Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Kalenderchen6, Malware, virus, wurm, was ist da los?

Kalenderchen6, Malware, virus, wurm, was ist da los?


Log-Analyse und Auswertung: Kalenderchen6, Malware, virus, wurm, was ist da los?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Seite 1 von 2 1 2
Alt 28.10.2014, 19:46   #1
Namoi
 
Kalenderchen6, Malware, virus, wurm, was ist da los? - Frage

Kalenderchen6, Malware, virus, wurm, was ist da los?


Okay, folgendes ist passiert
ich war auf der suche nach freeware ... einem Terminkalender und fand Kalenderchen 6
voll cooles tool ... für lau.. zack auf den Rechner
und dann ging es los
google chrome hat eine neue oberfläche bekommen, eine andere suchmaschine hat sich eingestellt , der rechner stürzte ab
das pad macht seit dem manchmal was es will
und auch der rechner ist .. bis ich schon deinstallationen vornahm langsamer geworden.
ich habe also versucht die schäden zu beheben , dann wollte ich windows updaten und stellte fest das systemsicherheitsupdates nicht mehr funktionieren

nachtigal ich hör dir trapsen
ich konnte weder mit dem virenprogramm noch mit malwarebites eine lösung finden
auch die cpu ist seitdem immer schwankend aktiv ... machmal bis 20% obwohl gar nichts stattfindet ... und auch alle browserr geschlossen sind

da hab ich mir glaube ich tiefer was eingefangen

könnt ihr helfen?



hier alle logs die ich noch habe:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-10-2014 01
Ran by Tom at 2014-10-28 17:21:43
Running from C:\Users\Tom\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

PowerDVD Create 10 (x32 Version: 10.0.1.2704 - CyberLink Corp.) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.249 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.4.0 - IObit)
Analog Lab 1.1.0 (HKLM-x32\...\analoglab073_is1) (Version: 1.1.0 - Arturia)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.33.00 - )
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: - )
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon iP4800 series Benutzerregistrierung (HKLM-x32\...\Canon iP4800 series Benutzerregistrierung) (Version: - )
Canon iP4800 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4800_series) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version: - )
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5428.52 - CyberLink Corp.)
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.5 - IObit)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.8.1.14153 - Steinberg Media Technologies GmbH)
ESET Smart Security (HKLM\...\{F5A3E880-A737-48F2-A124-6F5D4CEA6AB4}) (Version: 7.0.302.26 - ESET, spol s r. o.)
FL Studio 9 (HKLM-x32\...\FL Studio 9) (Version: - Image-Line)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.5.129.617 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.2.802 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Hardcore (HKLM-x32\...\Hardcore) (Version: - Image-Line)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Integrated Camera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 5.13.911.32 - Vimicro)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.13.1402 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.0.4.25 - IObit)
Kalenderchen 6 (HKCU\...\Kalenderchen 6) (Version: - )
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.01 - )
Lenovo Dependency Package (HKLM-x32\...\Lenovo Dependency Package_is1) (Version: 1.5.37.0 - Lenovo Group Limited)
Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Peer Connect SDK (HKLM\...\{75C87855-9CBB-4892-B1A9-74C73A19CACA}_is1) (Version: 1.0.0.7 - Lenovo)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo QuickControl (HKLM-x32\...\{4855C42F-5197-4AAD-A50D-5066D2CC4647}) (Version: 2.20 - Lenovo Group Limited)
Lenovo Settings - Camera Audio (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 4.0.101.0 - Lenovo Corporation)
Lenovo Settings Dependency Package (HKLM\...\{3694BA2E-BE31-4B7E-886B-A0B559E69D4D}_is1) (Version: 1.2.2.3 - Lenovo Group Limited)
Lenovo Settings Mobile Hotspot (HKLM\...\{42603F7D-B08D-436B-B0D8-3E2DEF1AFD41}_is1) (Version: 1.1.0.60 - Lenovo)
Lenovo Solution Center (HKLM\...\{13BD494D-9ACD-420B-A291-E145DED92EF6}) (Version: 2.6.001.00 - Lenovo Group Limited)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0012.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Native Instruments Abbey Road 60s Drums Vintage (HKLM-x32\...\Native Instruments Abbey Road 60s Drums Vintage) (Version: - Native Instruments)
Native Instruments Abbey Road 60s Drums Vintage (Version: 1.1.0.002 - Native Instruments) Hidden
Native Instruments Audio 2 DJ Driver (HKLM-x32\...\Native Instruments Audio 2 DJ Driver) (Version: - Native Instruments)
Native Instruments Audio 2 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Audio 8 DJ Driver (HKLM-x32\...\Native Instruments Audio 8 DJ Driver) (Version: - Native Instruments)
Native Instruments Audio 8 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.7.0.150 - Native Instruments)
Native Instruments Controller Editor (Version: 1.7.0.150 - Native Instruments) Hidden
Native Instruments DrumMicA (Version: 1.0.0.002 - Native Instruments) Hidden
Native Instruments Guitar Rig 4 (HKLM-x32\...\Native Instruments Guitar Rig 4) (Version: - Native Instruments)
Native Instruments Guitar Rig 4 (Version: 4.2.2.2564 - Native Instruments) Hidden
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: 5.2.0.2770 - Native Instruments)
Native Instruments Guitar Rig 5 (Version: 5.2.0.2770 - Native Instruments) Hidden
Native Instruments Guitar Rig Elements for Maschine (HKLM-x32\...\Native Instruments Guitar Rig Elements for Maschine) (Version: - Native Instruments)
Native Instruments Guitar Rig Elements for Maschine (Version: 1.0.0.001 - Native Instruments) Hidden
Native Instruments Guitar Rig Mobile IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Mobile IO Driver) (Version: - Native Instruments)
Native Instruments Guitar Rig Mobile IO Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Guitar Rig Pro Library for Maschine (HKLM-x32\...\Native Instruments Guitar Rig Pro Library for Maschine) (Version: - Native Instruments)
Native Instruments Guitar Rig Pro Library for Maschine (Version: 1.0.0.001 - Native Instruments) Hidden
Native Instruments Guitar Rig Session IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Session IO Driver) (Version: - Native Instruments)
Native Instruments Guitar Rig Session IO Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Komplete Audio 6 (HKLM-x32\...\Native Instruments Komplete Audio 6) (Version: - Native Instruments)
Native Instruments Komplete Audio 6 (Version: 3.0.2.664 - Native Instruments) Hidden
Native Instruments Komplete Elements Mk2 (HKLM-x32\...\Native Instruments Komplete Elements Mk2) (Version: - Native Instruments)
Native Instruments Komplete Elements Mk2 (Version: 8.0.0.003 - Native Instruments) Hidden
Native Instruments Komplete Selection (HKLM-x32\...\Native Instruments Komplete Selection) (Version: - Native Instruments)
Native Instruments Komplete Selection (Version: 1.0.4.1 - Native Instruments) Hidden
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.4.1.211 - Native Instruments)
Native Instruments Kontakt 5 (Version: 5.4.1.211 - Native Instruments) Hidden
Native Instruments Kontakt Elements Selection R2 (HKLM-x32\...\Native Instruments Kontakt Elements Selection R2) (Version: - Native Instruments)
Native Instruments Kontakt Elements Selection R2 (Version: 1.1.0.003 - Native Instruments) Hidden
Native Instruments Maschine 2 (HKLM-x32\...\Native Instruments Maschine 2) (Version: 2.1.2.1444 - Native Instruments)
Native Instruments Maschine 2 (Version: 2.1.2.1444 - Native Instruments) Hidden
Native Instruments Maschine 2 Factory Library (HKLM-x32\...\Native Instruments Maschine 2 Factory Library) (Version: 1.1.0.7 - Native Instruments)
Native Instruments Maschine 2 Factory Library (Version: 1.1.0.7 - Native Instruments) Hidden
Native Instruments Maschine Controller Driver (HKLM-x32\...\Native Instruments Maschine Controller Driver) (Version: - Native Instruments)
Native Instruments Maschine Controller Driver (Version: 3.0.1.648 - Native Instruments) Hidden
Native Instruments Maschine Controller MK2 Driver (HKLM-x32\...\Native Instruments Maschine Controller MK2 Driver) (Version: - Native Instruments)
Native Instruments Maschine Controller MK2 Driver (Version: 3.0.4.719 - Native Instruments) Hidden
Native Instruments Maschine Mikro Driver (HKLM-x32\...\Native Instruments Maschine Mikro Driver) (Version: - Native Instruments)
Native Instruments Maschine Mikro Driver (Version: 3.0.2.664 - Native Instruments) Hidden
Native Instruments Maschine Mikro MK2 Driver (HKLM-x32\...\Native Instruments Maschine Mikro MK2 Driver) (Version: - Native Instruments)
Native Instruments Maschine Mikro MK2 Driver (Version: 3.0.4.719 - Native Instruments) Hidden
Native Instruments Maschine Studio Driver (HKLM-x32\...\Native Instruments Maschine Studio Driver) (Version: - Native Instruments)
Native Instruments Maschine Studio Driver (Version: 3.1.2.796 - Native Instruments) Hidden
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: 1.4.0.292 - Native Instruments)
Native Instruments Massive (Version: 1.4.0.292 - Native Instruments) Hidden
Native Instruments Rammfire (HKLM-x32\...\Native Instruments Rammfire) (Version: 2.0.0.4 - Native Instruments)
Native Instruments Rammfire (Version: 2.0.0.4 - Native Instruments) Hidden
Native Instruments Reaktor 5 (HKLM-x32\...\Native Instruments Reaktor 5) (Version: 5.9.2.1074 - Native Instruments)
Native Instruments Reaktor 5 (Version: 5.9.2.1074 - Native Instruments) Hidden
Native Instruments Reaktor Elements Selection (HKLM-x32\...\Native Instruments Reaktor Elements Selection) (Version: - Native Instruments)
Native Instruments Reaktor Elements Selection (Version: 1.1.0.003 - Native Instruments) Hidden
Native Instruments Reaktor Prism (HKLM-x32\...\Native Instruments Reaktor Prism) (Version: 1.4.0.10 - Native Instruments)
Native Instruments Reaktor Prism (Version: 1.4.0.10 - Native Instruments) Hidden
Native Instruments Reaktor Spark R2 (HKLM-x32\...\Native Instruments Reaktor Spark R2) (Version: 1.3.0.2 - Native Instruments)
Native Instruments Reaktor Spark R2 (Version: 1.3.0.2 - Native Instruments) Hidden
Native Instruments Rig Kontrol 3 Driver (HKLM-x32\...\Native Instruments Rig Kontrol 3 Driver) (Version: - Native Instruments)
Native Instruments Rig Kontrol 3 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Scarbee Mark I (HKLM-x32\...\Native Instruments Scarbee Mark I) (Version: 1.3.0.7 - Native Instruments)
Native Instruments Scarbee Mark I (Version: 1.3.0.7 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.4.1587 - Native Instruments)
Native Instruments Service Center (Version: 2.5.4.1587 - Native Instruments) Hidden
Native Instruments Solid Bus Comp FX (HKLM-x32\...\Native Instruments Solid Bus Comp FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments Solid Bus Comp FX (Version: 1.1.1.427 - Native Instruments) Hidden
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: - Native Instruments)
Native Instruments Traktor 2 (Version: 2.0.0.9833 - Native Instruments) Hidden
Native Instruments Traktor Audio 6 (HKLM-x32\...\Native Instruments Traktor Audio 6) (Version: - Native Instruments)
Native Instruments Traktor Audio 6 (Version: 2.9.6.517 - Native Instruments) Hidden
NVIDIA Grafiktreiber 327.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.62 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.141.953 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Systemsteuerung 327.62 (Version: 327.62 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
PoiZone (HKLM-x32\...\PoiZone) (Version: - Image-Line)
PowerDVD Create (HKLM-x32\...\InstallShield_{DE485075-8CD3-4A1E-9ABC-6412EBA44872}) (Version: 10.0 - CyberLink Corp.)
Protegere (HKLM-x32\...\Protegere) (Version: - )
RapidBoot HDD Accelerator (HKLM-x32\...\Fastboot) (Version: 2.1.1.0 - Lenovo)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.754.754.071213 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30161 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0227 - REALTEK Semiconductor Corp.)
Sawer (HKLM-x32\...\Sawer) (Version: - Image-Line)
Security Guard (HKLM-x32\...\Security Guard) (Version: - )
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Steinberg Cubase LE AI Elements 7 (HKLM-x32\...\{5C73FC14-D3B1-45FC-A50C-7B41CB0D9DED}) (Version: 7.0.7 - Steinberg Media Technologies GmbH)
Steinberg Cubase LE AI Elements 7 64bit (HKLM\...\{67E7C608-D0EA-4273-B374-50ABE42FBE08}) (Version: 7.0.7 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE (HKLM-x32\...\{EF7800A8-575E-4776-95A5-A9D904A85D5F}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.80.99066 - SugarSync, Inc.)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.4.13 - Synaptics Incorporated)
Toxic Biohazard (HKLM-x32\...\Toxic Biohazard) (Version: - Image-Line)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden
TuneUp Utilities 2014 (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden
VoiceSupport 1.2.01 (HKLM-x32\...\TC-Helicon VoiceSupport_is1) (Version: 1.2.01 build 38 - TC-Helicon Vocal Technologies Inc.)
WaveEditor (x32 Version: 1.0.1.4514 - CyberLink Corp.) Hidden
WaveLab LE 8 (64 bit) (HKLM\...\WaveLabLE8_64) (Version: 8.0.2.675 - Steinberg)
Windows-Treiberpaket - Intel Corporation (iaStorA) HDC (07/24/2013 12.7.3.1001) (HKLM\...\B7736F430D5061EB825C589EAABF709BAD04FAB9) (Version: 07/24/2013 12.7.3.1001 - Intel Corporation)
Windows-Treiberpaket - Lenovo 1.67.00.02 (04/17/2013 1.67.00.02) (HKLM\...\907DA143458FE258EFEB416B946DE8DF2B87A0BA) (Version: 04/17/2013 1.67.00.02 - Lenovo)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

24-10-2014 19:05:59 Windows Update
28-10-2014 11:03:23 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00398802-10B3-4759-A4A3-A2B3899BC734} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2014-09-03] (Lenovo)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {06FD988A-E085-485F-861F-C06B43884723} - System32\Tasks\CLMLSvc => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2013-03-06] (CyberLink)
Task: {099E7483-957D-43C9-9CA0-EAB5EE915E34} - System32\Tasks\GoogleUpdateTaskMachineCore1cf73611fcb18c3 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0F397AC4-2B80-4F7B-B047-31DA8B863B1C} - System32\Tasks\Uninstaller_SkipUac_Tom => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-10-14] (IObit)
Task: {12390BC3-55E7-43CB-A4F8-E7F2D4040648} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2FA15D82-B206-40D1-A668-60B461A691E7} - System32\Tasks\Lenovo\LenovoUserguidesCopy => C:\Program Files\lenovo\SystemAgent\UserguidesCopy.exe [2013-06-05] ()
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3D93F472-ED44-4C38-8455-754283E19B28} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-08-17] (Realtek Semiconductor) <==== ATTENTION
Task: {43995C28-52A2-46C1-95F7-FAA1441972E6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {49581ED3-0A51-41AE-B926-98BE340F3B91} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {524B0AF1-445C-468B-B129-3C4A6F7A4462} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-10-14] (IObit)
Task: {52C1D7F6-A304-4769-8899-669FFFDB4014} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {549E1E20-C4C1-4C1D-9258-D949649F1C51} - System32\Tasks\GoogleUpdateTaskMachineCore1cf92d8104633f4 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {54BFA220-1247-4F8B-866E-7CA391146716} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-09-03] (Lenovo)
Task: {5780E472-398A-4793-9BCB-7CE28DBF3411} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {6022DFB6-3CC7-4192-9C92-B904F9643FA5} - System32\Tasks\Lenovo\LenovoDependencyVersionTask => C:\Program Files\lenovo\SystemAgent\DependencyVersion.exe [2013-06-05] ()
Task: {62091F62-5FD3-4283-B77C-79E94F78CDA8} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-09-03] ()
Task: {661D15B8-AE84-4C47-917D-964FE8971C65} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {68827C1D-98A1-4C28-9DD3-0ADB89655D50} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {69B83979-D359-4D50-B1C7-F2281AD15DF5} - System32\Tasks\Lenovo\LenovoWarrantyChinaTask => C:\Program Files\lenovo\SystemAgent\ChinaWarrantyService.exe [2013-06-05] ()
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6D4D9621-728A-41B1-92B0-1465CA5521F5} - System32\Tasks\StartPowerDVDService => C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe [2013-06-28] (CyberLink Corp.)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6E454BEE-FD37-4541-BADB-67FB8C4EA528} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {713F3E30-DF59-4BE6-BB60-F5934191397E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {718E7B24-CD46-45A2-93F0-E295876903F8} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7A3949DB-684E-474E-A626-91132F1C9F3A} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe
Task: {7A55A9B3-1EF1-43D3-A773-3CAA073078D5} - System32\Tasks\ASC7_SkipUac_Tom => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2014-08-22] (IObit)
Task: {7FF24135-D1DE-4332-AFAD-ADA032AD77D4} - System32\Tasks\TVT\LenovoWERMonitor => C:\Program Files (x86)\Common Files\lenovo\SUP\sup_wermonitor.exe [2014-05-27] (Lenovo)
Task: {826B4038-034A-4176-8700-B59BB7C8D2F3} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-09-03] (Lenovo)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {90363B1B-B7BD-45E0-8D88-E5D30C5BB01F} - System32\Tasks\Absolute Reminder => C:\Program Files (x86)\Absolute Software\Absolute Reminder\AbsoluteReminder.exe
Task: {95C7C196-453C-4BF3-9D13-91BFC36829D0} - System32\Tasks\PMTask => C:\PROGRA~2\ThinkPad\UTILIT~1\PwmIdTsv.exe
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AD1C40FA-3477-4305-AEE9-3F0A1643510A} - System32\Tasks\Driver Booster SkipUAC (Tom) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-08-06] (IObit)
Task: {AEE1E565-F129-45DC-B867-3DB242877BF3} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {C29F5E6E-60B3-4D3C-98B0-95CFC69B7325} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-17] (Adobe Systems Incorporated)
Task: {C35024EF-3026-4766-A84C-0FAC89C53523} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe [2014-08-20] (IObit)
Task: {C6566179-8752-46CC-81FF-DCACF6B21117} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E26BCC9B-1C7F-4697-BEF4-413FE23346C6} - System32\Tasks\Lenovo\LenovoMachineInformation => C:\Program Files\lenovo\SystemAgent\MachineInformation.exe [2013-06-05] ()
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F1807637-76A8-4382-AAA0-1B82EBD4F1AB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-10-17] (Microsoft Corporation)
Task: {F87DB7CA-BDB8-457E-9D38-BEFB471A7335} - System32\Tasks\GoogleUpdateTaskMachineCore1cf54ddf087c23e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\ASC7_SkipUac_Tom.job => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Tom.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Loaded Modules (whitelisted) =============

2013-11-14 17:11 - 2013-07-05 07:42 - 00117248 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2013-04-19 11:50 - 2013-04-19 11:50 - 00463352 _____ () C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
2013-12-26 19:42 - 2013-12-26 19:42 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-04-19 11:50 - 2013-04-19 11:50 - 00014328 _____ () C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
2014-10-03 16:36 - 2014-10-03 16:36 - 00457616 _____ () C:\WINDOWS\system32\igfxTray.exe
2014-09-01 15:34 - 2013-10-25 11:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll
2013-11-14 17:05 - 2013-11-14 17:05 - 00033520 ____N () C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBServiceps.dll
2013-11-14 17:09 - 2013-07-03 19:40 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-10-17 14:35 - 2014-10-17 14:35 - 00797696 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Networking\e1a2f3f274995f1f847c00f962657943\Windows.Networking.ni.dll
2014-10-17 14:35 - 2014-10-17 14:35 - 00228864 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\f7e726805e56676bd7b8662a3d842b0e\Windows.Foundation.ni.dll
2014-04-23 16:21 - 2014-04-23 16:21 - 01282048 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Devices\bf5509cf3a0d2e3afbd0c33e9153ecbd\Windows.Devices.ni.dll
2014-09-01 15:34 - 2013-01-15 17:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madExcept_.bpl
2014-09-01 15:34 - 2013-01-15 17:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madBasic_.bpl
2014-09-01 15:34 - 2013-01-15 17:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madDisAsm_.bpl
2014-09-01 15:34 - 2013-01-15 17:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll
2013-03-06 21:49 - 2013-03-06 21:49 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2013-03-06 21:52 - 2013-03-06 21:52 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-10-18 23:32 - 2014-10-10 03:03 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
2014-10-18 23:32 - 2014-10-10 03:03 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
2014-10-18 23:32 - 2014-10-10 03:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
2014-10-18 23:32 - 2014-10-10 03:03 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
2014-10-18 23:32 - 2014-10-10 03:04 - 14902600 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Users\Tom\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "LenovoOptMouseUpdate"
HKLM\...\StartupApproved\Run: => "LENOVO.TPKNRRES"
HKLM\...\StartupApproved\Run: => "LnvMobHotspotClient"
HKLM\...\StartupApproved\Run: => "BtServer"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "CanonSolutionMenuEx"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"

========================= Accounts: ==========================

Administrator (S-1-5-21-1800612341-941125145-2720928169-500 - Administrator - Disabled)
Gast (S-1-5-21-1800612341-941125145-2720928169-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1800612341-941125145-2720928169-1006 - Limited - Enabled)
Malou (S-1-5-21-1800612341-941125145-2720928169-1007 - Limited - Enabled) => C:\Users\Malou
Tom (S-1-5-21-1800612341-941125145-2720928169-1002 - Administrator - Enabled) => C:\Users\Tom
UpdatusUser (S-1-5-21-1800612341-941125145-2720928169-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (10/28/2014 04:42:18 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (10/28/2014 04:41:48 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (10/28/2014 04:41:18 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (10/28/2014 04:40:38 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (10/28/2014 04:40:08 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (10/28/2014 04:39:38 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (10/28/2014 04:39:08 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (10/28/2014 04:38:38 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (10/28/2014 04:38:08 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2014-04-14 19:35:20.298
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AppxAllUserStore.dll that did not meet the Windows signing level requirements.

Date: 2014-04-14 19:35:19.980
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AppxAllUserStore.dll that did not meet the Windows signing level requirements.

Date: 2014-04-14 19:35:19.531
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AppxAllUserStore.dll that did not meet the Windows signing level requirements.

Date: 2014-04-14 19:35:19.106
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AppxAllUserStore.dll that did not meet the Windows signing level requirements.

Date: 2014-04-14 19:35:18.398
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AppxAllUserStore.dll that did not meet the Windows signing level requirements.

Date: 2014-04-14 19:35:18.142
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AppxAllUserStore.dll that did not meet the Windows signing level requirements.

Date: 2014-04-14 19:35:17.553
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AppxAllUserStore.dll that did not meet the Windows signing level requirements.

Date: 2014-04-14 19:35:16.500
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AppxAllUserStore.dll that did not meet the Windows signing level requirements.

Date: 2014-04-14 19:35:07.430
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AppxAllUserStore.dll that did not meet the Windows signing level requirements.

Date: 2014-04-14 19:34:57.353
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AppxAllUserStore.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz
Percentage of memory in use: 29%
Total physical RAM: 8089.81 MB
Available physical RAM: 5741.78 MB
Total Pagefile: 16281.81 MB
Available Pagefile: 13730.26 MB
Total Virtual: 131072 MB
Available Virtual: 131071.74 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:916.83 GB) (Free:800.72 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 23CF280C)

Partition: GPT Partition Type.

==================== End Of Log ============================




GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-10-28 17:34:53
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000029 ST1000LM024_HN-M101MBB rev.2BA30001 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\Tom\AppData\Local\Temp\fxryrpog.sys


---- Kernel code sections - GMER 2.1 ----

.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable fffff96000106e00 15 bytes [00, F1, F6, 01, 40, 8F, 6C, ...]
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 16 fffff96000106e10 11 bytes [00, 6D, FC, FF, 00, A3, C3, ...]

