| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Notebook wird immer langsamer. Lange Bootzeit. Desktop erst spät verfügbar.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
01.11.2014, 11:41
| #1 |
 |  Notebook wird immer langsamer. Lange Bootzeit. Desktop erst spät verfügbar. Hallo Forum. Ich habe wieder ein Problem mit meinem Notebook (Windows 7 Pro). Booten dauert immer länger, Das Arbeiten mit dem Notebook wird immer träger. Und nach dem booten dauert es immer noch eine Weile, bis ich auf die Symbolleiste zugreifen kann. Wie bekomme ich das Notebook wieder hin? |
|
01.11.2014, 12:09
| #2 |
| /// the machine /// TB-Ausbilder    | Notebook wird immer langsamer. Lange Bootzeit. Desktop erst spät verfügbar. hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
01.11.2014, 23:43
| #3 |
| | Notebook wird immer langsamer. Lange Bootzeit. Desktop erst spät verfügbar.FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-11-2014
Ran by Hagel (administrator) on HAGEL-NB2 on 01-11-2014 23:41:55
Running from E:\
Loaded Profile: Hagel (Available profiles: UpdatusUser & Hagel & HagelEHS)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\ProgramData\DataCardService\HWDeviceService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(Soluto) C:\Program Files\Soluto\SolutoService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Softwareentwicklung Remus - ArchiCrypt) C:\Windows\SysWOW64\STGRAMDiskHandler64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Soluto) C:\Program Files\Soluto\Soluto.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DataCardService\DCSHelper.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe
() C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe
(Cambridge Silicon Radio Limited) C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 12\SteganosBrowserMonitor.exe
() C:\Program Files\DeskSave 8.2.1\DeskSave.exe
(WebGear Ltd, New Zealand + Create Software + Stru.be + saller.NET) C:\Program Files (x86)\WebGear\GO Contact Sync\GOContactSync.exe
(Fieldston Software) C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe
(Avanquest Software ) C:\Program Files (x86)\Digital Line Detect\DLG.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 12\SteganosHotKeyService.exe
(Dropbox, Inc.) C:\Users\Hagel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 12\fredirstarter.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SRORest.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(GlavSoft LLC.) C:\Program Files\Soluto\SolutoRemoteService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(freefilesync.sourceforge.net) C:\Program Files\FreeFileSync\FreeFileSync.exe
(freefilesync.sourceforge.net) C:\Program Files\FreeFileSync\Bin\FreeFileSync_x64.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Users\Hagel\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\nacl64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TpShocks] => C:\Windows\SYSTEM32\TpShocks.exe [380776 2010-12-09] (Lenovo.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [60920 2013-05-29] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [388600 2013-04-15] (Lenovo Group Limited)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63832 2014-05-30] (Lenovo)
HKLM\...\Run: [HP Color LaserJet CM1312 MFP Series Fax] => C:\Program Files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe [3700736 2009-09-22] (Hewlett-Packard Company)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2014-07-28] (Synaptics Incorporated)
HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] ()
HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4309184 2011-02-09] (Lenovo, Inc.)
HKLM-x32\...\Run: [SSS12 HotKeys] => C:\Program Files (x86)\Steganos Privacy Suite 12\SteganosHotKeyService.exe [84480 2011-09-30] (Steganos Software GmbH)
HKLM-x32\...\Run: [SSS12 File Redirection Starter] => C:\Program Files (x86)\Steganos Privacy Suite 12\fredirstarter.exe [17408 2011-09-30] (Steganos Software GmbH)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\Run: [SSS12 Browser Monitor] => C:\Program Files (x86)\Steganos Privacy Suite 12\SteganosBrowserMonitor.exe [57344 2011-09-30] (Steganos Software GmbH)
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\Run: [DeskSave] => C:\Program Files\DeskSave 8.2.1\DeskSave.exe [82944 2008-07-26] ()
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\Run: [GoogleContactSync] => C:\Program Files (x86)\WebGear\GO Contact Sync\GOContactSync.exe [924160 2014-02-07] (WebGear Ltd, New Zealand + Create Software + Stru.be + saller.NET)
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\Run: [gSyncit] => C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe [168448 2014-10-27] (Fieldston Software)
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\Run: [GoogleChromeAutoLaunch_6631D960C7B4E835BA733AED17626F77] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-22] (Google Inc.)
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\MountPoints2: {2437f3cc-cde8-11e3-9838-0021cc60f38b} - "A:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\MountPoints2: {8ce675cc-e1c4-11e3-84b3-028037ec0200} - F:\AutoRun.exe
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\MountPoints2: {8ce675e3-e1c4-11e3-84b3-028037ec0200} - G:\AutoRun.exe
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\MountPoints2: {8e5674e9-e1a9-11e3-853a-028037ec0200} - H:\AutoRun.exe
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\MountPoints2: {8e56750d-e1a9-11e3-853a-028037ec0200} - F:\AutoRun.exe
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\MountPoints2: {9753729c-5f9a-11e4-aceb-0021cc60f38b} - F:\AutoRun.exe
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\MountPoints2: {975372a2-5f9a-11e4-aceb-0021cc60f38b} - F:\AutoRun.exe
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\MountPoints2: {975372f3-5f9a-11e4-aceb-0021cc60f38b} - F:\AutoRun.exe
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\MountPoints2: {975372fb-5f9a-11e4-aceb-0021cc60f38b} - F:\AutoRun.exe
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\MountPoints2: {97537328-5f9a-11e4-aceb-0021cc60f38b} - F:\AutoRun.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-11-15] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-11-15] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli ACGina C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files (x86)\Digital Line Detect\DLG.exe (Avanquest Software )
Startup: C:\Users\Hagel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Hagel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\HagelEHS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hagel (EHS, VPN-Verbindung).lnk
ShortcutTarget: Hagel (EHS, VPN-Verbindung).lnk -> E:\Eigene Dateien\Schnellstart Hagel-NB2 (Desktop)\Netzlaufwerke\Hagel (EHS, VPN-Verbindung).bat ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKCU - DefaultScope {AEE2973D-6B41-4226-A3C6-A3C255FDD7FA} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3331617&octid=EB_ORIGINAL_CTID&ISID=MF32D0CEC-C188-48DE-8CAE-311BBF1022F3&SearchSource=58&CUI=&UM=6&UP=SPB55F581E-07E9-4216-9B8A-39110B710BBF&q={searchTerms}&SSPV=
SearchScopes: HKCU - {9937DA2C-15AB-4DA8-9A45-09D69D6644CD} URL =
SearchScopes: HKCU - {AEE2973D-6B41-4226-A3C6-A3C255FDD7FA} URL = https://www.google.com/search?q={searchTerms}
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: PDFXChange 2012 -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} -> C:\Program Files\Tracker Software\PDF-XChange 5\Win32\PXCIEaddin5.dll (Tracker Software Products (Canada) Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 12\SPMIEToolbar.dll (Steganos Software GmbH)
Toolbar: HKLM-x32 - PDFXChange 2012 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange 5\Win32\PXCIEaddin5.dll (Tracker Software Products (Canada) Ltd.)
Toolbar: HKCU - No Name - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 192.168.55.43 Drucker---HP-CM1312nfi.fritz.box
Tcpip\..\Interfaces\{239824C2-A1F4-4AA3-9580-6CAE0AAE0668}: [NameServer] 192.168.55.1
Tcpip\..\Interfaces\{5A5ABDAA-8E42-4E52-B576-E05F0E781F50}: [NameServer] 192.168.55.1
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll (Tracker Software Products (Canada) Ltd.)
FF HKLM-x32\...\Firefox\Extensions: [{09F060FA-566D-42D7-BF79-97AB30863433}] - C:\Program Files (x86)\Steganos Privacy Suite 12\pfplugin
FF Extension: Steganos Private Favorites - C:\Program Files (x86)\Steganos Privacy Suite 12\pfplugin [2014-04-16]
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 12\spmplugin3
FF Extension: Steganos Password Manager - C:\Program Files (x86)\Steganos Privacy Suite 12\spmplugin3 [2014-04-16]
Chrome:
=======
CHR HomePage: Default -> about:blank
CHR StartupUrls: Default -> "https://www.google.de/?gws_rd=ssl"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-02]
CHR Extension: (Google Drive) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-02]
CHR Extension: (Wetter (Erweiterung)) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc [2014-06-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-08]
CHR Extension: (YouTube) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-02]
CHR Extension: (Google-Suche) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-02]
CHR Extension: (rotoscope) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhimnnhmaanmanmmokfpijgambokcpni [2014-06-02]
CHR Extension: (mysms - SMS anywhere) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnkkehjnlfplmdnallbjjdnokolhblgb [2014-06-02]
CHR Extension: (Google Play Music) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2014-06-02]
CHR Extension: (WEB.DE MailCheck) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo [2014-06-02]
CHR Extension: (Webcam Toy) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2014-06-02]
CHR Extension: (Google Maps) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-06-02]
CHR Extension: (Google Wallet) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-02]
CHR Extension: (Google Mail) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-02]
CHR Profile: C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-11]
CHR Extension: (Google Docs) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-11]
CHR Extension: (Google Drive) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-11]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-11]
CHR Extension: (YouTube) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-11]
CHR Extension: (Google Search) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-11]
CHR Extension: (Google Sheets) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-11]
CHR Extension: (mysms - Text anywhere) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hnkkehjnlfplmdnallbjjdnokolhblgb [2014-10-11]
CHR Extension: (Google Wallet) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-11]
CHR Extension: (Gmail) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-11]
CHR Profile: C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Präsentationen) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-12]
CHR Extension: (Google Docs) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-12]
CHR Extension: (Google Drive) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-12]
CHR Extension: (YouTube) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-12]
CHR Extension: (Google-Suche) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-12]
CHR Extension: (Google Tabellen) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-12]
CHR Extension: (Google Wallet) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-12]
CHR Extension: (Google Mail) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-12]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [337824 2012-11-28] (AVM Berlin)
R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Limited)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143776 2012-11-28] (AVM Berlin)
R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Limited)
R2 CsrBtOBEX-Dienst; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Limited)
R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Limited)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [319536 2014-09-10] (Lenovo.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [559872 2014-08-06] (Lenovo)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-10-16] ()
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [657504 2012-11-01] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2013-11-14] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [191328 2013-06-10] (AVM Berlin)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2013-11-14] (Hewlett-Packard) [File not signed]
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [182848 2013-11-14] (Soluto)
R3 SolutoRemoteService; C:\Program Files\Soluto\SolutoRemoteService.exe [1942016 2013-11-14] (GlavSoft LLC.) [File not signed]
R2 SROSVC; C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [446800 2012-03-05] (Lenovo Group Limited)
R2 Steganos Volatile Disk; C:\Windows\SysWOW64\STGRAMDiskHandler64.exe [450560 2011-09-12] (Softwareentwicklung Remus - ArchiCrypt) [File not signed]
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-06-18] ()
R3 TermService; C:\Windows\System32\termsrv.dll [681984 2014-10-20] (Microsoft Corporation) [File not signed]
S4 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1028096 2010-08-31] (Lenovo Group Limited) [File not signed]
S3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1526120 2013-09-25] (Lenovo Group Limited)
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [61440 2008-01-10] (Ulead Systems, Inc.) [File not signed]
S3 wifimansvc; C:\Program Files (x86)\Mobile Partner\eap\wifimansvc.exe [605696 2012-11-10] () [File not signed]
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [648744 2011-08-12] (Ericsson AB)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 androidusb; C:\Windows\System32\Drivers\ssadadb.sys [36328 2011-05-13] (Google Inc) [File not signed]
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
R0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [23944 2010-04-06] (IVT Corporation.)
S3 BTKRNL; C:\Windows\System32\DRIVERS\btkrnl.sys [1106944 2006-01-17] (Broadcom Corporation.) [File not signed]
S3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [30088 2010-04-06] ()
R3 csravrcp; C:\Windows\System32\DRIVERS\csravrcp.sys [26304 2012-03-22] (Cambridge Silicon Radio Limited)
R3 CsrBtPort; C:\Windows\System32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrhidmini; C:\Windows\System32\DRIVERS\csrhidmini.sys [29896 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrpan; C:\Windows\System32\DRIVERS\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrserial; C:\Windows\System32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrusb; C:\Windows\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrusbfilter; C:\Windows\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csr_bthav; C:\Windows\System32\drivers\csrbthav.sys [99520 2012-03-22] (Cambridge Silicon Radio Limited)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2010-02-23] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [30248 2010-02-23] (Ericsson AB)
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [117248 2010-07-27] (Huawei Technologies Co., Ltd.)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [39248 2012-06-09] (Paragon Software Group)
S3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [27016 2010-04-06] (IVT Corporation.)
S3 JabraDFU; C:\Windows\System32\Drivers\JabraMobileCsrDfuX64.sys [38768 2014-04-29] (GN Netcom A/S)
R3 l36wgps; C:\Windows\System32\DRIVERS\l36wgps64.sys [101416 2011-07-01] (Ericsson AB)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52320 2014-05-15] (hxxp://libusb-win32.sourceforge.net)
S3 libusbK; C:\Windows\System32\DRIVERS\libusbK.sys [47200 2014-05-15] (hxxp://libusb-win32.sourceforge.net)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [419400 2011-04-29] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [430664 2011-04-29] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2011-04-29] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [483400 2011-04-29] (MCCI Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 NPF; C:\Windows\System32\drivers\NPF.sys [35344 2012-09-22] (CACE Technologies, Inc.)
