADMonitor.exe [106496 2008-10-26] () [File not signed]
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-06-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-26] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1039952 2014-05-27] (Avira Operations GmbH & Co. KG)
S4 ApRunSvc; C:\Program Files\Apoint2K\ApRunSvc.exe [36864 2007-07-23] ()
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [138832 2014-06-30] (Avira Operations GmbH & Co. KG)
S4 dtsvc; C:\Windows\system32\DTS.exe [98304 2008-10-26] () [File not signed]
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [864256 2009-02-11] (Intel(R) Corporation) [File not signed]
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S4 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) [File not signed]
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2005-10-14] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [204800 2009-02-11] () [File not signed]
R2 nidevldu; C:\Windows\System32\nipalsm.exe [5730 2003-11-14] (National Instruments Corporation) [File not signed]
S4 NILM License manager; C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe [609280 2004-02-25] (Macrovision Corporation) [File not signed]
R2 nipxirmu; C:\Windows\System32\nipalsm.exe [5730 2003-11-14] (National Instruments Corporation) [File not signed]
S4 niSvcLoc; C:\Windows\system32\niSvcLoc.exe [49152 2003-04-30] (National Instruments) [File not signed]
S4 OpcEnum; C:\Windows\system32\OpcEnum.exe [60416 1998-10-02] () [File not signed]
S2 OpenSSHd; C:\Program Files\OpenSSH\bin\cygrunsrv.exe [36864 2004-04-18] () [File not signed]
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2009-02-11] (Intel(R) Corporation) [File not signed]
S4 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R2 SUService; C:\Program Files\Lenovo\System Update\SUService.exe [15872 2009-09-24] (Lenovo Group Limited) [File not signed]
R2 TSSCoreService; C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe [779576 2009-03-04] (Lenovo)
S4 TVT Backup Protection Service; C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe [520192 2008-05-24] () [File not signed]
S2 TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [950272 2008-05-24] (Lenovo Group Limited) [File not signed]
S2 TVT Scheduler; c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [1155072 2008-05-24] (Lenovo Group Limited) [File not signed]
S4 TVT_UpdateMonitor; C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe [360448 2008-10-09] (Lenovo Group Limited) [File not signed]
R2 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [558480 2013-10-10] (Cisco Systems, Inc.)
S2 vToolbarUpdater17.0.12; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [X]
==================== Drivers (Whitelisted) ====================
S3 acsock; C:\Windows\System32\DRIVERS\acsock.sys [92528 2013-10-10] (Cisco Systems, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-06-26] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-10-13] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-09-30] (Avira Operations GmbH & Co. KG)
R2 cvintdrv; C:\Windows\system32\Drivers\cvintdrv.sys [7140 2003-07-29] () [File not signed]
S3 FTD2XX; C:\Windows\System32\Drivers\FTD2XX.sys [19458 2001-10-02] (FTDI Ltd.) [File not signed]
S3 gpibclsb; C:\Windows\System32\Drivers\gpibclsb.sys [56904 2002-07-17] () [File not signed]
S3 gpibclsd; C:\Windows\System32\Drivers\gpibclsd.sys [34664 2002-07-17] () [File not signed]
R2 lvalarmk; C:\Windows\System32\drivers\lvalarmk.dll [10829 2004-04-01] (National Instruments) [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-07-08] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R2 niarbk; C:\Windows\System32\drivers\niarbk.dll [37376 2004-04-08] (National Instruments Corporation) [File not signed]
R2 nibffrk; C:\Windows\System32\drivers\nibffrk.dll [21504 2004-04-08] (National Instruments Corporation) [File not signed]
R3 nicdrk; C:\Windows\System32\drivers\nicdrk.dll [128112 2004-03-30] (National Instruments Corporation) [File not signed]
R2 Nidaq32k; C:\Windows\system32\Drivers\Nidaq32k.sys [674304 2004-04-08] (National Instruments Corporation) [File not signed]
R2 nidimk; C:\Windows\System32\drivers\nidimk.dll [108124 2004-03-26] (National Instruments Corporation) [File not signed]
R2 nidmmk; C:\Windows\System32\drivers\nidmmk.dll [50688 2004-04-08] (National Instruments Corporation) [File not signed]
R2 nidmxfk; C:\Windows\System32\drivers\nidmxfk.dll [128117 2004-03-30] (National Instruments Corporation) [File not signed]
S3 nidsark; C:\Windows\System32\drivers\nidsark.dll [636522 2004-03-30] (National Instruments Corporation) [File not signed]
S3 niesrk; C:\Windows\System32\drivers\niesrk.dll [508523 2004-04-05] (National Instruments Corporation) [File not signed]
R2 nilvaik; C:\Windows\System32\drivers\nilvaik.dll [18037 2004-04-01] (National Instruments Corporation) [File not signed]
R3 nimdbgk; C:\Windows\System32\drivers\nimdbgk.dll [133227 2004-03-26] (National Instruments Corporation) [File not signed]
R2 nimdsk; C:\Windows\System32\drivers\nimdsk.dll [30208 2004-04-08] (National Instruments Corporation) [File not signed]
R3 nimru2k; C:\Windows\System32\drivers\nimru2k.dll [130141 2004-03-26] (National Instruments Corporation) [File not signed]
S3 nimsdrk; C:\Windows\System32\drivers\nimsdrk.dll [73346 2004-04-05] (National Instruments Corporation) [File not signed]
S3 nimslk; C:\Windows\System32\drivers\nimslk.dll [14464 2004-04-05] (National Instruments Corporation) [File not signed]
S3 nimsrlk; C:\Windows\System32\drivers\nimsrlk.dll [151683 2004-04-05] (National Instruments Corporation) [File not signed]
R3 nimstsk; C:\Windows\System32\drivers\nimstsk.dll [44149 2004-04-05] (National Instruments Corporation) [File not signed]
R3 nimxdfk; C:\Windows\System32\drivers\nimxdfk.dll [172639 2004-03-26] (National Instruments Corporation) [File not signed]
R2 nimxpk; C:\Windows\System32\drivers\nimxpk.dll [19570 2004-03-29] (National Instruments Corporation) [File not signed]
R3 niorbk; C:\Windows\System32\drivers\niorbk.dll [35420 2004-03-31] (National Instruments Corporation) [File not signed]
R0 NIPALK; C:\Windows\system32\Drivers\NIPALK.sys [373853 2004-03-26] (National Instruments Corporation) [File not signed]
R2 nipxirmk; C:\Windows\System32\drivers\nipxirmk.dll [41071 2004-03-15] (National Instruments Corporation) [File not signed]
R3 niscdk; C:\Windows\System32\drivers\niscdk.dll [385642 2004-03-30] (National Instruments Corporation) [File not signed]
S3 nisdigk; C:\Windows\System32\drivers\nisdigk.dll [203893 2004-04-04] (National Instruments Corporation) [File not signed]