---- User code sections - GMER 2.1 ----

.text C:\WINDOWS\System32\spoolsv.exe[1576] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffddb27169a 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\System32\spoolsv.exe[1576] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffddb2716a2 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\System32\spoolsv.exe[1576] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffddb27181a 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\System32\spoolsv.exe[1576] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffddb271832 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[4112] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffddb27169a 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[4112] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffddb2716a2 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[4112] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffddb27181a 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[4112] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffddb271832 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNEL32.DLL!K32GetModuleInformation 00007ffdd9ab28c0 7 bytes JMP 00007ffed96e02d0
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNEL32.DLL!RegQueryValueExW 00007ffdd9ab43d8 7 bytes JMP 00007ffed96e0308
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNEL32.DLL!RegSetValueExA 00007ffdd9b61f20 7 bytes JMP 00007ffed96e0378
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNEL32.DLL!RegSetValueExW 00007ffdd9b640b4 7 bytes JMP 00007ffed96e03b0
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNEL32.DLL!RegDeleteValueW 00007ffdd9b64510 7 bytes JMP 00007ffed96e0340
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNEL32.DLL!K32GetModuleFileNameExW 00007ffdd9b64af0 7 bytes JMP 00007ffed96e0260
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNEL32.DLL!K32EnumProcessModulesEx 00007ffdd9b8cea0 7 bytes JMP 00007ffed96e0228
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNEL32.DLL!K32GetMappedFileNameW 00007ffdd9b8cf10 7 bytes JMP 00007ffed96e0298
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNELBASE.dll!GetModuleHandleW 00007ffdd96f299c 7 bytes JMP 00007ffed96e00d8
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNELBASE.dll!FreeLibrary 00007ffdd96f54c8 5 bytes JMP 00007ffed96e0180
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNELBASE.dll!LoadLibraryExW 00007ffdd96f55b0 5 bytes JMP 00007ffed96e0148
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNELBASE.dll!GetModuleHandleExW 00007ffdd96f5e58 5 bytes JMP 00007ffed96e0110
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\USER32.dll!CreateWindowExW 00007ffdd9ceb6f4 10 bytes JMP 00007ffed96e0490
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\USER32.dll!EnumDisplayDevicesW 00007ffdd9cf45e8 5 bytes JMP 00007ffed96e0458
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\USER32.dll!DisplayConfigGetDeviceInfo 00007ffdd9cf4760 1 byte JMP 00007ffed96e03e8
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\USER32.dll!DisplayConfigGetDeviceInfo + 2 00007ffdd9cf4762 7 bytes {JMP 0xffffffffff9ebc88}
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\USER32.dll!EnumDisplayDevicesA 00007ffdd9d04fc0 5 bytes JMP 00007ffed96e0420
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\GDI32.dll!D3DKMTGetDisplayModeList 00007ffddb341500 8 bytes JMP 00007ffed96e01b8
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\GDI32.dll!D3DKMTQueryAdapterInfo 00007ffddb341750 8 bytes JMP 00007ffed96e01f0
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\System32\dxgi.dll!CreateDXGIFactory1 00007ffdd7387a88 5 bytes JMP 00007ffed7200110
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\System32\dxgi.dll!CreateDXGIFactory 00007ffdd7394990 5 bytes JMP 00007ffed72000d8
.text C:\WINDOWS\system32\nvvsvc.exe[2644] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffddb27169a 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\system32\nvvsvc.exe[2644] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffddb2716a2 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\system32\nvvsvc.exe[2644] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffddb27181a 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\system32\nvvsvc.exe[2644] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffddb271832 4 bytes [27, DB, FD, 7F]
.text C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE[3640] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffddb27169a 4 bytes [27, DB, FD, 7F]
.text C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE[3640] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffddb2716a2 4 bytes [27, DB, FD, 7F]
.text C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE[3640] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffddb27181a 4 bytes [27, DB, FD, 7F]
.text C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE[3640] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffddb271832 4 bytes [27, DB, FD, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2912] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffddb27169a 4 bytes [27, DB, FD, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2912] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffddb2716a2 4 bytes [27, DB, FD, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2912] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffddb27181a 4 bytes [27, DB, FD, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2912] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffddb271832 4 bytes [27, DB, FD, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[5708] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffddb27169a 4 bytes [27, DB, FD, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[5708] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffddb2716a2 4 bytes [27, DB, FD, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[5708] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffddb27181a 4 bytes [27, DB, FD, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[5708] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffddb271832 4 bytes [27, DB, FD, 7F]

---- Threads - GMER 2.1 ----

Thread System [4:716] ffffe001ca8a5ce0
Thread C:\WINDOWS\system32\csrss.exe [3648:2708] fffff96000920b90
Thread C:\WINDOWS\explorer.exe [2868:4260] 00007ffdcb48d73c

---- Disk sectors - GMER 2.1 ----

Disk \Device\Harddisk0\DR0 unknown MBR code

---- EOF - GMER 2.1 ----


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.14.2014:1)
OS: Windows 8.1 x64
Ran by Tom on 18.10.2014 at 22:35:39,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [File] C:\Users\Tom\AppData\Roaming\mozilla\firefox\profiles\ljqt246l.default\user.js



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.10.2014 at 22:37:50,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 16:28:14, on 28.10.2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Unable to get Internet Explorer version!

FIREFOX: 28.0 (de)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Tom\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPlugin_Protection.dll
O4 - HKLM\..\Run: [331BigDog] "C:\Program Files (x86)\USB Camera\VM331STI.EXE"
O4 - HKLM\..\Run: [Fastboot] "C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe" /analysis
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AVControlCenter - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: FastbootService - Lenovo - C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Corporation - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem55.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Service - Lenovo Group Limited - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
O23 - Service: Lenovo AVFramework Camera Privacy Controller (LENOVO.CAMMUTE) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\cammute.exe
O23 - Service: Lenovo AVFramework Microphone Volume Controller and Dolby Interface (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
O23 - Service: Lenovo AVFramework Virtual Camera Controller Service (LENOVO.TVTVCAM) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: lnvDiscoveryWinSvc - Lenovo - C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
O23 - Service: Location Task Manager (LocationTaskManager) - Unknown owner - C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Lenovo QuickControl Master Service (QuickControlMasterSvc) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
O23 - Service: Lenovo QuickControl Service (QuickControlService) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9806 bytes


===============================
2014-04-14 21:57:43 772 UPGRADE TIP


2014-04-14 21:57:45 817 4 1
2014-04-14 21:57:45 818 4 2
2014-04-14 21:57:45 819 4 3
2014-04-14 21:57:45 820 5 3
===============================


IFRT Tool log
Connect to Server CreateFile() successful.
svc_write_buffer->InBufferSize ==> 12
svc_write_buffer->SvcCommand ==> 0
Sent message to server successful.
Read was successfull
Connect to Server CreateFile() successful.
svc_write_buffer->InBufferSize ==> 12
svc_write_buffer->SvcCommand ==> 0
Sent message to server successful.
Read was successfull
Connect to Server CreateFile() successful.
svc_write_buffer->InBufferSize ==> 12
svc_write_buffer->SvcCommand ==> 0
Sent message to server successful.
Read was successfull
Connect to Server CreateFile() successful.
svc_write_buffer->InBufferSize ==> 12
svc_write_buffer->SvcCommand ==> 0
Sent message to server successful.
Read was successfull
Connect to Server CreateFile() successful.
svc_write_buffer->InBufferSize ==> 12
svc_write_buffer->SvcCommand ==> 0
Sent message to server successful.
Read was successfull
Connect to Server CreateFile() successful.
svc_write_buffer->InBufferSize ==> 12
svc_write_buffer->SvcCommand ==> 0
Sent message to server successful.
Read was successfull
Connect to Server CreateFile() successful.
svc_write_buffer->InBufferSize ==> 12
svc_write_buffer->SvcCommand ==> 0
Sent message to server successful.
Read was successfull
Connect to Server CreateFile() successful.
svc_write_buffer->InBufferSize ==> 12
svc_write_buffer->SvcCommand ==> 0
Sent message to server successful.
Read was successfull
Connect to Server CreateFile() successful.
svc_write_buffer->InBufferSize ==> 12
svc_write_buffer->SvcCommand ==> 0
Sent message to server successful.
Read was successfull


Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 18.10.2014 10:22:40, SYSTEM, LENOVO-PC, Scheduler, Malware Database, 2014.10.17.7, 2014.10.18.3,
Protection, 18.10.2014 10:22:40, SYSTEM, LENOVO-PC, Protection, Refresh, Starting,
Protection, 18.10.2014 10:22:40, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Stopping,
Protection, 18.10.2014 10:22:40, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Stopped,
Protection, 18.10.2014 10:23:13, SYSTEM, LENOVO-PC, Protection, Refresh, Success,
Protection, 18.10.2014 10:23:13, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Starting,
Protection, 18.10.2014 10:23:13, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Started,
Scan, 18.10.2014 10:37:20, SYSTEM, LENOVO-PC, Manual, Start: % 1 "% 2", Dauer: % 1 min 14 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, 0-Malwareerkennung,
Update, 18.10.2014 14:04:41, SYSTEM, LENOVO-PC, Scheduler, Malware Database, 2014.10.18.3, 2014.10.18.4,
Protection, 18.10.2014 14:04:42, SYSTEM, LENOVO-PC, Protection, Refresh, Starting,
Protection, 18.10.2014 14:04:42, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Stopping,
Protection, 18.10.2014 14:04:42, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Stopped,
Protection, 18.10.2014 14:04:46, SYSTEM, LENOVO-PC, Protection, Refresh, Success,
Protection, 18.10.2014 14:04:46, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Starting,
Protection, 18.10.2014 14:04:47, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Started,
Scan, 18.10.2014 14:50:21, SYSTEM, LENOVO-PC, Manual, Start: % 1 "% 2", Dauer: % 1 min 20 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, 0-Malwareerkennung,
Update, 18.10.2014 16:09:06, SYSTEM, LENOVO-PC, Scheduler, Malware Database, 2014.10.18.4, 2014.10.18.5,
Protection, 18.10.2014 16:09:06, SYSTEM, LENOVO-PC, Protection, Refresh, Starting,
Protection, 18.10.2014 16:09:06, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Stopping,
Protection, 18.10.2014 16:09:06, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Stopped,
Protection, 18.10.2014 16:10:46, SYSTEM, LENOVO-PC, Protection, Refresh, Success,
Protection, 18.10.2014 16:10:46, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Starting,
Protection, 18.10.2014 16:10:46, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Started,
Protection, 18.10.2014 18:26:16, SYSTEM, LENOVO-PC, Protection, Malware Protection, Starting,
Protection, 18.10.2014 18:26:16, SYSTEM, LENOVO-PC, Protection, Malware Protection, Started,
Protection, 18.10.2014 18:26:16, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Starting,
Protection, 18.10.2014 18:27:18, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Started,
Protection, 18.10.2014 18:41:35, SYSTEM, LENOVO-PC, Protection, Malware Protection, Starting,
Protection, 18.10.2014 18:41:35, SYSTEM, LENOVO-PC, Protection, Malware Protection, Started,
Protection, 18.10.2014 18:41:35, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Starting,
Protection, 18.10.2014 18:42:37, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Started,
Protection, 18.10.2014 19:38:31, SYSTEM, LENOVO-PC, Protection, Malware Protection, Starting,
Protection, 18.10.2014 19:38:32, SYSTEM, LENOVO-PC, Protection, Malware Protection, Started,
Protection, 18.10.2014 19:38:32, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Starting,
Protection, 18.10.2014 19:39:25, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Started,
Scan, 18.10.2014 19:54:50, SYSTEM, LENOVO-PC, Manual, Start: % 1 "% 2", Dauer: % 1 min 0 Sekunden, Bedrohungs-Suchlauf, Abgebrochen, 0 Malwareerkennung, 0-Malwareerkennung,
Update, 18.10.2014 20:55:41, SYSTEM, LENOVO-PC, Scheduler, Malware Database, 2014.10.18.5, 2014.10.18.6,
Protection, 18.10.2014 20:55:42, SYSTEM, LENOVO-PC, Protection, Refresh, Starting,
Protection, 18.10.2014 20:55:42, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Stopping,
Protection, 18.10.2014 20:55:43, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Stopped,
Protection, 18.10.2014 20:56:49, SYSTEM, LENOVO-PC, Protection, Refresh, Success,
Protection, 18.10.2014 20:56:49, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Starting,
Protection, 18.10.2014 20:56:50, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Started,
Protection, 18.10.2014 22:29:53, SYSTEM, LENOVO-PC, Protection, Malware Protection, Starting,
Protection, 18.10.2014 22:29:54, SYSTEM, LENOVO-PC, Protection, Malware Protection, Started,
Protection, 18.10.2014 22:29:54, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Starting,
Protection, 18.10.2014 22:30:46, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Started,
Scan, 18.10.2014 22:49:54, SYSTEM, LENOVO-PC, Manual, Start: % 1 "% 2", Dauer: % 1 min 11 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, 0-Malwareerkennung,
Protection, 18.10.2014 23:50:56, SYSTEM, LENOVO-PC, Protection, Malware Protection, Starting,
Protection, 18.10.2014 23:50:56, SYSTEM, LENOVO-PC, Protection, Malware Protection, Started,
Protection, 18.10.2014 23:54:42, SYSTEM, LENOVO-PC, Protection, Malware Protection, Stopping,
Protection, 18.10.2014 23:54:42, SYSTEM, LENOVO-PC, Protection, Malware Protection, Stopped,
Scan, 18.10.2014 23:55:10, SYSTEM, LENOVO-PC, Manual, Dauer: % 1 min 0 Sekunden, Bedrohungs-Suchlauf, Fehlgeschlagen, 0 Malwareerkennung, 0-Malwareerkennung,
Update, 18.10.2014 23:56:26, SYSTEM, LENOVO-PC, Manual, Rootkit Database, 0.0.0.0, 2014.10.17.1,
Update, 18.10.2014 23:56:26, SYSTEM, LENOVO-PC, Manual, Remediation Database, 0.0.0.0, 2013.10.16.1,
Update, 18.10.2014 23:56:37, SYSTEM, LENOVO-PC, Manual, Malware Database, 0.0.0.0, 2014.10.18.6,

(end)

Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 27.10.2014 09:13:23, SYSTEM, LENOVO-PC, Manual, Failed, Unable to access update server,
Update, 27.10.2014 09:13:29, SYSTEM, LENOVO-PC, Manual, Failed, Unable to access update server,
Update, 27.10.2014 09:22:13, SYSTEM, LENOVO-PC, Manual, Failed, Unable to access update server,
Update, 27.10.2014 09:22:52, SYSTEM, LENOVO-PC, Manual, Failed, Unable to access update server,
Scan, 27.10.2014 09:31:39, SYSTEM, LENOVO-PC, Manual, Start: % 1 "% 2", Dauer: % 1 min 8 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, 0-Malwareerkennung,

(end)

Alt 28.10.2014, 19:50   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Kalenderchen6, Malware, virus, wurm, was ist da los? - Standard

Kalenderchen6, Malware, virus, wurm, was ist da los?


Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________
Alt 29.10.2014, 18:05   #3
Namoi
 
Kalenderchen6, Malware, virus, wurm, was ist da los? - Standard

Kalenderchen6, Malware, virus, wurm, was ist da los?


Code:
ATTFilter
hier alle logs die ich noch habe:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-10-2014 01
Ran by Tom at 2014-10-28 17:21:43
Running from C:\Users\Tom\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

PowerDVD Create 10 (x32 Version: 10.0.1.2704 - CyberLink Corp.) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.249 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.4.0 - IObit)
Analog Lab 1.1.0 (HKLM-x32\...\analoglab073_is1) (Version: 1.1.0 - Arturia)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.33.00 - )
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: - )
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon iP4800 series Benutzerregistrierung (HKLM-x32\...\Canon iP4800 series Benutzerregistrierung) (Version: - )
Canon iP4800 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4800_series) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version: - )
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5428.52 - CyberLink Corp.)
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.5 - IObit)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.8.1.14153 - Steinberg Media Technologies GmbH)
ESET Smart Security (HKLM\...\{F5A3E880-A737-48F2-A124-6F5D4CEA6AB4}) (Version: 7.0.302.26 - ESET, spol s r. o.)
FL Studio 9 (HKLM-x32\...\FL Studio 9) (Version: - Image-Line)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.5.129.617 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.2.802 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Hardcore (HKLM-x32\...\Hardcore) (Version: - Image-Line)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Integrated Camera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 5.13.911.32 - Vimicro)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.13.1402 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.0.4.25 - IObit)
Kalenderchen 6 (HKCU\...\Kalenderchen 6) (Version: - )
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.01 - )
Lenovo Dependency Package (HKLM-x32\...\Lenovo Dependency Package_is1) (Version: 1.5.37.0 - Lenovo Group Limited)
Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Peer Connect SDK (HKLM\...\{75C87855-9CBB-4892-B1A9-74C73A19CACA}_is1) (Version: 1.0.0.7 - Lenovo)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo QuickControl (HKLM-x32\...\{4855C42F-5197-4AAD-A50D-5066D2CC4647}) (Version: 2.20 - Lenovo Group Limited)
Lenovo Settings - Camera Audio (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 4.0.101.0 - Lenovo Corporation)
Lenovo Settings Dependency Package (HKLM\...\{3694BA2E-BE31-4B7E-886B-A0B559E69D4D}_is1) (Version: 1.2.2.3 - Lenovo Group Limited)
Lenovo Settings Mobile Hotspot (HKLM\...\{42603F7D-B08D-436B-B0D8-3E2DEF1AFD41}_is1) (Version: 1.1.0.60 - Lenovo)
Lenovo Solution Center (HKLM\...\{13BD494D-9ACD-420B-A291-E145DED92EF6}) (Version: 2.6.001.00 - Lenovo Group Limited)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0012.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Native Instruments Abbey Road 60s Drums Vintage (HKLM-x32\...\Native Instruments Abbey Road 60s Drums Vintage) (Version: - Native Instruments)
Native Instruments Abbey Road 60s Drums Vintage (Version: 1.1.0.002 - Native Instruments) Hidden
Native Instruments Audio 2 DJ Driver (HKLM-x32\...\Native Instruments Audio 2 DJ Driver) (Version: - Native Instruments)
Native Instruments Audio 2 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Audio 8 DJ Driver (HKLM-x32\...\Native Instruments Audio 8 DJ Driver) (Version: - Native Instruments)
Native Instruments Audio 8 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.7.0.150 - Native Instruments)
Native Instruments Controller Editor (Version: 1.7.0.150 - Native Instruments) Hidden
Native Instruments DrumMicA (Version: 1.0.0.002 - Native Instruments) Hidden
Native Instruments Guitar Rig 4 (HKLM-x32\...\Native Instruments Guitar Rig 4) (Version: - Native Instruments)
Native Instruments Guitar Rig 4 (Version: 4.2.2.2564 - Native Instruments) Hidden
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: 5.2.0.2770 - Native Instruments)
Native Instruments Guitar Rig 5 (Version: 5.2.0.2770 - Native Instruments) Hidden
Native Instruments Guitar Rig Elements for Maschine (HKLM-x32\...\Native Instruments Guitar Rig Elements for Maschine) (Version: - Native Instruments)
Native Instruments Guitar Rig Elements for Maschine (Version: 1.0.0.001 - Native Instruments) Hidden
Native Instruments Guitar Rig Mobile IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Mobile IO Driver) (Version: - Native Instruments)
Native Instruments Guitar Rig Mobile IO Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Guitar Rig Pro Library for Maschine (HKLM-x32\...\Native Instruments Guitar Rig Pro Library for Maschine) (Version: - Native Instruments)
Native Instruments Guitar Rig Pro Library for Maschine (Version: 1.0.0.001 - Native Instruments) Hidden
Native Instruments Guitar Rig Session IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Session IO Driver) (Version: - Native Instruments)
Native Instruments Guitar Rig Session IO Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Komplete Audio 6 (HKLM-x32\...\Native Instruments Komplete Audio 6) (Version: - Native Instruments)
Native Instruments Komplete Audio 6 (Version: 3.0.2.664 - Native Instruments) Hidden
Native Instruments Komplete Elements Mk2 (HKLM-x32\...\Native Instruments Komplete Elements Mk2) (Version: - Native Instruments)
Native Instruments Komplete Elements Mk2 (Version: 8.0.0.003 - Native Instruments) Hidden
Native Instruments Komplete Selection (HKLM-x32\...\Native Instruments Komplete Selection) (Version: - Native Instruments)
Native Instruments Komplete Selection (Version: 1.0.4.1 - Native Instruments) Hidden
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.4.1.211 - Native Instruments)
Native Instruments Kontakt 5 (Version: 5.4.1.211 - Native Instruments) Hidden
Native Instruments Kontakt Elements Selection R2 (HKLM-x32\...\Native Instruments Kontakt Elements Selection R2) (Version: - Native Instruments)
Native Instruments Kontakt Elements Selection R2 (Version: 1.1.0.003 - Native Instruments) Hidden
Native Instruments Maschine 2 (HKLM-x32\...\Native Instruments Maschine 2) (Version: 2.1.2.1444 - Native Instruments)
Native Instruments Maschine 2 (Version: 2.1.2.1444 - Native Instruments) Hidden
Native Instruments Maschine 2 Factory Library (HKLM-x32\...\Native Instruments Maschine 2 Factory Library) (Version: 1.1.0.7 - Native Instruments)
Native Instruments Maschine 2 Factory Library (Version: 1.1.0.7 - Native Instruments) Hidden
Native Instruments Maschine Controller Driver (HKLM-x32\...\Native Instruments Maschine Controller Driver) (Version: - Native Instruments)
Native Instruments Maschine Controller Driver (Version: 3.0.1.648 - Native Instruments) Hidden
Native Instruments Maschine Controller MK2 Driver (HKLM-x32\...\Native Instruments Maschine Controller MK2 Driver) (Version: - Native Instruments)
Native Instruments Maschine Controller MK2 Driver (Version: 3.0.4.719 - Native Instruments) Hidden
Native Instruments Maschine Mikro Driver (HKLM-x32\...\Native Instruments Maschine Mikro Driver) (Version: - Native Instruments)
Native Instruments Maschine Mikro Driver (Version: 3.0.2.664 - Native Instruments) Hidden
Native Instruments Maschine Mikro MK2 Driver (HKLM-x32\...\Native Instruments Maschine Mikro MK2 Driver) (Version: - Native Instruments)
Native Instruments Maschine Mikro MK2 Driver (Version: 3.0.4.719 - Native Instruments) Hidden
Native Instruments Maschine Studio Driver (HKLM-x32\...\Native Instruments Maschine Studio Driver) (Version: - Native Instruments)
Native Instruments Maschine Studio Driver (Version: 3.1.2.796 - Native Instruments) Hidden
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: 1.4.0.292 - Native Instruments)
Native Instruments Massive (Version: 1.4.0.292 - Native Instruments) Hidden
Native Instruments Rammfire (HKLM-x32\...\Native Instruments Rammfire) (Version: 2.0.0.4 - Native Instruments)
Native Instruments Rammfire (Version: 2.0.0.4 - Native Instruments) Hidden
Native Instruments Reaktor 5 (HKLM-x32\...\Native Instruments Reaktor 5) (Version: 5.9.2.1074 - Native Instruments)
Native Instruments Reaktor 5 (Version: 5.9.2.1074 - Native Instruments) Hidden
Native Instruments Reaktor Elements Selection (HKLM-x32\...\Native Instruments Reaktor Elements Selection) (Version: - Native Instruments)
Native Instruments Reaktor Elements Selection (Version: 1.1.0.003 - Native Instruments) Hidden
Native Instruments Reaktor Prism (HKLM-x32\...\Native Instruments Reaktor Prism) (Version: 1.4.0.10 - Native Instruments)
Native Instruments Reaktor Prism (Version: 1.4.0.10 - Native Instruments) Hidden
Native Instruments Reaktor Spark R2 (HKLM-x32\...\Native Instruments Reaktor Spark R2) (Version: 1.3.0.2 - Native Instruments)
Native Instruments Reaktor Spark R2 (Version: 1.3.0.2 - Native Instruments) Hidden
Native Instruments Rig Kontrol 3 Driver (HKLM-x32\...\Native Instruments Rig Kontrol 3 Driver) (Version: - Native Instruments)
Native Instruments Rig Kontrol 3 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Scarbee Mark I (HKLM-x32\...\Native Instruments Scarbee Mark I) (Version: 1.3.0.7 - Native Instruments)
Native Instruments Scarbee Mark I (Version: 1.3.0.7 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.4.1587 - Native Instruments)
Native Instruments Service Center (Version: 2.5.4.1587 - Native Instruments) Hidden
Native Instruments Solid Bus Comp FX (HKLM-x32\...\Native Instruments Solid Bus Comp FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments Solid Bus Comp FX (Version: 1.1.1.427 - Native Instruments) Hidden
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: - Native Instruments)
Native Instruments Traktor 2 (Version: 2.0.0.9833 - Native Instruments) Hidden
Native Instruments Traktor Audio 6 (HKLM-x32\...\Native Instruments Traktor Audio 6) (Version: - Native Instruments)
Native Instruments Traktor Audio 6 (Version: 2.9.6.517 - Native Instruments) Hidden
NVIDIA Grafiktreiber 327.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.62 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.141.953 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Systemsteuerung 327.62 (Version: 327.62 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
PoiZone (HKLM-x32\...\PoiZone) (Version: - Image-Line)
PowerDVD Create (HKLM-x32\...\InstallShield_{DE485075-8CD3-4A1E-9ABC-6412EBA44872}) (Version: 10.0 - CyberLink Corp.)
Protegere (HKLM-x32\...\Protegere) (Version: - )
RapidBoot HDD Accelerator (HKLM-x32\...\Fastboot) (Version: 2.1.1.0 - Lenovo)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.754.754.071213 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30161 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0227 - REALTEK Semiconductor Corp.)
Sawer (HKLM-x32\...\Sawer) (Version: - Image-Line)
Security Guard (HKLM-x32\...\Security Guard) (Version: - )
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Steinberg Cubase LE AI Elements 7 (HKLM-x32\...\{5C73FC14-D3B1-45FC-A50C-7B41CB0D9DED}) (Version: 7.0.7 - Steinberg Media Technologies GmbH)
Steinberg Cubase LE AI Elements 7 64bit (HKLM\...\{67E7C608-D0EA-4273-B374-50ABE42FBE08}) (Version: 7.0.7 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE (HKLM-x32\...\{EF7800A8-575E-4776-95A5-A9D904A85D5F}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.80.99066 - SugarSync, Inc.)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.4.13 - Synaptics Incorporated)
Toxic Biohazard (HKLM-x32\...\Toxic Biohazard) (Version: - Image-Line)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden
TuneUp Utilities 2014 (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden
VoiceSupport 1.2.01 (HKLM-x32\...\TC-Helicon VoiceSupport_is1) (Version: 1.2.01 build 38 - TC-Helicon Vocal Technologies Inc.)
WaveEditor (x32 Version: 1.0.1.4514 - CyberLink Corp.) Hidden
WaveLab LE 8 (64 bit) (HKLM\...\WaveLabLE8_64) (Version: 8.0.2.675 - Steinberg)
Windows-Treiberpaket - Intel Corporation (iaStorA) HDC (07/24/2013 12.7.3.1001) (HKLM\...\B7736F430D5061EB825C589EAABF709BAD04FAB9) (Version: 07/24/2013 12.7.3.1001 - Intel Corporation)
Windows-Treiberpaket - Lenovo 1.67.00.02 (04/17/2013 1.67.00.02) (HKLM\...\907DA143458FE258EFEB416B946DE8DF2B87A0BA) (Version: 04/17/2013 1.67.00.02 - Lenovo)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