S3 NPF; C:\Windows\SysWOW64\drivers\NPF.sys [35344 2012-09-22] (CACE Technologies, Inc.)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-11-15] (NVIDIA Corporation)
R3 NWIM; C:\Windows\System32\DRIVERS\avmnwim.sys [412024 2011-07-05] (AVM Berlin)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-07-05] ()
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 SLEE_17_DRIVER; C:\Windows\Sleen1764.sys [108256 2011-09-12] (Softwareentwicklung Remus - ArchiCrypt - )
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2014-07-28] (Synaptics Incorporated)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
S2 smihlp2; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
R1 STGMFEngine64; C:\Windows\system32\drivers\STGMFEngine64.sys [28576 2011-09-12] (Softwareentwicklung Remus - ArchiCrypt.com)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-30] (Lenovo Information Product(ShenZhen China) Inc.)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [90960 2012-06-09] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633296 2012-06-09] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [389968 2012-06-09] (Paragon)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-03-26] (Oracle Corporation)
S3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [268840 2011-08-12] (Ericsson AB)
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 BTCOM; system32\DRIVERS\btcomport.sys [X]
S3 BTCOMBUS; System32\Drivers\btcombus.sys [X]
S3 Btcsrusb; System32\Drivers\btcusb.sys [X]
S2 BTSERIAL; \??\C:\Windows\system32\drivers\btserial.sys [X]
S3 BTWAMPFL; system32\DRIVERS\btwampfl.sys [X]
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\DRIVERS\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
R3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-01 23:41 - 2014-11-01 23:41 - 00000000 ____D () C:\FRST
2014-11-01 12:49 - 2014-11-01 12:49 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\LSC
2014-11-01 12:38 - 2014-11-01 20:53 - 00000410 _____ () C:\Windows\setupact.log
2014-11-01 12:38 - 2014-11-01 12:38 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-01 12:37 - 2014-11-01 12:38 - 00497152 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-01 12:26 - 2014-11-01 12:26 - 00002144 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-11-01 12:26 - 2014-11-01 12:26 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-11-01 12:26 - 2014-11-01 12:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-11-01 11:16 - 2014-11-01 11:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gSyncit
2014-10-31 11:07 - 2014-10-31 11:07 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\WDC
2014-10-31 10:37 - 2014-10-31 10:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
2014-10-31 09:55 - 2014-10-31 09:55 - 00098216 ____N (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-31 09:55 - 2014-10-31 09:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-31 09:55 - 2014-10-31 09:55 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-31 09:50 - 2014-10-31 09:51 - 00000000 ____D () C:\Program Files (x86)\Digital Line Detect
2014-10-31 09:50 - 2014-10-31 09:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetWaiting
2014-10-31 09:49 - 2014-10-31 09:50 - 00000000 ____D () C:\Program Files (x86)\NetWaiting
2014-10-29 22:50 - 2012-09-22 02:12 - 00035344 ____N (CACE Technologies, Inc.) C:\Windows\SysWOW64\Drivers\npf.sys
2014-10-29 22:50 - 2012-09-22 02:12 - 00035344 ____N (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys
2014-10-29 22:49 - 2014-10-29 23:14 - 00000000 ____D () C:\ProgramData\DataCardService
2014-10-29 22:49 - 2014-10-29 22:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
2014-10-29 22:49 - 2014-10-29 22:49 - 00000000 ____D () C:\ProgramData\Mobile Partner
2014-10-29 22:49 - 2014-10-29 22:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Partner
2014-10-29 22:49 - 2012-11-19 08:50 - 00452608 ____N (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys
2014-10-29 22:49 - 2012-10-31 15:54 - 00240128 ____N (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys
2014-10-29 22:49 - 2012-10-30 05:42 - 00014336 ____N (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys
2014-10-29 22:49 - 2012-10-29 12:44 - 00076800 ____N (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys
2014-10-29 22:49 - 2012-08-20 01:55 - 00104960 ____N (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys
2014-10-29 22:49 - 2012-08-20 01:55 - 00090112 ____N (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys
2014-10-29 22:49 - 2012-08-20 01:55 - 00030720 ____N (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys
2014-10-29 22:49 - 2011-12-31 02:20 - 00225920 ____N (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys
2014-10-29 22:49 - 2010-10-08 09:59 - 00032768 ____N (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys
2014-10-29 22:49 - 2010-09-26 11:09 - 00022016 ____N (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys
2014-10-29 22:49 - 2010-08-06 00:43 - 01001472 ____N (DiBcom SA) C:\Windows\system32\Drivers\mod7700.sys
2014-10-29 22:49 - 2010-07-27 02:52 - 00117248 ____N (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys
2014-10-29 22:23 - 2014-10-29 22:31 - 00011832 ____N () C:\hwupgradewizard.log
2014-10-28 20:03 - 2014-10-28 20:28 - 00000000 ____D () C:\Program Files (x86)\Fortinet
2014-10-28 19:59 - 2014-10-28 19:59 - 00000000 ____D () C:\ProgramData\Applications
2014-10-28 17:00 - 2014-10-28 17:00 - 00000000 ____D () C:\Program Files\ruKernelTool v0.6.3.12
2014-10-21 20:50 - 2014-09-05 14:22 - 00077088 ____N (Lenovo.) C:\Windows\system32\ibmpmsvc.exe
2014-10-21 20:50 - 2014-09-05 14:22 - 00072480 ____N (Lenovo.) C:\Windows\system32\ibmpmctl.exe
2014-10-21 20:50 - 2014-09-05 14:22 - 00059128 ____N (Lenovo.) C:\Windows\system32\Drivers\ibmpmdrv.sys
2014-10-21 20:50 - 2014-09-05 14:22 - 00040224 ____N (Lenovo.) C:\Windows\system32\tpinspm.dll
2014-10-21 19:06 - 2014-10-21 19:06 - 00000204 ____N () C:\Windows\SysWOW64\mon.txt
2014-10-21 12:03 - 2014-10-21 12:03 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\AVM
2014-10-21 12:00 - 2014-10-21 12:03 - 00000000 ____D () C:\Program Files (x86)\FRITZ!Fernzugang einrichten
2014-10-20 22:52 - 2014-10-20 22:52 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2014-10-16 21:08 - 2014-06-18 23:23 - 01943696 ____N (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 21:08 - 2014-06-18 23:23 - 01131664 ____N (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 21:08 - 2014-06-18 23:23 - 00156824 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 21:08 - 2014-06-18 23:23 - 00156312 ____N (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 21:08 - 2014-06-18 23:23 - 00081560 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 21:08 - 2014-06-18 23:23 - 00073880 ____N (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 16:41 - 2014-10-15 16:41 - 00078848 ____N () C:\Users\HagelEHS\Downloads\Personen (1).xls
2014-10-15 16:40 - 2014-10-15 16:40 - 00032768 ____N () C:\Users\HagelEHS\Downloads\Firmen.xls
2014-10-15 11:01 - 2014-09-18 03:00 - 03241472 ____N (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 11:01 - 2014-09-18 02:32 - 02363904 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 11:01 - 2014-08-29 03:07 - 03179520 ____N (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 11:00 - 2014-10-20 17:33 - 00681984 ____N (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 11:00 - 2014-08-19 04:11 - 00693176 ____N (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 11:00 - 2014-08-19 04:10 - 00616352 ____N (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 11:00 - 2014-08-19 04:08 - 00503808 ____N (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 11:00 - 2014-08-19 04:08 - 00063488 ____N (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 11:00 - 2014-08-19 04:08 - 00050176 ____N (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 11:00 - 2014-08-19 04:07 - 00296960 ____N (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 11:00 - 2014-08-19 04:07 - 00146944 ____N (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 11:00 - 2014-08-19 04:07 - 00058880 ____N (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 11:00 - 2014-08-19 04:07 - 00032256 ____N (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 11:00 - 2014-08-19 04:07 - 00017920 ____N (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 11:00 - 2014-08-19 03:41 - 00050688 ____N (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 11:00 - 2014-08-19 03:41 - 00043008 ____N (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 11:00 - 2014-08-19 03:06 - 00061440 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 11:00 - 2014-07-17 03:07 - 00455168 ____N (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 11:00 - 2014-07-17 03:07 - 00235520 ____N (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 11:00 - 2014-07-17 03:07 - 00150528 ____N (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 11:00 - 2014-07-17 03:07 - 00086528 ____N (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 11:00 - 2014-07-17 03:07 - 00022016 ____N (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 11:00 - 2014-07-17 02:40 - 00157696 ____N (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 11:00 - 2014-07-17 02:39 - 00065536 ____N (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 11:00 - 2014-07-17 02:39 - 00017408 ____N (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 11:00 - 2014-07-17 02:21 - 00212480 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 11:00 - 2014-07-17 02:21 - 00039936 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 11:00 - 2014-07-07 03:07 - 14632960 ____N (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 11:00 - 2014-07-07 03:07 - 00782848 ____N (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 11:00 - 2014-07-07 03:07 - 00229376 ____N (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 05551032 ____N (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 11:00 - 2014-07-07 03:06 - 04120576 ____N (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 01574400 ____N (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 01480192 ____N (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 01202176 ____N (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 01069056 ____N (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00842240 ____N (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00679424 ____N (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00641024 ____N (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00631808 ____N (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00500224 ____N (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00497664 ____N (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00440832 ____N (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00432128 ____N (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00325632 ____N (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00296448 ____N (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00284672 ____N (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00206848 ____N (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00188416 ____N (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00187904 ____N (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00082432 ____N (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00055808 ____N (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 11:00 - 2014-07-07 03:06 - 00024576 ____N (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 11:00 - 2014-07-07 03:06 - 00009728 ____N (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00005120 ____N (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 11:00 - 2014-07-07 03:06 - 00005120 ____N (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 11:00 - 2014-07-07 03:05 - 12625920 ____N (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 11:00 - 2014-07-07 03:05 - 00126464 ____N (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 11:00 - 2014-07-07 03:02 - 00002048 ____N (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 11:00 - 2014-07-07 02:52 - 00663552 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 11:00 - 2014-07-07 02:40 - 11411456 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 03208704 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 01329664 ____N (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 01174528 ____N (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 01005056 ____N (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00988160 ____N (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00744960 ____N (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00617984 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00504320 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00489984 ____N (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00442880 ____N (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00406016 ____N (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00374784 ____N (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00354816 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00265216 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00195584 ____N (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00179200 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00143872 ____N (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00103424 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00081408 ____N (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00008192 ____N (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00004096 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 11:00 - 2014-07-07 02:40 - 00004096 ____N (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 11:00 - 2014-07-07 02:39 - 12625408 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 11:00 - 2014-07-07 02:39 - 03970488 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 11:00 - 2014-07-07 02:39 - 03914680 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 11:00 - 2014-07-07 02:39 - 00050176 ____N (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 11:00 - 2014-07-07 02:39 - 00023040 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 11:00 - 2014-07-07 02:37 - 00002048 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 11:00 - 2014-06-28 01:21 - 00619056 ____N (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 11:00 - 2014-06-28 01:21 - 00532176 ____N (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 11:00 - 2014-06-28 01:21 - 00457400 ____N (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 10:59 - 2014-10-07 03:54 - 00378552 ____N (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 10:59 - 2014-10-07 03:04 - 00331448 ____N (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 10:59 - 2014-09-29 01:58 - 03198976 ____N (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 10:59 - 2014-09-25 23:50 - 13619200 ____N (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 10:59 - 2014-09-25 23:46 - 00365056 ____N (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 10:59 - 2014-09-25 23:46 - 00243200 ____N (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 10:59 - 2014-09-25 23:46 - 00069632 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 10:59 - 2014-09-25 23:43 - 11807232 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 10:59 - 2014-09-25 23:32 - 02017280 ____N (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 10:59 - 2014-09-25 23:31 - 02108416 ____N (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 10:59 - 2014-09-19 03:25 - 23631360 ____N (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 10:59 - 2014-09-19 02:56 - 02724864 ____N (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 10:59 - 2014-09-19 02:55 - 00004096 ____N (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 10:59 - 2014-09-19 02:44 - 17484800 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 10:59 - 2014-09-19 02:41 - 02796032 ____N (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 10:59 - 2014-09-19 02:40 - 00547328 ____N (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 10:59 - 2014-09-19 02:40 - 00066048 ____N (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 10:59 - 2014-09-19 02:39 - 00048640 ____N (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 10:59 - 2014-09-19 02:38 - 00083968 ____N (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 10:59 - 2014-09-19 02:36 - 05829632 ____N (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 10:59 - 2014-09-19 02:31 - 00051200 ____N (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 10:59 - 2014-09-19 02:30 - 00033792 ____N (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 10:59 - 2014-09-19 02:27 - 00595968 ____N (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 10:59 - 2014-09-19 02:26 - 00139264 ____N (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 10:59 - 2014-09-19 02:25 - 04201472 ____N (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 10:59 - 2014-09-19 02:25 - 00758272 ____N (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 10:59 - 2014-09-19 02:25 - 00111616 ____N (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 10:59 - 2014-09-19 02:18 - 00940032 ____N (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 10:59 - 2014-09-19 02:14 - 02724864 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 10:59 - 2014-09-19 02:14 - 00446464 ____N (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 10:59 - 2014-09-19 02:06 - 00072704 ____N (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 10:59 - 2014-09-19 02:02 - 00454656 ____N (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 10:59 - 2014-09-19 02:01 - 00195584 ____N (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 10:59 - 2014-09-19 02:01 - 00061952 ____N (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 10:59 - 2014-09-19 02:01 - 00051200 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 10:59 - 2014-09-19 02:00 - 00085504 ____N (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 10:59 - 2014-09-19 01:59 - 00061952 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 10:59 - 2014-09-19 01:58 - 00289280 ____N (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 10:59 - 2014-09-19 01:55 - 02187264 ____N (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 10:59 - 2014-09-19 01:54 - 00043008 ____N (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 10:59 - 2014-09-19 01:53 - 00032768 ____N (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 10:59 - 2014-09-19 01:51 - 00440320 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 10:59 - 2014-09-19 01:50 - 00112128 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 10:59 - 2014-09-19 01:49 - 00597504 ____N (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 10:59 - 2014-09-19 01:42 - 00731136 ____N (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 10:59 - 2014-09-19 01:42 - 00710656 ____N (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 10:59 - 2014-09-19 01:40 - 01249280 ____N (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 10:59 - 2014-09-19 01:36 - 00060416 ____N (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 10:59 - 2014-09-19 01:33 - 02309632 ____N (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 10:59 - 2014-09-19 01:32 - 00164864 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 10:59 - 2014-09-19 01:20 - 00607744 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 10:59 - 2014-09-19 01:18 - 01068032 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 10:59 - 2014-09-19 01:14 - 01447936 ____N (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 10:59 - 2014-09-19 00:59 - 01810944 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 10:59 - 2014-09-19 00:59 - 00775168 ____N (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 10:59 - 2014-09-19 00:53 - 01190400 ____N (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 10:59 - 2014-09-19 00:52 - 00678400 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 10:54 - 2014-09-13 02:58 - 00077312 ____N (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 10:54 - 2014-09-13 02:40 - 00067072 ____N (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 10:54 - 2014-09-05 03:11 - 06584320 ____N (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 10:54 - 2014-09-05 02:52 - 05703168 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 10:54 - 2014-09-04 06:23 - 00424448 ____N (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 10:54 - 2014-09-04 06:04 - 00372736 ____N (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 10:34 - 2014-10-20 09:32 - 00000000 ____D () C:\Windows\system32\gl-ES