S3 nispdk; C:\Windows\System32\drivers\nispdk.dll [67178 2004-03-30] () [File not signed]
S3 nissrk; C:\Windows\System32\drivers\nissrk.dll [393323 2004-04-05] (National Instruments Corporation) [File not signed]
S3 nistc2k; C:\Windows\System32\drivers\nistc2k.dll [121461 2004-03-30] (National Instruments Corporation) [File not signed]
R2 nistck; C:\Windows\System32\drivers\nistck.dll [111616 2004-04-08] (National Instruments Corporation) [File not signed]
S3 nistcrk; C:\Windows\System32\drivers\nistcrk.dll [81529 2004-04-04] (National Instruments Corporation) [File not signed]
R2 niswdk; C:\Windows\System32\drivers\niswdk.dll [341101 2004-03-31] (National Instruments Corporation) [File not signed]
S3 nitiork; C:\Windows\System32\drivers\nitiork.dll [1193593 2004-04-05] (National Instruments Corporation) [File not signed]
S3 NiViPxiK; C:\Windows\system32\Drivers\NiViPxiK.sys [24064 2004-03-30] (National Instruments) [File not signed]
S3 niwfrk; C:\Windows\System32\drivers\niwfrk.dll [285803 2004-04-05] (National Instruments Corporation) [File not signed]
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1754368 2008-11-25] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-09-30] (Avira GmbH)
R2 tvtfilter; C:\Windows\System32\DRIVERS\tvtfilter.sys [33536 2009-08-04] (Lenovo) [File not signed]
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva-6.sys [43376 2013-10-10] (Cisco Systems, Inc.)
S2 eamonm; system32\DRIVERS\eamonm.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 PCDSRVC{C4B36920-79E24793-06000000}_0; \??\c:\progra~1\pc-doc~1\pcdsrvc.pkms [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-08 08:31 - 2014-07-08 08:33 - 00025135 _____ () C:\Users\Christian\Downloads\FRST.txt
2014-07-08 08:31 - 2014-07-08 08:31 - 01074688 _____ (Farbar) C:\Users\Christian\Downloads\FRST.exe
2014-07-08 08:31 - 2014-07-08 08:31 - 00000000 ____D () C:\FRST
2014-07-07 22:04 - 2014-07-07 22:04 - 00001381 _____ () C:\Users\Christian\Desktop\pup.txt
2014-07-04 09:15 - 2014-07-04 09:15 - 00067868 _____ () C:\Users\Public\Documents\AccConnAdvanced.dat
2014-07-04 09:15 - 2014-07-04 09:15 - 00061950 _____ () C:\Users\Public\Documents\ACGinaWinlogon.dat
2014-07-03 13:08 - 2014-07-03 13:08 - 00001168 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-03 13:08 - 2014-07-03 13:08 - 00001156 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-03 13:08 - 2014-07-03 13:08 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-07-02 23:07 - 2014-07-02 23:07 - 00001146 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-07-02 23:07 - 2014-07-02 23:07 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-02 23:03 - 2014-07-02 23:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-07-02 22:37 - 2014-07-02 22:37 - 00000000 __SHD () C:\Users\Christian\AppData\Local\EmieUserList
2014-07-02 22:37 - 2014-07-02 22:37 - 00000000 __SHD () C:\Users\Christian\AppData\Local\EmieSiteList
2014-07-02 22:08 - 2014-07-08 08:26 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-02 22:06 - 2014-07-02 22:06 - 00001111 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-02 22:06 - 2014-07-02 22:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-02 22:06 - 2014-07-02 22:06 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-07-02 22:06 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-02 22:06 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-02 18:20 - 2014-07-02 18:20 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-07-02 18:19 - 2014-07-02 22:37 - 00000000 ____D () C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2014-07-02 18:19 - 2014-07-02 18:19 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-07-02 17:47 - 2014-07-02 17:47 - 00000000 ____D () C:\Program Files\003
2014-07-02 17:46 - 2014-07-06 23:51 - 00000000 ____D () C:\Program Files\globalUpdate
2014-07-02 17:46 - 2014-07-02 17:46 - 00000000 ____D () C:\Users\Christian\AppData\Local\globalUpdate
2014-06-29 19:32 - 2014-06-29 19:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggsemc_01009.Wdf
2014-06-29 19:32 - 2014-06-29 19:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggflt_01009.Wdf
2014-06-29 19:21 - 2014-06-29 19:21 - 01461992 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2014-06-29 19:21 - 2014-06-29 19:21 - 00025200 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggsemc.sys
2014-06-29 19:21 - 2014-06-29 19:21 - 00012400 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggflt.sys
2014-06-29 19:20 - 2014-06-29 19:20 - 00000000 ____D () C:\ProgramData\Sony Mobile
2014-06-29 19:20 - 2014-06-29 19:20 - 00000000 ____D () C:\Program Files\Sony Mobile
2014-06-29 19:18 - 2014-06-29 19:18 - 00000000 ____D () C:\ProgramData\Sony
2014-06-29 19:18 - 2014-06-29 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-06-29 19:18 - 2014-06-29 19:18 - 00000000 ____D () C:\Program Files\Sony
2014-06-23 11:04 - 2014-06-23 11:05 - 00000000 ____D () C:\Users\Christian\Desktop\Numerics
2014-06-20 10:49 - 2014-06-20 10:50 - 00006517 _____ () C:\Users\Christian\prozessliste.txt
2014-06-18 10:52 - 2014-07-03 13:08 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-16 12:14 - 2014-06-16 12:14 - 00000000 ____D () C:\Users\Christian\AppData\Local\Adobe
2014-06-11 10:57 - 2014-06-08 10:48 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 10:57 - 2014-06-08 10:43 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-11 10:57 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 10:57 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 10:57 - 2014-05-30 11:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 10:57 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 10:57 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 10:57 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 10:57 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 10:57 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 10:57 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 10:57 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 10:57 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 10:57 - 2014-05-30 10:28 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 10:57 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 10:57 - 2014-05-30 10:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 10:57 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 10:57 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 10:57 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 10:57 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 10:57 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 