24-10-2014 19:05:59 Windows Update
28-10-2014 11:03:23 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00398802-10B3-4759-A4A3-A2B3899BC734} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2014-09-03] (Lenovo)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {06FD988A-E085-485F-861F-C06B43884723} - System32\Tasks\CLMLSvc => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2013-03-06] (CyberLink)
Task: {099E7483-957D-43C9-9CA0-EAB5EE915E34} - System32\Tasks\GoogleUpdateTaskMachineCore1cf73611fcb18c3 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0F397AC4-2B80-4F7B-B047-31DA8B863B1C} - System32\Tasks\Uninstaller_SkipUac_Tom => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-10-14] (IObit)
Task: {12390BC3-55E7-43CB-A4F8-E7F2D4040648} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2FA15D82-B206-40D1-A668-60B461A691E7} - System32\Tasks\Lenovo\LenovoUserguidesCopy => C:\Program Files\lenovo\SystemAgent\UserguidesCopy.exe [2013-06-05] ()
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3D93F472-ED44-4C38-8455-754283E19B28} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-08-17] (Realtek Semiconductor) <==== ATTENTION
Task: {43995C28-52A2-46C1-95F7-FAA1441972E6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {49581ED3-0A51-41AE-B926-98BE340F3B91} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {524B0AF1-445C-468B-B129-3C4A6F7A4462} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-10-14] (IObit)
Task: {52C1D7F6-A304-4769-8899-669FFFDB4014} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {549E1E20-C4C1-4C1D-9258-D949649F1C51} - System32\Tasks\GoogleUpdateTaskMachineCore1cf92d8104633f4 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {54BFA220-1247-4F8B-866E-7CA391146716} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-09-03] (Lenovo)
Task: {5780E472-398A-4793-9BCB-7CE28DBF3411} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {6022DFB6-3CC7-4192-9C92-B904F9643FA5} - System32\Tasks\Lenovo\LenovoDependencyVersionTask => C:\Program Files\lenovo\SystemAgent\DependencyVersion.exe [2013-06-05] ()
Task: {62091F62-5FD3-4283-B77C-79E94F78CDA8} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-09-03] ()
Task: {661D15B8-AE84-4C47-917D-964FE8971C65} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {68827C1D-98A1-4C28-9DD3-0ADB89655D50} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {69B83979-D359-4D50-B1C7-F2281AD15DF5} - System32\Tasks\Lenovo\LenovoWarrantyChinaTask => C:\Program Files\lenovo\SystemAgent\ChinaWarrantyService.exe [2013-06-05] ()
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6D4D9621-728A-41B1-92B0-1465CA5521F5} - System32\Tasks\StartPowerDVDService => C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe [2013-06-28] (CyberLink Corp.)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6E454BEE-FD37-4541-BADB-67FB8C4EA528} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {713F3E30-DF59-4BE6-BB60-F5934191397E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {718E7B24-CD46-45A2-93F0-E295876903F8} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7A3949DB-684E-474E-A626-91132F1C9F3A} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe
Task: {7A55A9B3-1EF1-43D3-A773-3CAA073078D5} - System32\Tasks\ASC7_SkipUac_Tom => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2014-08-22] (IObit)
Task: {7FF24135-D1DE-4332-AFAD-ADA032AD77D4} - System32\Tasks\TVT\LenovoWERMonitor => C:\Program Files (x86)\Common Files\lenovo\SUP\sup_wermonitor.exe [2014-05-27] (Lenovo)
Task: {826B4038-034A-4176-8700-B59BB7C8D2F3} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-09-03] (Lenovo)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {90363B1B-B7BD-45E0-8D88-E5D30C5BB01F} - System32\Tasks\Absolute Reminder => C:\Program Files (x86)\Absolute Software\Absolute Reminder\AbsoluteReminder.exe
Task: {95C7C196-453C-4BF3-9D13-91BFC36829D0} - System32\Tasks\PMTask => C:\PROGRA~2\ThinkPad\UTILIT~1\PwmIdTsv.exe
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AD1C40FA-3477-4305-AEE9-3F0A1643510A} - System32\Tasks\Driver Booster SkipUAC (Tom) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-08-06] (IObit)
Task: {AEE1E565-F129-45DC-B867-3DB242877BF3} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {C29F5E6E-60B3-4D3C-98B0-95CFC69B7325} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-17] (Adobe Systems Incorporated)
Task: {C35024EF-3026-4766-A84C-0FAC89C53523} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe [2014-08-20] (IObit)
Task: {C6566179-8752-46CC-81FF-DCACF6B21117} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E26BCC9B-1C7F-4697-BEF4-413FE23346C6} - System32\Tasks\Lenovo\LenovoMachineInformation => C:\Program Files\lenovo\SystemAgent\MachineInformation.exe [2013-06-05] ()
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F1807637-76A8-4382-AAA0-1B82EBD4F1AB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-10-17] (Microsoft Corporation)
Task: {F87DB7CA-BDB8-457E-9D38-BEFB471A7335} - System32\Tasks\GoogleUpdateTaskMachineCore1cf54ddf087c23e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\ASC7_SkipUac_Tom.job => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Tom.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Loaded Modules (whitelisted) =============

2013-11-14 17:11 - 2013-07-05 07:42 - 00117248 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2013-04-19 11:50 - 2013-04-19 11:50 - 00463352 _____ () C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
2013-12-26 19:42 - 2013-12-26 19:42 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-04-19 11:50 - 2013-04-19 11:50 - 00014328 _____ () C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
2014-10-03 16:36 - 2014-10-03 16:36 - 00457616 _____ () C:\WINDOWS\system32\igfxTray.exe
2014-09-01 15:34 - 2013-10-25 11:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll
2013-11-14 17:05 - 2013-11-14 17:05 - 00033520 ____N () C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBServiceps.dll
2013-11-14 17:09 - 2013-07-03 19:40 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-10-17 14:35 - 2014-10-17 14:35 - 00797696 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Networking\e1a2f3f274995f1f847c00f962657943\Windows.Networking.ni.dll
2014-10-17 14:35 - 2014-10-17 14:35 - 00228864 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\f7e726805e56676bd7b8662a3d842b0e\Windows.Foundation.ni.dll
2014-04-23 16:21 - 2014-04-23 16:21 - 01282048 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Devices\bf5509cf3a0d2e3afbd0c33e9153ecbd\Windows.Devices.ni.dll
2014-09-01 15:34 - 2013-01-15 17:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madExcept_.bpl
2014-09-01 15:34 - 2013-01-15 17:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madBasic_.bpl
2014-09-01 15:34 - 2013-01-15 17:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madDisAsm_.bpl
2014-09-01 15:34 - 2013-01-15 17:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll
2013-03-06 21:49 - 2013-03-06 21:49 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2013-03-06 21:52 - 2013-03-06 21:52 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-10-18 23:32 - 2014-10-10 03:03 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
2014-10-18 23:32 - 2014-10-10 03:03 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
2014-10-18 23:32 - 2014-10-10 03:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
2014-10-18 23:32 - 2014-10-10 03:03 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
2014-10-18 23:32 - 2014-10-10 03:04 - 14902600 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Users\Tom\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "LenovoOptMouseUpdate"
HKLM\...\StartupApproved\Run: => "LENOVO.TPKNRRES"
HKLM\...\StartupApproved\Run: => "LnvMobHotspotClient"
HKLM\...\StartupApproved\Run: => "BtServer"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "CanonSolutionMenuEx"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"

========================= Accounts: ==========================

Administrator (S-1-5-21-1800612341-941125145-2720928169-500 - Administrator - Disabled)
Gast (S-1-5-21-1800612341-941125145-2720928169-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1800612341-941125145-2720928169-1006 - Limited - Enabled)
Malou (S-1-5-21-1800612341-941125145-2720928169-1007 - Limited - Enabled) => C:\Users\Malou
Tom (S-1-5-21-1800612341-941125145-2720928169-1002 - Administrator - Enabled) => C:\Users\Tom
UpdatusUser (S-1-5-21-1800612341-941125145-2720928169-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (10/28/2014 04:42:18 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (10/28/2014 04:41:48 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (10/28/2014 04:41:18 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (10/28/2014 04:40:38 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (10/28/2014 04:40:08 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (10/28/2014 04:39:38 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (10/28/2014 04:39:08 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (10/28/2014 04:38:38 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (10/28/2014 04:38:08 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2014-04-14 19:35:20.298
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AppxAllUserStore.dll that did not meet the Windows signing level requirements.

Date: 2014-04-14 19:35:19.980
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AppxAllUserStore.dll that did not meet the Windows signing level requirements.

Date: 2014-04-14 19:35:19.531
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AppxAllUserStore.dll that did not meet the Windows signing level requirements.

Date: 2014-04-14 19:35:19.106
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AppxAllUserStore.dll that did not meet the Windows signing level requirements.

Date: 2014-04-14 19:35:18.398
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AppxAllUserStore.dll that did not meet the Windows signing level requirements.

Date: 2014-04-14 19:35:18.142
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AppxAllUserStore.dll that did not meet the Windows signing level requirements.

Date: 2014-04-14 19:35:17.553
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AppxAllUserStore.dll that did not meet the Windows signing level requirements.

Date: 2014-04-14 19:35:16.500
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AppxAllUserStore.dll that did not meet the Windows signing level requirements.

Date: 2014-04-14 19:35:07.430
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AppxAllUserStore.dll that did not meet the Windows signing level requirements.

Date: 2014-04-14 19:34:57.353
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AppxAllUserStore.dll that did not meet the Windows signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz
Percentage of memory in use: 29%
Total physical RAM: 8089.81 MB
Available physical RAM: 5741.78 MB
Total Pagefile: 16281.81 MB
Available Pagefile: 13730.26 MB
Total Virtual: 131072 MB
Available Virtual: 131071.74 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:916.83 GB) (Free:800.72 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 23CF280C)

Partition: GPT Partition Type.

==================== End Of Log ============================




GMER Logfile:


	
Code: 

 
ATTFilter


  

	
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-10-28 17:34:53
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000029 ST1000LM024_HN-M101MBB rev.2BA30001 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\Tom\AppData\Local\Temp\fxryrpog.sys


---- Kernel code sections - GMER 2.1 ----

.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable fffff96000106e00 15 bytes [00, F1, F6, 01, 40, 8F, 6C, ...]
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 16 fffff96000106e10 11 bytes [00, 6D, FC, FF, 00, A3, C3, ...]

---- User code sections - GMER 2.1 ----

.text C:\WINDOWS\System32\spoolsv.exe[1576] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffddb27169a 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\System32\spoolsv.exe[1576] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffddb2716a2 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\System32\spoolsv.exe[1576] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffddb27181a 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\System32\spoolsv.exe[1576] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffddb271832 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[4112] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffddb27169a 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[4112] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffddb2716a2 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[4112] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffddb27181a 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[4112] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffddb271832 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNEL32.DLL!K32GetModuleInformation 00007ffdd9ab28c0 7 bytes JMP 00007ffed96e02d0
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNEL32.DLL!RegQueryValueExW 00007ffdd9ab43d8 7 bytes JMP 00007ffed96e0308
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNEL32.DLL!RegSetValueExA 00007ffdd9b61f20 7 bytes JMP 00007ffed96e0378
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNEL32.DLL!RegSetValueExW 00007ffdd9b640b4 7 bytes JMP 00007ffed96e03b0
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNEL32.DLL!RegDeleteValueW 00007ffdd9b64510 7 bytes JMP 00007ffed96e0340
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNEL32.DLL!K32GetModuleFileNameExW 00007ffdd9b64af0 7 bytes JMP 00007ffed96e0260
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNEL32.DLL!K32EnumProcessModulesEx 00007ffdd9b8cea0 7 bytes JMP 00007ffed96e0228
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNEL32.DLL!K32GetMappedFileNameW 00007ffdd9b8cf10 7 bytes JMP 00007ffed96e0298
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNELBASE.dll!GetModuleHandleW 00007ffdd96f299c 7 bytes JMP 00007ffed96e00d8
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNELBASE.dll!FreeLibrary 00007ffdd96f54c8 5 bytes JMP 00007ffed96e0180
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNELBASE.dll!LoadLibraryExW 00007ffdd96f55b0 5 bytes JMP 00007ffed96e0148
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\KERNELBASE.dll!GetModuleHandleExW 00007ffdd96f5e58 5 bytes JMP 00007ffed96e0110
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\USER32.dll!CreateWindowExW 00007ffdd9ceb6f4 10 bytes JMP 00007ffed96e0490
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\USER32.dll!EnumDisplayDevicesW 00007ffdd9cf45e8 5 bytes JMP 00007ffed96e0458
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\USER32.dll!DisplayConfigGetDeviceInfo 00007ffdd9cf4760 1 byte JMP 00007ffed96e03e8
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\USER32.dll!DisplayConfigGetDeviceInfo + 2 00007ffdd9cf4762 7 bytes {JMP 0xffffffffff9ebc88}
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\USER32.dll!EnumDisplayDevicesA 00007ffdd9d04fc0 5 bytes JMP 00007ffed96e0420
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\GDI32.dll!D3DKMTGetDisplayModeList 00007ffddb341500 8 bytes JMP 00007ffed96e01b8
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\system32\GDI32.dll!D3DKMTQueryAdapterInfo 00007ffddb341750 8 bytes JMP 00007ffed96e01f0
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\System32\dxgi.dll!CreateDXGIFactory1 00007ffdd7387a88 5 bytes JMP 00007ffed7200110
.text C:\WINDOWS\System32\dwm.exe[4952] C:\WINDOWS\System32\dxgi.dll!CreateDXGIFactory 00007ffdd7394990 5 bytes JMP 00007ffed72000d8
.text C:\WINDOWS\system32\nvvsvc.exe[2644] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffddb27169a 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\system32\nvvsvc.exe[2644] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffddb2716a2 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\system32\nvvsvc.exe[2644] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffddb27181a 4 bytes [27, DB, FD, 7F]
.text C:\WINDOWS\system32\nvvsvc.exe[2644] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffddb271832 4 bytes [27, DB, FD, 7F]
.text C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE[3640] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffddb27169a 4 bytes [27, DB, FD, 7F]
.text C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE[3640] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffddb2716a2 4 bytes [27, DB, FD, 7F]
.text C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE[3640] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffddb27181a 4 bytes [27, DB, FD, 7F]
.text C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE[3640] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffddb271832 4 bytes [27, DB, FD, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2912] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffddb27169a 4 bytes [27, DB, FD, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2912] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffddb2716a2 4 bytes [27, DB, FD, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2912] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffddb27181a 4 bytes [27, DB, FD, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2912] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffddb271832 4 bytes [27, DB, FD, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[5708] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffddb27169a 4 bytes [27, DB, FD, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[5708] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffddb2716a2 4 bytes [27, DB, FD, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[5708] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffddb27181a 4 bytes [27, DB, FD, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[5708] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffddb271832 4 bytes [27, DB, FD, 7F]

---- Threads - GMER 2.1 ----

Thread System [4:716] ffffe001ca8a5ce0
Thread C:\WINDOWS\system32\csrss.exe [3648:2708] fffff96000920b90
Thread C:\WINDOWS\explorer.exe [2868:4260] 00007ffdcb48d73c

---- Disk sectors - GMER 2.1 ----

Disk \Device\Harddisk0\DR0 unknown MBR code

---- EOF - GMER 2.1 ----
         
 
--- --- ---


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.14.2014:1)
OS: Windows 8.1 x64
Ran by Tom on 18.10.2014 at 22:35:39,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [File] C:\Users\Tom\AppData\Roaming\mozilla\firefox\profiles\ljqt246l.default\user.js



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.10.2014 at 22:37:50,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

HiJackthis Logfile:

 
Code: 

 
ATTFilter
 
 
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 16:28:14, on 28.10.2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Unable to get Internet Explorer version!

FIREFOX: 28.0 (de)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Tom\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPlugin_Protection.dll
O4 - HKLM\..\Run: [331BigDog] "C:\Program Files (x86)\USB Camera\VM331STI.EXE"
O4 - HKLM\..\Run: [Fastboot] "C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe" /analysis
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AVControlCenter - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: FastbootService - Lenovo - C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Corporation - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem55.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Service - Lenovo Group Limited - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
O23 - Service: Lenovo AVFramework Camera Privacy Controller (LENOVO.CAMMUTE) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\cammute.exe
O23 - Service: Lenovo AVFramework Microphone Volume Controller and Dolby Interface (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
O23 - Service: Lenovo AVFramework Virtual Camera Controller Service (LENOVO.TVTVCAM) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: lnvDiscoveryWinSvc - Lenovo - C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
O23 - Service: Location Task Manager (LocationTaskManager) - Unknown owner - C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Lenovo QuickControl Master Service (QuickControlMasterSvc) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
O23 - Service: Lenovo QuickControl Service (QuickControlService) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9806 bytes
         
 
--- --- ---


===============================
2014-04-14 21:57:43 772 UPGRADE TIP


2014-04-14 21:57:45 817 4 1
2014-04-14 21:57:45 818 4 2
2014-04-14 21:57:45 819 4 3
2014-04-14 21:57:45 820 5 3
===============================


IFRT Tool log
Connect to Server CreateFile() successful.
svc_write_buffer->InBufferSize ==> 12
svc_write_buffer->SvcCommand ==> 0
Sent message to server successful.
Read was successfull
Connect to Server CreateFile() successful.
svc_write_buffer->InBufferSize ==> 12
svc_write_buffer->SvcCommand ==> 0
Sent message to server successful.
Read was successfull
Connect to Server CreateFile() successful.
svc_write_buffer->InBufferSize ==> 12
svc_write_buffer->SvcCommand ==> 0
Sent message to server successful.
Read was successfull
Connect to Server CreateFile() successful.
svc_write_buffer->InBufferSize ==> 12
svc_write_buffer->SvcCommand ==> 0
Sent message to server successful.
Read was successfull
Connect to Server CreateFile() successful.
svc_write_buffer->InBufferSize ==> 12
svc_write_buffer->SvcCommand ==> 0
Sent message to server successful.
Read was successfull
Connect to Server CreateFile() successful.
svc_write_buffer->InBufferSize ==> 12
svc_write_buffer->SvcCommand ==> 0
Sent message to server successful.
Read was successfull
Connect to Server CreateFile() successful.
svc_write_buffer->InBufferSize ==> 12
svc_write_buffer->SvcCommand ==> 0
Sent message to server successful.
Read was successfull
Connect to Server CreateFile() successful.
svc_write_buffer->InBufferSize ==> 12
svc_write_buffer->SvcCommand ==> 0
Sent message to server successful.
Read was successfull
Connect to Server CreateFile() successful.
svc_write_buffer->InBufferSize ==> 12
svc_write_buffer->SvcCommand ==> 0
Sent message to server successful.
Read was successfull


 Malwarebytes Anti-Malware  
www.malwarebytes.org


Update, 18.10.2014 10:22:40, SYSTEM, LENOVO-PC, Scheduler, Malware Database, 2014.10.17.7, 2014.10.18.3, 
Protection, 18.10.2014 10:22:40, SYSTEM, LENOVO-PC, Protection, Refresh, Starting, 
Protection, 18.10.2014 10:22:40, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 18.10.2014 10:22:40, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 18.10.2014 10:23:13, SYSTEM, LENOVO-PC, Protection, Refresh, Success, 
Protection, 18.10.2014 10:23:13, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Starting, 
Protection, 18.10.2014 10:23:13, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Started, 
Scan, 18.10.2014 10:37:20, SYSTEM, LENOVO-PC, Manual, Start: % 1 "% 2", Dauer: % 1 min 14 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, 0-Malwareerkennung, 
Update, 18.10.2014 14:04:41, SYSTEM, LENOVO-PC, Scheduler, Malware Database, 2014.10.18.3, 2014.10.18.4, 
Protection, 18.10.2014 14:04:42, SYSTEM, LENOVO-PC, Protection, Refresh, Starting, 
Protection, 18.10.2014 14:04:42, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 18.10.2014 14:04:42, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 18.10.2014 14:04:46, SYSTEM, LENOVO-PC, Protection, Refresh, Success, 
Protection, 18.10.2014 14:04:46, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Starting, 
Protection, 18.10.2014 14:04:47, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Started, 
Scan, 18.10.2014 14:50:21, SYSTEM, LENOVO-PC, Manual, Start: % 1 "% 2", Dauer: % 1 min 20 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, 0-Malwareerkennung, 
Update, 18.10.2014 16:09:06, SYSTEM, LENOVO-PC, Scheduler, Malware Database, 2014.10.18.4, 2014.10.18.5, 
Protection, 18.10.2014 16:09:06, SYSTEM, LENOVO-PC, Protection, Refresh, Starting, 
Protection, 18.10.2014 16:09:06, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 18.10.2014 16:09:06, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 18.10.2014 16:10:46, SYSTEM, LENOVO-PC, Protection, Refresh, Success, 
Protection, 18.10.2014 16:10:46, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Starting, 
Protection, 18.10.2014 16:10:46, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Started, 
Protection, 18.10.2014 18:26:16, SYSTEM, LENOVO-PC, Protection, Malware Protection, Starting, 
Protection, 18.10.2014 18:26:16, SYSTEM, LENOVO-PC, Protection, Malware Protection, Started, 
Protection, 18.10.2014 18:26:16, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Starting, 
Protection, 18.10.2014 18:27:18, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Started, 
Protection, 18.10.2014 18:41:35, SYSTEM, LENOVO-PC, Protection, Malware Protection, Starting, 
Protection, 18.10.2014 18:41:35, SYSTEM, LENOVO-PC, Protection, Malware Protection, Started, 
Protection, 18.10.2014 18:41:35, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Starting, 
Protection, 18.10.2014 18:42:37, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Started, 
Protection, 18.10.2014 19:38:31, SYSTEM, LENOVO-PC, Protection, Malware Protection, Starting, 
Protection, 18.10.2014 19:38:32, SYSTEM, LENOVO-PC, Protection, Malware Protection, Started, 
Protection, 18.10.2014 19:38:32, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Starting, 
Protection, 18.10.2014 19:39:25, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Started, 
Scan, 18.10.2014 19:54:50, SYSTEM, LENOVO-PC, Manual, Start: % 1 "% 2", Dauer: % 1 min 0 Sekunden, Bedrohungs-Suchlauf, Abgebrochen, 0 Malwareerkennung, 0-Malwareerkennung, 
Update, 18.10.2014 20:55:41, SYSTEM, LENOVO-PC, Scheduler, Malware Database, 2014.10.18.5, 2014.10.18.6, 
Protection, 18.10.2014 20:55:42, SYSTEM, LENOVO-PC, Protection, Refresh, Starting, 
Protection, 18.10.2014 20:55:42, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 18.10.2014 20:55:43, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 18.10.2014 20:56:49, SYSTEM, LENOVO-PC, Protection, Refresh, Success, 
Protection, 18.10.2014 20:56:49, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Starting, 
Protection, 18.10.2014 20:56:50, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Started, 
Protection, 18.10.2014 22:29:53, SYSTEM, LENOVO-PC, Protection, Malware Protection, Starting, 
Protection, 18.10.2014 22:29:54, SYSTEM, LENOVO-PC, Protection, Malware Protection, Started, 
Protection, 18.10.2014 22:29:54, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Starting, 
Protection, 18.10.2014 22:30:46, SYSTEM, LENOVO-PC, Protection, Malicious Website Protection, Started, 
Scan, 18.10.2014 22:49:54, SYSTEM, LENOVO-PC, Manual, Start: % 1 "% 2", Dauer: % 1 min 11 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, 0-Malwareerkennung, 
Protection, 18.10.2014 23:50:56, SYSTEM, LENOVO-PC, Protection, Malware Protection, Starting, 
Protection, 18.10.2014 23:50:56, SYSTEM, LENOVO-PC, Protection, Malware Protection, Started, 
Protection, 18.10.2014 23:54:42, SYSTEM, LENOVO-PC, Protection, Malware Protection, Stopping, 
Protection, 18.10.2014 23:54:42, SYSTEM, LENOVO-PC, Protection, Malware Protection, Stopped, 
Scan, 18.10.2014 23:55:10, SYSTEM, LENOVO-PC, Manual, Dauer: % 1 min 0 Sekunden, Bedrohungs-Suchlauf, Fehlgeschlagen, 0 Malwareerkennung, 0-Malwareerkennung, 
Update, 18.10.2014 23:56:26, SYSTEM, LENOVO-PC, Manual, Rootkit Database, 0.0.0.0, 2014.10.17.1, 
Update, 18.10.2014 23:56:26, SYSTEM, LENOVO-PC, Manual, Remediation Database, 0.0.0.0, 2013.10.16.1, 
Update, 18.10.2014 23:56:37, SYSTEM, LENOVO-PC, Manual, Malware Database, 0.0.0.0, 2014.10.18.6, 