2014-10-15 10:34 - 2014-10-20 09:32 - 00000000 ____D () C:\Windows\system32\fr-CA
2014-10-15 10:34 - 2014-10-20 09:32 - 00000000 ____D () C:\Windows\system32\eu-ES
2014-10-15 10:34 - 2014-10-20 09:32 - 00000000 ____D () C:\Windows\system32\es-cl
2014-10-15 10:34 - 2014-10-20 09:32 - 00000000 ____D () C:\Windows\system32\ca-ES
2014-10-15 10:34 - 2014-10-20 09:27 - 00000000 ____D () C:\Program Files (x86)\CSR
2014-10-15 10:33 - 2014-10-20 09:26 - 00000000 ____D () C:\Program Files\CSR
2014-10-14 14:32 - 2014-10-14 14:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_csrusb_01009.Wdf
2014-10-14 14:32 - 2014-10-14 14:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_csrserial_01009.Wdf
2014-10-14 14:32 - 2014-10-14 14:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_csrpan_01009.Wdf
2014-10-14 14:32 - 2014-10-14 14:32 - 00000000 ____D () C:\BluetoothExchangeFolder
2014-10-14 11:17 - 2014-10-11 12:29 - 00917112 ____N (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2014-10-14 11:17 - 2014-10-11 12:27 - 00129168 ____N (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2014-10-14 10:54 - 2014-11-01 12:45 - 00022091 _____ () C:\Windows\WindowsUpdate.log
2014-10-14 10:26 - 2011-08-12 13:55 - 00268840 ____N (Ericsson AB) C:\Windows\system32\Drivers\WwanUsbMp64.sys
2014-10-13 16:22 - 2009-07-14 13:21 - 01721576 ____N (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2014-10-13 14:56 - 2014-10-20 09:26 - 00000000 ____D () C:\Program Files\WIDCOMM
2014-10-13 13:45 - 2013-05-22 15:17 - 00015472 ____N (Lenovo Group Limited) C:\Windows\system32\Drivers\smiifx64.sys
2014-10-13 11:48 - 2014-10-13 13:39 - 00000032 ____N () C:\Windows\0
2014-10-13 11:48 - 2014-10-13 11:48 - 00000000 ____N () C:\Windows\system32\0
2014-10-11 12:27 - 2014-10-11 12:27 - 00157448 ____N (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2014-10-11 12:26 - 2014-10-11 12:26 - 00205352 ____N (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2014-10-10 20:48 - 2014-10-20 09:27 - 00000000 ____D () C:\Program Files (x86)\SDA
2014-10-07 11:05 - 2014-10-20 09:26 - 00000000 ____D () C:\Program Files\Microsoft Research
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-01 23:28 - 2014-04-16 16:01 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-01 22:56 - 2014-09-10 11:30 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-01 22:08 - 2014-06-13 10:33 - 02809080 _____ () C:\Windows\system32\debug.log
2014-11-01 20:50 - 2014-08-12 15:24 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\gSyncit
2014-11-01 20:43 - 2014-04-16 16:01 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-01 13:27 - 2011-07-06 03:13 - 00703174 _____ () C:\Windows\system32\perfh007.dat
2014-11-01 13:27 - 2011-07-06 03:13 - 00150782 _____ () C:\Windows\system32\perfc007.dat
2014-11-01 13:27 - 2009-07-14 06:13 - 01629268 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-01 12:52 - 2014-04-15 15:17 - 00003494 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2014-11-01 12:52 - 2014-04-15 15:17 - 00003448 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
2014-11-01 12:52 - 2014-04-15 15:17 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2014-11-01 12:46 - 2009-07-14 05:45 - 00031296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-01 12:46 - 2009-07-14 05:45 - 00031296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-01 12:38 - 2014-04-25 13:31 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\Dropbox
2014-11-01 12:38 - 2011-07-05 17:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-01 12:38 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-01 12:29 - 2014-04-16 09:02 - 00000000 ____D () C:\Windows\System32\Tasks\Lenovo
2014-11-01 12:29 - 2011-07-05 17:47 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-11-01 12:29 - 2011-07-05 17:28 - 00000000 ____D () C:\Program Files\Lenovo
2014-11-01 12:26 - 2014-04-23 21:05 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-11-01 11:47 - 2014-04-25 21:25 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\TeamViewer
2014-11-01 11:43 - 2014-04-17 09:38 - 00000000 ____D () C:\Users\Hagel\.VirtualBox
2014-11-01 11:06 - 2014-04-16 14:38 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-10-31 13:29 - 2014-04-20 19:57 - 00000000 ____D () C:\Users\HagelEHS\Documents\Outlook-Dateien
2014-10-31 12:25 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-31 11:21 - 2011-07-05 17:42 - 00000000 ____D () C:\swshare
2014-10-31 10:46 - 2014-08-12 15:25 - 00000000 ____D () C:\Users\HagelEHS\AppData\Roaming\gSyncit
2014-10-31 10:37 - 2014-04-25 12:48 - 00000000 ____D () C:\Program Files (x86)\MyPhoneExplorer
2014-10-31 09:55 - 2014-04-24 13:30 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-31 09:49 - 2014-04-16 09:02 - 00000000 ____D () C:\Windows\System32\Tasks\TVT
2014-10-31 09:45 - 2011-07-05 17:50 - 00000000 ____D () C:\ProgramData\PCDr
2014-10-30 12:25 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-29 22:49 - 2014-05-22 15:56 - 00000000 ____D () C:\Program Files (x86)\Mobile Partner
2014-10-29 11:55 - 2014-05-13 17:07 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\vlc
2014-10-29 09:28 - 2014-09-10 11:30 - 00003822 ____N () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-29 09:28 - 2014-09-07 22:43 - 00701104 ____N (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-29 09:28 - 2014-09-07 22:43 - 00071344 ____N (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-27 20:17 - 2014-08-12 12:49 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\dvdcss
2014-10-23 14:23 - 2014-04-16 16:01 - 00004106 ____N () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-23 14:23 - 2014-04-16 16:01 - 00003854 ____N () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-22 09:00 - 2014-04-16 08:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-22 08:59 - 2014-04-16 09:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-10-22 08:59 - 2010-11-21 08:16 - 00000000 ____D () C:\Windows\ShellNew
2014-10-22 08:54 - 2009-07-14 03:34 - 00000513 ____N () C:\Windows\win.ini
2014-10-21 20:58 - 2014-05-14 09:33 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_Tools
2014-10-21 20:53 - 2014-10-01 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-10-21 20:52 - 2011-07-05 17:41 - 00003020 ____N () C:\Windows\System32\Tasks\PMTask
2014-10-21 20:52 - 2009-07-14 04:20 - 00000000 __RSD () C:\Windows\Media
2014-10-21 20:51 - 2011-07-05 17:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-20 11:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-10-20 10:18 - 2014-04-16 15:47 - 00000000 ____D () C:\Users\Hagel\Documents\Outlook-Dateien
2014-10-20 10:08 - 2011-07-05 17:41 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\TAPI
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-CS
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sppui
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Recovery
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\ras
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\manifeststore
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\lt-LT
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\InstallShield
2014-10-20 10:07 - 2014-04-16 08:59 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-10-20 10:07 - 2011-07-06 03:12 - 00000000 ____D () C:\Windows\SysWOW64\de
2014-10-20 10:07 - 2011-07-05 17:41 - 00000000 ____D () C:\Windows\system32\NV
2014-10-20 10:07 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2014-10-20 10:07 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\WinBioDatabase
2014-10-20 10:07 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\restore
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\icsxml
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\hr-HR
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\et-EE
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\AdvancedInstallers
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\uk-UA
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\th-TH
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sppui
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Setup
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Recovery
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\ras
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-10-20 10:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-10-20 10:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\migwiz
2014-10-20 10:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\manifeststore
2014-10-20 10:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-10-20 10:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-10-20 10:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\icsxml
2014-10-20 10:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\ias
2014-10-20 10:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-10-20 10:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\he-IL
2014-10-20 10:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\et-EE
2014-10-20 10:04 - 2014-04-23 16:49 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-20 10:04 - 2011-07-06 03:12 - 00000000 ____D () C:\Windows\system32\de
2014-10-20 10:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-20 10:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\com
2014-10-20 10:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-10-20 10:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-10-20 10:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2014-10-20 10:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\servicing
2014-10-20 10:03 - 2011-02-15 10:42 - 00000000 ____D () C:\Windows\Panther
2014-10-20 10:03 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2014-10-20 10:03 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Registration
2014-10-20 10:03 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-10-20 10:02 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-10-20 09:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\IME
2014-10-20 09:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2014-10-20 09:57 - 2014-06-02 08:59 - 00000000 ____D () C:\Users\HagelEHS\AppData\Roaming\vlc
2014-10-20 09:57 - 2014-04-25 12:55 - 00000000 ____D () C:\Users\Hagel\.android
2014-10-20 09:57 - 2014-04-24 13:31 - 00000000 ____D () C:\Users\Hagel\SystemRequirementsLab
2014-10-20 09:57 - 2014-04-19 21:52 - 00000000 ___RD () C:\Users\HagelEHS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-20 09:57 - 2014-04-19 21:52 - 00000000 ___RD () C:\Users\HagelEHS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-20 09:57 - 2014-04-19 21:52 - 00000000 ____D () C:\Users\HagelEHS
2014-10-20 09:57 - 2014-04-16 11:59 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\Steganos
2014-10-20 09:57 - 2014-04-16 08:59 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\WMCore
2014-10-20 09:57 - 2014-04-15 15:16 - 00000000 ___RD () C:\Users\Hagel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-20 09:57 - 2014-04-15 15:16 - 00000000 ___RD () C:\Users\Hagel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-20 09:57 - 2014-04-15 15:16 - 00000000 ____D () C:\Users\Hagel
2014-10-20 09:57 - 2011-07-05 17:57 - 00000000 ____D () C:\Windows\delnis
2014-10-20 09:57 - 2011-07-05 17:45 - 00000000 ____D () C:\ProgramData\Ulead Systems
2014-10-20 09:57 - 2011-07-05 17:39 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-20 09:57 - 2011-07-05 17:39 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-20 09:57 - 2011-07-05 17:31 - 00000000 ____D () C:\root
2014-10-20 09:57 - 2010-11-21 08:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-10-20 09:57 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\addins
2014-10-20 09:57 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-10-20 09:57 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-10-20 09:57 - 2009-07-14 04:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-20 09:57 - 2009-07-14 04:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-20 09:57 - 2009-07-14 04:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-20 09:57 - 2009-07-14 04:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-20 09:57 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-20 09:57 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-20 09:57 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Cursors
2014-10-20 09:56 - 2014-06-03 16:02 - 00000000 ____D () C:\Program Files (x86)\SimpleADBBackup
2014-10-20 09:56 - 2014-05-26 21:02 - 00000000 ____D () C:\Program Files (x86)\XMediaRecode3188
2014-10-20 09:56 - 2014-04-24 12:53 - 00000000 ____D () C:\Program Files (x86)\SSD Fresh
2014-10-20 09:56 - 2014-04-16 11:59 - 00000000 ____D () C:\Program Files (x86)\Steganos Privacy Suite 12
2014-10-20 09:56 - 2014-04-16 06:46 - 00000000 ____D () C:\ProgramData\backup
2014-10-20 09:56 - 2014-04-15 23:06 - 00000000 ____D () C:\ProgramData\launcher
2014-10-20 09:56 - 2014-04-15 23:02 - 00000000 ____D () C:\ProgramData\explauncher
2014-10-20 09:56 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-10-20 09:56 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-10-20 09:56 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-10-20 09:56 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-10-20 09:55 - 2011-07-05 17:44 - 00000000 ____D () C:\Program Files (x86)\Lenovo Registration
2014-10-20 09:55 - 2011-07-05 17:31 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2014-10-20 09:54 - 2011-07-05 17:32 - 00000000 ____D () C:\Program Files (x86)\Integrated Camera Driver
2014-10-20 09:53 - 2014-05-08 20:03 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-10-20 09:53 - 2014-04-24 12:44 - 00000000 ____D () C:\Program Files\Soluto
2014-10-20 09:53 - 2011-07-05 17:47 - 00000000 ____D () C:\Program Files\ThinkVantage Fingerprint Software
2014-10-20 09:53 - 2010-11-21 08:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-10-20 09:53 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-10-20 09:53 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-10-20 09:53 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-10-20 09:53 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-10-20 09:52 - 2011-07-05 17:50 - 00000000 ____D () C:\Program Files\PC-Doctor
2014-10-20 09:52 - 2011-07-05 17:38 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-10-20 09:52 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-10-20 09:51 - 2014-05-09 16:55 - 00000000 ____D () C:\Program Files\7-Zip
2014-10-20 09:51 - 2014-04-17 09:19 - 00000000 ____D () C:\Program Files\DeskSave 8.2.1
2014-10-20 09:51 - 2014-04-16 09:24 - 00000000 ____D () C:\Program Files\Common Files\SPBA
2014-10-20 09:51 - 2011-07-06 03:00 - 00000000 ____D () C:\mfg
2014-10-20 09:51 - 2011-07-05 17:33 - 00000000 ____D () C:\Program Files\CONEXANT
2014-10-20 09:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-10-20 09:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Services
2014-10-20 09:48 - 2014-09-10 21:40 - 00000000 ____D () C:\Users\Hagel\Documents\My Data Files
2014-10-20 09:48 - 2014-08-05 15:07 - 00000000 ____D () C:\Users\HagelEHS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GO Contact Sync Mod
2014-10-20 09:48 - 2014-06-02 11:47 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\PolarisOfficeLink
2014-10-20 09:47 - 2014-06-02 15:52 - 00000000 __HDC () C:\ProgramData\~0
2014-10-20 09:47 - 2014-04-24 13:53 - 00000000 ____D () C:\Program Files\FreeFileSync
2014-10-20 09:47 - 2014-04-16 10:52 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-10-20 09:47 - 2014-04-16 10:52 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-10-20 09:46 - 2014-04-27 13:54 - 00000000 ____D () C:\Users\HagelEHS\AppData\Roaming\TeamViewer
2014-10-20 09:44 - 2014-09-24 08:17 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-20 09:44 - 2014-09-24 08:17 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\Skype
2014-10-20 09:44 - 2014-09-23 16:22 - 00000000 ___RD () C:\Users\Hagel\OneDrive
2014-10-20 09:44 - 2014-09-23 16:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive
2014-10-20 09:41 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-10-20 09:39 - 2014-10-01 13:52 - 00000000 ____D () C:\Program Files\Image Resizer for Windows
2014-10-20 09:39 - 2014-10-01 13:17 - 00000000 ____D () C:\Program Files (x86)\Image Resizer for Windows
2014-10-20 09:39 - 2014-09-30 20:18 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\Samsung
2014-10-20 09:38 - 2014-09-30 20:19 - 00000000 ____D () C:\Users\Hagel\Documents\SelfMV
2014-10-20 09:38 - 2014-09-21 22:40 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\XMedia Recode
2014-10-20 09:38 - 2014-09-21 21:44 - 00000000 ____D () C:\Program Files (x86)\XMedia Recode
2014-10-20 09:35 - 2014-08-08 08:39 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\Spotify