10:57 - 2014-05-30 09:57 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 10:57 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 10:57 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 10:57 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 10:57 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 10:57 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 10:57 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 10:57 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 10:57 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 10:57 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 10:57 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 10:57 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 10:57 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 10:57 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 10:57 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 10:57 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
==================== One Month Modified Files and Folders =======
2014-07-08 08:33 - 2014-07-08 08:31 - 00025135 _____ () C:\Users\Christian\Downloads\FRST.txt
2014-07-08 08:31 - 2014-07-08 08:31 - 01074688 _____ (Farbar) C:\Users\Christian\Downloads\FRST.exe
2014-07-08 08:31 - 2014-07-08 08:31 - 00000000 ____D () C:\FRST
2014-07-08 08:27 - 2010-03-20 14:26 - 01394379 _____ () C:\Windows\WindowsUpdate.log
2014-07-08 08:26 - 2014-07-02 22:08 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-08 08:24 - 2010-03-20 13:47 - 00000000 ____D () C:\Users\Christian
2014-07-08 08:21 - 2009-11-02 23:10 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-08 08:21 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-08 08:21 - 2009-07-14 06:39 - 14624261 _____ () C:\Windows\setupact.log
2014-07-08 00:04 - 2009-11-02 23:10 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-08 00:03 - 2013-10-14 22:12 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-07 23:48 - 2009-09-28 00:22 - 00000262 _____ () C:\Windows\Tasks\Auf Updates für Windows Live Toolbar prüfen.job
2014-07-07 22:45 - 2009-08-04 20:03 - 02018752 _____ () C:\Windows\system32\TPAPSLOG.LOG
2014-07-07 22:04 - 2014-07-07 22:04 - 00001381 _____ () C:\Users\Christian\Desktop\pup.txt
2014-07-07 20:47 - 2010-03-20 13:46 - 00022640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-07 20:47 - 2010-03-20 13:46 - 00022640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-06 23:51 - 2014-07-02 17:46 - 00000000 ____D () C:\Program Files\globalUpdate
2014-07-06 14:53 - 2010-03-20 14:11 - 00396938 _____ () C:\Windows\PFRO.log
2014-07-04 09:15 - 2014-07-04 09:15 - 00067868 _____ () C:\Users\Public\Documents\AccConnAdvanced.dat
2014-07-04 09:15 - 2014-07-04 09:15 - 00061950 _____ () C:\Users\Public\Documents\ACGinaWinlogon.dat
2014-07-04 09:15 - 2014-04-10 21:05 - 00005344 _____ () C:\Users\Public\Documents\AcIpConfig.dat
2014-07-04 09:15 - 2009-12-12 19:48 - 00067941 _____ () C:\Users\Public\Documents\AcSvc.dmp
2014-07-03 13:08 - 2014-07-03 13:08 - 00001168 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-03 13:08 - 2014-07-03 13:08 - 00001156 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-03 13:08 - 2014-07-03 13:08 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-07-03 13:08 - 2014-06-18 10:52 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-02 23:07 - 2014-07-02 23:07 - 00001146 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-07-02 23:07 - 2014-07-02 23:07 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-02 23:07 - 2014-07-02 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-07-02 23:07 - 2013-10-15 15:43 - 00000000 ____D () C:\Program Files\Avira
2014-07-02 23:07 - 2012-12-23 18:30 - 00000000 ____D () C:\ProgramData\Avira
2014-07-02 22:37 - 2014-07-02 22:37 - 00000000 __SHD () C:\Users\Christian\AppData\Local\EmieUserList
2014-07-02 22:37 - 2014-07-02 22:37 - 00000000 __SHD () C:\Users\Christian\AppData\Local\EmieSiteList
2014-07-02 22:37 - 2014-07-02 18:19 - 00000000 ____D () C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2014-07-02 22:06 - 2014-07-02 22:06 - 00001111 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-02 22:06 - 2014-07-02 22:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-02 22:06 - 2014-07-02 22:06 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-07-02 22:06 - 2013-06-30 19:05 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Malwarebytes
2014-07-02 22:06 - 2013-06-30 19:05 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-02 22:06 - 2013-06-30 19:05 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-07-02 18:20 - 2014-07-02 18:20 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-07-02 18:19 - 2014-07-02 18:19 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-07-02 17:48 - 2014-05-14 15:49 - 00002339 _____ () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-07-02 17:48 - 2010-03-20 14:38 - 00001684 _____ () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-02 17:47 - 2014-07-02 17:47 - 00000000 ____D () C:\Program Files\003
2014-07-02 17:46 - 2014-07-02 17:46 - 00000000 ____D () C:\Users\Christian\AppData\Local\globalUpdate
2014-07-01 14:55 - 2011-05-02 21:28 - 00000000 ___RD () C:\Users\Christian\Dropbox
2014-07-01 12:57 - 2011-05-02 21:26 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Dropbox
2014-07-01 12:56 - 2014-01-25 17:38 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\DropboxMaster
2014-06-30 00:14 - 2009-08-04 19:47 - 00350054 _____ () C:\Windows\DPINST.LOG
2014-06-29 19:32 - 2014-06-29 19:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggsemc_01009.Wdf
2014-06-29 19:32 - 2014-06-29 19:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggflt_01009.Wdf
2014-06-29 19:21 - 2014-06-29 19:21 - 01461992 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2014-06-29 19:21 - 2014-06-29 19:21 - 00025200 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggsemc.sys
2014-06-29 19:21 - 2014-06-29 19:21 - 00012400 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggflt.sys
2014-06-29 19:20 - 2014-06-29 19:20 - 00000000 ____D () C:\ProgramData\Sony Mobile
2014-06-29 19:20 - 2014-06-29 19:20 - 00000000 ____D () C:\Program Files\Sony Mobile
2014-06-29 19:18 - 2014-06-29 19:18 - 00000000 ____D () C:\ProgramData\Sony
2014-06-29 19:18 - 2014-06-29 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-06-29 19:18 - 2014-06-29 19:18 - 00000000 ____D () C:\Program Files\Sony