(end)

 Malwarebytes Anti-Malware  
www.malwarebytes.org


Update, 27.10.2014 09:13:23, SYSTEM, LENOVO-PC, Manual, Failed, Unable to access update server, 
Update, 27.10.2014 09:13:29, SYSTEM, LENOVO-PC, Manual, Failed, Unable to access update server, 
Update, 27.10.2014 09:22:13, SYSTEM, LENOVO-PC, Manual, Failed, Unable to access update server, 
Update, 27.10.2014 09:22:52, SYSTEM, LENOVO-PC, Manual, Failed, Unable to access update server, 
Scan, 27.10.2014 09:31:39, SYSTEM, LENOVO-PC, Manual, Start: % 1 "% 2", Dauer: % 1 min 8 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, 0-Malwareerkennung, 

(end)
Und was noch sehr mysteriös ist, der Netzwerkzugriffschutz ist ausgestellt

d.h.. der Netzwerkzugriffschutz-Agent-Dienst wird nicht ausgeführt.
__________________
Alt 30.10.2014, 11:55   #4
schrauber
/// the machine
/// TB-Ausbilder
 
Kalenderchen6, Malware, virus, wurm, was ist da los? - Standard

Kalenderchen6, Malware, virus, wurm, was ist da los?


Jedes Log bitte einzeln in Codetags posten, nicht alle in eine Codebox ballern, das kann ja kein Mensch entziffern


Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 30.10.2014, 19:20   #5
Namoi
 
Kalenderchen6, Malware, virus, wurm, was ist da los? - Standard

Kalenderchen6, Malware, virus, wurm, was ist da los?


Combofix läßt sich nicht öffnen
Das Programm sagt immer Windows 2000 is no longer suported
ich habe aber windows 8.1 auf dem rechner

Was nu?

Ps ich habe mehrmals versucht das Programm zu laden ... war jedesmal die gleiche Meldung


Alt 31.10.2014, 10:07   #6
schrauber
/// the machine
/// TB-Ausbilder
 
Kalenderchen6, Malware, virus, wurm, was ist da los? - Standard

Kalenderchen6, Malware, virus, wurm, was ist da los?


Lass Combofix weg.

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> Kalenderchen6, Malware, virus, wurm, was ist da los?

Alt 31.10.2014, 14:06   #7
Namoi
 
Kalenderchen6, Malware, virus, wurm, was ist da los? - Standard

Kalenderchen6, Malware, virus, wurm, was ist da los?


Mein Wlan funkt nicht mehr
bin jetzt über den Rechner meiner Holden hier
Also wlantotalausfall was das ganze ja nun erschwert) besorge mir ne ex festplatte und ziehe mir die programme
wird vielleicht n bisschen dauern

ach ja mein ESET hat gemeckert eine variante MSIL/Solimba.AD ist auf meinem rechner und geht nur in die quarantäne ... kein löschen möglich
Kalenderchen und Bestpraktice sind offenbar ebenfalls infiziert .. :O

nun gut erstmal die anderen Programme

Alt 01.11.2014, 11:32   #8
schrauber
/// the machine
/// TB-Ausbilder
 
Kalenderchen6, Malware, virus, wurm, was ist da los? - Standard

Kalenderchen6, Malware, virus, wurm, was ist da los?


Seit wann geht WLAN nicht mehr? Mach mal die 3 Programme obne und dann ein frisches FRST log.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.11.2014, 13:48   #9
Namoi
 
Kalenderchen6, Malware, virus, wurm, was ist da los? - Standard

Kalenderchen6, Malware, virus, wurm, was ist da los?


Hey, ging gar nix mehr ... Maus, spackte ständig ab, PC absturz, laaaaangsam allet,
Hab das System zurückgesetzt, ... allet neu macht der Mai
nerv nerv... naja aus Schaden wird man klug

Er läuft wieder ... Yeah
Aber n Format C ist das ja nicht gewesen ... nur ein allet wegmachen und auf Werkseinstellungen zurücksetzen

Sollte ich jetzt noch was kontrollieren , überprüfen ?

Will ja jetzt bloß nicht wat übersehen
Danke

Alt 02.11.2014, 07:58   #10
schrauber
/// the machine
/// TB-Ausbilder
 
Kalenderchen6, Malware, virus, wurm, was ist da los? - Standard

Kalenderchen6, Malware, virus, wurm, was ist da los?


poste mal bitte frische FRST logs
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.11.2014, 00:16   #11
Namoi
 
Kalenderchen6, Malware, virus, wurm, was ist da los? - Standard

Kalenderchen6, Malware, virus, wurm, was ist da los?