2014-10-20 09:33 - 2011-07-06 03:12 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-10-20 09:33 - 2011-07-05 17:44 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-10-20 09:33 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2014-10-20 09:33 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2014-10-20 09:33 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2014-10-20 09:33 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2014-10-20 09:33 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2014-10-20 09:33 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\system32\winrm
2014-10-20 09:33 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\system32\WCN
2014-10-20 09:33 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\system32\slmgr
2014-10-20 09:33 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2014-10-20 09:33 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\SysWOW64\WindowsPowerShell
2014-10-20 09:33 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\WindowsPowerShell
2014-10-20 09:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Web
2014-10-20 09:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Vss
2014-10-20 09:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\spp
2014-10-20 09:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Speech
2014-10-20 09:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\NetworkList
2014-10-20 09:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-10-20 09:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Msdtc
2014-10-20 09:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\IME
2014-10-20 09:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\winevt
2014-10-20 09:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\spp
2014-10-20 09:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\spool
2014-10-20 09:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Speech
2014-10-20 09:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\SMI
2014-10-20 09:32 - 2014-04-28 12:24 - 00000000 ____D () C:\Windows\system32\Macromed
2014-10-20 09:32 - 2014-04-15 15:26 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-10-20 09:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NetworkList
2014-10-20 09:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\MUI
2014-10-20 09:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\IME
2014-10-20 09:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Speech
2014-10-20 09:31 - 2014-04-16 09:00 - 00000000 ____D () C:\Windows\PCHEALTH
2014-10-20 09:31 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\Performance
2014-10-20 09:31 - 2009-07-14 05:45 - 00000000 ____D () C:\Windows\Setup
2014-10-20 09:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\security
2014-10-20 09:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\schemas
2014-10-20 09:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Resources
2014-10-20 09:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PLA
2014-10-20 09:30 - 2014-09-03 10:42 - 00000000 ____D () C:\Windows\ERUNT
2014-10-20 09:30 - 2014-04-15 15:14 - 00000000 ____D () C:\Windows\CSC
2014-10-20 09:30 - 2009-07-14 06:37 - 00000000 ____D () C:\Windows\DigitalLocker
2014-10-20 09:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Globalization
2014-10-20 09:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Branding
2014-10-20 09:29 - 2014-10-01 13:43 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\InstallShield
2014-10-20 09:29 - 2014-09-30 20:19 - 00000000 ____D () C:\Users\Hagel\Documents\samsung
2014-10-20 09:29 - 2014-09-14 14:41 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\Python
2014-10-20 09:29 - 2014-08-06 09:59 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\Soluto
2014-10-20 09:29 - 2014-06-19 13:38 - 00000000 ____D () C:\Users\Public\Documents\HP
2014-10-20 09:29 - 2014-05-09 09:00 - 00000000 ____D () C:\Users\HagelEHS\AppData\Roaming\Lenovo
2014-10-20 09:29 - 2014-05-09 08:44 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\Lenovo
2014-10-20 09:29 - 2014-05-08 18:55 - 00000000 ____D () C:\Users\Hagel\Documents\Ulead Burn.Now
2014-10-20 09:29 - 2014-05-08 18:55 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\Ulead Systems
2014-10-20 09:29 - 2014-04-24 13:54 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\FreeFileSync
2014-10-20 09:29 - 2014-04-24 12:20 - 00000000 ____D () C:\Users\HagelEHS\AppData\Roaming\GoContactSyncMOD
2014-10-20 09:29 - 2014-04-24 11:59 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\GoContactSyncMOD
2014-10-20 09:29 - 2014-04-23 09:06 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\NVIDIA
2014-10-20 09:29 - 2014-04-20 21:18 - 00000000 ____D () C:\Users\HagelEHS\AppData\Roaming\Tracker Software
2014-10-20 09:29 - 2014-04-19 22:27 - 00000000 ____D () C:\Users\HagelEHS\AppData\Roaming\PwrMgr
2014-10-20 09:29 - 2014-04-19 21:59 - 00000000 ____D () C:\Users\HagelEHS\AppData\Roaming\LSC
2014-10-20 09:29 - 2014-04-19 21:52 - 00000000 ____D () C:\Users\HagelEHS\AppData\Roaming\Macromedia
2014-10-20 09:29 - 2014-04-19 21:52 - 00000000 ____D () C:\Users\HagelEHS\AppData\Roaming\Leadertech
2014-10-20 09:29 - 2014-04-19 21:52 - 00000000 ____D () C:\Users\HagelEHS\AppData\Roaming\Intel
2014-10-20 09:29 - 2014-04-19 21:52 - 00000000 ____D () C:\Users\HagelEHS\AppData\Roaming\Adobe
2014-10-20 09:29 - 2014-04-16 16:39 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\Tracker Software
2014-10-20 09:29 - 2014-04-16 11:00 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\PCDr
2014-10-20 09:29 - 2014-04-15 15:34 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\Macromedia
2014-10-20 09:29 - 2014-04-15 15:34 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\Adobe
2014-10-20 09:29 - 2014-04-15 15:25 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\PwrMgr
2014-10-20 09:29 - 2014-04-15 15:19 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\Leadertech
2014-10-20 09:29 - 2014-04-15 15:16 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\Intel
2014-10-20 09:29 - 2011-07-05 17:56 - 00000000 ____D () C:\Users\Public\Lenovo
2014-10-20 09:29 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-10-20 09:28 - 2014-09-30 20:12 - 00000000 ____D () C:\ProgramData\Qualcomm
2014-10-20 09:28 - 2014-09-24 08:17 - 00000000 ____D () C:\ProgramData\Skype
2014-10-20 09:28 - 2014-09-23 16:22 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-10-20 09:28 - 2014-09-11 11:40 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-10-20 09:28 - 2014-09-11 11:40 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-10-20 09:28 - 2014-04-27 13:51 - 00000000 ____D () C:\ProgramData\Western Digital
2014-10-20 09:28 - 2014-04-26 17:40 - 00000000 ____D () C:\ProgramData\Samsung
2014-10-20 09:28 - 2014-04-24 13:30 - 00000000 ____D () C:\ProgramData\Sun
2014-10-20 09:28 - 2014-04-24 12:43 - 00000000 ____D () C:\ProgramData\Soluto
2014-10-20 09:28 - 2014-04-16 08:46 - 00000000 ____D () C:\Users\Hagel\AppData\Local\Apps\2.0
2014-10-20 09:28 - 2014-04-15 23:04 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-20 09:28 - 2011-07-05 17:50 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows
2014-10-20 09:28 - 2011-07-05 17:38 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-10-20 09:27 - 2014-10-01 14:28 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-10-20 09:27 - 2014-09-03 08:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-20 09:27 - 2014-08-14 15:03 - 00000000 ____D () C:\ProgramData\McAfee
2014-10-20 09:27 - 2014-08-12 15:22 - 00000000 ____D () C:\Program Files (x86)\Fieldston Software
2014-10-20 09:27 - 2014-06-19 14:54 - 00000000 ____D () C:\ProgramData\Conexant
2014-10-20 09:27 - 2014-06-05 15:49 - 00000000 ____D () C:\ProgramData\AVM
2014-10-20 09:27 - 2014-06-03 20:37 - 00000000 ____D () C:\Program Files (x86)\HP
2014-10-20 09:27 - 2014-06-03 20:36 - 00000000 ____D () C:\ProgramData\HP
2014-10-20 09:27 - 2014-06-02 15:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft WSE
2014-10-20 09:27 - 2014-05-28 12:55 - 00000000 ____D () C:\ProgramData\Apple
2014-10-20 09:27 - 2014-04-25 21:25 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-10-20 09:27 - 2014-04-24 11:59 - 00000000 ____D () C:\Program Files (x86)\WebGear
2014-10-20 09:27 - 2014-04-16 16:13 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-10-20 09:27 - 2014-04-16 16:01 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-20 09:27 - 2014-04-16 11:45 - 00000000 ____D () C:\ProgramData\MacheenService
2014-10-20 09:27 - 2014-04-16 08:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-10-20 09:27 - 2014-04-16 08:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-10-20 09:27 - 2014-04-15 23:03 - 00000000 ____D () C:\Program Files (x86)\Paragon Software
2014-10-20 09:27 - 2011-07-06 02:57 - 00000000 ____D () C:\ProgramData\Lenovo
2014-10-20 09:27 - 2011-07-05 17:46 - 00000000 ____D () C:\ProgramData\InterVideo
2014-10-20 09:27 - 2011-07-05 17:43 - 00000000 ____D () C:\ProgramData\Corel
2014-10-20 09:27 - 2011-07-05 17:43 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-20 09:27 - 2011-07-05 17:43 - 00000000 ____D () C:\Program Files (x86)\Corel
2014-10-20 09:27 - 2011-07-05 17:38 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-10-20 09:27 - 2011-07-05 17:33 - 00000000 ____D () C:\Program Files (x86)\ThinkPad
2014-10-20 09:27 - 2011-07-05 17:32 - 00000000 ____D () C:\Program Files (x86)\Ricoh
2014-10-20 09:27 - 2011-07-05 17:32 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-10-20 09:27 - 2011-07-05 17:30 - 00000000 ____D () C:\ProgramData\Intel
2014-10-20 09:27 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-10-20 09:27 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-10-20 09:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files (x86)\Windows NT
2014-10-20 09:26 - 2014-09-11 11:40 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-20 09:26 - 2014-06-05 15:49 - 00000000 ____D () C:\Program Files\FRITZ!Fernzugang
2014-10-20 09:26 - 2014-06-01 21:14 - 00000000 ____D () C:\Program Files (x86)\ClockworkMod
2014-10-20 09:26 - 2014-05-13 17:05 - 00000000 ____D () C:\Program Files\VideoLAN
2014-10-20 09:26 - 2014-04-26 17:41 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-10-20 09:26 - 2014-04-17 09:37 - 00000000 ____D () C:\Program Files\Oracle
2014-10-20 09:26 - 2014-04-16 16:28 - 00000000 ____D () C:\Program Files\Tracker Software
2014-10-20 09:26 - 2014-04-16 14:38 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-20 09:26 - 2014-04-16 11:58 - 00000000 ____D () C:\Program Files\Common Files\Lenovo
2014-10-20 09:26 - 2014-04-16 08:57 - 00000000 __RHD () C:\MSOCache
2014-10-20 09:26 - 2014-04-16 08:57 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-10-20 09:26 - 2014-04-16 06:56 - 00000000 ____D () C:\archive_db
2014-10-20 09:26 - 2014-04-15 16:48 - 00000000 ____D () C:\Program Files\AuthenTec
2014-10-20 09:26 - 2011-07-05 17:47 - 00000000 ____D () C:\Program Files\Protector Suite
2014-10-20 09:26 - 2011-07-05 17:32 - 00000000 ____D () C:\Program Files (x86)\Chicony Electronics Co.,Ltd
2014-10-20 09:26 - 2011-07-05 17:30 - 00000000 ____D () C:\Program Files\Intel
2014-10-20 09:26 - 2011-07-05 17:30 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-10-20 09:26 - 2011-07-05 17:30 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-10-20 09:26 - 2011-07-05 17:28 - 00000000 ____D () C:\Program Files\ThinkPad
2014-10-20 09:26 - 2011-07-05 17:26 - 00000000 ____D () C:\Program Files\Synaptics
2014-10-20 09:26 - 2011-07-05 17:26 - 00000000 ____D () C:\Program Files\DIFX
2014-10-20 09:26 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-10-20 09:26 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\MSBuild
2014-10-20 09:26 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Windows NT
2014-10-20 09:26 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\SpeechEngines
2014-10-20 09:26 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-10-15 11:09 - 2014-04-15 18:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 11:02 - 2014-04-15 18:39 - 103265616 ____N (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-14 10:37 - 2014-09-05 08:34 - 00002337 ____N () C:\Windows\system32\TeamViewer9_Hooks.log
2014-10-13 15:57 - 2014-07-07 12:29 - 00000224 ____N () C:\Windows\system32\snetcfg.log
2014-10-02 14:38 - 2014-04-15 15:17 - 00000528 ____N () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-10-02 08:45 - 2014-04-15 15:17 - 00004232 ____N () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-31 00:46
==================== End Of Log ============================
|
|
01.11.2014, 23:44
| #4 |
| | Notebook wird immer langsamer. Lange Bootzeit. Desktop erst spät verfügbar.Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-11-2014
Ran by Hagel at 2014-11-01 23:42:29
Running from E:\
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 16.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.249 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.73.00 - )
BufferChm (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.44.0 - Conexant)
Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)
Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) Hidden
Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.828 - Corel Inc.)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
CSR Harmony Wireless Software Stack (HKLM\...\{17DEA095-8EE1-49A2-AC5A-9663DB098FA9}) (Version: 2.1.63.0 - CSR Plc.)
DeviceDiscovery (x32 Version: 100.0.190.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Dienstprogramm "ThinkPad UltraNav" (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.66.3 - Lenovo Group Limited)
FreeFileSync 6.10 (HKLM-x32\...\FreeFileSync) (Version: 6.10 - Zenju)
FRITZ!Box-Fernzugang einrichten (HKLM-x32\...\{EFADD989-D9F2-49F6-A280-675951CC78D3}) (Version: 1.0.3 - AVM Berlin)
FRITZ!Fernzugang (HKLM\...\{DD57CC22-8864-4CCA-94D4-600D024C1207}) (Version: 1.3.1 - AVM Berlin)
GO Contact Sync Mod (HKLM-x32\...\{CD178FDD-086A-4C2E-935E-8CDB747B0F29}) (Version: 3.6.1 - WebGear, Create Software, Stru.be, saller.NET)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Cloud Print-Drucker (HKLM-x32\...\{74AA24E0-AC50-4B28-BA46-9CF05467C9B7}) (Version: 28.0.1489.0 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
gSyncit (HKLM-x32\...\{C0838B4B-A793-4927-AE22-1CA84EB6A16E}) (Version: 4.0.289 - Fieldston Software)
HP Color LaserJet CM1312 MFP Series 5.1 (HKLM\...\{8EEDB90E-6ABC-42bb-AD4C-39DEE05E3EEA}) (Version: 5.1 - HP)
HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
hppCLJCM1312 (x32 Version: 005.001.00142 - Hewlett-Packard) Hidden
hppFaxDrvCM1312 (x32 Version: 005.000.00001 - Hewlett-Packard) Hidden
hppFaxUtilityCM1312 (x32 Version: 005.001.00137 - Ihr Firmenname) Hidden
hppFonts (x32 Version: 001.001.00061 - Hewlett-Packard) Hidden
hppManualsCM1312 (x32 Version: 005.001.00145 - Ihr Firmenname) Hidden
hppQFolderCM1312 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
hppScanToCM1312 (x32 Version: 005.001.00140 - Ihr Firmenname) Hidden
hppSendFaxCM1312 (x32 Version: 005.000.00001 - Ihr Firmenname) Hidden
Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Identity Protection Technology 1.2.32.0 (HKLM-x32\...\{2D793E41-F598-1014-9984-F3B169A93F79}) (Version: 1.2.32.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.80.1211 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.7 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2538 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.00 - )
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.09.00 - )
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.2 - Lenovo Inc.)
Lenovo Screen Reading Optimizer (HKLM-x32\...\{91A29166-4E1B-4664-B70B-4C4A3B6B3372}) (Version: 1.16 - Lenovo)
Lenovo Solution Center (HKLM\...\{4C2B6F96-3AED-4E3F-8DCE-917863D1E6B1}) (Version: 2.7.003.00 - Lenovo Group Limited)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0016 - Lenovo)
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5802.24 - PC-Doctor, Inc.)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Ihr Firmenname)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 2.02.003.0 - Lenovo)
Message Center Plus (HKLM-x32\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Image Composite Editor (HKLM\...\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}) (Version: 1.4.4 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mobile Broadband Drivers (HKLM-x32\...\{EA9640BE-414E-4195-B53B-7905BF1A5A09}) (Version: 6.5.1.5 - Ericsson AB)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 23.009.05.03.1014 - Huawei Technologies Co.,Ltd)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
NVIDIA 3D Vision Treiber 312.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 312.69 - NVIDIA Corporation)
NVIDIA Grafiktreiber 312.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 312.69 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA nView 140.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.75 - NVIDIA Corporation)
Oracle VM VirtualBox 4.3.18 (HKLM\...\{74B7E6F9-DCAC-4ADB-B2D0-EEFDD1B5AC25}) (Version: 4.3.18 - Oracle Corporation)
Paragon Festplatten Manager™ 2012 Kompakt (HKLM-x32\...\{29258311-EA49-11DE-967C-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDF-XChange 2012 Pro (HKLM\...\{F92F0AAB-2EF6-412C-8BF4-0B11EB535280}_is1) (Version: 5.5.308.2 - Tracker Software Products Ltd)
PDF-XChange Editor (HKLM-x32\...\{87738bc6-bdf0-4e55-86b5-32ddece8f51d}) (Version: 5.5.308.2 - Tracker Software Products (Canada) Ltd.)
PDF-XChange Editor (Version: 5.5.308.2 - Tracker Software Products (Canada) Ltd.) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
RapidBoot (HKLM-x32\...\InstallShield_{C83D5AA1-6A1F-4102-8F7F-C0230DD31FC0}) (Version: 1.00 - Lenovo)
RapidBoot (x32 Version: 1.00 - Lenovo) Hidden
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
Rescue and Recovery (HKLM-x32\...\{BDB3E73F-5ECA-441D-96E1-F1CFCF3D427D}) (Version: 4.52.0005.00 - Lenovo Group Limited)
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.5.0 - Lenovo Group Limited)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Soluto (HKLM\...\{037C627B-384E-450E-866C-95BAB3CDEA17}) (Version: 1.3.1494.0 - Soluto)
Spotify (HKCU\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
SSD Fresh (HKLM-x32\...\SSD Fresh_is1) (Version: 2014 - Abelssoft)
Steganos Privacy Suite 12 (HKLM-x32\...\{0F1D1572-9311-4590-A8A6-425224984E54}) (Version: 12.1.1 - Steganos Software GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.41 - )
ThinkPad Modem Adapter (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.5.0 - Conexant Systems)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.14 - )
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.22 - Lenovo)
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.07 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.11.0.0 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{F58DA859-016E-492D-A588-317D9BB28002}) (Version: 5.9.9.7282 - Authentec Inc.)