2014-06-29 19:18 - 2009-08-04 19:55 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-06-26 12:19 - 2013-10-15 15:43 - 00097648 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-06-25 12:26 - 2010-03-20 14:36 - 01808244 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-23 11:05 - 2014-06-23 11:04 - 00000000 ____D () C:\Users\Christian\Desktop\Numerics
2014-06-22 20:53 - 2009-07-14 06:53 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-21 13:02 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-06-20 10:50 - 2014-06-20 10:49 - 00006517 _____ () C:\Users\Christian\prozessliste.txt
2014-06-20 10:37 - 2010-12-08 00:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II
2014-06-20 10:37 - 2010-12-07 23:51 - 00000000 ____D () C:\Program Files\Diablo II
2014-06-20 10:36 - 2014-01-09 23:14 - 00000000 ____D () C:\Users\Christian\Documents\UNICONSULT
2014-06-16 12:14 - 2014-06-16 12:14 - 00000000 ____D () C:\Users\Christian\AppData\Local\Adobe
2014-06-16 12:13 - 2009-09-28 11:07 - 00000395 _____ () C:\Users\Public\Documents\BluetoothLog.html
2014-06-15 23:00 - 2013-03-11 20:35 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-06-15 23:00 - 2013-03-11 20:35 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-06-12 18:21 - 2014-05-07 08:08 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-11 23:46 - 2013-08-31 15:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-11 23:43 - 2010-09-25 15:36 - 92708840 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 14:12 - 2010-11-12 19:38 - 00000000 ____D () C:\Users\Christian\Documents\MATLAB
2014-06-08 10:48 - 2014-06-11 10:57 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 10:43 - 2014-06-11 10:57 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
Some content of TEMP:
====================
C:\Users\Christian\AppData\Local\Temp\AMDCleanupUtility.exe
C:\Users\Christian\AppData\Local\Temp\avgnt.exe
C:\Users\Christian\AppData\Local\Temp\BackupSetup.exe
C:\Users\Christian\AppData\Local\Temp\Cleanup.dll
C:\Users\Christian\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphfa9hs.dll
C:\Users\Christian\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Christian\AppData\Local\Temp\msvcm80.dll
C:\Users\Christian\AppData\Local\Temp\msvcp80.dll
C:\Users\Christian\AppData\Local\Temp\msvcr80.dll
C:\Users\Christian\AppData\Local\Temp\Quarantine.exe
C:\Users\Christian\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Christian\AppData\Local\Temp\SHSetup.exe
C:\Users\Christian\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\Christian\AppData\Local\Temp\tmp5DD9.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-28 22:12
==================== End Of Log ============================ --- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version:05-07-2014 01
Ran by Christian at 2014-07-08 08:33:36
Running from C:\Users\Christian\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 1 (SP1) (Version: - Microsoft) Hidden
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Access Help (HKLM\...\{C6FA39A7-26B1-480A-BC74-6D17531AC222}) (Version: 2.00 - )
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Advanced Fix 2013 version 2.1.3.80 (HKLM\...\{0094D07C-1FFB-4450-8D10-AD7E05A318DF}_is1) (Version: 2.1.3.80 - Advanced Fix, Inc.)
AMD Accelerated Video Transcoding (Version: 12.5.100.20704 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.937.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{EAB74CB6-760C-2136-FC77-9549721FB84A}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD Media Foundation Decoders (Version: 1.0.70704.0230 - Advanced Micro Devices, Inc.) Hidden
Asheron's Call 2 (HKLM\...\{EDBFD0BC-3717-4E63-84F0-B7D35AA2C2ED}) (Version: 1.0.0 - Turbine, Inc.)
Avira (HKLM\...\{89ef9b48-b56b-48d8-b5c1-4eb9a5ca50cb}) (Version: 1.1.16.30000 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.16.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.5.450 - Avira)
BurnAware Free 3.1.1 (HKLM\...\BurnAware Free_is1) (Version: - Burnaware Technologies)
Business Contact Manager für Outlook 2007 SP1 (HKLM\...\Business Contact Manager) (Version: 3.0.7311.0 - Microsoft Corporation)
Business Contact Manager für Outlook 2007 SP1 (Version: 3.0.7311.0 - Microsoft Corporation) Hidden
Camera Center (HKLM\...\{668ACF05-E455-4932-A2D2-5822A8206FEB}) (Version: 1.0.30 - Lenovo)
Canon iP4900 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4900_series) (Version: - )
Canon MP Navigator EX 2.0 (HKLM\...\MP Navigator EX 2.0) (Version: - )
Canon MP630 series Benutzerregistrierung (HKLM\...\Canon MP630 series Benutzerregistrierung) (Version: - )
Canon MP630 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP630_series) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2008.0623.2346.40662 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2012.0704.122.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CD-LabelPrint (HKLM\...\MediaNavigation.CDLabelPrint) (Version: - )
Cisco AnyConnect Secure Mobility Client (HKLM\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04072 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (Version: 3.1.04072 - Cisco Systems, Inc.) Hidden
Client Security - Password Manager (HKLM\...\{44E9D4C2-946C-4378-9354-558803C47A68}) (Version: 8.21.0006.00 - Lenovo Group Limited)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Free YouTube to MP3 Converter version 3.12.34.430 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.34.430 - DVDVideoSoft Ltd.)
FTDI FTD2XX USB Drivers (HKLM\...\FTD2XX) (Version: - )
GIMP 2.8.0 (HKLM\...\GIMP-2_is1) (Version: 2.8.0 - The GIMP Team)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Inkjet Printer/Scanner Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: - )
Integrated Camera (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.49003.0 - Sonix)
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) Management Engine Interface (HKLM\...\HECI) (Version: - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{09A84D86-C709-4825-9548-ACF4838D478D}) (Version: 12.03.2000 - Intel(R) Corporation)
InterActual Player (HKLM\...\InterActual Player) (Version: - )
InterVideo Register Manager (Version: 1.0.4.0 - InterVideo Inc.) Hidden
InterVideo WinDVD (HKLM\...\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}) (Version: 5.0-B11.1294 - InterVideo Inc.)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: - )
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 55 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170550}) (Version: 1.7.0.550 - Oracle)
Java SE Development Kit 8 Update 5 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
Lenovo Fingerprint Software (HKLM\...\{3D8994A3-02A8-45B5-B955-53E608BC69ED}) (Version: 3.2.0.275 - AuthenTec, Inc.)