[CODE]
FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2014
Ran by tom.sell (administrator) on TOMTOMS on 12-11-2014 00:10:31
Running from C:\Users\tom.sell\Downloads
Loaded Profiles: UpdatusUser & tom.sell (Available profiles: UpdatusUser & tom.sell)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\SystemAgent\SystemAgentService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\QuickSnipService\QuickSnipService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Lenovo) C:\Program Files\Lenovo\QuickSnipService\QuickSnipInput.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\mkrmsg.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvchlpr.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [457616 2014-10-03] ()
HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\WINDOWS\system32\igfxpers.exe"
HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [255480 2013-06-20] (Lenovo Group Limited)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [280576 2013-10-21] (Realtek Semiconductor Corporation)
HKLM\...\Run: [LnvMobHotspotClient] => C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [937976 2013-05-28] (Lenovo)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [594936 2013-06-21] (Lenovo Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2985712 2013-06-04] (Synaptics Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5618456 2013-09-12] (ESET)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-14] (Vimicro)
HKLM-x32\...\Run: [Fastboot] => C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [738032 2013-11-14] (Lenovo)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKU\S-1-5-21-1800612341-941125145-2720928169-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-1800612341-941125145-2720928169-1003\...\MountPoints2: {25b153b5-66b2-11e4-be78-c45444000152} - "E:\LGAutoRun.exe" 
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [184048 2013-12-26] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [156256 2013-12-26] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com/?pc=LNJB
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM - {F9904540-06D2-4ED7-8C5F-F76CF71ED2D8} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LNJB
SearchScopes: HKLM-x32 - {F9904540-06D2-4ED7-8C5F-F76CF71ED2D8} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LNJB
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\tom.sell\AppData\Roaming\Mozilla\Firefox\Profiles\8iue14ws.default
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll No File
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-11-01]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome: 
=======
CHR HomePage: Default -> https://www.google.de/search?q=google&rlz=1C1CHFX_deDE472DE472&oq=goo&aqs=chrome.1.69i57j0l2j69i65j69i60j0.16114j0j4&sourceid=chrome&espv=210&es_sm=122&ie=UTF-8
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR DefaultSearchKeyword: Default -> google.de__
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\tom.sell\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\tom.sell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-31]
CHR Extension: (Google Docs) - C:\Users\tom.sell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-31]
CHR Extension: (Google Drive) - C:\Users\tom.sell\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-31]
CHR Extension: (Aardvark this!) - C:\Users\tom.sell\AppData\Local\Google\Chrome\User Data\Default\Extensions\baodmgdpdoelldjmkhknbolcldnfjegg [2014-11-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\tom.sell\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-31]
CHR Extension: (YouTube) - C:\Users\tom.sell\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-31]
CHR Extension: (Google-Suche) - C:\Users\tom.sell\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-31]
CHR Extension: (Google Tabellen) - C:\Users\tom.sell\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-31]
CHR Extension: (Google Wallet) - C:\Users\tom.sell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-31]
CHR Extension: (Google Mail) - C:\Users\tom.sell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-31]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [148984 2013-06-21] (Lenovo Corporation)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [66560 2013-11-06] () [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1337752 2013-09-12] (ESET)
R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [140016 2013-11-14] (Lenovo)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-07-03] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-07-03] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
R2 Lenovo QuickSnip Service; C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe [219976 2013-06-05] (LENOVO INCORPORATED.)
R3 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2037240 2013-04-19] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [562504 2013-06-05] (LENOVO INCORPORATED.)
R3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [683000 2013-06-21] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-09-24] (Microsoft Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2283296 2014-11-01] (IObit)
R2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [465912 2013-05-28] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [463352 2013-04-19] ()
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-09-24] (Microsoft Corporation)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-06-17] (Nitro PDF Software)
R2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [59384 2013-07-16] (Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [138232 2013-07-16] (Lenovo Group Limited)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22376 2013-06-26] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-09-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-09-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
R0 Fastboot; C:\Windows\System32\DRIVERS\fastboot.sys [66288 2013-11-14] (Windows (R) Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [101976 2013-05-23] (Intel Corporation)
S3 ka6avs; C:\Windows\System32\Drivers\ka6avs.sys [357968 2011-09-15] (Native Instruments GmbH)
S3 ka6usb_svc; C:\Windows\System32\Drivers\ka6usb.sys [82000 2011-09-15] (Native Instruments GmbH)
S3 mc2avs; C:\Windows\System32\Drivers\mc2avs.sys [358520 2012-06-06] (Native Instruments GmbH)
S3 mc2usb_svc; C:\Windows\System32\Drivers\mc2usb.sys [81016 2012-06-06] (Native Instruments GmbH)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [125952 2014-11-01] (Intel Corporation)
S3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [328976 2012-11-02] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [97208 2012-11-02] (McAfee, Inc.)
R3 NIWinCDEmu; C:\Windows\System32\drivers\NIWinCDEmu.sys [112408 2014-11-01] ()
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [558296 2014-11-01] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3301592 2014-11-01] (Realtek Semiconductor Corporation                           )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-06-04] (Synaptics Incorporated)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1065344 2014-11-01] (Vimicro Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-09-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-12 00:10 - 2014-11-12 00:10 - 00000000 ____D () C:\Users\tom.sell\Downloads\FRST-OlderVersion
2014-11-11 23:42 - 2014-11-11 23:42 - 00000000 ____D () C:\Users\tom.sell\Downloads\Hands_On_Maschine_plus
2014-11-11 22:49 - 2014-11-11 22:49 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-11-11 22:41 - 2014-11-11 22:41 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-11-11 22:41 - 2014-11-11 22:41 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-11-11 22:40 - 2014-11-11 22:40 - 00000000 ___HD () C:\WINDOWS\system32\CanonIJ Uninstaller Information
2014-11-11 22:40 - 2014-11-11 22:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP4800 series
2014-11-11 22:38 - 2014-11-11 22:38 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-11-11 22:38 - 2010-08-25 05:00 - 00361472 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMAF.DLL
2014-11-11 21:24 - 2014-11-11 23:26 - 643130778 _____ () C:\Users\tom.sell\Downloads\Hands_On_Maschine_plus (1).zip
2014-11-11 21:06 - 2014-11-11 23:01 - 643130778 _____ () C:\Users\tom.sell\Downloads\Hands_On_Maschine_plus.zip
2014-11-10 14:35 - 2010-01-17 22:25 - 05011008 _____ () C:\Users\tom.sell\Desktop\recall edu  edit.mov
2014-11-08 20:20 - 2014-11-08 20:55 - 00000000 ____D () C:\Users\tom.sell\Desktop\Linus Fotos
2014-11-08 18:34 - 2014-11-08 18:34 - 00000000 ____D () C:\Program Files (x86)\LG Electronics
2014-11-08 18:29 - 2014-11-08 18:29 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-11-07 21:15 - 2014-11-07 21:15 - 00000000 ____D () C:\Users\tom.sell\AppData\Roaming\WebApp
2014-11-07 19:28 - 2014-11-07 19:28 - 00000000 ____D () C:\Users\Public\CyberLink
2014-11-07 19:02 - 2014-11-07 19:02 - 00000000 ____D () C:\Users\tom.sell\Documents\CyberLink
2014-11-07 19:02 - 2014-11-07 19:02 - 00000000 ____D () C:\Users\tom.sell\AppData\Roaming\CyberLink
2014-11-04 14:47 - 2014-11-04 14:52 - 00000000 ____D () C:\AdwCleaner
2014-11-04 09:39 - 2014-11-04 09:40 - 00000968 _____ () C:\Users\tom.sell\ScanApp.log
2014-11-04 02:13 - 2014-11-04 02:13 - 00001338 _____ () C:\Users\tom.sell\Desktop\WaveLabLE8 - Verknüpfung.lnk
2014-11-04 02:08 - 2014-11-04 02:08 - 00000000 __HDC () C:\ProgramData\{9B09061B-0A4F-42DA-9987-7D3F452DCB09}
2014-11-04 01:42 - 2014-11-04 01:42 - 00001528 _____ () C:\Users\tom.sell\Desktop\Cubase LE AI Elements 7 - Verknüpfung.lnk
2014-11-04 01:23 - 2014-11-04 01:57 - 00000000 __HDC () C:\ProgramData\{76172323-A08C-4F10-AE84-E19682A29DA2}
2014-11-04 01:19 - 2014-11-04 01:19 - 00000000 __HDC () C:\ProgramData\{4682E4CB-7209-4099-8AA1-580ABCCCE731}
2014-11-04 01:19 - 2014-11-04 01:19 - 00000000 __HDC () C:\ProgramData\{033B4844-E9C3-45D2-88D9-34DDF3F91100}
2014-11-04 01:18 - 2014-11-04 01:18 - 00000000 __HDC () C:\ProgramData\{D2030082-F62A-402A-9456-8009276FD896}
2014-11-04 01:15 - 2014-11-04 01:15 - 00001121 _____ () C:\Users\Public\Desktop\Controller Editor.lnk
2014-11-04 01:15 - 2014-11-04 01:15 - 00000000 __HDC () C:\ProgramData\{4447E817-9143-4376-B59F-B06494651B85}
2014-11-04 01:14 - 2014-11-04 01:14 - 00000000 __HDC () C:\ProgramData\{0E511DF6-1923-4AF4-9BFD-A9426C94FCD7}
2014-11-04 00:51 - 2014-11-04 00:51 - 00000000 ____D () C:\Users\tom.sell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase LE AI Elements 7 32bit
2014-11-03 23:49 - 2014-11-03 23:49 - 00006670 _____ () C:\Users\tom.sell\Downloads\sc3.tmp
2014-11-03 23:41 - 2014-11-04 00:05 - 2491285880 _____ () C:\Users\tom.sell\Downloads\Cubase_LE_7_Installer_win.zip
2014-11-03 23:26 - 2014-11-03 23:33 - 720445436 _____ () C:\Users\tom.sell\Downloads\REV_Samples.part7.rar
2014-11-03 23:17 - 2014-11-03 23:26 - 1000000000 _____ () C:\Users\tom.sell\Downloads\REV_Samples.part6.rar
2014-11-03 23:07 - 2014-11-03 23:17 - 1000000000 _____ () C:\Users\tom.sell\Downloads\REV_Samples.part5.rar
2014-11-03 22:58 - 2014-11-03 23:07 - 1000000000 _____ () C:\Users\tom.sell\Downloads\REV_Samples.part4.rar
2014-11-03 22:48 - 2014-11-03 22:58 - 1000000000 _____ () C:\Users\tom.sell\Downloads\REV_Samples.part3.rar
2014-11-03 22:39 - 2014-11-03 22:48 - 1000000000 _____ () C:\Users\tom.sell\Downloads\REV_Samples.part2.rar
2014-11-03 22:29 - 2014-11-03 23:39 - 00000000 ____D () C:\Users\tom.sell\AppData\Local\Connect
2014-11-03 22:29 - 2014-11-03 22:39 - 1000000000 _____ () C:\Users\tom.sell\Downloads\REV_Samples.part1.rar
2014-11-03 22:29 - 2014-11-03 22:29 - 07241114 _____ () C:\Users\tom.sell\Downloads\REV_Extras_v4.rar
2014-11-03 22:29 - 2014-11-03 22:29 - 02267659 _____ () C:\Users\tom.sell\Downloads\REV_Instruments_V3_WM6860.zip
2014-11-03 22:29 - 2014-11-03 22:29 - 00000000 ____D () C:\Users\tom.sell\AppData\Roaming\WinRAR
2014-11-03 22:29 - 2013-10-24 07:46 - 00000000 ____D () C:\Users\tom.sell\Downloads\REV
2014-11-03 22:26 - 2014-11-03 22:29 - 00000000 ____D () C:\Program Files (x86)\Connect
2014-11-03 22:26 - 2014-11-03 22:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connect
2014-11-03 22:26 - 2013-04-03 00:29 - 00895488 _____ () C:\WINDOWS\SysWOW64\libstdc++-6.dll
2014-11-03 22:26 - 2013-04-03 00:29 - 00115200 _____ () C:\WINDOWS\SysWOW64\libgcc_s_sjlj-1.dll
2014-11-03 22:26 - 2013-04-03 00:29 - 00068608 _____ (MingW-W64 Project. All rights reserved.) C:\WINDOWS\SysWOW64\libwinpthread-1.dll
2014-11-03 22:26 - 2013-04-03 00:28 - 04425728 _____ (Digia Plc and/or its subsidiary(-ies)) C:\WINDOWS\SysWOW64\Qt5XmlPatterns.dll
2014-11-03 22:26 - 2013-04-03 00:28 - 02735616 _____ (Digia Plc and/or its subsidiary(-ies)) C:\WINDOWS\SysWOW64\Qt5Declarative.dll
2014-11-03 22:26 - 2013-04-03 00:28 - 01893376 _____ (Digia Plc and/or its subsidiary(-ies)) C:\WINDOWS\SysWOW64\Qt5Script.dll
2014-11-03 22:26 - 2013-04-03 00:28 - 01129984 _____ (Digia Plc and/or its subsidiary(-ies)) C:\WINDOWS\SysWOW64\Qt5Network.dll
2014-11-03 22:26 - 2013-04-03 00:28 - 00218624 _____ (Digia Plc and/or its subsidiary(-ies)) C:\WINDOWS\SysWOW64\Qt5Sql.dll
2014-11-03 22:26 - 2013-04-03 00:28 - 00206336 _____ (Digia Plc and/or its subsidiary(-ies)) C:\WINDOWS\SysWOW64\Qt5Xml.dll
2014-11-03 22:26 - 2013-04-03 00:27 - 18025758 _____ () C:\WINDOWS\SysWOW64\icudt49.dll
2014-11-03 22:26 - 2013-04-03 00:27 - 03090303 _____ () C:\WINDOWS\SysWOW64\icuin49.dll
2014-11-03 22:26 - 2013-04-03 00:27 - 01808899 _____ () C:\WINDOWS\SysWOW64\icuuc49.dll
2014-11-03 22:25 - 2014-11-03 22:26 - 26816232 _____ (Continuata) C:\Users\tom.sell\Downloads\Connect-2.2.2-windows-installer.exe
2014-11-03 22:19 - 2014-11-03 22:20 - 00057093 _____ () C:\Users\tom.sell\Downloads\Addition.txt
2014-11-03 22:18 - 2014-11-12 00:10 - 00019477 _____ () C:\Users\tom.sell\Downloads\FRST.txt
2014-11-03 22:18 - 2014-11-12 00:10 - 00000000 ____D () C:\FRST
2014-11-03 22:17 - 2014-11-12 00:10 - 02116096 _____ (Farbar) C:\Users\tom.sell\Downloads\FRST64.exe
2014-11-03 21:53 - 2014-11-03 21:53 - 00000000 __HDC () C:\ProgramData\{76FFBAB3-49CF-4AFC-A25D-A4BF2BF54F98}
2014-11-03 18:48 - 2014-11-03 18:48 - 00000000 ____D () C:\ProgramData\Synaptics
2014-11-03 16:15 - 2014-11-03 16:15 - 00000890 _____ () C:\Users\Public\Desktop\VoiceSupport.lnk
2014-11-03 16:15 - 2014-11-03 16:15 - 00000000 ____D () C:\Users\tom.sell\AppData\Roaming\TC-Helicon
2014-11-03 16:15 - 2014-11-03 16:15 - 00000000 ____D () C:\ProgramData\TC-Helicon
2014-11-03 16:15 - 2014-11-03 16:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TC-Helicon
2014-11-03 15:30 - 2014-11-11 22:30 - 00000000 ____D () C:\Users\tom.sell\Documents\Cubase LE AI Elements Projects
2014-11-03 15:30 - 2014-11-11 22:03 - 00000190 _____ () C:\Users\tom.sell\Maschine 2.log
2014-11-03 15:28 - 2014-11-04 15:07 - 00000000 ____D () C:\Users\tom.sell\AppData\Local\Native Instruments
2014-11-03 15:28 - 2014-11-03 15:29 - 00000000 ____D () C:\Users\Public\Documents\NI Resources
2014-11-03 15:27 - 2014-11-03 15:27 - 00000000 ____D () C:\Users\tom.sell\AppData\Local\Steinberg
2014-11-03 15:27 - 2014-11-03 15:27 - 00000000 ____D () C:\temp
2014-11-03 15:19 - 2014-11-04 09:38 - 00000000 ____D () C:\Users\tom.sell\Documents\VST3 Presets
2014-11-03 15:19 - 2014-11-03 15:19 - 00000000 ____D () C:\Users\tom.sell\Documents\Steinberg
2014-11-03 08:44 - 2014-11-03 08:44 - 00000000 ____D () C:\Users\tom.sell\AppData\Roaming\OpenOffice
2014-11-03 00:59 - 2014-11-03 15:48 - 00044032 ___SH () C:\Users\tom.sell\Downloads\Thumbs.db
2014-11-03 00:49 - 2014-11-07 12:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-03 00:49 - 2014-11-07 12:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-03 00:49 - 2014-11-03 00:49 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-03 00:49 - 2014-11-03 00:49 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-03 00:49 - 2014-11-03 00:49 - 00000000 ____D () C:\Users\tom.sell\AppData\Roaming\Mozilla
2014-11-03 00:49 - 2014-11-03 00:49 - 00000000 ____D () C:\Users\tom.sell\AppData\Local\Mozilla
2014-11-03 00:49 - 2014-11-03 00:49 - 00000000 ____D () C:\ProgramData\Mozilla
2014-11-03 00:48 - 2014-11-03 00:48 - 00244392 _____ () C:\Users\tom.sell\Downloads\Firefox Setup Stub 33.0.2.exe
2014-11-03 00:10 - 2014-11-03 00:10 - 00000000 __HDC () C:\ProgramData\{0209395A-8E4A-48E1-A5E3-C830292F263C}
2014-11-03 00:07 - 2014-11-03 00:07 - 00000000 __HDC () C:\ProgramData\{8D8448B4-DB2F-40BD-A53E-EA29A2EADDC4}
2014-11-03 00:06 - 2014-11-03 00:06 - 00000000 __HDC () C:\ProgramData\{0AC97609-465A-43C5-BFB1-6D167B8A2992}
2014-11-03 00:03 - 2014-11-03 00:03 - 00000000 __HDC () C:\ProgramData\{B18B6B47-547B-4884-B977-E30BBCB3C043}
2014-11-03 00:01 - 2014-11-03 00:01 - 00000000 __HDC () C:\ProgramData\{4849B481-B731-442E-B77C-529D90CCC597}
2014-11-03 00:01 - 2014-11-03 00:01 - 00000000 __HDC () C:\ProgramData\{074595B0-0A1C-4DFF-AA89-993E1954016E}
2014-11-03 00:01 - 2014-11-03 00:01 - 00000000 __HDC () C:\ProgramData\{03B61650-6A02-427E-8669-446D635453DD}
2014-11-03 00:00 - 2014-11-03 00:00 - 00000000 __HDC () C:\ProgramData\{8248E23A-B811-474B-951C-5AD780E7F743}
2014-11-02 23:58 - 2014-11-02 23:58 - 00000000 __HDC () C:\ProgramData\{FD92D0B0-0A9B-4DE8-9FC8-E01DDC7EFDFE}
2014-11-02 23:58 - 2014-11-02 23:58 - 00000000 __HDC () C:\ProgramData\{54AE0613-D8D9-4046-942B-60ED1FEC3F31}
2014-11-02 23:58 - 2014-11-02 23:58 - 00000000 __HDC () C:\ProgramData\{1EE2F726-1234-41B1-A064-86CD048C4BEB}
2014-11-02 23:55 - 2014-11-02 23:55 - 00001036 _____ () C:\Users\Public\Desktop\Reaktor 5.lnk
2014-11-02 23:55 - 2014-11-02 23:55 - 00000000 __HDC () C:\ProgramData\{74C22EF7-0C20-4B56-8F55-435BDB1563B7}
2014-11-02 23:47 - 2014-11-02 23:47 - 00000000 __HDC () C:\ProgramData\{57FDF829-2423-4B2C-BC58-B2D5E0640D32}
2014-11-02 23:46 - 2014-11-02 23:46 - 00001041 _____ () C:\Users\Public\Desktop\Kontakt 5.lnk
2014-11-02 23:46 - 2014-11-02 23:46 - 00000000 __HDC () C:\ProgramData\{E9F5F26E-A23D-4A16-BC5C-82B3C1A469F4}
2014-11-02 23:45 - 2014-11-02 23:45 - 00000000 __HDC () C:\ProgramData\{6773A69F-BAAF-4138-BA38-16B1C896C9B8}
2014-11-02 23:44 - 2014-11-02 23:44 - 00001041 _____ () C:\Users\Public\Desktop\Battery 4.lnk
2014-11-02 23:44 - 2014-11-02 23:44 - 00000000 __HDC () C:\ProgramData\{7D24EEA2-0A1F-4895-96A5-5AB3BCF6CD9B}
2014-11-02 23:39 - 2014-11-02 23:39 - 00001041 _____ () C:\Users\Public\Desktop\Absynth 5.lnk
2014-11-02 23:39 - 2014-11-02 23:39 - 00000000 __HDC () C:\ProgramData\{3D5B9BB4-F193-4C98-A3ED-DA66E4428347}
2014-11-02 23:20 - 2014-11-02 23:21 - 07464587 _____ () C:\Users\tom.sell\Documents\Reaktor_5_Manuals_Japanese.zip
2014-11-02 22:54 - 2014-11-02 22:54 - 00000000 __HDC () C:\ProgramData\{14C793C2-DC8C-4B43-9AA8-1930AA1BA7B1}
2014-11-02 22:50 - 2014-11-02 23:58 - 00000000 ____D () C:\Users\Public\Documents\Session Strings Library
2014-11-02 22:50 - 2014-11-02 22:50 - 00000000 __HDC () C:\ProgramData\{18AC294E-69C2-439D-83C0-DD30CCEAADC1}
2014-11-02 22:35 - 2014-11-02 22:36 - 00000000 ____D () C:\Users\Public\Documents\Scarbee Vintage Keys Library
2014-11-02 22:18 - 2014-11-03 00:06 - 00000000 ____D () C:\Users\Public\Documents\Studio Drummer Library
2014-11-02 22:18 - 2014-11-02 22:18 - 00000000 __HDC () C:\ProgramData\{67244478-747E-4316-A1C2-AA144AD80E9F}
2014-11-02 22:11 - 2014-11-02 22:11 - 00000000 ____D () C:\Users\Public\Documents\Scarbee MM-Bass Library
2014-11-02 22:02 - 2014-11-03 00:03 - 00000000 ____D () C:\Users\Public\Documents\Retro Machines Mk2 Library
2014-11-02 21:56 - 2014-11-03 00:07 - 00000000 ____D () C:\Users\Public\Documents\Vienna Concert Grand Library
2014-11-02 21:49 - 2014-11-03 00:01 - 00000000 ____D () C:\Users\Public\Documents\Upright Piano Library
2014-11-02 21:39 - 2014-11-03 00:00 - 00000000 ____D () C:\Users\Public\Documents\The Giant Library
2014-11-02 21:37 - 2014-11-03 00:01 - 00000000 ____D () C:\Users\Public\Documents\Vintage Organs Library
2014-11-02 21:37 - 2014-11-02 21:37 - 00000000 __HDC () C:\ProgramData\{6A61267E-3EAE-44E0-8F89-303BD9C17A29}
2014-11-02 21:30 - 2014-11-02 21:30 - 00000000 ____D () C:\Users\Public\Documents\New York Concert Grand Library
2014-11-02 21:22 - 2014-11-02 23:45 - 00000000 ____D () C:\Users\Public\Documents\Berlin Concert Grand Library
2014-11-02 21:19 - 2014-11-03 00:01 - 00000000 ____D () C:\Users\Public\Documents\West Africa Library
2014-11-02 21:19 - 2014-11-02 21:19 - 00000000 __HDC () C:\ProgramData\{CAB4E1BF-2018-4887-B55C-575BDBB8FD1E}
2014-11-02 21:03 - 2014-11-02 21:04 - 00000000 ____D () C:\Users\Public\Documents\Abbey Road 60s Drummer Library
2014-11-02 21:03 - 2014-11-02 21:03 - 00000000 __HDC () C:\ProgramData\{2D883E3C-90AB-41FA-B9E4-311F9E7C2A14}
2014-11-02 20:04 - 2014-11-02 20:05 - 00000000 ____D () C:\Users\Public\Documents\Kontakt Factory Library
2014-11-02 20:04 - 2014-11-02 20:04 - 00000000 __HDC () C:\ProgramData\{1C9001D2-6872-473E-9E97-53294DDB798B}
2014-11-02 13:19 - 2014-11-02 19:56 - 00000000 ____D () C:\Users\Public\Documents\Battery 4 Factory Library
2014-11-02 13:18 - 2014-11-02 23:58 - 00000000 ____D () C:\Users\Public\Documents\Reaktor Spark R2
2014-11-02 13:18 - 2014-11-02 23:58 - 00000000 ____D () C:\Users\Public\Documents\Reaktor Prism
2014-11-02 13:18 - 2014-11-02 23:47 - 00000000 ____D () C:\Users\Public\Documents\Monark
2014-11-02 13:18 - 2014-11-02 13:18 - 00000000 __HDC () C:\ProgramData\{F1644A77-BF1A-4D0C-8789-6BA7F0834C72}
2014-11-02 13:18 - 2014-11-02 13:18 - 00000000 __HDC () C:\ProgramData\{5F2B98DC-7010-44BE-9616-53676A8FBA13}
2014-11-02 13:18 - 2014-11-02 13:18 - 00000000 __HDC () C:\ProgramData\{0F1E078A-3F7A-41F5-BE51-4B019DD5DB4E}
2014-11-02 13:18 - 2014-11-02 13:18 - 00000000 ____D () C:\Users\Public\Documents\The Finger R2
2014-11-02 13:18 - 2014-11-02 13:18 - 00000000 ____D () C:\Users\Public\Documents\Reflektor for Maschine
2014-11-02 13:18 - 2014-11-02 13:18 - 00000000 ____D () C:\Users\Public\Documents\Guitar Rig Pro Library for Maschine
2014-11-02 13:16 - 2014-11-02 13:17 - 00000000 ____D () C:\Users\Public\Documents\Reflektor
2014-11-02 13:16 - 2014-11-02 13:16 - 00000000 __HDC () C:\ProgramData\{91F8282C-55B9-4192-A174-9D4CC5F05C4E}
2014-11-02 13:16 - 2014-11-02 13:16 - 00000000 __HDC () C:\ProgramData\{1824D869-D647-4A7A-9CEB-F5131CE3A3AE}
2014-11-02 13:16 - 2014-11-02 13:16 - 00000000 ____D () C:\Users\Public\Documents\Rammfire for Maschine
2014-11-02 13:15 - 2014-11-02 13:15 - 00000000 __HDC () C:\ProgramData\{B1016DD2-1CBB-46A1-AD51-5C15BCE86C01}
2014-11-02 13:15 - 2014-11-02 13:15 - 00000000 __HDC () C:\ProgramData\{A994C34C-107B-4346-9F6A-09D521AABDB5}
2014-11-02 13:14 - 2014-11-02 13:14 - 00000000 __HDC () C:\ProgramData\{B8873D79-7DBD-4E8A-BBD4-01135CDEFA9B}
2014-11-02 13:14 - 2014-11-02 13:14 - 00000000 __HDC () C:\ProgramData\{97690A93-917B-4E0B-801B-143678B2B5AC}
2014-11-02 13:06 - 2014-11-02 13:06 - 00001017 _____ () C:\Users\Public\Desktop\Massive.lnk
2014-11-02 13:06 - 2014-11-02 13:06 - 00000000 __HDC () C:\ProgramData\{C5A9D49F-FB00-46E2-BB29-AC4E9A6B75F6}
2014-11-02 13:01 - 2014-11-02 13:01 - 00001071 _____ () C:\Users\Public\Desktop\Guitar Rig 5.lnk
2014-11-02 13:01 - 2014-11-02 13:01 - 00000000 __HDC () C:\ProgramData\{3A20D009-047D-496D-9874-DF40CA126D3C}
2014-11-02 12:57 - 2014-11-02 12:57 - 00000969 _____ () C:\Users\Public\Desktop\FM8.lnk
2014-11-02 12:57 - 2014-11-02 12:57 - 00000000 __HDC () C:\ProgramData\{DB7509C6-0DDF-4EF8-8E9B-337C8CE69188}
2014-11-02 12:33 - 2014-11-10 14:35 - 00046080 ___SH () C:\Users\tom.sell\Desktop\Thumbs.db
2014-11-02 12:28 - 2014-11-02 12:28 - 00000000 ____D () C:\Users\Public\Documents\Rammfire
2014-11-02 12:22 - 2014-11-02 12:22 - 00000000 __HDC () C:\ProgramData\{FD1615C0-ED4A-4CEB-94C3-1850BF1BAA6A}
2014-11-02 12:22 - 2014-11-02 12:22 - 00000000 __HDC () C:\ProgramData\{E70386C6-507F-4906-86C2-96C1066BA097}
2014-11-02 12:22 - 2014-11-02 12:22 - 00000000 __HDC () C:\ProgramData\{C0AE4A98-3E1D-45FB-8465-ECCCB391E633}
2014-11-02 02:06 - 2014-11-02 02:06 - 00001051 _____ () C:\Users\Public\Desktop\Maschine 2.lnk
2014-11-02 02:06 - 2014-11-02 02:06 - 00000000 __HDC () C:\ProgramData\{A325EC6C-E085-4D6A-82AC-E59788232523}
2014-11-02 02:02 - 2014-11-02 02:02 - 00000000 __HDC () C:\ProgramData\{1406CED2-9A2C-427C-9985-C9D766994EA3}
2014-11-02 01:51 - 2014-11-02 01:51 - 00000000 __HDC () C:\ProgramData\{F7653A69-5B40-49AF-99F8-BAE9C2E80F0F}
2014-11-02 01:50 - 2014-11-02 01:50 - 00000000 ____D () C:\Users\Public\Documents\Resonant Blaze Library
2014-11-02 01:35 - 2014-11-02 01:35 - 00000000 ____D () C:\Users\Public\Documents\Maschine 2 Library
2014-11-02 01:05 - 2014-11-02 01:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaveLab LE 8
2014-11-02 01:05 - 2014-11-02 01:05 - 00000000 ____D () C:\Program Files\Common Files\Steinberg
2014-11-02 00:43 - 2014-11-04 01:47 - 00000000 ____D () C:\Users\tom.sell\Documents\Native Instruments
2014-11-02 00:30 - 2014-11-04 02:09 - 00000000 ____D () C:\Program Files\Native Instruments
2014-11-02 00:30 - 2014-11-04 02:07 - 00000000 ____D () C:\Program Files\Common Files\Native Instruments
2014-11-02 00:30 - 2014-11-04 02:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2014-11-02 00:30 - 2014-11-04 01:19 - 00000000 ____D () C:\ProgramData\Native Instruments
2014-11-02 00:30 - 2014-11-04 01:14 - 00001086 _____ () C:\Users\Public\Desktop\Service Center.lnk
2014-11-02 00:30 - 2014-11-02 00:30 - 00000000 __HDC () C:\ProgramData\{F57C376F-E7ED-4527-9EE2-4D50799418BC}
2014-11-02 00:30 - 2014-11-02 00:30 - 00000000 __HDC () C:\ProgramData\{B49C92CB-1A73-4A41-A84C-5091582E7AA8}
2014-11-02 00:30 - 2014-11-02 00:30 - 00000000 __HDC () C:\ProgramData\{9C588B44-42B6-434D-90BD-824BBB1F328A}
2014-11-02 00:30 - 2014-11-02 00:30 - 00000000 __HDC () C:\ProgramData\{81B3FE58-8826-44EC-8271-083D201CEA19}
2014-11-02 00:30 - 2014-11-02 00:30 - 00000000 __HDC () C:\ProgramData\{6495CC1D-C10B-40C5-A92B-241A2B2C8D20}
2014-11-02 00:25 - 2014-11-02 00:25 - 00001132 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2014-11-02 00:25 - 2014-11-02 00:25 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-11-02 00:25 - 2014-11-02 00:25 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-11-01 23:54 - 2014-11-01 23:54 - 00000000 ____D () C:\Users\tom.sell\AppData\Roaming\Nitro
2014-11-01 23:54 - 2014-11-01 23:54 - 00000000 ____D () C:\Users\tom.sell\AppData\Roaming\FileOpen
2014-11-01 23:54 - 2014-11-01 23:54 - 00000000 ____D () C:\ProgramData\FileOpen
2014-11-01 23:49 - 2014-11-01 23:49 - 00112408 _____ () C:\WINDOWS\system32\Drivers\NIWinCDEmu.sys
2014-11-01 23:49 - 2014-11-01 23:49 - 00000000 ____D () C:\Program Files (x86)\Native Instruments
2014-11-01 23:39 - 2014-11-01 23:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-11-01 17:13 - 2014-11-01 17:13 - 00000000 ____D () C:\Users\tom.sell\AppData\Local\eLicenser
2014-11-01 17:07 - 2014-11-01 17:07 - 00000000 ____D () C:\ProgramData\Steinberg
2014-11-01 17:06 - 2014-11-04 14:23 - 00000000 ____D () C:\Users\tom.sell\AppData\Roaming\Steinberg
2014-11-01 17:06 - 2014-11-03 23:20 - 00000000 ____D () C:\Program Files (x86)\Steinberg
2014-11-01 15:44 - 2014-11-02 00:59 - 00000000 ____D () C:\Program Files (x86)\eLicenser
2014-11-01 15:44 - 2014-11-01 15:44 - 00000049 _____ () C:\WINDOWS\SysWOW64\SYNSOPOS.exe.cfg
2014-11-01 15:44 - 2014-11-01 15:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLicenser
2014-11-01 15:44 - 2014-11-01 15:44 - 00000000 ____D () C:\Program Files\eLicenser
2014-11-01 15:44 - 2014-11-01 15:44 - 00000000 ____D () C:\Program Files (x86)\Syncrosoft
2014-11-01 15:44 - 2012-12-07 16:48 - 01714176 _____ (Steinberg Media Technologies GmbH) C:\WINDOWS\system32\SYNSOACC.dll
2014-11-01 15:44 - 2012-12-07 16:48 - 01277952 _____ (Steinberg Media Technologies GmbH) C:\WINDOWS\SysWOW64\SYNSOACC.dll
2014-11-01 15:44 - 2011-12-14 20:21 - 00086016 _____ () C:\WINDOWS\SysWOW64\SYNSOPOS.exe
2014-11-01 15:43 - 2014-11-01 15:43 - 00001180 _____ () C:\Users\tom.sell\Desktop\Analog Lab.lnk
2014-11-01 15:43 - 2014-11-01 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arturia
2014-11-01 15:42 - 2014-11-01 15:42 - 00000000 ____D () C:\Program Files\VstPlugins
2014-11-01 15:42 - 2014-11-01 15:42 - 00000000 ____D () C:\Program Files\Common Files\VST3
2014-11-01 15:42 - 2014-11-01 15:42 - 00000000 ____D () C:\Program Files\Common Files\Avid
2014-11-01 15:42 - 2014-11-01 15:42 - 00000000 ____D () C:\Program Files (x86)\VstPlugins
2014-11-01 15:42 - 2014-11-01 15:42 - 00000000 ____D () C:\Program Files (x86)\Arturia
2014-11-01 14:55 - 2014-11-01 14:55 - 00002892 _____ () C:\WINDOWS\SysWOW64\audcon.sys
2014-11-01 14:55 - 2014-11-01 14:55 - 00000000 ____D () C:\ProgramData\Syncrosoft
2014-11-01 14:54 - 2014-11-04 02:06 - 00377024 _____ () C:\WINDOWS\DPINST.LOG
2014-11-01 14:54 - 2014-11-01 15:44 - 00000000 ____D () C:\ProgramData\eLicenser
2014-11-01 14:52 - 2014-11-04 14:10 - 00000000 ____D () C:\ProgramData\Arturia
2014-11-01 14:34 - 2014-11-01 14:34 - 00000000 ____D () C:\Users\tom.sell\AppData\Roaming\ProductData
2014-11-01 14:33 - 2014-11-04 02:08 - 00000300 _____ () C:\WINDOWS\Tasks\Uninstaller_SkipUac_tom.sell.job
2014-11-01 14:33 - 2014-11-01 14:33 - 00002406 _____ () C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_tom.sell
2014-11-01 14:32 - 2014-11-01 14:32 - 00001279 _____ () C:\Users\tom.sell\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-11-01 14:32 - 2014-11-01 14:32 - 00001255 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-11-01 14:15 - 2014-11-01 14:15 - 23510675 _____ () C:\Users\tom.sell\Downloads\WaterscapesMarkNelson.themepack
2014-11-01 14:15 - 2014-11-01 14:15 - 14505226 _____ () C:\Users\tom.sell\Downloads\RelicsOfTheSea.themepack
2014-11-01 14:15 - 2014-11-01 14:15 - 11278409 _____ () C:\Users\tom.sell\Downloads\Reflections.themepack
2014-11-01 14:15 - 2014-11-01 14:15 - 08050514 _____ () C:\Users\tom.sell\Downloads\TheMilkyWay.themepack
2014-11-01 14:15 - 2014-11-01 14:15 - 05410226 _____ () C:\Users\tom.sell\Downloads\EscapeHuynhNhuNguyenMinhTruc.themepack
2014-11-01 14:14 - 2014-11-01 14:14 - 09236757 _____ () C:\Users\tom.sell\Downloads\RavensAndCrows.themepack
2014-11-01 14:06 - 2014-11-12 00:01 - 00000000 __RDO () C:\Users\tom.sell\OneDrive
2014-11-01 13:34 - 2014-11-01 13:34 - 01706359 _____ (Thisisu) C:\Users\tom.sell\Downloads\JRT.exe
2014-11-01 13:33 - 2014-11-01 13:33 - 01998336 _____ () C:\Users\tom.sell\Downloads\AdwCleaner_4.002.exe
2014-11-01 11:43 - 2014-11-01 11:43 - 00010161 _____ () C:\WINDOWS\DirectX.log
2014-11-01 11:43 - 2013-04-03 00:27 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2014-11-01 11:43 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2014-11-01 11:43 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2014-11-01 11:43 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2014-11-01 11:43 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2014-11-01 11:43 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2014-11-01 11:43 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2014-11-01 11:43 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2014-11-01 11:43 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2014-11-01 11:43 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2014-11-01 11:43 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2014-11-01 11:43 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2014-11-01 11:43 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2014-11-01 11:43 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2014-11-01 11:43 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2014-11-01 11:43 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2014-11-01 11:43 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2014-11-01 11:43 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2014-11-01 11:43 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2014-11-01 11:43 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2014-11-01 11:43 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2014-11-01 11:43 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2014-11-01 11:43 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2014-11-01 11:43 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2014-11-01 11:43 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2014-11-01 11:43 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2014-11-01 11:43 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2014-11-01 11:43 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2014-11-01 11:43 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2014-11-01 11:43 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2014-11-01 11:43 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2014-11-01 11:43 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2014-11-01 11:43 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2014-11-01 11:43 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2014-11-01 11:43 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2014-11-01 11:43 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2014-11-01 11:43 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2014-11-01 11:43 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2014-11-01 11:43 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2014-11-01 11:43 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2014-11-01 11:43 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2014-11-01 11:43 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2014-11-01 11:43 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2014-11-01 11:43 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2014-11-01 11:43 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2014-11-01 11:43 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2014-11-01 11:43 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2014-11-01 11:43 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2014-11-01 11:43 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2014-11-01 11:43 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2014-11-01 11:43 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2014-11-01 11:43 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2014-11-01 11:43 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2014-11-01 11:43 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2014-11-01 11:43 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2014-11-01 11:43 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2014-11-01 11:43 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2014-11-01 11:43 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2014-11-01 11:43 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2014-11-01 11:43 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2014-11-01 11:43 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2014-11-01 11:43 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2014-11-01 11:43 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2014-11-01 11:43 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2014-11-01 11:43 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2014-11-01 11:43 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2014-11-01 11:43 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2014-11-01 11:43 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2014-11-01 11:43 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2014-11-01 11:43 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2014-11-01 11:43 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2014-11-01 11:43 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2014-11-01 11:43 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2014-11-01 11:43 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2014-11-01 11:43 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2014-11-01 11:43 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2014-11-01 11:43 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2014-11-01 11:43 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2014-11-01 11:43 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2014-11-01 11:43 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2014-11-01 11:43 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2014-11-01 11:43 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2014-11-01 11:43 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2014-11-01 11:43 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2014-11-01 11:43 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2014-11-01 11:43 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2014-11-01 11:43 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2014-11-01 11:43 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2014-11-01 11:43 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2014-11-01 11:43 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2014-11-01 11:43 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2014-11-01 11:43 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2014-11-01 11:43 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2014-11-01 11:43 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2014-11-01 11:43 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2014-11-01 11:43 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2014-11-01 11:43 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2014-11-01 11:43 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2014-11-01 11:43 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2014-11-01 11:43 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2014-11-01 11:43 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2014-11-01 11:43 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2014-11-01 11:43 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2014-11-01 11:43 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2014-11-01 11:43 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2014-11-01 11:43 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2014-11-01 11:43 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2014-11-01 11:43 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2014-11-01 11:43 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2014-11-01 11:43 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2014-11-01 11:43 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2014-11-01 11:43 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2014-11-01 11:43 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2014-11-01 11:43 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2014-11-01 11:43 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2014-11-01 11:43 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2014-11-01 11:43 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2014-11-01 11:43 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2014-11-01 11:43 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2014-11-01 11:43 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2014-11-01 11:43 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2014-11-01 11:43 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2014-11-01 11:43 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2014-11-01 11:43 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2014-11-01 11:43 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2014-11-01 11:43 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2014-11-01 11:43 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2014-11-01 11:43 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2014-11-01 11:43 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2014-11-01 11:43 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2014-11-01 11:43 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2014-11-01 11:43 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2014-11-01 11:43 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2014-11-01 11:43 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2014-11-01 11:43 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2014-11-01 11:43 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2014-11-01 11:43 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2014-11-01 11:43 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2014-11-01 11:43 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2014-11-01 11:43 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2014-11-01 11:43 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2014-11-01 11:43 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2014-11-01 11:43 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2014-11-01 11:43 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2014-11-01 11:43 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2014-11-01 11:43 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2014-11-01 11:43 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2014-11-01 11:43 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2014-11-01 11:43 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2014-11-01 11:43 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2014-11-01 11:43 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2014-11-01 11:43 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2014-11-01 11:43 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2014-11-01 11:43 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2014-11-01 11:43 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2014-11-01 11:43 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2014-11-01 11:43 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2014-11-01 11:43 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2014-11-01 11:43 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2014-11-01 11:43 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2014-11-01 11:43 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2014-11-01 11:43 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2014-11-01 11:43 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2014-11-01 11:43 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2014-11-01 11:43 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2014-11-01 11:43 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2014-11-01 11:43 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2014-11-01 11:43 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2014-11-01 11:43 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2014-11-01 11:43 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2014-11-01 11:43 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2014-11-01 11:43 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2014-11-01 11:43 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2014-11-01 11:43 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2014-11-01 11:43 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2014-11-01 11:43 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2014-11-01 11:43 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2014-11-01 11:43 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2014-11-01 11:43 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2014-11-01 11:43 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2014-11-01 11:43 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2014-11-01 11:43 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2014-11-01 11:42 - 2014-11-01 11:42 - 00000000 ____D () C:\Users\tom.sell\AppData\Local\Adobe
2014-11-01 11:42 - 2014-11-01 11:42 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-11-01 11:41 - 2014-11-01 11:41 - 01795952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2014-11-01 11:41 - 2014-11-01 11:41 - 01078272 _____ () C:\WINDOWS\system32\331prx64.ax
2014-11-01 11:41 - 2014-11-01 11:41 - 01065344 _____ (Vimicro Corporation) C:\WINDOWS\system32\Drivers\vm331avs.sys
2014-11-01 11:41 - 2014-11-01 11:41 - 00667648 _____ () C:\WINDOWS\SysWOW64\vmprp331.ax
2014-11-01 11:41 - 2014-11-01 11:41 - 00125952 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverx64.sys
2014-11-01 11:41 - 2014-11-01 11:41 - 00001988 _____ () C:\WINDOWS\vm331Rmv.ini
2014-11-01 11:41 - 2014-11-01 11:41 - 00001988 _____ () C:\WINDOWS\SysWOW64\vm331Rmv.ini
2014-11-01 11:41 - 2014-11-01 11:41 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-11-01 11:40 - 2014-11-01 11:40 - 03301592 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\rtwlane.sys
2014-11-01 11:40 - 2014-11-01 11:40 - 00874712 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2014-11-01 11:40 - 2014-11-01 11:40 - 00558296 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtkBtfilter.sys
2014-11-01 11:40 - 2014-11-01 11:40 - 00073800 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2014-11-01 11:39 - 2014-11-01 11:41 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-11-01 11:38 - 2014-11-01 11:38 - 60636160 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2014-11-01 11:38 - 2014-11-01 11:38 - 28343384 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioVnA64.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 14863448 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 12894808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 06218072 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 05804772 _____ () C:\WINDOWS\system32\Drivers\rtvienna.dat
2014-11-01 11:38 - 2014-11-01 11:38 - 05751048 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 03962840 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2014-11-01 11:38 - 2014-11-01 11:38 - 03959384 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioVnN64.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 02834648 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 02800344 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 02770976 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 02162992 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 02117424 _____ () C:\WINDOWS\system32\SStudio.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 02101848 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 02041432 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 01959128 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2014-11-01 11:38 - 2014-11-01 11:38 - 01939800 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 01934424 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek264.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 01317976 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 01313904 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 01286872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 01168472 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 01136728 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 01099203 _____ () C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2014-11-01 11:38 - 2014-11-01 11:38 - 01063512 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 01048824 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 01022168 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 00956504 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 00948952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 00947760 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 00942384 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOSettingsIPC.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 00900696 _____ (Waves Audio Ltd.) C:\WINDOWS\SysWOW64\MaxxAudioAPOShell.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 00889592 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 00724728 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 00663296 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 00662784 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 00628952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 00501184 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 00487360 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 00415680 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 00315736 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 00291488 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 00261464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 00246008 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 00209096 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2014-11-01 11:38 - 2014-11-01 11:38 - 00033592 _____ () C:\WINDOWS\system32\audioLibVc.dll
2014-11-01 11:33 - 2014-11-12 00:01 - 00002860 _____ () C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (tom.sell)
2014-11-01 11:33 - 2014-11-10 13:42 - 00000000 ____D () C:\ProgramData\ProductData
2014-11-01 11:33 - 2014-11-01 14:34 - 00000000 ____D () C:\ProgramData\IObit
2014-11-01 11:33 - 2014-11-01 14:32 - 00000000 ____D () C:\Users\tom.sell\AppData\Roaming\IObit
2014-11-01 11:33 - 2014-11-01 14:32 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-11-01 11:33 - 2014-11-01 11:43 - 00002173 _____ () C:\Users\Public\Desktop\Driver Booster 2.lnk
2014-11-01 11:33 - 2014-11-01 11:33 - 00003220 _____ () C:\WINDOWS\System32\Tasks\Driver Booster Scan
2014-11-01 11:33 - 2014-11-01 11:33 - 00003164 _____ () C:\WINDOWS\System32\Tasks\Driver Booster Update
2014-11-01 11:33 - 2014-11-01 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2014-11-01 11:32 - 2014-11-01 11:32 - 10025704 _____ (IObit ) C:\Users\tom.sell\Downloads\driver_booster_setup (1).exe
2014-11-01 11:31 - 2014-11-01 11:32 - 10025704 _____ (IObit ) C:\Users\tom.sell\Downloads\driver_booster_setup.exe
2014-11-01 10:27 - 2014-11-01 10:27 - 00001583 _____ () C:\Users\tom.sell\Desktop\egui - Verknüpfung.lnk
2014-11-01 10:15 - 2014-11-01 10:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-11-01 10:15 - 2014-11-01 10:15 - 00000000 ____D () C:\ProgramData\ESET
2014-11-01 10:15 - 2014-11-01 10:15 - 00000000 ____D () C:\Program Files\ESET
2014-11-01 10:08 - 2014-11-01 10:08 - 00000000 ____D () C:\Users\tom.sell\AppData\Roaming\ESET
2014-11-01 10:08 - 2014-11-01 10:08 - 00000000 ____D () C:\Users\tom.sell\AppData\Local\ESET
2014-11-01 09:34 - 2014-11-01 09:34 - 00000118 _____ () C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-11-01 09:23 - 2013-10-29 16:46 - 00048636 _____ () C:\WINDOWS\system32\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8812ae_new.dll
2014-11-01 09:23 - 2013-10-29 16:46 - 00044316 _____ () C:\WINDOWS\system32\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_new.dll
2014-11-01 09:23 - 2013-10-29 16:46 - 00039236 _____ () C:\WINDOWS\system32\rtl8723b_mp_chip_bt40_fw_asic_rom_patch_new.dll
2014-11-01 09:23 - 2013-10-29 16:45 - 00046260 _____ () C:\WINDOWS\system32\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8192ee_new.dll
2014-11-01 09:23 - 2013-10-29 16:45 - 00046260 _____ () C:\WINDOWS\system32\rtl8761a_bcut_bt40_fw_asic_rom_patch_new.dll
2014-11-01 09:23 - 2013-10-29 16:45 - 00044492 _____ () C:\WINDOWS\system32\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8192eu_new.dll
2014-11-01 09:23 - 2013-10-22 14:28 - 00027892 _____ () C:\WINDOWS\system32\rtl8821a_mp_chip_bt40_fw_asic_rom_patch_new.dll
2014-11-01 09:23 - 2013-10-08 16:00 - 00040916 _____ () C:\WINDOWS\system32\rlt8723a_chip_bt40_fw_asic_rom_patch.dll
2014-11-01 09:23 - 2013-07-29 13:46 - 00002380 _____ () C:\WINDOWS\PidVid_List.txt
2014-11-01 09:23 - 2013-05-20 16:55 - 00006752 _____ () C:\WINDOWS\system32\rtl8723b_chip_bt40_fw_asic_rom_patch.dll
2014-11-01 09:23 - 2013-04-23 13:55 - 00003372 _____ () C:\WINDOWS\system32\bt_only_chip_bt40_fw_asic_rom_patch.dll
2014-11-01 03:07 - 2014-11-01 03:07 - 00000000 _____ () C:\Recovery.txt
2014-11-01 03:02 - 2014-10-30 12:25 - 00275080 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-11-01 03:01 - 2014-11-01 03:01 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-11-01 02:59 - 2014-11-01 03:00 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-11-01 02:59 - 2014-10-03 10:02 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-11-01 02:57 - 2014-11-01 02:57 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-11-01 02:57 - 2014-11-01 02:57 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-11-01 02:57 - 2014-11-01 02:57 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-11-01 02:51 - 2014-09-10 07:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-11-01 02:51 - 2014-09-08 04:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-11-01 02:51 - 2014-09-08 04:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-11-01 02:51 - 2014-09-07 23:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-11-01 02:51 - 2014-09-04 23:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-11-01 02:51 - 2014-09-04 23:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-11-01 02:51 - 2014-09-04 04:15 - 00561416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-11-01 02:51 - 2014-09-04 04:14 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-11-01 02:51 - 2014-09-04 04:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-11-01 02:51 - 2014-09-04 03:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-11-01 02:51 - 2014-09-04 02:19 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-11-01 02:51 - 2014-09-04 02:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-11-01 02:51 - 2014-09-04 01:45 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-11-01 02:51 - 2014-09-04 01:41 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-11-01 02:51 - 2014-09-04 01:36 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-11-01 02:51 - 2014-09-04 01:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-11-01 02:51 - 2014-09-04 01:15 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-11-01 02:51 - 2014-08-31 01:17 - 00148800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-11-01 02:51 - 2014-08-31 01:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-11-01 02:51 - 2014-08-30 23:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-11-01 02:51 - 2014-08-30 23:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2014-11-01 02:51 - 2014-08-30 22:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2014-11-01 02:51 - 2014-08-30 22:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-11-01 02:51 - 2014-08-30 21:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2014-11-01 02:51 - 2014-08-30 21:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-11-01 02:51 - 2014-08-28 03:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-11-01 02:51 - 2014-08-28 01:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-11-01 02:51 - 2014-08-28 01:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-11-01 02:51 - 2014-08-23 06:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-11-01 02:51 - 2014-08-23 06:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-11-01 02:51 - 2014-08-23 05:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-11-01 02:51 - 2014-08-02 01:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-11-01 02:51 - 2014-08-02 01:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-11-01 02:49 - 2014-08-15 01:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-11-01 02:49 - 2014-07-15 19:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-11-01 02:49 - 2014-07-15 09:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-11-01 02:49 - 2014-07-15 09:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-11-01 02:49 - 2014-07-15 09:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-11-01 02:49 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-11-01 02:49 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-11-01 02:48 - 2014-08-23 08:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-11-01 02:48 - 2014-08-23 08:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-11-01 02:48 - 2014-08-23 07:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-11-01 02:48 - 2014-08-23 06:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-11-01 02:48 - 2014-08-23 05:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-11-01 02:48 - 2014-08-23 05:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-11-01 02:48 - 2014-08-23 05:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-11-01 02:48 - 2014-08-16 05:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-11-01 02:48 - 2014-08-16 05:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-11-01 02:48 - 2014-08-16 04:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-11-01 02:48 - 2014-08-16 04:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-11-01 02:48 - 2014-08-16 04:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-11-01 02:48 - 2014-08-16 02:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-11-01 02:48 - 2014-08-16 02:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-11-01 02:48 - 2014-08-16 01:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-11-01 02:48 - 2014-08-16 01:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-11-01 02:48 - 2014-08-16 01:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-11-01 02:48 - 2014-08-16 01:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-11-01 02:48 - 2014-08-16 01:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-11-01 02:48 - 2014-08-16 01:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-11-01 02:48 - 2014-08-16 01:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-11-01 02:48 - 2014-08-16 01:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-11-01 02:48 - 2014-08-16 01:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-01 02:48 - 2014-08-16 01:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-11-01 02:48 - 2014-08-16 01:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-11-01 02:48 - 2014-08-16 01:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-11-01 02:48 - 2014-08-16 01:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-01 02:48 - 2014-08-16 01:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-11-01 02:48 - 2014-08-16 01:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-11-01 02:48 - 2014-08-16 01:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-11-01 02:48 - 2014-08-16 01:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-11-01 02:48 - 2014-08-16 01:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-11-01 02:48 - 2014-08-16 01:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-11-01 02:48 - 2014-08-16 01:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-11-01 02:48 - 2014-08-16 01:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-11-01 02:48 - 2014-08-16 01:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-11-01 02:48 - 2014-08-16 01:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-11-01 02:48 - 2014-07-24 04:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-11-01 02:48 - 2014-07-24 04:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-11-01 02:48 - 2014-06-02 03:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-11-01 02:48 - 2014-05-31 07:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-11-01 02:48 - 2014-05-31 07:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-11-01 02:48 - 2014-05-31 05:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-11-01 02:48 - 2014-05-31 05:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-11-01 02:48 - 2014-05-31 05:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-11-01 02:48 - 2014-05-27 10:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-11-01 02:48 - 2014-05-27 10:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-11-01 02:48 - 2014-05-03 06:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-11-01 02:48 - 2014-05-03 06:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-11-01 02:48 - 2014-05-03 06:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-11-01 02:48 - 2014-05-03 06:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-11-01 02:48 - 2014-05-03 05:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-11-01 02:48 - 2014-05-03 05:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-11-01 02:48 - 2014-05-03 05:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-11-01 02:48 - 2014-05-03 00:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-11-01 02:48 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-11-01 02:48 - 2014-04-30 07:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-11-01 02:48 - 2014-04-30 07:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-11-01 02:48 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-11-01 02:48 - 2014-04-30 06:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-11-01 02:48 - 2014-04-30 05:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-11-01 02:48 - 2014-04-30 05:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-11-01 02:48 - 2014-04-30 05:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-11-01 02:48 - 2014-04-30 05:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-11-01 02:48 - 2014-04-30 05:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-11-01 02:48 - 2014-04-30 05:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-11-01 02:48 - 2014-04-30 04:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-11-01 02:48 - 2014-04-30 04:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-11-01 02:48 - 2014-04-30 04:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-11-01 02:48 - 2014-04-30 04:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-11-01 02:48 - 2014-04-30 04:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-11-01 02:48 - 2014-04-30 04:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-11-01 02:48 - 2014-04-28 23:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-11-01 02:48 - 2014-04-26 17:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-11-01 02:48 - 2014-04-14 10:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-11-01 02:48 - 2014-04-14 09:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-11-01 02:48 - 2014-04-14 06:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-11-01 02:47 - 2014-10-09 23:16 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-11-01 02:47 - 2014-10-08 23:09 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-11-01 02:47 - 2014-09-19 02:24 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-11-01 02:47 - 2014-09-05 03:36 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-11-01 02:47 - 2014-08-02 01:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-11-01 02:47 - 2014-07-12 05:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-11-01 02:47 - 2014-07-10 05:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll
2014-11-01 02:35 - 2014-11-01 02:35 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-11-01 02:27 - 2014-11-01 02:27 - 00001461 _____ () C:\Users\tom.sell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-01 02:27 - 2014-11-01 02:27 - 00000425 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-11-01 02:27 - 2014-11-01 02:27 - 00000020 ___SH () C:\Users\tom.sell\ntuser.ini
2014-10-31 22:17 - 2014-10-31 22:17 - 00034271 _____ () C:\WINDOWS\SysWOW64\QuickControlService.dmp
2014-10-31 21:59 - 2014-10-31 21:59 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-10-31 21:59 - 2014-10-31 21:59 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-10-31 21:59 - 2014-10-31 21:59 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-10-31 21:59 - 2014-10-31 21:59 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-10-31 21:59 - 2014-10-31 21:59 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-10-31 21:59 - 2014-10-31 21:59 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-10-31 21:59 - 2014-10-31 21:59 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-10-31 21:59 - 2014-10-31 21:59 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-10-31 21:59 - 2014-10-31 21:59 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-31 21:59 - 2014-10-31 21:59 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-10-31 21:59 - 2014-10-31 21:59 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-10-31 21:59 - 2014-10-31 21:59 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-10-31 21:59 - 2014-10-31 21:59 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-10-31 21:59 - 2014-10-31 21:59 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-10-31 21:59 - 2014-10-31 21:59 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-31 21:59 - 2014-10-31 21:59 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-10-31 21:59 - 2014-10-31 21:59 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-10-31 21:58 - 2014-10-31 21:58 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-10-31 21:51 - 2014-10-31 21:51 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-10-31 21:51 - 2014-10-31 21:51 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-10-31 21:50 - 2014-10-31 21:50 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-31 21:48 - 2014-10-31 21:48 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-10-31 21:47 - 2014-11-11 22:00 - 00000000 ____D () C:\Users\tom.sell
2014-10-31 21:47 - 2014-10-31 21:59 - 00028578 _____ () C:\WINDOWS\diagwrn.xml
2014-10-31 21:47 - 2014-10-31 21:59 - 00028578 _____ () C:\WINDOWS\diagerr.xml
2014-10-31 21:47 - 2014-10-31 21:48 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-31 21:47 - 2014-10-31 21:48 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-31 21:47 - 2014-10-31 21:48 - 00000000 ___RD () C:\Users\tom.sell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-31 21:47 - 2014-10-31 21:48 - 00000000 ___RD () C:\Users\tom.sell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-31 21:47 - 2014-10-31 21:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Vorlagen
2014-10-31 21:47 - 2014-10-31 21:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2014-10-31 21:47 - 2014-10-31 21:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2014-10-31 21:47 - 2014-10-31 21:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Lokale Einstellungen
2014-10-31 21:47 - 2014-10-31 21:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Eigene Dateien
2014-10-31 21:47 - 2014-10-31 21:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2014-10-31 21:47 - 2014-10-31 21:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik
2014-10-31 21:47 - 2014-10-31 21:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder
2014-10-31 21:47 - 2014-10-31 21:47 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-31 21:47 - 2014-10-31 21:47 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2014-10-31 21:47 - 2014-10-31 21:47 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2014-10-31 21:47 - 2014-10-31 21:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Anwendungsdaten
2014-10-31 21:47 - 2014-10-31 21:47 - 00000000 _SHDL () C:\Users\tom.sell\Vorlagen
2014-10-31 21:47 - 2014-10-31 21:47 - 00000000 _SHDL () C:\Users\tom.sell\Startmenü
2014-10-31 21:47 - 2014-10-31 21:47 - 00000000 _SHDL () C:\Users\tom.sell\Netzwerkumgebung
2014-10-31 21:47 - 2014-10-31 21:47 - 00000000 _SHDL () C:\Users\tom.sell\Lokale Einstellungen
2014-10-31 21:47 - 2014-10-31 21:47 - 00000000 _SHDL () C:\Users\tom.sell\Eigene Dateien
2014-10-31 21:47 - 2014-10-31 21:47 - 00000000 _SHDL () C:\Users\tom.sell\Druckumgebung
2014-10-31 21:47 - 2014-10-31 21:47 - 00000000 _SHDL () C:\Users\tom.sell\Documents\Eigene Musik
2014-10-31 21:47 - 2014-10-31 21:47 - 00000000 _SHDL () C:\Users\tom.sell\Documents\Eigene Bilder
2014-10-31 21:47 - 2014-10-31 21:47 - 00000000 _SHDL () C:\Users\tom.sell\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-31 21:47 - 2014-10-31 21:47 - 00000000 _SHDL () C:\Users\tom.sell\AppData\Local\Verlauf
2014-10-31 21:47 - 2014-10-31 21:47 - 00000000 _SHDL () C:\Users\tom.sell\AppData\Local\Anwendungsdaten
2014-10-31 21:47 - 2014-10-31 21:47 - 00000000 _SHDL () C:\Users\tom.sell\Anwendungsdaten
2014-10-31 21:47 - 2014-09-24 07:18 - 00000369 _____ () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-10-31 21:47 - 2014-09-24 07:18 - 00000369 _____ () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-10-31 21:47 - 2014-09-24 07:18 - 00000369 _____ () C:\Users\tom.sell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-10-31 21:47 - 2014-09-24 07:18 - 00000369 _____ () C:\Users\tom.sell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-10-31 21:47 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-31 21:47 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\tom.sell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-31 21:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-31 21:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\tom.sell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-31 21:42 - 2014-11-01 11:41 - 00000000 ____D () C:\Program Files (x86)\USB Camera
2014-10-31 21:42 - 2013-10-29 00:39 - 06610720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-10-31 21:42 - 2013-10-29 00:39 - 03477280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-10-31 21:42 - 2013-10-29 00:38 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-10-31 21:42 - 2013-10-29 00:38 - 01042720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2014-10-31 21:42 - 2013-10-29 00:38 - 00920864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-10-31 21:42 - 2013-10-29 00:38 - 00580384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2014-10-31 21:42 - 2013-10-29 00:38 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-10-31 21:42 - 2013-10-29 00:38 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2014-10-31 21:42 - 2013-10-29 00:38 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-10-31 21:42 - 2013-10-25 12:44 - 03435888 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-10-31 21:41 - 2014-11-11 22:56 - 01683631 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-31 21:41 - 2014-11-01 11:42 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-10-31 21:41 - 2014-10-31 21:42 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-10-31 21:41 - 2014-10-31 21:41 - 00000264 _____ () C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2014-10-31 21:41 - 2014-10-31 21:41 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-10-31 21:41 - 2014-10-31 21:41 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-10-31 21:40 - 2014-10-31 21:49 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-10-31 21:39 - 2014-11-01 11:39 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-10-31 21:39 - 2014-10-31 21:49 - 00000000 ____D () C:\Program Files\Intel
2014-10-31 21:39 - 2014-10-31 21:39 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2014-10-31 21:39 - 2014-10-31 21:39 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-10-31 21:39 - 2014-10-31 21:39 - 00000000 ____D () C:\Program Files\Synaptics
2014-10-31 21:39 - 2014-10-31 21:39 - 00000000 ____D () C:\Program Files\Realtek
2014-10-31 21:39 - 2014-10-03 17:37 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2014-10-31 21:39 - 2014-10-03 17:37 - 00074240 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2014-10-31 21:37 - 2014-11-01 09:48 - 00000000 ___DC () C:\WINDOWS\Panther
2014-10-31 21:37 - 2014-10-31 21:37 - 00000000 __SHD () C:\Recovery
2014-10-31 21:36 - 2014-10-31 21:36 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-31 21:36 - 2014-10-31 21:36 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-31 21:36 - 2014-10-31 21:36 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-31 21:36 - 2014-10-31 21:36 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-31 21:36 - 2014-10-31 21:36 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-31 21:36 - 2014-10-31 21:36 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-31 21:36 - 2014-10-31 21:36 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-31 21:36 - 2014-10-31 21:36 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-31 21:36 - 2014-10-31 21:36 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-31 21:36 - 2014-10-31 21:36 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-31 21:36 - 2014-10-31 21:36 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-31 21:36 - 2014-10-31 21:36 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-31 21:36 - 2014-10-31 21:36 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-31 21:36 - 2014-10-31 21:36 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-31 21:35 - 2014-10-31 21:35 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-31 21:35 - 2014-10-31 21:35 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 02779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-31 21:35 - 2014-10-31 21:35 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-31 21:35 - 2014-10-31 21:35 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-31 21:35 - 2014-10-31 21:35 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-10-31 21:35 - 2014-10-31 21:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-10-31 21:35 - 2014-10-31 21:35 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-31 21:34 - 2014-10-31 21:34 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-31 21:34 - 2014-10-31 21:34 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-31 21:33 - 2014-10-31 21:33 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-10-31 21:32 - 2014-10-31 21:32 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-10-31 21:32 - 2014-10-31 21:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-10-31 21:31 - 2014-10-31 21:31 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2014-10-31 21:31 - 2014-10-31 21:31 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-10-31 21:31 - 2014-10-31 21:31 - 00000000 ____D () C:\Program Files\MSBuild
2014-10-31 21:31 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-10-31 21:31 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-10-31 21:31 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-10-31 21:31 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-10-31 20:48 - 2014-10-31 21:59 - 00006608 _____ () C:\WINDOWS\comsetup.log
2014-10-31 18:42 - 2014-10-31 18:42 - 00000000 _____ () C:\Users\tom.sell\agent.log
2014-10-31 18:34 - 2014-11-11 23:19 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1800612341-941125145-2720928169-1003
2014-10-31 18:24 - 2014-11-12 00:01 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-31 18:24 - 2014-11-11 23:29 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-31 18:24 - 2014-10-31 21:58 - 00002206 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-31 18:24 - 2014-10-31 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-31 18:24 - 2014-10-31 18:24 - 00004102 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-31 18:24 - 2014-10-31 18:24 - 00003866 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-31 18:24 - 2014-10-31 18:24 - 00000000 ____D () C:\Users\tom.sell\AppData\Local\Google
2014-10-31 18:24 - 2014-10-31 18:24 - 00000000 ____D () C:\Users\tom.sell\AppData\Local\Apps\2.0
2014-10-31 18:24 - 2014-10-31 18:24 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-31 18:18 - 2014-11-03 18:51 - 00001492 _____ () C:\Users\tom.sell\AppData\Roaming\AbsoluteReminder.xml
2014-10-31 18:18 - 2014-11-01 09:34 - 00000930 _____ () C:\Users\tom.sell\Desktop\Downloads.lnk
2014-10-31 18:18 - 2014-10-31 18:18 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-10-31 18:18 - 2014-10-31 18:18 - 00000000 ____D () C:\Users\tom.sell\AppData\Roaming\Synaptics
2014-10-31 18:18 - 2014-10-31 18:18 - 00000000 ____D () C:\Users\tom.sell\AppData\Roaming\Lenovo
2014-10-31 18:18 - 2014-10-31 18:18 - 00000000 ____D () C:\Users\tom.sell\AppData\Local\Power2Go
2014-10-31 18:18 - 2014-10-31 18:18 - 00000000 ____D () C:\Users\tom.sell\AppData\Local\Lenovo
2014-10-31 18:18 - 2014-10-31 18:18 - 00000000 ____D () C:\Users\tom.sell\AppData\Local\Absolute_Software
2014-10-31 18:17 - 2014-11-12 00:01 - 00000193 _____ () C:\Users\tom.sell\AppData\Local\RegisteredPackageInformation.xml
2014-10-31 18:17 - 2014-11-12 00:00 - 00077001 _____ () C:\Users\tom.sell\AppData\Local\BTServer.log
2014-10-31 18:17 - 2014-11-11 22:40 - 00000000 ____D () C:\Users\tom.sell\AppData\Roaming\Nitro PDF
2014-10-31 18:17 - 2014-11-03 15:31 - 00000000 ____D () C:\Users\tom.sell\AppData\Local\VirtualStore
2014-10-31 18:17 - 2014-11-03 01:18 - 00000000 ____D () C:\Users\tom.sell\AppData\Local\Packages
2014-10-31 18:17 - 2014-11-01 11:42 - 00000000 ____D () C:\Users\tom.sell\AppData\Roaming\Adobe
2014-10-31 18:17 - 2014-10-31 18:17 - 00000000 ____D () C:\Users\tom.sell\Documents\My Bluetooth
2014-10-31 18:17 - 2013-11-14 17:04 - 00000000 ____D () C:\Users\tom.sell\AppData\Roaming\Macromedia
2014-10-31 18:17 - 2013-01-14 19:58 - 00001599 _____ () C:\Users\tom.sell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LenovoToast.lnk
2014-10-31 18:08 - 2014-10-31 18:08 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-10-31 18:08 - 2014-10-31 18:08 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-10-31 18:08 - 2014-10-31 18:08 - 00000000 _SHDL () C:\Users\Default.migrated\Vorlagen
2014-10-31 18:08 - 2014-10-31 18:08 - 00000000 _SHDL () C:\Users\Default.migrated\Startmenü
2014-10-31 18:08 - 2014-10-31 18:08 - 00000000 _SHDL () C:\Users\Default.migrated\Netzwerkumgebung
2014-10-31 18:08 - 2014-10-31 18:08 - 00000000 _SHDL () C:\Users\Default.migrated\Lokale Einstellungen
2014-10-31 18:08 - 2014-10-31 18:08 - 00000000 _SHDL () C:\Users\Default.migrated\Eigene Dateien
2014-10-31 18:08 - 2014-10-31 18:08 - 00000000 _SHDL () C:\Users\Default.migrated\Druckumgebung
2014-10-31 18:08 - 2014-10-31 18:08 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Musik
2014-10-31 18:08 - 2014-10-31 18:08 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Bilder
2014-10-31 18:08 - 2014-10-31 18:08 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-31 18:08 - 2014-10-31 18:08 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Verlauf
2014-10-31 18:08 - 2014-10-31 18:08 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2014-10-31 18:08 - 2014-10-31 18:08 - 00000000 _SHDL () C:\Users\Default.migrated\Anwendungsdaten
2014-10-31 18:08 - 2014-10-31 18:08 - 00000000 _SHDL () C:\Programme
2014-10-31 18:08 - 2014-10-31 18:08 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-10-31 18:08 - 2014-10-31 18:08 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-10-31 18:08 - 2014-10-31 18:08 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-10-31 18:08 - 2014-10-31 18:08 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-10-31 18:08 - 2014-10-31 18:08 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-10-31 18:08 - 2014-10-31 18:08 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-10-31 18:08 - 2014-10-31 18:08 - 00000000 _SHDL () C:\Dokumente und Einstellungen