ThinkVantage GPS (HKLM-x32\...\{6DB21B2C-2BEF-44B4-B264-8EC2BC2369C6}) (Version: 2.80 - Lenovo)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.79.00.03 - Lenovo)
TrayApp (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
ViewSonic Windows 7 x64 Signed Files (HKLM-x32\...\{FC47C7A5-BE63-11D5-B7C9-005004566E4D}) (Version: - )
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebReg (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
Windows-Treiberpaket - Intel (e1cexpress) Net (12/21/2010 11.8.84.0) (HKLM\...\6D23A494E9A245843FB8584D9307D3E328DF8613) (Version: 12/21/2010 11.8.84.0 - Intel)
Windows-Treiberpaket - Intel (MEIx64) System (10/19/2010 7.0.0.1144) (HKLM\...\90FD26A77B849AE03FF5F07A1CDA7F950406A8D8) (Version: 10/19/2010 7.0.0.1144 - Intel)
Windows-Treiberpaket - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows-Treiberpaket - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\A513FC5E5A08D4EF27F234E91E0E942A0234210B) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows-Treiberpaket - Intel System (10/04/2010 9.2.0.1015) (HKLM\...\FE1BEBFD475BB832AAF104F5C63348E98A9286DF) (Version: 10/04/2010 9.2.0.1015 - Intel)
Windows-Treiberpaket - Intel USB (09/16/2010 9.2.0.1013) (HKLM\...\D97688B8E3830BF9820E15EB8D9552DCBF988CFD) (Version: 09/16/2010 9.2.0.1013 - Intel)
Windows-Treiberpaket - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11) (HKLM\...\466E9B20D871055D6D3CDA2CDD1D355E978A61AF) (Version: 11/11/2010 1.61.00.11 - Lenovo)
Windows-Treiberpaket - Ricoh Company SD Host Controller (03/23/2011 6.10.10.30) (HKLM\...\4534F449D55EE49DEE206B3D9A3B1811E1A495EA) (Version: 03/23/2011 6.10.10.30 - Ricoh Company)
Windows-Treiberpaket - Synaptics (SynTP) Mouse (03/24/2011 15.2.19.0) (HKLM\...\5DF942712DC7660AE4A1B04809A1C3F67B0CA27C) (Version: 03/24/2011 15.2.19.0 - Synaptics)
XMedia Recode Version 3.1.9.7 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.9.7 - XMedia Recode)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2672548732-3621259577-1585307691-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Hagel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2672548732-3621259577-1585307691-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Hagel\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2672548732-3621259577-1585307691-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Hagel\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2672548732-3621259577-1585307691-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Hagel\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2672548732-3621259577-1585307691-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Hagel\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2672548732-3621259577-1585307691-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Hagel\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2672548732-3621259577-1585307691-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2672548732-3621259577-1585307691-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2672548732-3621259577-1585307691-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2672548732-3621259577-1585307691-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2672548732-3621259577-1585307691-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2672548732-3621259577-1585307691-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2672548732-3621259577-1585307691-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2672548732-3621259577-1585307691-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
31-10-2014 08:51:25 Installiert Digital Line Detect
01-11-2014 10:15:39 Installed gSyncit
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-05-16 09:40 - 2014-06-19 13:37 - 00000991 ____N C:\Windows\system32\Drivers\etc\hosts
192.168.1.249 EHS-STORAGE
192.168.1.241 EHS-COM
192.168.1.241 ehs-com.intern.EHS.de
192.168.1.244 EHS-Terminal
192.168.55.43 Drucker---HP-CM1312nfi.fritz.box
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0BF68B87-DD44-4A98-BA0E-DA3EC359E8B1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {16F36776-5DC4-4498-B7C8-A2A57CF3B1BA} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-03-31] (PC-Doctor, Inc.)
Task: {1E30C44E-853D-4BE9-A19F-A37458155E2A} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2014-09-10] (Lenovo Group Limited)
Task: {2418A00D-ACA8-4903-922B-C52BF6EE5AB2} - System32\Tasks\TVT\ChangePWD => %RR%\rrcmd.exe
Task: {34F6B631-A6C6-49BE-A52A-DE16F5C60015} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {356D8D1D-810F-4C32-B56C-3A8BBD1A9669} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2011-03-31] (PC-Doctor, Inc.)
Task: {50AFEEE1-73F9-4BD9-B637-4793CAC15875} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2014-06-18] ()
Task: {5244ADF1-DAFB-4CEC-A83B-8BEDF3EF8ABC} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-03-31] (PC-Doctor, Inc.)
Task: {5EE6F9CB-E583-460D-A758-57E1ECE805E3} - System32\Tasks\Lenovo\SROptimizer => %TRPATH%\SRORest.exe
Task: {704698A2-2976-4CDF-A71B-04469FB8F5DC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-29] (Adobe Systems Incorporated)
Task: {70E80B87-E62E-40B9-991A-8D98D6CDE696} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {75EEE41F-08BB-4034-82D1-DFE6B3733161} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-10-16] (Lenovo)
Task: {84EE8920-B41E-40D6-A11F-0A894D29FC44} - System32\Tasks\TVT\LaunchRnR => %RR%\rrcmd.exe
Task: {8834920C-6C8F-47B6-BE98-2F32E2764683} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {8B47522E-738F-412E-81FB-AB3B18B0DDD7} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-10-16] ()
Task: {A759975D-4A6E-4A66-8B0E-FE1AFA97FB5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-16] (Google Inc.)
Task: {A8CA83EF-4E12-43B5-8DB1-E220060AB534} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-10-16] (Lenovo)
Task: {B6DACD74-7858-43DC-B3A3-32F0E116F354} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-10-16] ()
Task: {BD598119-5148-4EA9-AC84-E8920B1980BB} - System32\Tasks\Lenovo\LSC\LSCTaskService => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe [2014-10-16] ()
Task: {C3B25026-A1A0-4EB6-97BE-AF6C6A32A1DC} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {CC2DDAB3-819D-49EC-9A99-33FE970A208F} - System32\Tasks\TVT\UpdateRnR => %TVTCOMMON%\Scheduler\tvtsetsched.exe
Task: {D904E9BA-8653-4BB5-85A5-08BC6EFE07B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-16] (Google Inc.)
Task: {E778A9ED-77BA-481C-978E-E6ADC9E8924A} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-27] ()
Task: {ED5A166B-2089-45E4-8E78-2F81ACD5D21E} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2014-10-16] (Lenovo)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe
==================== Loaded Modules (whitelisted) =============
2010-12-17 12:53 - 2010-12-17 12:53 - 01501696 ____N () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2014-10-29 22:49 - 2012-11-01 11:49 - 00657504 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
2014-10-15 11:35 - 2014-10-15 11:35 - 03672064 ____N () C:\Windows\assembly\NativeImages_v2.0.50727_64\PCGPreCompiled\147a38a7653169860dd6816e35e37384\PCGPreCompiled.ni.dll
2014-10-15 11:36 - 2014-10-15 11:36 - 00267264 ____N () C:\Windows\assembly\NativeImages_v2.0.50727_64\PCGAppControlPlugin#\52df5510f23c17994e7bbd8a76a1bdd0\PCGAppControlPluginLoader.ni.dll
2014-10-15 11:36 - 2014-10-15 11:36 - 00068096 ____N () C:\Windows\assembly\NativeImages_v2.0.50727_64\SignalRWrapper\a454c164c98d7f3f6f6c8413b4f8d7d8\SignalRWrapper.ni.dll
2013-11-14 13:26 - 2013-11-14 13:26 - 00090688 ____N () C:\Program Files\Soluto\PCGDllExportInspector.dll
2013-11-14 13:26 - 2013-11-14 13:26 - 00054848 ____R () C:\Program Files\Soluto\PCGDeviceScanLib.dll
2014-04-15 20:32 - 2013-10-29 01:53 - 00087328 ____N () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-10-26 02:46 - 2014-01-06 19:22 - 00710656 ____N () C:\Windows\system32\spool\DRIVERS\x64\3\KOAYQJ_O.DLL
2011-07-05 17:38 - 2011-06-01 05:37 - 00004096 ____N () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-11-14 13:26 - 2013-11-14 13:26 - 00090688 ____N () c:\program files\soluto\PCGDllExportInspector.dll
2014-07-10 10:01 - 2014-09-10 05:06 - 00117760 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2011-07-05 17:33 - 2010-10-26 09:40 - 00049056 ____N () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2011-07-05 17:38 - 2011-03-06 12:07 - 00094208 ____N () C:\Windows\System32\IccLibDll_x64.dll
2012-03-22 20:11 - 2012-03-22 20:11 - 00244944 ____N () C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
2014-04-17 09:19 - 2008-07-26 18:56 - 00082944 ____N () C:\Program Files\DeskSave 8.2.1\DeskSave.exe
2014-09-25 19:44 - 2014-09-25 19:44 - 00053248 ____N () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-09-11 12:04 - 2014-09-11 12:04 - 00197120 ____N () C:\Program Files\FreeFileSync\Bin\FindFilePlus_x64.dll
2014-09-11 12:04 - 2014-09-11 12:04 - 00308736 ____N () C:\Program Files\FreeFileSync\Bin\Thumbnail_x64.dll
2014-09-11 12:04 - 2014-09-11 12:04 - 00631808 ____N () C:\Program Files\FreeFileSync\Bin\Taskbar7_x64.dll
2009-05-27 21:09 - 2009-05-27 21:09 - 00049976 ____N () C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
2014-04-15 20:33 - 2013-11-15 09:52 - 00518432 ____N () C:\Program Files\NVIDIA Corporation\nview\nvshell.dll
2014-10-29 22:49 - 2009-01-10 11:32 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2014-10-29 22:49 - 2009-06-22 19:42 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2014-10-29 22:49 - 2010-05-10 03:51 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2014-10-29 22:49 - 2010-02-10 15:10 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2014-10-29 22:49 - 2012-11-01 11:26 - 00843264 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2014-10-29 22:49 - 2010-02-10 15:06 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2011-07-05 17:37 - 2011-05-26 16:17 - 00065576 ____R () C:\Program Files (x86)\Mobile Broadband drivers\WMCore\MBMDebug.dll
2014-04-16 11:44 - 2011-06-29 17:09 - 02085888 ____N () C:\Program Files\Lenovo\AutoLock\cv210.dll
2014-04-16 11:44 - 2011-06-29 17:09 - 02201088 ____N () C:\Program Files\Lenovo\AutoLock\cxcore210.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 ____N () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2014-11-01 12:38 - 2014-11-01 12:38 - 00043008 _____ () e:\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp0eendh.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\Hagel\AppData\Roaming\Dropbox\bin\libcef.dll
2014-09-25 18:58 - 2014-09-25 18:58 - 00081056 ____N () C:\Users\Hagel\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.dll
2014-11-01 12:41 - 2014-11-01 12:41 - 00098816 _____ () E:\Temp\_MEI62402\win32api.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 00110080 _____ () E:\Temp\_MEI62402\pywintypes27.dll
2014-11-01 12:41 - 2014-11-01 12:41 - 00364544 _____ () E:\Temp\_MEI62402\pythoncom27.dll
2014-11-01 12:41 - 2014-11-01 12:41 - 00045568 _____ () E:\Temp\_MEI62402\_socket.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 01160704 _____ () E:\Temp\_MEI62402\_ssl.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 00320512 _____ () E:\Temp\_MEI62402\win32com.shell.shell.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 00713216 _____ () E:\Temp\_MEI62402\_hashlib.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 01175040 _____ () E:\Temp\_MEI62402\wx._core_.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 00805888 _____ () E:\Temp\_MEI62402\wx._gdi_.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 00811008 _____ () E:\Temp\_MEI62402\wx._windows_.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 01062400 _____ () E:\Temp\_MEI62402\wx._controls_.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 00735232 _____ () E:\Temp\_MEI62402\wx._misc_.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 00128512 _____ () E:\Temp\_MEI62402\_elementtree.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 00127488 _____ () E:\Temp\_MEI62402\pyexpat.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 00557056 _____ () E:\Temp\_MEI62402\pysqlite2._sqlite.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 00007168 _____ () E:\Temp\_MEI62402\hashobjs_ext.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 00087552 _____ () E:\Temp\_MEI62402\_ctypes.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 00119808 _____ () E:\Temp\_MEI62402\win32file.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 00108544 _____ () E:\Temp\_MEI62402\win32security.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 00018432 _____ () E:\Temp\_MEI62402\win32event.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 00038912 _____ () E:\Temp\_MEI62402\win32inet.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 00070656 _____ () E:\Temp\_MEI62402\wx._html2.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 00167936 _____ () E:\Temp\_MEI62402\win32gui.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 00011264 _____ () E:\Temp\_MEI62402\win32crypt.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 00027136 _____ () E:\Temp\_MEI62402\_multiprocessing.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 00686080 _____ () E:\Temp\_MEI62402\unicodedata.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 00122368 _____ () E:\Temp\_MEI62402\wx._wizard.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 00010240 _____ () E:\Temp\_MEI62402\select.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 00024064 _____ () E:\Temp\_MEI62402\win32pipe.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 00025600 _____ () E:\Temp\_MEI62402\win32pdh.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 00525640 _____ () E:\Temp\_MEI62402\windows._lib_cacheinvalidation.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 00035840 _____ () E:\Temp\_MEI62402\win32process.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 00017408 _____ () E:\Temp\_MEI62402\win32profile.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 00022528 _____ () E:\Temp\_MEI62402\win32ts.pyd
2014-11-01 12:41 - 2014-11-01 12:41 - 00078336 _____ () E:\Temp\_MEI62402\wx._animate.pyd
2014-09-25 18:58 - 2014-09-25 18:58 - 00081056 ____N () C:\Users\Hagel\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.DLL
2014-10-28 15:32 - 2014-10-22 05:04 - 01042760 ____N () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-10-28 15:32 - 2014-10-22 05:04 - 00211272 ____N () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-10-28 15:32 - 2014-10-22 05:04 - 08910664 ____N () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-28 15:32 - 2014-10-22 05:04 - 01681224 ____N () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2013-02-14 14:46 - 2013-02-14 14:46 - 01044048 ____N () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2014-10-28 15:32 - 2014-10-22 05:05 - 14902600 ____N () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-2672548732-3621259577-1585307691-500 - Administrator - Disabled)
Gast (S-1-5-21-2672548732-3621259577-1585307691-501 - Limited - Disabled)
Hagel (S-1-5-21-2672548732-3621259577-1585307691-1001 - Administrator - Enabled) => C:\Users\Hagel
HagelEHS (S-1-5-21-2672548732-3621259577-1585307691-1002 - Administrator - Enabled) => C:\Users\HagelEHS
HomeGroupUser$ (S-1-5-21-2672548732-3621259577-1585307691-1004 - Limited - Enabled)
UpdatusUser (S-1-5-21-2672548732-3621259577-1585307691-1000 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
Name: F5521gw Mobile Broadband Driver
Description: F5521gw Mobile Broadband Driver
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Ericsson AB
Service: WwanUsbServ
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft Virtual WiFi Miniport Adapter #4
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/01/2014 00:52:32 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (2368) Asapi: (12:52:32:0110)(2368) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.button.text locale: PCDLocale: language = de, customer = lenovo, variant = ltt
Error: (11/01/2014 00:52:32 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (2368) Asapi: (12:52:32:0100)(2368) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.button.text locale: PCDLocale: language = en, customer = lenovo, variant = ltt
Error: (11/01/2014 00:52:32 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (2368) Asapi: (12:52:32:0090)(2368) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.body locale: PCDLocale: language = de, customer = lenovo, variant = ltt
Error: (11/01/2014 00:52:32 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (2368) Asapi: (12:52:32:0080)(2368) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.title locale: PCDLocale: language = de, customer = lenovo, variant = ltt
Error: (11/01/2014 00:52:29 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (2368) Asapi: (12:52:29:2930)(2368) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExtendWarranty.button.text locale: PCDLocale: language = de, customer = lenovo, variant = ltt
Error: (11/01/2014 00:52:29 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (2368) Asapi: (12:52:29:2920)(2368) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExtendWarranty.button.text locale: PCDLocale: language = en, customer = lenovo, variant = ltt
Error: (11/01/2014 00:52:29 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (2368) Asapi: (12:52:29:2910)(2368) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExtendWarranty.body locale: PCDLocale: language = de, customer = lenovo, variant = ltt
Error: (11/01/2014 00:52:29 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (2368) Asapi: (12:52:29:2900)(2368) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExtendWarranty.title locale: PCDLocale: language = de, customer = lenovo, variant = ltt
Error: (11/01/2014 00:52:29 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (2368) Asapi: (12:52:29:2810)(2368) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExpiringWarranty.button.text locale: PCDLocale: language = en, customer = lenovo, variant = ltt
Error: (11/01/2014 00:52:29 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (2368) Asapi: (12:52:29:2780)(2368) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExpiringWarranty.button.text locale: PCDLocale: language = de, customer = lenovo, variant = ltt
System errors:
=============
Error: (11/01/2014 09:00:02 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (11/01/2014 00:41:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (11/01/2014 00:41:56 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (11/01/2014 00:39:55 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht richtig gestartet.