Lenovo Registration (HKLM\...\Lenovo Registration) (Version: - Lenovo - Leader Technologies)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.01 - )
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5387.14 - PC-Doctor, Inc.)
Lenovo Welcome (HKLM\...\Lenovo Welcome_is1) (Version: 1.0.109.0 - Lenovo)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Matlab OPeNDAP loaddap 3.6.2 (HKLM\...\Matlab OPeNDAP loaddap_is1) (Version: - OPeNDAP)
MATLAB R2008b (HKLM\...\MatlabR2008b) (Version: 7.7 - The MathWorks, Inc.)
Message Center Plus (HKLM\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2003 Web Components (HKLM\...\{90A40407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8003.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office XP Professional mit FrontPage (HKLM\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.2.3042.00 - Microsoft Corporation) Hidden
Microsoft SQL Server Native Client (HKLM\...\{1D1D8ADC-BF08-4E61-9393-5FA305B16864}) (Version: 9.00.3042.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{5C759B74-34F4-43C6-A5D9-039CB754C5E9}) (Version: 9.00.3042.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Broadband Connect (HKLM\...\{97BBF90F-A852-4AA0-872B-42D13AA22D94}) (Version: 3.4.0061 - Lenovo)
Mozilla Firefox 30.0 (x86 de) (HKLM\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyProxyLogon-ESG (HKCU\...\MyProxyLogon-ESG) (Version: - NCSA (Modified by ANL for ESG))
National Instruments Software (HKLM\...\NI Uninstaller) (Version: - )
NI Assistant Framework (Version: 2.0.03025 - National Instruments) Hidden
NI Assistant Framework LabVIEW Code Generator 61 (Version: 2.0.03025 - National Instruments) Hidden
NI Assistant Framework LabVIEW Code Generator 70 (Version: 2.0.03025 - National Instruments) Hidden
NI Assistant Framework LabVIEW Code Generator 71 (Version: 2.0.03025 - National Instruments) Hidden
NI Calibration Provider for MAX (Version: 1.1.03021 - National Instruments) Hidden
NI Common Digital 1.2.0 (Version: 1.20.49152 - <no manufacturer>) Hidden
NI DAQ Assistant 1.2.0 (Version: 1.20.49153 - National Instruments) Hidden
NI DDSP (Version: 7.0.0 - National Instruments) Hidden
NI Distribution Information - FDS English (Version: 7.1.147 - National Instruments) Hidden
NI DPPH (Version: 7.0.0 - National Instruments) Hidden
NI Example Finder 2.0 (Version: 7.1.148 - National Instruments) Hidden
NI GPIB Provider for MAX (Version: 2.1.1.1 - National Instruments) Hidden
NI Instrument IO Assistant for LabVIEW 7.1 (Version: 1.0.23004 - National Instruments) Hidden
NI Instrument-IO-Assistent (Version: 1.0.23004 - National Instruments) Hidden
NI LabVIEW 7.1 (Version: 7.1.160 - National Instruments) Hidden
NI LabVIEW 7.1 Core Essentials (Version: 7.1.156 - National Instruments) Hidden
NI LabVIEW Advanced Analysis 7.1 (Version: 7.1.156 - National Instruments) Hidden
NI LabVIEW Full 7.1 (Version: 7.1.153 - National Instruments) Hidden
NI LabVIEW Picture Control and CIN Tools 7.1 (Version: 7.1.147 - National Instruments) Hidden
NI LabVIEW Run-Time Engine 7.0 (Version: 7.0.1 - National Instruments) Hidden
NI LabVIEW Run-Time Engine 7.1 (Version: 7.1.157 - National Instruments) Hidden
NI LabVIEW Service Locator 1.0 (Version: 1.0.0 - National Instruments) Hidden
NI LabWindows/CVI 7.0 Code Generator (Version: 7.1.00194 - National Instruments) Hidden
NI LVBroker (Version: 6.1.03001 - National Instruments) Hidden
NI LVBrokerAux1071 (Version: 1.0.115 - National Instruments) Hidden
NI LVBrokerAux70 (Version: 1.0.03014 - National Instruments) Hidden
NI LVBrokerAux71 (Version: 1.0.112 - National Instruments) Hidden
NI Measurement & Automation Explorer 3.1 (Version: 3.1.03021 - National Instruments) Hidden
NI Measurement Studio Recipe Processor (Version: 7.0.10239 - National Instruments) Hidden
NI Measurements eXtensions for PAL 1.2.0 (Version: 1.20.49152 - National Instruments) Hidden
NI MIO Device Drivers 1.2.0 (Version: 1.20.49157 - National Instruments) Hidden
NI PXI Provider 1.3.0f1 for MAX (Version: 1.48.769 - National Instruments) Hidden
NI PXI Resource Manager 1.2.0 (Version: 1.20.49152 - National Instruments) Hidden
NI Remote Provider for MAX (Version: 3.1.03021 - National Instruments) Hidden
NI Remote PXI Provider for MAX (Version: 1.1.03021 - National Instruments) Hidden
NI SCXI 1.2.0 (Version: 1.20.49152 - National Instruments) Hidden
NI Software Provider for MAX (Version: 3.1.03021 - National Instruments) Hidden
NI Spy 2.1.0f0 (Version: 2.16.768 - National Instruments) Hidden
NI STC 1.2.0 (Version: 1.20.49152 - National Instruments) Hidden
NI Timing 1.2.0 (Version: 1.20.49155 - <no manufacturer>) Hidden
NI Uninstaller (Version: 1.20.9 - National Instruments) Hidden
NI-488.2 1.74 (Version: 1.74.0.0 - National Insturments) Hidden
NI-DAQ 7.0 Document Set 1.0.1 (Version: 1.03.49154 - National Instruments) Hidden