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-12 00:01 - 2013-11-14 17:05 - 751276032 ___SH () C:\WINDOWS\lenovo_fastboot.img
2014-11-12 00:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-11 17:13 - 2013-08-22 15:46 - 00336262 _____ () C:\WINDOWS\setupact.log
2014-11-10 14:11 - 2014-09-24 07:17 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-10 14:11 - 2014-09-24 06:43 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-11-10 14:11 - 2014-09-24 06:43 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-11-10 13:41 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-07 19:02 - 2013-11-14 17:05 - 00000000 ____D () C:\ProgramData\CyberLink
2014-11-06 10:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-11-04 14:50 - 2014-09-23 22:06 - 00006774 _____ () C:\WINDOWS\PFRO.log
2014-11-04 14:50 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-11-04 11:22 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-11-03 21:31 - 2013-08-22 15:44 - 00371584 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-03 11:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-11-02 02:03 - 2013-11-14 16:54 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-01 11:40 - 2013-08-22 15:46 - 00000796 _____ () C:\WINDOWS\setuperr.log
2014-11-01 10:36 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-11-01 09:44 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-11-01 09:30 - 2013-11-14 16:53 - 00000000 ____D () C:\ProgramData\Realtek
2014-11-01 09:29 - 2014-09-24 08:43 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-11-01 09:29 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-11-01 09:29 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-11-01 09:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-11-01 09:24 - 2013-11-14 17:02 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2014-11-01 09:24 - 2013-11-14 16:52 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-11-01 03:03 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-11-01 02:59 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-11-01 02:57 - 2013-11-14 16:50 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-01 02:53 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-11-01 02:27 - 2013-11-14 16:47 - 00000000 ____D () C:\Intel
2014-10-31 21:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-10-31 21:59 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2014-10-31 21:59 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2014-10-31 21:57 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-10-31 21:56 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-10-31 21:52 - 2013-11-14 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Absolute Software
2014-10-31 21:52 - 2013-11-14 17:06 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerDVD Create
2014-10-31 21:52 - 2013-11-14 17:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2014-10-31 21:52 - 2013-11-14 17:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-10-31 21:52 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-10-31 21:51 - 2013-08-22 16:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log
2014-10-31 21:51 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2014-10-31 21:50 - 2014-09-24 06:43 - 00000000 ____D () C:\WINDOWS\SysWOW64\winrm
2014-10-31 21:50 - 2014-09-24 06:43 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-10-31 21:50 - 2014-09-24 06:43 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-10-31 21:50 - 2014-09-24 06:43 - 00000000 ____D () C:\WINDOWS\SysWOW64\slmgr
2014-10-31 21:50 - 2014-09-24 06:43 - 00000000 ____D () C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2014-10-31 21:50 - 2014-09-24 06:43 - 00000000 ____D () C:\WINDOWS\system32\winrm
2014-10-31 21:50 - 2014-09-24 06:43 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-10-31 21:50 - 2014-09-24 06:43 - 00000000 ____D () C:\WINDOWS\system32\slmgr
2014-10-31 21:50 - 2014-09-24 06:43 - 00000000 ____D () C:\WINDOWS\system32\Printing_Admin_Scripts
2014-10-31 21:50 - 2013-11-14 17:16 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-10-31 21:50 - 2013-11-14 17:12 - 00000000 ____D () C:\ProgramData\McAfee
2014-10-31 21:50 - 2013-11-14 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-10-31 21:50 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-10-31 21:50 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-10-31 21:50 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-10-31 21:50 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-10-31 21:50 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-10-31 21:50 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2014-10-31 21:50 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2014-10-31 21:50 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-10-31 21:50 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-10-31 21:50 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-10-31 21:50 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2014-10-31 21:50 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2014-10-31 21:50 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-10-31 21:50 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-10-31 21:50 - 2013-03-25 22:03 - 00000000 ____D () C:\ProgramData\PRICache
2014-10-31 21:49 - 2014-09-24 07:00 - 00000000 ____D () C:\Program Files\Windows Journal
2014-10-31 21:49 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-10-31 21:48 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-10-31 21:42 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\System
2014-10-31 21:36 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-10-31 21:35 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-10-31 21:35 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-10-31 21:35 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-10-31 21:35 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-10-31 21:23 - 2013-11-14 16:33 - 01345610 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-10-31 20:25 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-10-31 18:22 - 2013-11-14 17:03 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2014-10-31 18:17 - 2013-11-15 02:18 - 00087732 _____ () C:\WINDOWS\modules.log