Error: (11/01/2014 00:39:32 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (11/01/2014 00:38:31 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Fehlercode: 87
Error: (11/01/2014 00:38:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (11/01/2014 00:38:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Mobile Partner. OUC erreicht.
Error: (11/01/2014 00:38:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Bluetooth Serial Driver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (11/01/2014 00:37:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SMI Helper Driver (smihlp2)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
Error: (11/01/2014 00:52:32 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (2368) Asapi: (12:52:32:0110)(2368) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.button.text locale: PCDLocale: language = de, customer = lenovo, variant = ltt
Error: (11/01/2014 00:52:32 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (2368) Asapi: (12:52:32:0100)(2368) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.button.text locale: PCDLocale: language = en, customer = lenovo, variant = ltt
Error: (11/01/2014 00:52:32 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (2368) Asapi: (12:52:32:0090)(2368) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.body locale: PCDLocale: language = de, customer = lenovo, variant = ltt
Error: (11/01/2014 00:52:32 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (2368) Asapi: (12:52:32:0080)(2368) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.title locale: PCDLocale: language = de, customer = lenovo, variant = ltt
Error: (11/01/2014 00:52:29 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (2368) Asapi: (12:52:29:2930)(2368) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExtendWarranty.button.text locale: PCDLocale: language = de, customer = lenovo, variant = ltt
Error: (11/01/2014 00:52:29 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (2368) Asapi: (12:52:29:2920)(2368) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExtendWarranty.button.text locale: PCDLocale: language = en, customer = lenovo, variant = ltt
Error: (11/01/2014 00:52:29 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (2368) Asapi: (12:52:29:2910)(2368) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExtendWarranty.body locale: PCDLocale: language = de, customer = lenovo, variant = ltt
Error: (11/01/2014 00:52:29 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (2368) Asapi: (12:52:29:2900)(2368) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExtendWarranty.title locale: PCDLocale: language = de, customer = lenovo, variant = ltt
Error: (11/01/2014 00:52:29 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (2368) Asapi: (12:52:29:2810)(2368) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExpiringWarranty.button.text locale: PCDLocale: language = en, customer = lenovo, variant = ltt
Error: (11/01/2014 00:52:29 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (2368) Asapi: (12:52:29:2780)(2368) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExpiringWarranty.button.text locale: PCDLocale: language = de, customer = lenovo, variant = ltt
CodeIntegrity Errors:
===================================
Date: 2014-10-31 10:11:53.493
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-30 10:09:47.747
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-30 09:55:42.808
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-29 13:00:59.840
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-29 12:32:36.767
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-29 11:16:31.276
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-28 09:46:15.732
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-27 14:57:21.355
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-27 14:42:32.304
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-27 13:28:12.675
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 54%
Total physical RAM: 8075.23 MB
Available physical RAM: 3701.71 MB
Total Pagefile: 20185.41 MB
Available Pagefile: 15255.75 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (Windows7_OS) (Fixed) (Total:57.73 GB) (Free:10.8 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (SGS3 EXTERN) (Removable) (Total:29.23 GB) (Free:6.11 GB) FAT32
Drive e: (Daten) (Fixed) (Total:931.39 GB) (Free:250.83 GB) NTFS
Drive q: (Lenovo_Recovery) (Fixed) (Total:15.62 GB) (Free:6.2 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 74.5 GB) (Disk ID: D24C6A16)
Partition 1: (Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=57.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.6 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 2 (Size: 29.2 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
02.11.2014, 15:11
| #5 |
| /// the machine /// TB-Ausbilder | Notebook wird immer langsamer. Lange Bootzeit. Desktop erst spät verfügbar. Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.11.2014, 22:06
| #6 |
| | Notebook wird immer langsamer. Lange Bootzeit. Desktop erst spät verfügbar.Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 02.11.2014 Suchlauf-Zeit: 21:07:24 Logdatei: mbam.txt Administrator: Ja Version: 2.00.3.1025 Malware Datenbank: v2014.11.02.07 Rootkit Datenbank: v2014.11.01.02 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Hagel Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 407647 Verstrichene Zeit: 8 Min, 14 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 1 PUP.Optional.SearchProtect.A, HKU\S-1-5-21-2672548732-3621259577-1585307691-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantäne, [51ae9b9bed8fa4921f462884c53dc63a], Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 0 (Keine schädliche Elemente erkannt) Dateien: 0 (Keine schädliche Elemente erkannt) Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v4.002 - Bericht erstellt am 02/11/2014 um 21:49:55
# DB v2014-10-26.6
# Aktualisiert 27/10/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Hagel - HAGEL-NB2
# Gestartet von : E:\Installationsversionen\_System & Wartung\AdwCleaner 4.002\AdwCleaner_4.002.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\~0
Ordner Gelöscht : C:\Users\Hagel\AppData\Local\PackageAware
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Google Chrome v38.0.2125.111
*************************
AdwCleaner[R0].txt - [2273 octets] - [02/11/2014 21:20:14]
AdwCleaner[S0].txt - [2170 octets] - [02/11/2014 21:49:55]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2230 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.5 (10.31.2014:1)
OS: Windows 7 Professional x64
Ran by Hagel on 02.11.2014 at 22:00:40,64
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.11.2014 at 22:04:49,03
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
03.11.2014, 16:32
| #7 |
| /// the machine /// TB-Ausbilder | Notebook wird immer langsamer. Lange Bootzeit. Desktop erst spät verfügbar.ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.11.2014, 19:09
| #8 |
| | Notebook wird immer langsamer. Lange Bootzeit. Desktop erst spät verfügbar.Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=52baa69ccfc1154abcc9e5641741779f
# engine=20909
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-04 04:45:48
# local_time=2014-11-04 05:45:48 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 278336 38099942 0 0
# scanned=402465
# found=19
# cleaned=0
# scan_time=82495
sh=2446E82304B2A797346141850D2245916E179BB6 ft=1 fh=4f9fb98a1d8c5ee8 vn="Win32/Packed.Autoit.H evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\ruKernelTool v0.6.3.12\_Lib_\PrettyPrintFirmwareLinkListe.exe"
sh=4B59E536B0C0E61856D02706A8FE2A218AAE322A ft=0 fh=0000000000000000 vn="Variante von Android/StopSMS.C evtl. unerwünschte Anwendung" ac=I fn="E:\DS\Handy\Samsung Galaxy S3\clockworkmod\backup\_Stock (1st ROM)\2013-11-28.22.03.33\data.ext4.tar"
sh=7E20EEDF0C52D8CD6E5DA14D2589322461A27057 ft=0 fh=0000000000000000 vn="Variante von Android/StopSMS.C evtl. unerwünschte Anwendung" ac=I fn="E:\DS\Handy\Samsung Galaxy S3\MyPhoneExplorer\Digital Uhr mit Weck-Funktion_8.5.apk"
sh=BB01D77FBA68EA1186549FFAEBA7CDA2D326D05D ft=0 fh=0000000000000000 vn="Variante von Android/AdMogo.B evtl. unerwünschte Anwendung" ac=I fn="E:\DS\Handy\Samsung Galaxy S3\SGS3 (alt) - Backups\apps\MoboPlayer_1.3.243.apk"
sh=BFFCAC7F22AE9599DF6E64F699CD34BDAFBFF85F ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AppFlood.A evtl. unerwünschte Anwendung" ac=I fn="E:\DS\Handy\Samsung Galaxy S3\SGS3 (alt) - Backups\apps\MoboPlayer_1.3.260.apk"
sh=2EE4290271F9A100CE32817C2CCCCA1B2BDECA2B ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AppFlood.A evtl. unerwünschte Anwendung" ac=I fn="E:\DS\Handy\Samsung Galaxy S3\SGS3 (alt) - Backups\apps\MoboPlayer_1.3.263.apk"
sh=22226B20097721E3B0A633349885C3A5407284E9 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AppLovin.A evtl. unerwünschte Anwendung" ac=I fn="E:\DS\Handy\Samsung Galaxy S3\SGS3 (alt) - Backups\apps\PicsArt_3.0.8.apk"
sh=BFFCAC7F22AE9599DF6E64F699CD34BDAFBFF85F ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AppFlood.A evtl. unerwünschte Anwendung" ac=I fn="E:\Eigene Dateien\Documents\MyPhoneExplorer\samsung GT-I9300 [353166052101559]\MoboPlayer_1.3.260.apk"
sh=EAE2784C9115FE9CFA44A116B74E72C1BCCFA7F6 ft=1 fh=2e79e77116fe19c4 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="E:\Eigene Dateien\Downloads\MyPhoneExplorer_1.8.5.exe"
sh=BEE37F8438C5B42A601FDA3A59F11698F0004AE3 ft=1 fh=2703919bd9f14349 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="E:\Eigene Dateien\Downloads\zafwSetupWeb_120_118_000.exe"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Win32/InstallMonetizer.AN evtl. unerwünschte Anwendung" ac=I fn="E:\Eigene Dateien\Privat\_Daten\iso (Image)\ComputerBild 2012-20\CD 2012-20.iso"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="E:\Eigene Dateien\Privat\_Daten\iso (Image)\ComputerBild 2013-19\ComputerBild 2013-19.iso"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="E:\Eigene Dateien\Privat\_Daten\iso (Image)\ComputerBild Sonderheft Vollversionen 2012-1\CB_SONDERHEFT0312.iso"
sh=D09716BEDC9CA432FDC3F1992FBDE16641553D6E ft=1 fh=f8c36add744bb893 vn="Variante von Win32/AdkDLLWrapper.A evtl. unerwünschte Anwendung" ac=I fn="E:\Installationsversionen\_Handy\MyPhoneExplorer\MyPhoneExplorer_Setup_1.8.4.exe"
sh=EAE2784C9115FE9CFA44A116B74E72C1BCCFA7F6 ft=1 fh=2e79e77116fe19c4 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="E:\Installationsversionen\_Handy\MyPhoneExplorer\MyPhoneExplorer_Setup_1.8.5.exe"
sh=982CBA880955552478FBC9A2E3743D7E44C053FC ft=1 fh=9dad3ccc7f2043ca vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="E:\Installationsversionen\_Handy\MyPhoneExplorer\MyPhoneExplorer_Setup_v1.8.6.exe"
sh=0A5D594B277E29C9854223A8AC46DD156C7B0E0E ft=1 fh=55550162f6ca8b1a vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="E:\Installationsversionen\_Multimedia\Free YouTube Download 3.1.40\FreeYouTubeDownload_3.1.40.1031.exe"
sh=2446E82304B2A797346141850D2245916E179BB6 ft=1 fh=4f9fb98a1d8c5ee8 vn="Win32/Packed.Autoit.H evtl. unerwünschte Anwendung" ac=I fn="E:\Installationsversionen\_Tools\AVM\ruKernelTool\_Lib_\PrettyPrintFirmwareLinkListe.exe"
sh=2446E82304B2A797346141850D2245916E179BB6 ft=1 fh=4f9fb98a1d8c5ee8 vn="Win32/Packed.Autoit.H evtl. unerwünschte Anwendung" ac=I fn="E:\Installationsversionen\_Tools\ruKernelTool v0.6.3.12\_Lib_\PrettyPrintFirmwareLinkListe.exe"
Code:
ATTFilter Results of screen317's Security Check version 0.99.89
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 25
Java version out of Date!
Google Chrome 38.0.2125.104
Google Chrome 38.0.2125.111
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Mobile Partner OnlineUpdate ouc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014
Ran by Hagel (administrator) on HAGEL-NB2 on 04-11-2014 19:05:31
Running from C:\Users\Hagel\Desktop
Loaded Profile: Hagel (Available profiles: UpdatusUser & Hagel & HagelEHS)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\ProgramData\DataCardService\HWDeviceService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(Soluto) C:\Program Files\Soluto\SolutoService.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Softwareentwicklung Remus - ArchiCrypt) C:\Windows\SysWOW64\STGRAMDiskHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Soluto) C:\Program Files\Soluto\Soluto.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DataCardService\DCSHelper.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe
() C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe
(Cambridge Silicon Radio Limited) C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 12\SteganosBrowserMonitor.exe
() C:\Program Files\DeskSave 8.2.1\DeskSave.exe
(WebGear Ltd, New Zealand + Create Software + Stru.be + saller.NET) C:\Program Files (x86)\WebGear\GO Contact Sync\GOContactSync.exe
(Fieldston Software) C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe
(Avanquest Software ) C:\Program Files (x86)\Digital Line Detect\DLG.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 12\SteganosHotKeyService.exe
(Dropbox, Inc.) C:\Users\Hagel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 12\fredirstarter.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SRORest.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(GlavSoft LLC.) C:\Program Files\Soluto\SolutoRemoteService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Users\Hagel\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe
(Lenovo Group Limited) C:\Program Files (x86)\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 12\Safe.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\Access Connections.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
() C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
() C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
() C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
(Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VBoxSVC.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TpShocks] => C:\Windows\SYSTEM32\TpShocks.exe [380776 2010-12-09] (Lenovo.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [60920 2013-05-29] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [388600 2013-04-15] (Lenovo Group Limited)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63832 2014-05-30] (Lenovo)
HKLM\...\Run: [HP Color LaserJet CM1312 MFP Series Fax] => C:\Program Files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe [3700736 2009-09-22] (Hewlett-Packard Company)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2014-07-28] (Synaptics Incorporated)
HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] ()
HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4309184 2011-02-09] (Lenovo, Inc.)