NI-DAQ 7.2, Traditional (Version: 7.20.3001 - National Instruments) Hidden
NI-DAQ C API 7.2 (Version: 1.20.49152 - National Instruments) Hidden
NI-DAQ INF Files 7.2.0 (Version: 17.20.3000 - National Instruments) Hidden
NI-DAQ Provider for MAX (Version: 7.20.3001 - National Instruments) Hidden
NI-DAQmx 7.2 (Version: 1.20.49154 - National Instruments) Hidden
NI-DAQmx Documentation 1.1.1 (Version: 1.11.49156 - National Instruments) Hidden
NI-DAQmx DSA Support 1.2.0 (Version: 1.20.49153 - National Instruments) Hidden
NI-DAQmx Expert Framework 1.2.0 (Version: 1.20.49153 - National Instruments) Hidden
NI-DAQmx MAX Support 1.2.0 (Version: 1.20.49155 - National Instruments) Hidden
NI-DAQmx support for LabVIEW (Version: 1.20.49154 - National Instruments) Hidden
NI-DAQmx Switch Core 1.2.0 (Version: 1.20.49153 - National Instruments) Hidden
NI-DIM 1.1.0f0 (Version: 1.10.49152 - National Instruments) Hidden
NI-MDBG 1.1.0f0 (Version: 1.10.49152 - National Instruments) Hidden
NI-MRU 2.2.0f0 (Version: 2.20.49152 - National Instruments) Hidden
NI-MXDF 1.2.0f0 (Version: 1.20.49152 - National Instruments) Hidden
NI-ORB 1.1.0f1 (Version: 1.10.49153 - National Instruments) Hidden
NI-PAL 1.8.0f0 (Version: 9.90.3000 - National Instruments) Hidden
NI-RPC 3.1.1f0 (Version: 3.11.49152 - National Instruments) Hidden
NI-RPC 3.1.1f0 for PharLap (Version: 3.11.49152 - National Instruments) Hidden
NI-VISA 3.1 (Version: 3.16.774 - National Instruments) Hidden
NI-VISA Provider 3.1 for MAX (Version: 3.16.775 - National Instruments) Hidden
NI-VISA Runtime 3.1 (Version: 3.16.774 - National Instruments) Hidden
NI-VISA Server 3.1 (Version: 3.16.774 - National Instruments) Hidden
NI-VXI Support for LabVIEW 1.2.1f0 (Version: 1.33.768 - National Instruments) Hidden
OpenSSH for Windows (remove only) (HKLM\...\OpenSSH) (Version: - Michael Johnson)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.0.2 - Frank Heindörfer, Philip Chinery)
Product Recovery Disc Burning Utility (HKLM\...\{FA62B4C2-6CFD-462F-9B59-68A730001AB3}) (Version: 1.20.0039.00 - Lenovo Group Limited)
R for Windows 3.0.0 (HKLM\...\R for Windows 3.0.0_is1) (Version: 3.0.0 - R Core Team)
ReaConverter 6.5 Standard (HKLM\...\ReaConverter 6.5 Standard_is1) (Version: - ReaSoft)
Registry patch of Changing Timing of IDLE IRP by Finger Print Driver for Windows Vista (HKLM\...\FPIRPOn) (Version: 1.01 - )
Registry Patch of Enabling Device Initiated Power Management(DIPM) on SATA for Windows Vista (HKLM\...\Dipmon) (Version: 1.01 - )
Registry patch to improve USB device detection on resume from sleep for Windows Vista (HKLM\...\{4AB5764A-3894-49A2-BAA8-C4665F74CD4C}) (Version: 1.01.0000 - Lenovo Group Limited)
Rescue and Recovery (HKLM\...\{7E4C16B8-8F76-4940-8505-98E93C00BF19}) (Version: 4.21.0014.00 - Lenovo Group Limited)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.54.02 - )
RICOH R5U230 Media Driver ver.2.02.02.01 (HKLM\...\{022CBB38-CEF0-42BA-906A-A49BEFAE0BEE}) (Version: 2.02.02.01 - RICOH)
Roxio Activation Module (Version: 1.0 - Roxio) Hidden
Roxio Central Audio (Version: 3.7.0 - Roxio) Hidden
Roxio Central Copy (Version: 3.7.0 - Roxio) Hidden
Roxio Central Core (Version: 3.7.0 - Roxio) Hidden
Roxio Central Data (Version: 3.7.0 - Roxio) Hidden
Roxio Central Tools (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Business Edition (HKLM\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.1 - Roxio)
Roxio Creator Business Edition (Version: 10.1.177 - Roxio) Hidden
Roxio Express Labeler 3 (Version: 3.2.1 - Roxio) Hidden
Samsung PC Studio (Version: 3.0.0.60203 - Samsung Electronics Co., Ltd.) Hidden
Skype™ 4.1 (HKLM\...\{D103C4BA-F905-437A-8049-DB24763BBE36}) (Version: 4.1.179 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions) Hidden
Sonic Icons for Lenovo (HKLM\...\{B334D9AE-1393-423E-97C0-3BDC3360E692}) (Version: 2.0.0 - Lenovo)
Sony Mobile Update Engine (HKLM\...\Update Engine) (Version: 2.14.8.201405281228 - Sony Mobile Communications AB)
Sony PC Companion 2.10.211 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.211 - Sony)
System Update (HKLM\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.00.0009 - Lenovo)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{D239B547-8B20-4BDE-888D-C9CCA823FFD8}) (Version: 6.2.0.7900 - Lenovo)
ThinkPad Energie-Manager (HKLM\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 2.50 - )
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.06 - )
ThinkPad Mobility Center Customization (HKLM\...\{90FABD40-E741-446F-839D-CEAE905D63BE}) (Version: 1.50.0000 - Lenovo)
ThinkPad Modem Adapter (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.73.00 - Conexant Systems)
ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.53 - )
ThinkPad UltraNav Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.2.1616.102 - )
ThinkPad-Dienstprogramm 'EasyEject' (HKLM\...\{1297C681-92D7-40EF-93BF-03F66EC5105C}) (Version: 2.38 - )