Some content of TEMP:
====================
C:\Users\tom.sell\AppData\Local\Temp\COMAP.EXE
C:\Users\tom.sell\AppData\Local\Temp\InstHelper.exe
C:\Users\tom.sell\AppData\Local\Temp\MSETUP4.EXE
C:\Users\tom.sell\AppData\Local\Temp\Quarantine.exe
C:\Users\tom.sell\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-10 12:42

==================== End Of Log ============================
--- --- ---

--- --- ---


so hat n bisschen gedauert , aber was lang währt... wär total prima du schaust nochmal drüber ... danke

Alt 12.11.2014, 18:22   #12
Namoi
 
Kalenderchen6, Malware, virus, wurm, was ist da los? - Standard

Kalenderchen6, Malware, virus, wurm, was ist da los?


und was ist das schonwieder?
Code:
ATTFilter
# AdwCleaner v4.002 - Bericht erstellt am 12/11/2014 um 16:30:44
# Aktualisiert 27/10/2014 von Xplode
# Datenbank : 
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : tom.sell - TOMTOMS
# Gestartet von : C:\Users\tom.sell\Downloads\AdwCleaner_4.002.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\google.de
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\lenovo.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\msn.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\Total

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v33.0.2 (x86 de)

[8iue14ws.default] - Zeile gefunden : # Mozilla User Preferences
[8iue14ws.default] - Zeile gefunden : 
[8iue14ws.default] - Zeile gefunden : /* Do not edit this file.
[8iue14ws.default] - Zeile gefunden :  *
[8iue14ws.default] - Zeile gefunden :  * If you make changes to this file while the application is running,
[8iue14ws.default] - Zeile gefunden :  * the changes will be overwritten when the application exits.
[8iue14ws.default] - Zeile gefunden :  *
[8iue14ws.default] - Zeile gefunden :  * To make a manual change to preferences, you can visit the URL about:config
[8iue14ws.default] - Zeile gefunden :  */
[8iue14ws.default] - Zeile gefunden : 
[8iue14ws.default] - Zeile gefunden : user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1415360078);
[8iue14ws.default] - Zeile gefunden : user_pref("app.update.lastUpdateTime.background-update-timer", 1415359838);
[8iue14ws.default] - Zeile gefunden : user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1415360198);
[8iue14ws.default] - Zeile gefunden : user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1415359598);
[8iue14ws.default] - Zeile gefunden : user_pref("app.update.lastUpdateTime.experiments-update-timer", 1415359958);
[8iue14ws.default] - Zeile gefunden : user_pref("app.update.lastUpdateTime.search-engine-update-timer", 1415359718);
[8iue14ws.default] - Zeile gefunden : user_pref("app.update.migrated.updateDir", true);
[8iue14ws.default] - Zeile gefunden : user_pref("browser.cache.disk.capacity", 358400);
[8iue14ws.default] - Zeile gefunden : user_pref("browser.cache.disk.smart_size.first_run", false);
[8iue14ws.default] - Zeile gefunden : user_pref("browser.cache.frecency_experiment", 3);
[8iue14ws.default] - Zeile gefunden : user_pref("browser.download.importedFromSqlite", true);
[8iue14ws.default] - Zeile gefunden : user_pref("browser.migration.version", 22);
[8iue14ws.default] - Zeile gefunden : user_pref("browser.newtabpage.enhanced", true);
[8iue14ws.default] - Zeile gefunden : user_pref("browser.newtabpage.storageVersion", 1);
[8iue14ws.default] - Zeile gefunden : user_pref("browser.pagethumbnails.storage_version", 3);
[8iue14ws.default] - Zeile gefunden : user_pref("browser.places.smartBookmarksVersion", 7);
[8iue14ws.default] - Zeile gefunden : user_pref("browser.rights.3.shown", true);
[8iue14ws.default] - Zeile gefunden : user_pref("browser.sessionstore.upgradeBackup.latestBuildID", "20141027150301");
[8iue14ws.default] - Zeile gefunden : user_pref("browser.slowStartup.averageTime", 11327);
[8iue14ws.default] - Zeile gefunden : user_pref("browser.slowStartup.samples", 2);
[8iue14ws.default] - Zeile gefunden : user_pref("browser.startup.homepage_override.buildID", "20141027150301");
[8iue14ws.default] - Zeile gefunden : user_pref("browser.startup.homepage_override.mstone", "33.0.2");
[8iue14ws.default] - Zeile gefunden : user_pref("browser.taskbar.lastgroupid", "E7CF176E110C211B");
[8iue14ws.default] - Zeile gefunden : user_pref("browser.uitour.whitelist.add.260", "");
[8iue14ws.default] - Zeile gefunden : user_pref("browser.uitour.whitelist.add.340", "");
[8iue14ws.default] - Zeile gefunden : user_pref("datareporting.healthreport.nextDataSubmissionTime", "1415058598689");
[8iue14ws.default] - Zeile gefunden : user_pref("datareporting.healthreport.service.firstRun", true);
[8iue14ws.default] - Zeile gefunden : user_pref("datareporting.policy.dataSubmissionPolicyNotifiedTime", "1415359542033");
[8iue14ws.default] - Zeile gefunden : user_pref("datareporting.policy.firstRunTime", "1414972198689");
[8iue14ws.default] - Zeile gefunden : user_pref("datareporting.sessions.current.activeTicks", 56);
[8iue14ws.default] - Zeile gefunden : user_pref("datareporting.sessions.current.clean", true);
[8iue14ws.default] - Zeile gefunden : user_pref("datareporting.sessions.current.firstPaint", 3637);
[8iue14ws.default] - Zeile gefunden : user_pref("datareporting.sessions.current.main", 766);
[8iue14ws.default] - Zeile gefunden : user_pref("datareporting.sessions.current.sessionRestored", 3949);
[8iue14ws.default] - Zeile gefunden : user_pref("datareporting.sessions.current.startTime", "1415359477069");
[8iue14ws.default] - Zeile gefunden : user_pref("datareporting.sessions.current.totalTime", 928);
[8iue14ws.default] - Zeile gefunden : user_pref("datareporting.sessions.currentIndex", 1);
[8iue14ws.default] - Zeile gefunden : user_pref("datareporting.sessions.previous.0", "{\"s\":1414972188819,\"a\":4,\"t\":37,\"c\":true,\"m\":156,\"fp\":2477,\"sr\":18729}");
[8iue14ws.default] - Zeile gefunden : user_pref("extensions.blocklist.pingCountTotal", 2);
[8iue14ws.default] - Zeile gefunden : user_pref("extensions.blocklist.pingCountVersion", 2);
[8iue14ws.default] - Zeile gefunden : user_pref("extensions.databaseSchema", 16);
[8iue14ws.default] - Zeile gefunden : user_pref("extensions.enabledAddons", "%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.0.2");
[8iue14ws.default] - Zeile gefunden : user_pref("extensions.getAddons.cache.lastUpdate", 1415360079);
[8iue14ws.default] - Zeile gefunden : user_pref("extensions.getAddons.databaseSchema", 5);
[8iue14ws.default] - Zeile gefunden : user_pref("extensions.hotfix.lastVersion", "20140527.01.3");
[8iue14ws.default] - Zeile gefunden : user_pref("extensions.lastAppVersion", "33.0.2");
[8iue14ws.default] - Zeile gefunden : user_pref("extensions.lastPlatformVersion", "33.0.2");
[8iue14ws.default] - Zeile gefunden : user_pref("extensions.pendingOperations", false);
[8iue14ws.default] - Zeile gefunden : user_pref("extensions.shownSelectionUI", true);
[8iue14ws.default] - Zeile gefunden : user_pref("gecko.buildID", "20141027150301");
[8iue14ws.default] - Zeile gefunden : user_pref("gecko.mstone", "33.0.2");
[8iue14ws.default] - Zeile gefunden : user_pref("gfx.direct3d.last_used_feature_level_idx", 0);
[8iue14ws.default] - Zeile gefunden : user_pref("idle.lastDailyNotification", 1415359961);
[8iue14ws.default] - Zeile gefunden : user_pref("media.gmp-gmpopenh264.lastUpdate", 1415359543);
[8iue14ws.default] - Zeile gefunden : user_pref("media.gmp-gmpopenh264.version", "1.1");
[8iue14ws.default] - Zeile gefunden : user_pref("media.gmp-manager.lastCheck", 1415359542);
[8iue14ws.default] - Zeile gefunden : user_pref("network.cookie.prefsMigrated", true);
[8iue14ws.default] - Zeile gefunden : user_pref("pdfjs.migrationVersion", 2);
[8iue14ws.default] - Zeile gefunden : user_pref("pdfjs.previousHandler.alwaysAskBeforeHandling", true);
[8iue14ws.default] - Zeile gefunden : user_pref("pdfjs.previousHandler.preferredAction", 4);
[8iue14ws.default] - Zeile gefunden : user_pref("places.database.lastMaintenance", 1415359961);
[8iue14ws.default] - Zeile gefunden : user_pref("places.history.expiration.transient_current_max_pages", 104858);
[8iue14ws.default] - Zeile gefunden : user_pref("plugin.disable_full_page_plugin_for_types", "application/pdf");
[8iue14ws.default] - Zeile gefunden : user_pref("plugin.importedState", true);
[8iue14ws.default] - Zeile gefunden : user_pref("privacy.sanitize.migrateFx3Prefs", true);
[8iue14ws.default] - Zeile gefunden : user_pref("signon.importedFromSqlite", true);
[8iue14ws.default] - Zeile gefunden : user_pref("storage.vacuum.last.index", 0);
[8iue14ws.default] - Zeile gefunden : user_pref("storage.vacuum.last.places.sqlite", 1415359961);
[8iue14ws.default] - Zeile gefunden : user_pref("toolkit.startup.last_success", 1415359477);
[8iue14ws.default] - Zeile gefunden : user_pref("toolkit.telemetry.previousBuildID", "20141027150301");

-\\ Google Chrome v38.0.2125.111


*************************

AdwCleaner[R0].txt - [1115 octets] - [04/11/2014 14:47:35]
AdwCleaner[R1].txt - [8691 octets] - [12/11/2014 16:30:44]
AdwCleaner[S0].txt - [1179 octets] - [04/11/2014 14:49:50]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [8811 octets] ##########

Alt 13.11.2014, 10:01   #13
schrauber
/// the machine
/// TB-Ausbilder
 
Kalenderchen6, Malware, virus, wurm, was ist da los? - Standard

Kalenderchen6, Malware, virus, wurm, was ist da los?


FRST öffnen, Haken setzen bei Addition und scannen, poste bitte die Addition.txt. Die haste oben vergessen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 13.11.2014, 13:52   #14
Namoi
 
Kalenderchen6, Malware, virus, wurm, was ist da los? - Standard

Kalenderchen6, Malware, virus, wurm, was ist da los?