HKLM-x32\...\Run: [SSS12 HotKeys] => C:\Program Files (x86)\Steganos Privacy Suite 12\SteganosHotKeyService.exe [84480 2011-09-30] (Steganos Software GmbH)
HKLM-x32\...\Run: [SSS12 File Redirection Starter] => C:\Program Files (x86)\Steganos Privacy Suite 12\fredirstarter.exe [17408 2011-09-30] (Steganos Software GmbH)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [SSD Tweaker] => C:\Program Files (x86)\SSD Tweaker\SSD Tweaker.exe -reboot
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit,
Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\Run: [SSS12 Browser Monitor] => C:\Program Files (x86)\Steganos Privacy Suite 12\SteganosBrowserMonitor.exe [57344 2011-09-30] (Steganos Software GmbH)
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\Run: [DeskSave] => C:\Program Files\DeskSave 8.2.1\DeskSave.exe [82944 2008-07-26] ()
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\Run: [GoogleContactSync] => C:\Program Files (x86)\WebGear\GO Contact Sync\GOContactSync.exe [924160 2014-02-07] (WebGear Ltd, New Zealand + Create Software + Stru.be + saller.NET)
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\Run: [gSyncit] => C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe [168448 2014-10-27] (Fieldston Software)
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\Run: [GoogleChromeAutoLaunch_6631D960C7B4E835BA733AED17626F77] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-22] (Google Inc.)
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\MountPoints2: {2437f3cc-cde8-11e3-9838-0021cc60f38b} - "A:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\MountPoints2: {8ce675cc-e1c4-11e3-84b3-028037ec0200} - F:\AutoRun.exe
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\MountPoints2: {8ce675e3-e1c4-11e3-84b3-028037ec0200} - G:\AutoRun.exe
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\MountPoints2: {8e5674e9-e1a9-11e3-853a-028037ec0200} - H:\AutoRun.exe
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\MountPoints2: {8e56750d-e1a9-11e3-853a-028037ec0200} - F:\AutoRun.exe
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\MountPoints2: {9753729c-5f9a-11e4-aceb-0021cc60f38b} - F:\AutoRun.exe
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\MountPoints2: {975372a2-5f9a-11e4-aceb-0021cc60f38b} - F:\AutoRun.exe
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\MountPoints2: {975372f3-5f9a-11e4-aceb-0021cc60f38b} - F:\AutoRun.exe
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\MountPoints2: {975372fb-5f9a-11e4-aceb-0021cc60f38b} - F:\AutoRun.exe
HKU\S-1-5-21-2672548732-3621259577-1585307691-1001\...\MountPoints2: {97537328-5f9a-11e4-aceb-0021cc60f38b} - F:\AutoRun.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-11-15] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-11-15] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli ACGina C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files (x86)\Digital Line Detect\DLG.exe (Avanquest Software )
Startup: C:\Users\Hagel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Hagel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\HagelEHS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hagel (EHS, VPN-Verbindung).lnk
ShortcutTarget: Hagel (EHS, VPN-Verbindung).lnk -> E:\Eigene Dateien\Schnellstart Hagel-NB2 (Desktop)\Netzlaufwerke\Hagel (EHS, VPN-Verbindung).bat ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKCU - {9937DA2C-15AB-4DA8-9A45-09D69D6644CD} URL =
SearchScopes: HKCU - {AEE2973D-6B41-4226-A3C6-A3C255FDD7FA} URL = https://www.google.com/search?q={searchTerms}
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: PDFXChange 2012 -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} -> C:\Program Files\Tracker Software\PDF-XChange 5\Win32\PXCIEaddin5.dll (Tracker Software Products (Canada) Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 12\SPMIEToolbar.dll (Steganos Software GmbH)
Toolbar: HKLM-x32 - PDFXChange 2012 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange 5\Win32\PXCIEaddin5.dll (Tracker Software Products (Canada) Ltd.)
Toolbar: HKCU - No Name - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 192.168.55.43 Drucker---HP-CM1312nfi.fritz.box
Tcpip\..\Interfaces\{239824C2-A1F4-4AA3-9580-6CAE0AAE0668}: [NameServer] 192.168.4.1
Tcpip\..\Interfaces\{5A5ABDAA-8E42-4E52-B576-E05F0E781F50}: [NameServer] 192.168.55.1
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll (Tracker Software Products (Canada) Ltd.)
FF HKLM-x32\...\Firefox\Extensions: [{09F060FA-566D-42D7-BF79-97AB30863433}] - C:\Program Files (x86)\Steganos Privacy Suite 12\pfplugin
FF Extension: Steganos Private Favorites - C:\Program Files (x86)\Steganos Privacy Suite 12\pfplugin [2014-04-16]
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 12\spmplugin3
FF Extension: Steganos Password Manager - C:\Program Files (x86)\Steganos Privacy Suite 12\spmplugin3 [2014-04-16]
Chrome:
=======
CHR HomePage: Default -> about:blank
CHR StartupUrls: Default -> "https://www.google.de/?gws_rd=ssl"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-02]
CHR Extension: (Google Drive) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-02]
CHR Extension: (Wetter (Erweiterung)) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc [2014-06-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-08]
CHR Extension: (YouTube) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-02]
CHR Extension: (Google-Suche) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-02]
CHR Extension: (rotoscope) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhimnnhmaanmanmmokfpijgambokcpni [2014-06-02]
CHR Extension: (mysms - SMS vom Computer) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnkkehjnlfplmdnallbjjdnokolhblgb [2014-06-02]
CHR Extension: (Google Play Music) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2014-06-02]
CHR Extension: (WEB.DE MailCheck) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo [2014-06-02]
CHR Extension: (Webcam Toy) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2014-06-02]
CHR Extension: (Google Maps) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-06-02]
CHR Extension: (Google Wallet) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-02]
CHR Extension: (Google Mail) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-02]
CHR Profile: C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-11]
CHR Extension: (Google Docs) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-11]
CHR Extension: (Google Drive) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-11]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-11]
CHR Extension: (YouTube) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-11]
CHR Extension: (Google Search) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-11]
CHR Extension: (Google Sheets) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-11]
CHR Extension: (mysms - Text anywhere) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hnkkehjnlfplmdnallbjjdnokolhblgb [2014-10-11]
CHR Extension: (Google Wallet) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-11]
CHR Extension: (Gmail) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-11]
CHR Profile: C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Präsentationen) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-12]
CHR Extension: (Google Docs) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-12]
CHR Extension: (Google Drive) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-12]
CHR Extension: (YouTube) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-12]
CHR Extension: (Google-Suche) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-12]
CHR Extension: (Google Tabellen) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-12]
CHR Extension: (Google Wallet) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-12]
CHR Extension: (Google Mail) - C:\Users\Hagel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-12]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [337824 2012-11-28] (AVM Berlin)
R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Limited)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143776 2012-11-28] (AVM Berlin)
R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Limited)
R2 CsrBtOBEX-Dienst; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Limited)
R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Limited)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [319536 2014-09-10] (Lenovo.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [559872 2014-08-06] (Lenovo)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-10-16] ()
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [657504 2012-11-01] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2013-11-14] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [191328 2013-06-10] (AVM Berlin)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2013-11-14] (Hewlett-Packard) [File not signed]
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [182848 2013-11-14] (Soluto)
R3 SolutoRemoteService; C:\Program Files\Soluto\SolutoRemoteService.exe [1942016 2013-11-14] (GlavSoft LLC.) [File not signed]
R2 SROSVC; C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [446800 2012-03-05] (Lenovo Group Limited)
R2 Steganos Volatile Disk; C:\Windows\SysWOW64\STGRAMDiskHandler64.exe [450560 2011-09-12] (Softwareentwicklung Remus - ArchiCrypt) [File not signed]
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-06-18] ()
R3 TermService; C:\Windows\System32\termsrv.dll [681984 2014-10-20] (Microsoft Corporation) [File not signed]
S4 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1028096 2010-08-31] (Lenovo Group Limited) [File not signed]
R3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1526120 2013-09-25] (Lenovo Group Limited)
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [61440 2008-01-10] (Ulead Systems, Inc.) [File not signed]
S3 wifimansvc; C:\Program Files (x86)\Mobile Partner\eap\wifimansvc.exe [605696 2012-11-10] () [File not signed]
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [648744 2011-08-12] (Ericsson AB)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 androidusb; C:\Windows\System32\Drivers\ssadadb.sys [36328 2011-05-13] (Google Inc) [File not signed]
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
R0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [23944 2010-04-06] (IVT Corporation.)
S3 BTKRNL; C:\Windows\System32\DRIVERS\btkrnl.sys [1106944 2006-01-17] (Broadcom Corporation.) [File not signed]
S3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [30088 2010-04-06] ()
R3 csravrcp; C:\Windows\System32\DRIVERS\csravrcp.sys [26304 2012-03-22] (Cambridge Silicon Radio Limited)
R3 CsrBtPort; C:\Windows\System32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrhidmini; C:\Windows\System32\DRIVERS\csrhidmini.sys [29896 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrpan; C:\Windows\System32\DRIVERS\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrserial; C:\Windows\System32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrusb; C:\Windows\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csrusbfilter; C:\Windows\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Limited)
R3 csr_bthav; C:\Windows\System32\drivers\csrbthav.sys [99520 2012-03-22] (Cambridge Silicon Radio Limited)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2010-02-23] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [30248 2010-02-23] (Ericsson AB)
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [117248 2010-07-27] (Huawei Technologies Co., Ltd.)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [39248 2012-06-09] (Paragon Software Group)
S3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [27016 2010-04-06] (IVT Corporation.)
S3 JabraDFU; C:\Windows\System32\Drivers\JabraMobileCsrDfuX64.sys [38768 2014-04-29] (GN Netcom A/S)
R3 l36wgps; C:\Windows\System32\DRIVERS\l36wgps64.sys [101416 2011-07-01] (Ericsson AB)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52320 2014-05-15] (hxxp://libusb-win32.sourceforge.net)
S3 libusbK; C:\Windows\System32\DRIVERS\libusbK.sys [47200 2014-05-15] (hxxp://libusb-win32.sourceforge.net)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [419400 2011-04-29] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [430664 2011-04-29] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2011-04-29] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [483400 2011-04-29] (MCCI Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 NPF; C:\Windows\System32\drivers\NPF.sys [35344 2012-09-22] (CACE Technologies, Inc.)
S3 NPF; C:\Windows\SysWOW64\drivers\NPF.sys [35344 2012-09-22] (CACE Technologies, Inc.)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-11-15] (NVIDIA Corporation)
R3 NWIM; C:\Windows\System32\DRIVERS\avmnwim.sys [412024 2011-07-05] (AVM Berlin)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-07-05] ()
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 SLEE_17_DRIVER; C:\Windows\Sleen1764.sys [108256 2011-09-12] (Softwareentwicklung Remus - ArchiCrypt - )
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2014-07-28] (Synaptics Incorporated)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
S2 smihlp2; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
R1 STGMFEngine64; C:\Windows\system32\drivers\STGMFEngine64.sys [28576 2011-09-12] (Softwareentwicklung Remus - ArchiCrypt.com)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-30] (Lenovo Information Product(ShenZhen China) Inc.)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [90960 2012-06-09] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633296 2012-06-09] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [389968 2012-06-09] (Paragon)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-03-26] (Oracle Corporation)
S3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [268840 2011-08-12] (Ericsson AB)
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 BTCOM; system32\DRIVERS\btcomport.sys [X]
S3 BTCOMBUS; System32\Drivers\btcombus.sys [X]
S3 Btcsrusb; System32\Drivers\btcusb.sys [X]
S2 BTSERIAL; \??\C:\Windows\system32\drivers\btserial.sys [X]
S3 BTWAMPFL; system32\DRIVERS\btwampfl.sys [X]
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\DRIVERS\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
R3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-04 19:05 - 2014-11-04 19:05 - 02114560 _____ (Farbar) C:\Users\Hagel\Desktop\FRST64.exe
2014-11-04 19:05 - 2014-11-04 19:05 - 00038262 _____ () C:\Users\Hagel\Desktop\FRST.txt
2014-11-04 19:03 - 2014-11-04 19:03 - 00000849 _____ () C:\Users\Hagel\Desktop\checkup.txt
2014-11-04 01:02 - 2014-11-04 01:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2014-11-04 01:00 - 2014-11-04 01:03 - 00000000 ____D () C:\Windows\system32\2C0A
2014-11-04 01:00 - 2014-11-04 01:03 - 00000000 ____D () C:\Windows\system32\0C0A
2014-11-04 01:00 - 2014-11-04 01:03 - 00000000 ____D () C:\Windows\system32\0C04
2014-11-04 01:00 - 2014-11-04 01:03 - 00000000 ____D () C:\Windows\system32\0816
2014-11-04 01:00 - 2014-11-04 01:03 - 00000000 ____D () C:\Windows\system32\0804
2014-11-04 01:00 - 2014-11-04 01:03 - 00000000 ____D () C:\Windows\system32\0424
2014-11-04 01:00 - 2014-11-04 01:03 - 00000000 ____D () C:\Windows\system32\041F
2014-11-04 01:00 - 2014-11-04 01:03 - 00000000 ____D () C:\Windows\system32\041E
2014-11-04 01:00 - 2014-11-04 01:03 - 00000000 ____D () C:\Windows\system32\041D
2014-11-04 01:00 - 2014-11-04 01:03 - 00000000 ____D () C:\Windows\system32\041B
2014-11-04 01:00 - 2014-11-04 01:03 - 00000000 ____D () C:\Windows\system32\0419
2014-11-04 01:00 - 2014-11-04 01:03 - 00000000 ____D () C:\Windows\system32\0416
2014-11-04 01:00 - 2014-11-04 01:03 - 00000000 ____D () C:\Windows\system32\0415
2014-11-04 01:00 - 2014-11-04 01:03 - 00000000 ____D () C:\Windows\system32\0414
2014-11-04 01:00 - 2014-11-04 01:03 - 00000000 ____D () C:\Windows\system32\0413
2014-11-04 01:00 - 2014-11-04 01:03 - 00000000 ____D () C:\Windows\system32\0412
2014-11-04 01:00 - 2014-11-04 01:03 - 00000000 ____D () C:\Windows\system32\0411
2014-11-04 01:00 - 2014-11-04 01:03 - 00000000 ____D () C:\Windows\system32\0410
2014-11-04 01:00 - 2014-11-04 01:03 - 00000000 ____D () C:\Windows\system32\040E
2014-11-04 01:00 - 2014-11-04 01:03 - 00000000 ____D () C:\Windows\system32\040D
2014-11-04 01:00 - 2014-11-04 01:03 - 00000000 ____D () C:\Windows\system32\040C
2014-11-04 01:00 - 2014-11-04 01:03 - 00000000 ____D () C:\Windows\system32\040B
2014-11-04 01:00 - 2014-11-04 01:03 - 00000000 ____D () C:\Windows\system32\040A
2014-11-04 01:00 - 2014-11-04 01:03 - 00000000 ____D () C:\Windows\system32\0409
2014-11-04 01:00 - 2014-11-04 01:03 - 00000000 ____D () C:\Windows\system32\0408
2014-11-04 01:00 - 2014-11-04 01:03 - 00000000 ____D () C:\Windows\system32\0406
2014-11-04 01:00 - 2014-11-04 01:03 - 00000000 ____D () C:\Windows\system32\0405
2014-11-04 01:00 - 2014-11-04 01:03 - 00000000 ____D () C:\Windows\system32\0404
2014-11-04 01:00 - 2014-11-04 01:03 - 00000000 ____D () C:\Windows\system32\0401
2014-11-04 01:00 - 2014-11-04 01:02 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-11-04 01:00 - 2014-11-04 01:00 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2014-11-04 00:47 - 2014-11-04 00:47 - 00000000 ____D () C:\Intel
2014-11-03 18:45 - 2014-11-03 18:45 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-11-02 21:51 - 2014-11-02 21:51 - 00000584 ____N () C:\Windows\PFRO.log
2014-11-02 21:19 - 2014-11-02 21:49 - 00000000 ____D () C:\AdwCleaner
2014-11-02 21:07 - 2014-11-02 21:07 - 00129752 ____N (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-02 21:07 - 2014-11-02 21:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-11-02 21:06 - 2014-11-02 21:07 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-11-02 21:06 - 2014-10-01 11:11 - 00093400 ____N (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-02 21:06 - 2014-10-01 11:11 - 00063704 ____N (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-02 21:06 - 2014-10-01 11:11 - 00025816 ____N (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-02 20:49 - 2014-11-02 20:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode
2014-11-01 23:41 - 2014-11-04 19:05 - 00000000 ____D () C:\FRST
2014-11-01 12:49 - 2014-11-01 12:49 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\LSC
2014-11-01 12:38 - 2014-11-04 12:27 - 00002236 _____ () C:\Windows\setupact.log
2014-11-01 12:38 - 2014-11-01 12:38 - 00000000 ____N () C:\Windows\setuperr.log
2014-11-01 12:37 - 2014-11-01 12:38 - 00497152 ____N () C:\Windows\system32\FNTCACHE.DAT