ThinkVantage Access Connections (HKLM\...\{4BD295B9-0190-4C54-B08E-33A6ECA922DF}) (Version: 5.32 - Lenovo)
ThinkVantage Productivity Center (HKLM\...\{CF5737AF-8550-4546-A69B-0EA9EF5A9B55}) (Version: 3.10 - Lenovo)
ThinkVantage Status Gadget (HKLM\...\{D22E6706-136E-4810-AF2E-359AE30A7323}) (Version: 1.1.0029 - Lenovo)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.63 - Lenovo)
TPFanControl v0.62 (HKLM\...\{717F5741-5C2E-4469-BDA0-B5EC2243646F}_is1) (Version: - troubadix)
Traditional NI-DAQ Documentation 1.0.3 (Version: 1.03.49154 - National Instruments) Hidden
TuneUp Utilities 2014 (de-DE) (Version: 14.0.1000.275 - TuneUp Software) Hidden
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version: - )
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.3042.00 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VLC classic (HKLM\...\VLC classic) (Version: 1.14 - vlcplayerdownload.com)
Wallpapers (Version: - ) Hidden
Windows Driver Package - Broadcom (b57nd60x) Net (11/29/2007 10.62.1.2) (HKLM\...\E4ACAC6700911AAA3BC0CD6C581A68BFC6AB001E) (Version: 11/29/2007 10.62.1.2 - Broadcom)
Windows Driver Package - Intel (iaStor) hdc (02/11/2009 8.8.0.1009) (HKLM\...\EC1E678D1EFB79A1D02C312390944027C715CD5C) (Version: 02/11/2009 8.8.0.1009 - Intel)
Windows Driver Package - Intel hdc (02/20/2008 6.9.1.1001) (HKLM\...\0A7603E3091C168CDE422A2B3481A2F7D17D0954) (Version: 02/20/2008 6.9.1.1001 - Intel)
Windows Driver Package - Intel System (01/30/2008 8.6.1.1001) (HKLM\...\5A4D4FF375E24E41AE5D2D907E67E0884BE2CAF4) (Version: 01/30/2008 8.6.1.1001 - Intel)
Windows Driver Package - Intel System (02/20/2008 8.6.1.1002) (HKLM\...\432D918ED17EA51B73E8491A0369730C0076A292) (Version: 02/20/2008 8.6.1.1002 - Intel)
Windows Driver Package - Intel System (02/20/2008 8.7.0.1007) (HKLM\...\513C7D1BF4530B30EC84716327E4D7E76810DCC5) (Version: 02/20/2008 8.7.0.1007 - Intel)
Windows Driver Package - Intel System (09/15/2006 7.0.0.1011) (HKLM\...\E6CEFD9A59425A2A27E92572AB367B28C371D3D8) (Version: 09/15/2006 7.0.0.1011 - Intel)
Windows Driver Package - Intel USB (02/05/2007 8.3.0.1011) (HKLM\...\464CE3922A214073AAEE00DEB23EA5C750AF8CE8) (Version: 02/05/2007 8.3.0.1011 - Intel)
Windows Driver Package - Lenovo 1.53 (03/19/2009 1.53) (HKLM\...\3EB6CB625B5778835F0A66A7529E69050E0EE033) (Version: 03/19/2009 1.53 - Lenovo)
Windows Driver Package - Ricoh Company MMC Host Controller (02/15/2008 6.00.03.05) (HKLM\...\1205965EF392C9B0D5A9BDB139035F058E76359E) (Version: 02/15/2008 6.00.03.05 - Ricoh Company)
Windows Driver Package - Ricoh Company MS Host Controller (07/30/2007 6.00.01.11) (HKLM\...\1A96FF9D9E5F19776E6749D8F6557FCC437EB294) (Version: 07/30/2007 6.00.01.11 - Ricoh Company)
Windows Driver Package - Ricoh Company xD Host Controller (07/30/2007 6.00.01.13) (HKLM\...\778DAA8FB0D52FC214BC306BBDC33E26ACAB6F44) (Version: 07/30/2007 6.00.01.13 - Ricoh Company)
Windows Live Toolbar (HKLM\...\Windows Live Toolbar) (Version: 03.01.0130 - Microsoft Corporation)
Windows Live Toolbar (Version: 03.01.0130 - Microsoft Corporation) Hidden
Windows-Treiberpaket - AuthenTec Inc. (ATSwpWDF) Biometric (10/02/2008 8.1.2.37) (HKLM\...\A4680BD43717441189C52EBF2C4FD6B182EE1101) (Version: 10/02/2008 8.1.2.37 - AuthenTec Inc.)
==================== Restore Points =========================
21-06-2014 11:01:15 Geplanter Prüfpunkt
29-06-2014 17:18:47 Sony PC Companion
29-06-2014 17:21:18 Installed Sony Mobile Drivers
29-06-2014 22:11:42 Sony PC Companion
02-07-2014 16:19:31 Installed SpyHunter
02-07-2014 20:36:39 Removed SpyHunter
==================== Hosts content: ==========================
2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {155723BA-60E2-4354-93AF-84EAC8D3C2D8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {160AFF4C-B23D-4AE5-865A-549060C80638} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-02] (Google Inc.)
Task: {30D861DF-3796-43D6-AB20-CE1F1E577680} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-02] (Google Inc.)
Task: {38C0E233-3F3C-4427-AE59-6EFCAB01511D} - System32\Tasks\{C17911CA-6824-4DBA-B4DE-0AACAD851930} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/abandoninstall?page=tsMain
Task: {3AE80AAA-EC68-4383-AF17-C08D81F5E9CD} - System32\Tasks\{CCF91477-AE37-4BC1-A33C-4D99804C7DFB} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/abandoninstall?page=tsMain
Task: {4BB46668-3F6B-409D-8DB3-94333546E251} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {4D72741E-769C-45DB-8604-CB8EBDADAA29} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {53A65D34-C794-4612-9A42-F8BD346E6CE9} - System32\Tasks\{941B0210-0552-47BF-BCE7-21468EAB1B28} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/abandoninstall?page=tsMain
Task: {54E6B0C6-0946-4299-A0B2-E8306B6FA8D1} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\pcdr5cuiw32.exe [2009-08-26] (PC-Doctor, Inc.)