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-11-2014
Ran by tom.sell at 2014-11-13 13:50:52
Running from C:\Users\tom.sell\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 PowerDVD Create 10 (x32 Version: 10.0.1.2704 - CyberLink Corp.) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.1.0.9 - Absolute Software)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated)
Analog Lab 1.1.0 (HKLM-x32\...\analoglab073_is1) (Version: 1.1.0 - Arturia)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.33.00 - )
Canon iP4800 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4800_series) (Version:  - )
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Connect (HKLM-x32\...\Connect 2.2.2) (Version: 2.2.2 - Continuata)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5428.52 - CyberLink Corp.)
Driver Booster 2 (HKLM-x32\...\Driver Booster_is1) (Version: 2.0 - IObit)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.7.1.8146 - Steinberg Media Technologies GmbH)
ESET Smart Security (HKLM\...\{F5A3E880-A737-48F2-A124-6F5D4CEA6AB4}) (Version: 7.0.302.26 - ESET, spol s r. o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1011 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36943 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.13.1402 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.0.4.30 - IObit)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.11 - )
Lenovo Dependency Package (HKLM-x32\...\Lenovo Dependency Package_is1) (Version: 1.5.37.0 - Lenovo Group Limited)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.4.0 - Lenovo)
Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo QuickControl (HKLM-x32\...\{4855C42F-5197-4AAD-A50D-5066D2CC4647}) (Version: 2.20 - Lenovo Group Limited)
Lenovo Settings - Camera Audio (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 4.0.101.0 - Lenovo Corporation)
Lenovo Settings Dependency Package (HKLM\...\{3694BA2E-BE31-4B7E-886B-A0B559E69D4D}_is1) (Version: 1.2.2.3 - Lenovo Group Limited)
Lenovo Settings Mobile Hotspot (HKLM\...\{42603F7D-B08D-436B-B0D8-3E2DEF1AFD41}_is1) (Version: 1.1.0.60 - Lenovo)
Lenovo Solution Center (HKLM\...\{4041B18B-DE30-4D78-9D60-6ADC586C5E00}) (Version: 2.1.003.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.02.0018 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0012.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 33.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0.2 (x86 de)) (Version: 33.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0.2 - Mozilla)
Native Instruments Abbey Road 60s Drummer (HKLM-x32\...\Native Instruments Abbey Road 60s Drummer) (Version: 1.1.0.2 - Native Instruments)
Native Instruments Absynth 5 (HKLM-x32\...\Native Instruments Absynth 5) (Version: 5.2.1.1307 - Native Instruments)
Native Instruments Audio 2 DJ Driver (HKLM-x32\...\Native Instruments Audio 2 DJ Driver) (Version:  - Native Instruments)
Native Instruments Audio 4 DJ Driver (HKLM-x32\...\Native Instruments Audio 4 DJ Driver) (Version:  - Native Instruments)
Native Instruments Audio 8 DJ Driver (HKLM-x32\...\Native Instruments Audio 8 DJ Driver) (Version:  - Native Instruments)
Native Instruments Battery 4 (HKLM-x32\...\Native Instruments Battery 4) (Version: 4.1.4.126 - Native Instruments)
Native Instruments Battery 4 Factory Library (HKLM-x32\...\Native Instruments Battery 4 Factory Library) (Version: 1.1.0.1 - Native Instruments)
Native Instruments Berlin Concert Grand (HKLM-x32\...\Native Instruments Berlin Concert Grand) (Version:  - Native Instruments)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.7.1.177 - Native Instruments)
Native Instruments FM8 (HKLM-x32\...\Native Instruments FM8) (Version: 1.3.0.1244 - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: 5.2.0.2770 - Native Instruments)
Native Instruments Guitar Rig Mobile IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Mobile IO Driver) (Version:  - Native Instruments)
Native Instruments Guitar Rig Pro Library for Maschine (HKLM-x32\...\Native Instruments Guitar Rig Pro Library for Maschine) (Version: 1.0.0.2 - Native Instruments)
Native Instruments Guitar Rig Session IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Session IO Driver) (Version:  - Native Instruments)
Native Instruments Komplete 9 (HKLM-x32\...\Native Instruments Komplete 9) (Version:  - Native Instruments)
Native Instruments Komplete Audio 6 (HKLM-x32\...\Native Instruments Komplete Audio 6) (Version:  - Native Instruments)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.4.1.211 - Native Instruments)
Native Instruments Kontakt Factory Library (HKLM-x32\...\Native Instruments Kontakt Factory Library) (Version: 1.1.0.5 - Native Instruments)
Native Instruments Maschine 2 (HKLM-x32\...\Native Instruments Maschine 2) (Version: 2.1.2.1444 - Native Instruments)
Native Instruments Maschine 2 Factory Library (HKLM-x32\...\Native Instruments Maschine 2 Factory Library) (Version: 1.1.0.7 - Native Instruments)
Native Instruments Maschine Controller Driver (HKLM-x32\...\Native Instruments Maschine Controller Driver) (Version:  - Native Instruments)
Native Instruments Maschine Controller MK2 Driver (HKLM-x32\...\Native Instruments Maschine Controller MK2 Driver) (Version:  - Native Instruments)
Native Instruments Maschine Mikro Driver (HKLM-x32\...\Native Instruments Maschine Mikro Driver) (Version:  - Native Instruments)
Native Instruments Maschine Mikro MK2 Driver (HKLM-x32\...\Native Instruments Maschine Mikro MK2 Driver) (Version:  - Native Instruments)
Native Instruments Maschine Studio Driver (HKLM-x32\...\Native Instruments Maschine Studio Driver) (Version:  - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: 1.4.0.292 - Native Instruments)
Native Instruments Monark (HKLM-x32\...\Native Instruments Monark) (Version: 1.3.0.2 - Native Instruments)
Native Instruments New York Concert Grand (HKLM-x32\...\Native Instruments New York Concert Grand) (Version: 1.3.0.3 - Native Instruments)
Native Instruments Rammfire (HKLM-x32\...\Native Instruments Rammfire) (Version: 2.0.0.4 - Native Instruments)
Native Instruments Rammfire for Maschine (HKLM-x32\...\Native Instruments Rammfire for Maschine) (Version: 1.0.0.1 - Native Instruments)
Native Instruments Reaktor 5 (HKLM-x32\...\Native Instruments Reaktor 5) (Version: 5.9.2.1074 - Native Instruments)
Native Instruments Reaktor Prism (HKLM-x32\...\Native Instruments Reaktor Prism) (Version: 1.6.0.1 - Native Instruments)
Native Instruments Reaktor Spark R2 (HKLM-x32\...\Native Instruments Reaktor Spark R2) (Version: 1.4.0.3 - Native Instruments)
Native Instruments Reflektor (HKLM-x32\...\Native Instruments Reflektor) (Version: 2.0.0.6 - Native Instruments)
Native Instruments Reflektor for Maschine (HKLM-x32\...\Native Instruments Reflektor for Maschine) (Version: 1.0.0.1 - Native Instruments)
Native Instruments Resonant Blaze (HKLM-x32\...\Native Instruments Resonant Blaze) (Version: 1.0.0.4 - Native Instruments)
Native Instruments Retro Machines Mk2 (HKLM-x32\...\Native Instruments Retro Machines Mk2) (Version: 1.3.0.3 - Native Instruments)
Native Instruments Rig Kontrol 3 Driver (HKLM-x32\...\Native Instruments Rig Kontrol 3 Driver) (Version:  - Native Instruments)
Native Instruments Scarbee MM-Bass (HKLM-x32\...\Native Instruments Scarbee MM-Bass) (Version: 1.2.0.4 - Native Instruments)
Native Instruments Scarbee Vintage Keys (HKLM-x32\...\Native Instruments Scarbee Vintage Keys) (Version: 1.2.0.3 - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.9.132 - Native Instruments)
Native Instruments Session Strings (HKLM-x32\...\Native Instruments Session Strings) (Version: 1.3.0.2 - Native Instruments)
Native Instruments Solid Bus Comp FX (HKLM-x32\...\Native Instruments Solid Bus Comp FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments Solid Dynamics FX (HKLM-x32\...\Native Instruments Solid Dynamics FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments Solid EQ FX (HKLM-x32\...\Native Instruments Solid EQ FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments Studio Drummer (HKLM-x32\...\Native Instruments Studio Drummer) (Version: 1.4.0.12 - Native Instruments)
Native Instruments The Finger R2 (HKLM-x32\...\Native Instruments The Finger R2) (Version: 1.3.0.12 - Native Instruments)
Native Instruments The Giant (HKLM-x32\...\Native Instruments The Giant) (Version: 1.2.0.7 - Native Instruments)
Native Instruments Transient Master FX (HKLM-x32\...\Native Instruments Transient Master FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments Upright Piano (HKLM-x32\...\Native Instruments Upright Piano) (Version:  - Native Instruments)
Native Instruments Vienna Concert Grand (HKLM-x32\...\Native Instruments Vienna Concert Grand) (Version:  - Native Instruments)
Native Instruments Vintage Organs (HKLM-x32\...\Native Instruments Vintage Organs) (Version: 1.4.0.5 - Native Instruments)
Native Instruments West Africa (HKLM-x32\...\Native Instruments West Africa) (Version: 1.3.0.2 - Native Instruments)
Nitro Pro 8 (HKLM\...\{C97CFB86-B083-4BAE-90B2-D141500A5ACA}) (Version: 8.5.5.2 - Nitro)
NVIDIA Grafiktreiber 327.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.62 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PowerDVD Create (HKLM-x32\...\InstallShield_{DE485075-8CD3-4A1E-9ABC-6412EBA44872}) (Version: 10.0 - CyberLink Corp.)
RapidBoot HDD Accelerator (HKLM-x32\...\Fastboot) (Version: 2.1.1.0 - Lenovo)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.787.787.111213 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30161 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.15.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0224 - REALTEK Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Steinberg Cubase LE AI Elements 7 (HKLM-x32\...\{5C73FC14-D3B1-45FC-A50C-7B41CB0D9DED}) (Version: 7.0.7 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE (HKLM-x32\...\{EF7800A8-575E-4776-95A5-A9D904A85D5F}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.80.99066 - SugarSync, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.4.13 - Synaptics Incorporated)
VoiceSupport 1.2.01 (HKLM-x32\...\TC-Helicon VoiceSupport_is1) (Version: 1.2.01 build 38 - TC-Helicon Vocal Technologies Inc.)
WaveEditor (x32 Version: 1.0.1.4514 - CyberLink Corp.) Hidden
WaveLab LE 8 (HKLM-x32\...\WaveLabLE8) (Version: 8.0.3.698 - Steinberg)
Windows-Treiberpaket - Intel Corporation (iaStorA) HDC  (07/24/2013 12.7.3.1001) (HKLM\...\B7736F430D5061EB825C589EAABF709BAD04FAB9) (Version: 07/24/2013 12.7.3.1001 - Intel Corporation)
Windows-Treiberpaket - Lenovo 1.67.00.02 (04/17/2013 1.67.00.02) (HKLM\...\907DA143458FE258EFEB416B946DE8DF2B87A0BA) (Version: 04/17/2013 1.67.00.02 - Lenovo)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1800612341-941125145-2720928169-1003_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points  =========================

08-11-2014 17:30:11 Installed LG United Mobile Drivers.
11-11-2014 23:25:52 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {06FD988A-E085-485F-861F-C06B43884723} - System32\Tasks\CLMLSvc => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2013-03-06] (CyberLink)
Task: {0EB92F69-6901-4D65-9640-F36D6112DD53} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-31] (Google Inc.)
Task: {243B112D-48B4-4F45-8267-BBC7BA797AB4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-11-12] (Microsoft Corporation)
Task: {32787DD6-26E1-4EBC-BEFA-9AE4F02961C2} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2013-06-26] ()
Task: {34147D7F-01C9-4C8C-BA4A-02F08176CC1F} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2013-06-03] (Lenovo)
Task: {3D93F472-ED44-4C38-8455-754283E19B28} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-11-01] (Realtek Semiconductor)
Task: {45706FD1-EA02-4C9B-804E-018775373866} - System32\Tasks\Lenovo\LenovoWarrantyChinaTask => C:\Program Files\lenovo\SystemAgent\ChinaWarrantyService.exe [2013-06-05] ()
Task: {60B0128D-93C5-4775-BB09-A28CD078FC96} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {6D4D9621-728A-41B1-92B0-1465CA5521F5} - System32\Tasks\StartPowerDVDService => C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe [2013-06-28] (CyberLink Corp.)
Task: {7043A5AE-8000-4771-9DE9-693DF9E72CE1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-31] (Google Inc.)
Task: {73B7EBE9-C337-414E-B7B0-B9D45A4427D7} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2013-05-17] (Lenovo)
Task: {7AFDC2D1-CC76-487D-9CB5-44ADF8030DB2} - System32\Tasks\Uninstaller_SkipUac_tom.sell => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-11-01] (IObit)
Task: {80DE5A4B-F979-4399-8EFF-E6E5E1AE5F67} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-05-17] (Lenovo)
Task: {9033502E-B13C-4FB0-A31E-AAEF79AD56C5} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {95C7C196-453C-4BF3-9D13-91BFC36829D0} - System32\Tasks\PMTask => C:\PROGRA~2\ThinkPad\UTILIT~1\PwmIdTsv.exe
Task: {973A9C24-8D1E-400C-A1F5-BB73A7462FFB} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-05-17] ()
Task: {98CAD93D-3E02-443D-813C-FC5DBFF63BB6} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-10-13] (IObit)
Task: {9914EBB9-2BB4-4810-8D74-71D041A3E612} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-10-08] (IObit)
Task: {B0BFD47C-D160-4611-BDB4-B62AB26051F5} - System32\Tasks\Driver Booster SkipUAC (tom.sell) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-10-22] (IObit)
Task: {B28D4CD2-F7F0-4692-8DB0-97E552A36DC9} - System32\Tasks\Lenovo\LenovoMachineInformation => C:\Program Files\lenovo\SystemAgent\MachineInformation.exe [2013-06-05] ()
Task: {C42355FF-E13A-486F-8A3C-A8AE147412DB} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2013-05-17] (Lenovo)
Task: {E2F90455-650F-4CE6-BF7B-9F377E52E2F3} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2013-05-17] (Lenovo)
Task: {E3822F67-95BE-436E-A3C7-1F5A738BEA93} - System32\Tasks\Lenovo\LenovoUserguidesCopy => C:\Program Files\lenovo\SystemAgent\UserguidesCopy.exe [2013-06-05] ()
Task: {E6E6BD4B-86C5-42C6-9259-A2F5172BD8E0} - System32\Tasks\Lenovo\Run TVSU Once => C:\ProgramData\Lenovo\Updates\TVSUHook.exe [2013-03-28] (Lenovo)
Task: {FD8E3286-96D0-4D72-98ED-DDE9190A9640} - System32\Tasks\Lenovo\LenovoDependencyVersionTask => C:\Program Files\lenovo\SystemAgent\DependencyVersion.exe [2013-06-05] ()
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_tom.sell.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Loaded Modules (whitelisted) =============

2014-11-01 09:23 - 2013-11-06 21:24 - 00066560 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2013-11-14 17:11 - 2013-07-05 07:42 - 00117248 _____ () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2014-11-02 13:26 - 2014-11-02 13:26 - 01259520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Networking\8f0dd293f95c402613c49fb2fac85bdd\Windows.Networking.ni.dll
2013-04-19 11:50 - 2013-04-19 11:50 - 00463352 _____ () C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
2013-09-05 02:36 - 2013-12-26 19:42 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-10-03 17:36 - 2014-10-03 17:36 - 00457616 _____ () C:\WINDOWS\system32\igfxTray.exe
2014-11-04 10:09 - 2014-11-04 10:09 - 00472064 _____ () C:\Users\tom.sell\AppData\Local\Packages\c59ad0af.lenovocloudstoragebysugarsync_m3tnjedffpfhj\AC\Microsoft\CLR_v4.0\NativeImages\SugarSyncWin8.Agent\2486184ab581558459575de3601c38df\SugarSyncWin8.Agent.ni.dll
2014-11-03 11:09 - 2014-11-03 11:09 - 01782784 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\3f4dc590466037f015f65bc07d1ea923\Windows.ApplicationModel.ni.dll
2014-11-04 10:10 - 2014-11-04 10:10 - 00099328 _____ () C:\Users\tom.sell\AppData\Local\Packages\c59ad0af.lenovocloudstoragebysugarsync_m3tnjedffpfhj\AC\Microsoft\CLR_v4.0\NativeImages\nVentive.Um114fe9fe#\ad97f6ec89f37defdf7f7f2265e77608\nVentive.Umbrella.Services.Contract.WinRT.ni.dll
2014-11-03 11:09 - 2014-11-03 11:09 - 00207872 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.System\a4efa88b742703220e527956d8ab4e84\Windows.System.ni.dll
2014-11-03 11:09 - 2014-11-03 11:09 - 01278464 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Storage\f9ac074d298db459c5eff6d3256861c8\Windows.Storage.ni.dll
2014-11-02 13:26 - 2014-11-02 13:26 - 00363520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\6382e6f5ad8b7a9db4f5cd4817e70319\Windows.Foundation.ni.dll
2014-11-04 10:10 - 2014-11-04 10:10 - 01182720 _____ () C:\Users\tom.sell\AppData\Local\Packages\c59ad0af.lenovocloudstoragebysugarsync_m3tnjedffpfhj\AC\Microsoft\CLR_v4.0\NativeImages\nVentive.Um9106121c#\41a545116c1ab2dddc43e7c57953ccd6\nVentive.Umbrella.Web.WinRT.ni.dll
2014-11-03 11:09 - 2014-11-03 11:09 - 01459712 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\4bd80968bf666252841ca7792faaff11\Windows.UI.ni.dll
2013-04-19 11:50 - 2013-04-19 11:50 - 00014328 _____ () C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
2013-11-14 17:05 - 2013-11-14 17:05 - 00033520 _____ () C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBServiceps.dll
2013-11-14 17:09 - 2013-07-03 19:40 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-11-03 11:09 - 2014-11-03 11:09 - 00797696 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Networking\e1a2f3f274995f1f847c00f962657943\Windows.Networking.ni.dll
2014-11-02 13:26 - 2014-11-02 13:26 - 00228864 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\f7e726805e56676bd7b8662a3d842b0e\Windows.Foundation.ni.dll
2014-10-31 18:24 - 2014-10-22 05:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-10-31 18:24 - 2014-10-22 05:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-10-31 18:24 - 2014-10-22 05:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-31 18:24 - 2014-10-22 05:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2014-11-03 11:09 - 2014-11-03 11:09 - 01282048 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Devices\bf5509cf3a0d2e3afbd0c33e9153ecbd\Windows.Devices.ni.dll
2013-03-06 21:49 - 2013-03-06 21:49 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2013-03-06 21:52 - 2013-03-06 21:52 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Users\tom.sell\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-1800612341-941125145-2720928169-500 - Administrator - Disabled)
Gast (S-1-5-21-1800612341-941125145-2720928169-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1800612341-941125145-2720928169-1005 - Limited - Enabled)
tom.sell (S-1-5-21-1800612341-941125145-2720928169-1003 - Administrator - Enabled) => C:\Users\tom.sell
UpdatusUser (S-1-5-21-1800612341-941125145-2720928169-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/13/2014 01:47:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.17284, Zeitstempel: 0x53f816dc
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000032fbb
ID des fehlerhaften Prozesses: 0x500
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5

Error: (11/12/2014 06:27:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm backgroundTaskHost.exe, Version 6.3.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2d8

Startzeit: 01cffe9c75e5c0a7

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\system32\backgroundTaskHost.exe

Berichts-ID: 1f24a703-6a91-11e4-be7b-8056f27c8c38

Vollständiger Name des fehlerhaften Pakets: C59AD0AF.LenovoCloudStorageBySugarSync_1.3.0.889_neutral__m3tnjedffpfhj

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (11/12/2014 01:28:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm backgroundTaskHost.exe, Version 6.3.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1ac4

Startzeit: 01cffe72fa0fa9d8

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\system32\backgroundTaskHost.exe

Berichts-ID: 49ec98da-6a67-11e4-be7a-8056f27c8c38

Vollständiger Name des fehlerhaften Pakets: C59AD0AF.LenovoCloudStorageBySugarSync_1.3.0.889_neutral__m3tnjedffpfhj

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (11/12/2014 10:30:48 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (11/11/2014 03:45:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm backgroundTaskHost.exe, Version 6.3.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: f74

Startzeit: 01cffdbd0c29c4cd

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\system32\backgroundTaskHost.exe

Berichts-ID: 52b6cf64-69b1-11e4-be79-8056f27c8c38

Vollständiger Name des fehlerhaften Pakets: C59AD0AF.LenovoCloudStorageBySugarSync_1.3.0.889_neutral__m3tnjedffpfhj

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (11/11/2014 03:37:41 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (11/11/2014 01:58:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm backgroundTaskHost.exe, Version 6.3.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 15ac

Startzeit: 01cffdadc23dcff0

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\system32\backgroundTaskHost.exe

Berichts-ID: 68a22dbf-69a2-11e4-be79-8056f27c8c38

Vollständiger Name des fehlerhaften Pakets: C59AD0AF.LenovoCloudStorageBySugarSync_1.3.0.889_neutral__m3tnjedffpfhj

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (11/10/2014 01:46:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.17284, Zeitstempel: 0x53f816dc
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000f0d6c
ID des fehlerhaften Prozesses: 0xee0
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5

Error: (11/10/2014 01:39:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.3.9600.17284 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 198c

Startzeit: 01cffcccac165ac6

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\Explorer.EXE

Berichts-ID: 7d3590d8-68d6-11e4-be78-c45444000152

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (11/10/2014 00:31:39 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005


System errors:
=============
Error: (11/13/2014 01:47:31 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Lenovo Settings Service erreicht.

Error: (11/13/2014 01:47:01 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Lenovo Settings Service erreicht.

Error: (11/13/2014 01:46:31 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Lenovo Settings Service erreicht.

Error: (11/12/2014 06:42:16 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{C5BFDC08-DDFC-4855-8CEC-B421A6B3AE3A}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (11/12/2014 06:41:52 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Lenovo Settings Service erreicht.

Error: (11/12/2014 04:39:07 PM) (Source: DCOM) (EventID: 10010) (User: TOMTOMS)
Description: {C45523E6-4EE4-4606-93F3-C31908588874}

Error: (11/12/2014 03:47:53 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Lenovo Settings Service erreicht.

Error: (11/12/2014 03:47:23 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Lenovo Settings Service erreicht.

Error: (11/12/2014 03:46:53 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Lenovo Settings Service erreicht.

Error: (11/12/2014 01:47:08 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Lenovo Settings Service erreicht.


Microsoft Office Sessions:
=========================
Error: (11/13/2014 01:47:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.3.9600.1728453f816dcntdll.dll6.3.9600.1727853eebd22c00000050000000000032fbb50001cfff3fd3743807C:\WINDOWS\Explorer.EXEC:\WINDOWS\SYSTEM32\ntdll.dll2dd0c7ec-6b33-11e4-be7b-8056f27c8c38

Error: (11/12/2014 06:27:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: backgroundTaskHost.exe6.3.9600.163842d801cffe9c75e5c0a74294967295C:\WINDOWS\system32\backgroundTaskHost.exe1f24a703-6a91-11e4-be7b-8056f27c8c38C59AD0AF.LenovoCloudStorageBySugarSync_1.3.0.889_neutral__m3tnjedffpfhjApp

Error: (11/12/2014 01:28:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: backgroundTaskHost.exe6.3.9600.163841ac401cffe72fa0fa9d84294967295C:\WINDOWS\system32\backgroundTaskHost.exe49ec98da-6a67-11e4-be7a-8056f27c8c38C59AD0AF.LenovoCloudStorageBySugarSync_1.3.0.889_neutral__m3tnjedffpfhjApp

Error: (11/12/2014 10:30:48 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (11/11/2014 03:45:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: backgroundTaskHost.exe6.3.9600.16384f7401cffdbd0c29c4cd4294967295C:\WINDOWS\system32\backgroundTaskHost.exe52b6cf64-69b1-11e4-be79-8056f27c8c38C59AD0AF.LenovoCloudStorageBySugarSync_1.3.0.889_neutral__m3tnjedffpfhjApp

Error: (11/11/2014 03:37:41 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (11/11/2014 01:58:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: backgroundTaskHost.exe6.3.9600.1638415ac01cffdadc23dcff04294967295C:\WINDOWS\system32\backgroundTaskHost.exe68a22dbf-69a2-11e4-be79-8056f27c8c38C59AD0AF.LenovoCloudStorageBySugarSync_1.3.0.889_neutral__m3tnjedffpfhjApp

Error: (11/10/2014 01:46:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.3.9600.1728453f816dcntdll.dll6.3.9600.1727853eebd22c000037400000000000f0d6cee001cffce3db2303d9C:\WINDOWS\Explorer.EXEC:\WINDOWS\SYSTEM32\ntdll.dll86285c38-68d7-11e4-be79-8056f27c8c38

Error: (11/10/2014 01:39:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.3.9600.17284198c01cffcccac165ac64294967295C:\WINDOWS\Explorer.EXE7d3590d8-68d6-11e4-be78-c45444000152

Error: (11/10/2014 00:31:39 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz
Percentage of memory in use: 22%
Total physical RAM: 8089.81 MB
Available physical RAM: 6279.5 MB
Total Pagefile: 9369.81 MB
Available Pagefile: 7393.33 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:916.39 GB) (Free:736.42 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Cubase Complete Tutorial) (CDROM) (Total:7.8 GB) (Free:0 GB) UDF
Drive e: (TomToms) (Fixed) (Total:1862.98 GB) (Free:1815.09 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: C04D718B)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Alt 14.11.2014, 07:21   #15
schrauber
/// the machine
/// TB-Ausbilder
 
Kalenderchen6, Malware, virus, wurm, was ist da los? - Standard

Kalenderchen6, Malware, virus, wurm, was ist da los?


Logs sind sauber. Das sind nur Funde in deinem Firefox Profil.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort
Seite 1 von 2 1 2

Themen zu Kalenderchen6, Malware, virus, wurm, was ist da los?
bildschirm, cubase, device driver, feedback, fehlercode 0xc0000005, fehlercode 0xc0000374, fehlercode windows, flash player, hijackthis, hotspot, internet explorer, kalenderchen6, malware viren, msil/solimba.ad, programm, pwmtr64v.dll, sekunden, spark, suchmaschine, taskmanager, windows


« Avira hat unbekanntes Objekt gefunden | Trojanerfund durch MSE - Trojan:Win32/Peaac.gen!A!plock »


Ähnliche Themen: Kalenderchen6, Malware, virus, wurm, was ist da los?


  1. Unistall-Vo-package (Malware/Virus?) bei Win7 64 bit /Malware-Adware gelöscht -Danke!
    Lob, Kritik und Wünsche - 06.07.2014 (1)
  2. Trojaner, Wurm, Malware? (static.IP.clients.your-server.de, IP.rackcentre.redstation.net.uk)
    Plagegeister aller Art und deren Bekämpfung - 12.10.2012 (8)
  3. Virus/Malware verhindert Installation/Start jeglicher Anti-Malware/Virusprogramme
    Plagegeister aller Art und deren Bekämpfung - 03.02.2012 (17)
  4. Malware-Wurm
    Plagegeister aller Art und deren Bekämpfung - 28.04.2011 (1)
  5. Problem mit CTV****.exe Malware/Wurm
    Log-Analyse und Auswertung - 31.07.2010 (8)
  6. HILFE!!! Virus/Wurm/Malware iexplore.exe lässt sich nicht löschen
    Mülltonne - 19.03.2010 (10)
  7. Wurm Malware.Trace was tun
    Log-Analyse und Auswertung - 18.07.2009 (1)
  8. Wurm und Malware
    Log-Analyse und Auswertung - 17.11.2008 (4)
  9. Virus und Wurm zugleich Virus.VBS.autorun.c
    Antiviren-, Firewall- und andere Schutzprogramme - 10.09.2007 (1)
  10. Irc Virus/Wurm eingefangen???
    Log-Analyse und Auswertung - 16.01.2006 (6)
  11. Virus, Wurm oder so?
    Log-Analyse und Auswertung - 09.05.2005 (3)
  12. Virus / Wurm / Help
    Log-Analyse und Auswertung - 23.10.2004 (10)
  13. Firefox Virus/Wurm
    Log-Analyse und Auswertung - 30.09.2004 (8)
  14. welcher wurm/virus???
    Plagegeister aller Art und deren Bekämpfung - 02.03.2004 (2)
  15. Wurm? Virus?
    Plagegeister aller Art und deren Bekämpfung - 28.10.2003 (6)
  16. Neuartiger Wurm oder Malware?
    Plagegeister aller Art und deren Bekämpfung - 09.09.2003 (1)
  17. Virus, Wurm, Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 26.06.2003 (5)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Kalenderchen6, Malware, virus, wurm, was ist da los? - Okay, folgendes ist passiert ich war auf der suche nach freeware ... einem Terminkalender und fand Kalenderchen 6 voll cooles tool ... für lau.. zack auf den Rechner und dann - Kalenderchen6, Malware, virus, wurm, was ist da los?...
Archiv
Du betrachtest: Kalenderchen6, Malware, virus, wurm, was ist da los? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58