Task: {7EDF9242-58DD-48BC-82FB-F319D46DEB07} - System32\Tasks\{45B1EAEF-9D54-4644-BA8C-6BDC214B7084} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/abandoninstall?page=tsMain
Task: {8B4D4358-1BDB-4D8A-96BD-08CBFE915BC5} - System32\Tasks\{64D5CCEE-B290-44B8-BB14-DC5AA48DFC76} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/abandoninstall?page=tsMain
Task: {9B141615-3EFC-4AD3-A994-F774B16FCA89} - System32\Tasks\PMTask => C:\Program Files\ThinkPad\Utilities\PWMIDTSV.EXE [2009-04-15] (Lenovo Group Limited)
Task: {B97458EE-E2B5-4C02-9F8D-0CB57AA8732C} - System32\Tasks\{0DBEF8DD-2B4F-4C49-9611-A302F9639E2C} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/abandoninstall?page=tsMain
Task: {BFEFB0E8-8021-422C-81BA-9DAC5D01E978} - System32\Tasks\{C90058F9-4A3E-446E-9C4C-A589EB01788B} => C:\Users\Christian\Saved Games\AOE\EMPIRES2.EXE [2006-10-11] (Microsoft Corporation)
Task: {C72A6CAE-5B79-4BAC-B4E2-AB1464FB34EB} - System32\Tasks\Auf Updates für Windows Live Toolbar prüfen => C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-02-12] (Microsoft Corporation)
Task: {EC6BFF44-ECBB-46E2-80B4-E81ECD4C8FF8} - System32\Tasks\{D3D0735A-FAD5-4519-884E-E3A95DA460FF} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/abandoninstall?page=tsMain
Task: {F72CCB83-6785-4681-913D-30A19311C463} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-15] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Auf Updates für Windows Live Toolbar prüfen.job => C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\pcdr5cuiw32.exe
==================== Loaded Modules (whitelisted) =============
2013-10-10 18:48 - 2013-10-10 18:48 - 00063376 _____ () C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2009-02-11 12:27 - 2009-02-11 12:27 - 00200704 _____ () C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2010-11-19 17:13 - 2001-10-28 18:42 - 00116224 _____ () C:\Windows\System32\pdfcmnnt.dll
2011-11-09 12:47 - 2011-09-06 23:46 - 00761279 _____ () C:\Program Files\ReaConverter 6.5 Standard\context.dll
2014-06-30 12:08 - 2014-06-30 12:08 - 00137296 _____ () C:\Program Files\Avira\My Avira\Avira.OE.NativeCore.dll
2014-06-30 12:07 - 2014-06-30 12:07 - 00065616 _____ () C:\Program Files\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-07-02 23:07 - 2014-06-30 12:08 - 00049744 _____ () C:\Users\Christian\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-07-03 13:08 - 2014-06-06 06:38 - 03852912 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-06-15 23:00 - 2014-06-15 23:00 - 17024688 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
MSCONFIG\Services: ApRunSvc => 2
MSCONFIG\Services: ATService => 2
MSCONFIG\Services: BcmSqlStartupSvc => 2
MSCONFIG\Services: dtsvc => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: IJPLMSVC => 2
MSCONFIG\Services: IviRegMgr => 2
MSCONFIG\Services: NILM License manager => 3
MSCONFIG\Services: niSvcLoc => 2
MSCONFIG\Services: OpcEnum => 3
MSCONFIG\Services: RoxMediaDB10 => 3
MSCONFIG\Services: Sony PC Companion => 3
MSCONFIG\Services: stllssvr => 3
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TVT Backup Protection Service => 2
MSCONFIG\startupreg: ACTray => C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
MSCONFIG\startupreg: ACWlIcon => C:\Program Files\ThinkPad\ConnectUtilities\ACWlIcon.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: BLOG => rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BTVLogEx.DLL,StartBattLog
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: CreateLMBCShortCut => "C:\Program Files\Lenovo\Mobile Broadband Connect\UserShortcutCreator.exe"
MSCONFIG\startupreg: CrossRiderPlugin => C:\Program Files\CrossriderWebApps\Crossrider.exe
MSCONFIG\startupreg: EZEJMNAP => C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
MSCONFIG\startupreg: FingerPrintSoftware => "C:\Program Files\Lenovo Fingerprint Software\fpapp.exe" \s
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: LPMailChecker => C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
MSCONFIG\startupreg: LPManager => C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
MSCONFIG\startupreg: Message Center Plus => C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe /start
MSCONFIG\startupreg: PWMTRV => rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: TVT Scheduler Proxy => C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
MSCONFIG\startupreg: vProt => "C:\Program Files\AVG Secure Search\vprot.exe"
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/08/2014 08:21:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/07/2014 08:38:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/07/2014 10:54:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/07/2014 09:45:45 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (07/07/2014 09:45:11 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.
Error: (07/07/2014 09:42:05 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (07/07/2014 08:48:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/06/2014 08:54:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/06/2014 02:54:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/06/2014 02:40:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (07/08/2014 08:26:31 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (07/08/2014 08:26:31 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (07/08/2014 08:26:24 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst TVT Scheduler erreicht.
Error: (07/08/2014 08:26:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TVT Backup Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (07/08/2014 08:26:23 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst TVT Backup Service erreicht.
Error: (07/08/2014 08:26:20 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst ThinkVantage Registry Monitor Service erreicht.
Error: (07/08/2014 08:26:05 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (07/08/2014 08:26:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (07/08/2014 08:24:09 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "OpenSSH Server" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/08/2014 08:24:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Browser-Schutz" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
Error: (06/30/2014 03:04:03 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 690 seconds with 600 seconds of active time. This session ended with a crash.
Error: (05/14/2014 03:49:00 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 6787 seconds with 780 seconds of active time. This session ended with a crash.
Error: (05/04/2014 09:35:08 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 39 seconds with 0 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Percentage of memory in use: 71%
Total physical RAM: 2026.03 MB
Available physical RAM: 570.98 MB
Total Pagefile: 4052.06 MB
Available Pagefile: 2146.91 MB
Total Virtual: 2047.88 MB
Available Virtual: 1908.02 MB
==================== Drives ================================
Drive c: (SW_Preload) (Fixed) (Total:239.99 GB) (Free:31.44 GB) NTFS
Drive q: (Lenovo) (Fixed) (Total:9.77 GB) (Free:2.97 GB) NTFS
Drive s: (SERVICEV003) (Fixed) (Total:1.46 GB) (Free:0.68 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: D0EDC3EB)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=240 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=47 GB) - (Type=05)
==================== End Of Log ============================ |