2014-11-01 12:26 - 2014-11-01 12:26 - 00002144 ____N () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-11-01 12:26 - 2014-11-01 12:26 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-11-01 12:26 - 2014-11-01 12:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-10-31 11:07 - 2014-10-31 11:07 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\WDC
2014-10-31 09:55 - 2014-10-31 09:55 - 00098216 ____N (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-31 09:55 - 2014-10-31 09:55 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-31 09:50 - 2014-10-31 09:51 - 00000000 ____D () C:\Program Files (x86)\Digital Line Detect
2014-10-31 09:49 - 2014-10-31 09:50 - 00000000 ____D () C:\Program Files (x86)\NetWaiting
2014-10-29 22:50 - 2012-09-22 02:12 - 00035344 ____N (CACE Technologies, Inc.) C:\Windows\SysWOW64\Drivers\npf.sys
2014-10-29 22:50 - 2012-09-22 02:12 - 00035344 ____N (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys
2014-10-29 22:49 - 2014-10-29 23:14 - 00000000 ____D () C:\ProgramData\DataCardService
2014-10-29 22:49 - 2014-10-29 22:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
2014-10-29 22:49 - 2014-10-29 22:49 - 00000000 ____D () C:\ProgramData\Mobile Partner
2014-10-29 22:49 - 2012-11-19 08:50 - 00452608 ____N (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys
2014-10-29 22:49 - 2012-10-31 15:54 - 00240128 ____N (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys
2014-10-29 22:49 - 2012-10-30 05:42 - 00014336 ____N (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys
2014-10-29 22:49 - 2012-10-29 12:44 - 00076800 ____N (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys
2014-10-29 22:49 - 2012-08-20 01:55 - 00104960 ____N (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys
2014-10-29 22:49 - 2012-08-20 01:55 - 00090112 ____N (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys
2014-10-29 22:49 - 2012-08-20 01:55 - 00030720 ____N (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys
2014-10-29 22:49 - 2011-12-31 02:20 - 00225920 ____N (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys
2014-10-29 22:49 - 2010-10-08 09:59 - 00032768 ____N (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys
2014-10-29 22:49 - 2010-09-26 11:09 - 00022016 ____N (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys
2014-10-29 22:49 - 2010-08-06 00:43 - 01001472 ____N (DiBcom SA) C:\Windows\system32\Drivers\mod7700.sys
2014-10-29 22:49 - 2010-07-27 02:52 - 00117248 ____N (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys
2014-10-29 22:23 - 2014-10-29 22:31 - 00011832 ____N () C:\hwupgradewizard.log
2014-10-28 20:03 - 2014-10-28 20:28 - 00000000 ____D () C:\Program Files (x86)\Fortinet
2014-10-28 19:59 - 2014-10-28 19:59 - 00000000 ____D () C:\ProgramData\Applications
2014-10-28 17:00 - 2014-10-28 17:00 - 00000000 ____D () C:\Program Files\ruKernelTool v0.6.3.12
2014-10-21 20:50 - 2014-09-05 14:22 - 00077088 ____N (Lenovo.) C:\Windows\system32\ibmpmsvc.exe
2014-10-21 20:50 - 2014-09-05 14:22 - 00072480 ____N (Lenovo.) C:\Windows\system32\ibmpmctl.exe
2014-10-21 20:50 - 2014-09-05 14:22 - 00059128 ____N (Lenovo.) C:\Windows\system32\Drivers\ibmpmdrv.sys
2014-10-21 20:50 - 2014-09-05 14:22 - 00040224 ____N (Lenovo.) C:\Windows\system32\tpinspm.dll
2014-10-21 19:06 - 2014-10-21 19:06 - 00000204 ____N () C:\Windows\SysWOW64\mon.txt
2014-10-21 12:03 - 2014-10-21 12:03 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\AVM
2014-10-21 12:00 - 2014-10-21 12:03 - 00000000 ____D () C:\Program Files (x86)\FRITZ!Fernzugang einrichten
2014-10-20 22:52 - 2014-10-20 22:52 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2014-10-16 21:08 - 2014-06-18 23:23 - 01943696 ____N (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 21:08 - 2014-06-18 23:23 - 01131664 ____N (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 21:08 - 2014-06-18 23:23 - 00156824 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 21:08 - 2014-06-18 23:23 - 00156312 ____N (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 21:08 - 2014-06-18 23:23 - 00081560 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 21:08 - 2014-06-18 23:23 - 00073880 ____N (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 16:41 - 2014-10-15 16:41 - 00078848 ____N () C:\Users\HagelEHS\Downloads\Personen (1).xls
2014-10-15 16:40 - 2014-10-15 16:40 - 00032768 ____N () C:\Users\HagelEHS\Downloads\Firmen.xls
2014-10-15 11:01 - 2014-09-18 03:00 - 03241472 ____N (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 11:01 - 2014-09-18 02:32 - 02363904 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 11:01 - 2014-08-29 03:07 - 03179520 ____N (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 11:00 - 2014-10-20 17:33 - 00681984 ____N (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 11:00 - 2014-08-19 04:11 - 00693176 ____N (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 11:00 - 2014-08-19 04:10 - 00616352 ____N (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 11:00 - 2014-08-19 04:08 - 00503808 ____N (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 11:00 - 2014-08-19 04:08 - 00063488 ____N (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 11:00 - 2014-08-19 04:08 - 00050176 ____N (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 11:00 - 2014-08-19 04:07 - 00296960 ____N (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 11:00 - 2014-08-19 04:07 - 00146944 ____N (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 11:00 - 2014-08-19 04:07 - 00058880 ____N (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 11:00 - 2014-08-19 04:07 - 00032256 ____N (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 11:00 - 2014-08-19 04:07 - 00017920 ____N (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 11:00 - 2014-08-19 03:41 - 00050688 ____N (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 11:00 - 2014-08-19 03:41 - 00043008 ____N (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 11:00 - 2014-08-19 03:06 - 00061440 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 11:00 - 2014-07-17 03:07 - 00455168 ____N (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 11:00 - 2014-07-17 03:07 - 00235520 ____N (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 11:00 - 2014-07-17 03:07 - 00150528 ____N (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 11:00 - 2014-07-17 03:07 - 00086528 ____N (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 11:00 - 2014-07-17 03:07 - 00022016 ____N (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 11:00 - 2014-07-17 02:40 - 00157696 ____N (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 11:00 - 2014-07-17 02:39 - 00065536 ____N (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 11:00 - 2014-07-17 02:39 - 00017408 ____N (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 11:00 - 2014-07-17 02:21 - 00212480 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 11:00 - 2014-07-17 02:21 - 00039936 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 11:00 - 2014-07-07 03:07 - 14632960 ____N (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 11:00 - 2014-07-07 03:07 - 00782848 ____N (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 11:00 - 2014-07-07 03:07 - 00229376 ____N (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 05551032 ____N (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 11:00 - 2014-07-07 03:06 - 04120576 ____N (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 01574400 ____N (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 01480192 ____N (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 01202176 ____N (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 01069056 ____N (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00842240 ____N (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00679424 ____N (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00641024 ____N (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00631808 ____N (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00500224 ____N (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00497664 ____N (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00440832 ____N (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00432128 ____N (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00325632 ____N (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00296448 ____N (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00284672 ____N (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00206848 ____N (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00188416 ____N (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00187904 ____N (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00082432 ____N (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00055808 ____N (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 11:00 - 2014-07-07 03:06 - 00024576 ____N (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 11:00 - 2014-07-07 03:06 - 00009728 ____N (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 11:00 - 2014-07-07 03:06 - 00005120 ____N (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 11:00 - 2014-07-07 03:06 - 00005120 ____N (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 11:00 - 2014-07-07 03:05 - 12625920 ____N (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 11:00 - 2014-07-07 03:05 - 00126464 ____N (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 11:00 - 2014-07-07 03:02 - 00002048 ____N (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 11:00 - 2014-07-07 02:52 - 00663552 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 11:00 - 2014-07-07 02:40 - 11411456 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 03208704 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 01329664 ____N (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 01174528 ____N (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 01005056 ____N (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00988160 ____N (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00744960 ____N (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00617984 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00504320 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00489984 ____N (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00442880 ____N (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00406016 ____N (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00374784 ____N (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00354816 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00265216 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00195584 ____N (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00179200 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00143872 ____N (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00103424 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00081408 ____N (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00008192 ____N (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 11:00 - 2014-07-07 02:40 - 00004096 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 11:00 - 2014-07-07 02:40 - 00004096 ____N (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 11:00 - 2014-07-07 02:39 - 12625408 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 11:00 - 2014-07-07 02:39 - 03970488 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 11:00 - 2014-07-07 02:39 - 03914680 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 11:00 - 2014-07-07 02:39 - 00050176 ____N (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 11:00 - 2014-07-07 02:39 - 00023040 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 11:00 - 2014-07-07 02:37 - 00002048 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 11:00 - 2014-06-28 01:21 - 00619056 ____N (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 11:00 - 2014-06-28 01:21 - 00532176 ____N (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 11:00 - 2014-06-28 01:21 - 00457400 ____N (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 10:59 - 2014-10-07 03:54 - 00378552 ____N (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 10:59 - 2014-10-07 03:04 - 00331448 ____N (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 10:59 - 2014-09-29 01:58 - 03198976 ____N (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 10:59 - 2014-09-25 23:50 - 13619200 ____N (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 10:59 - 2014-09-25 23:46 - 00365056 ____N (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 10:59 - 2014-09-25 23:46 - 00243200 ____N (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 10:59 - 2014-09-25 23:46 - 00069632 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 10:59 - 2014-09-25 23:43 - 11807232 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 10:59 - 2014-09-25 23:32 - 02017280 ____N (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 10:59 - 2014-09-25 23:31 - 02108416 ____N (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 10:59 - 2014-09-19 03:25 - 23631360 ____N (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 10:59 - 2014-09-19 02:56 - 02724864 ____N (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 10:59 - 2014-09-19 02:55 - 00004096 ____N (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 10:59 - 2014-09-19 02:44 - 17484800 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 10:59 - 2014-09-19 02:41 - 02796032 ____N (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 10:59 - 2014-09-19 02:40 - 00547328 ____N (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 10:59 - 2014-09-19 02:40 - 00066048 ____N (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 10:59 - 2014-09-19 02:39 - 00048640 ____N (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 10:59 - 2014-09-19 02:38 - 00083968 ____N (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 10:59 - 2014-09-19 02:36 - 05829632 ____N (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 10:59 - 2014-09-19 02:31 - 00051200 ____N (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 10:59 - 2014-09-19 02:30 - 00033792 ____N (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 10:59 - 2014-09-19 02:27 - 00595968 ____N (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 10:59 - 2014-09-19 02:26 - 00139264 ____N (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 10:59 - 2014-09-19 02:25 - 04201472 ____N (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 10:59 - 2014-09-19 02:25 - 00758272 ____N (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 10:59 - 2014-09-19 02:25 - 00111616 ____N (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 10:59 - 2014-09-19 02:18 - 00940032 ____N (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 10:59 - 2014-09-19 02:14 - 02724864 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 10:59 - 2014-09-19 02:14 - 00446464 ____N (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 10:59 - 2014-09-19 02:06 - 00072704 ____N (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 10:59 - 2014-09-19 02:02 - 00454656 ____N (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 10:59 - 2014-09-19 02:01 - 00195584 ____N (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 10:59 - 2014-09-19 02:01 - 00061952 ____N (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 10:59 - 2014-09-19 02:01 - 00051200 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 10:59 - 2014-09-19 02:00 - 00085504 ____N (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 10:59 - 2014-09-19 01:59 - 00061952 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 10:59 - 2014-09-19 01:58 - 00289280 ____N (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 10:59 - 2014-09-19 01:55 - 02187264 ____N (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 10:59 - 2014-09-19 01:54 - 00043008 ____N (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 10:59 - 2014-09-19 01:53 - 00032768 ____N (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 10:59 - 2014-09-19 01:51 - 00440320 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 10:59 - 2014-09-19 01:50 - 00112128 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 10:59 - 2014-09-19 01:49 - 00597504 ____N (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 10:59 - 2014-09-19 01:42 - 00731136 ____N (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 10:59 - 2014-09-19 01:42 - 00710656 ____N (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 10:59 - 2014-09-19 01:40 - 01249280 ____N (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 10:59 - 2014-09-19 01:36 - 00060416 ____N (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 10:59 - 2014-09-19 01:33 - 02309632 ____N (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 10:59 - 2014-09-19 01:32 - 00164864 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 10:59 - 2014-09-19 01:20 - 00607744 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 10:59 - 2014-09-19 01:18 - 01068032 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 10:59 - 2014-09-19 01:14 - 01447936 ____N (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 10:59 - 2014-09-19 00:59 - 01810944 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 10:59 - 2014-09-19 00:59 - 00775168 ____N (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 10:59 - 2014-09-19 00:53 - 01190400 ____N (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 10:59 - 2014-09-19 00:52 - 00678400 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 10:54 - 2014-09-13 02:58 - 00077312 ____N (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 10:54 - 2014-09-13 02:40 - 00067072 ____N (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 10:54 - 2014-09-05 03:11 - 06584320 ____N (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 10:54 - 2014-09-05 02:52 - 05703168 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 10:54 - 2014-09-04 06:23 - 00424448 ____N (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 10:54 - 2014-09-04 06:04 - 00372736 ____N (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 10:34 - 2014-10-20 09:32 - 00000000 ____D () C:\Windows\system32\gl-ES
2014-10-15 10:34 - 2014-10-20 09:32 - 00000000 ____D () C:\Windows\system32\fr-CA
2014-10-15 10:34 - 2014-10-20 09:32 - 00000000 ____D () C:\Windows\system32\eu-ES
2014-10-15 10:34 - 2014-10-20 09:32 - 00000000 ____D () C:\Windows\system32\es-cl
2014-10-15 10:34 - 2014-10-20 09:32 - 00000000 ____D () C:\Windows\system32\ca-ES
2014-10-15 10:34 - 2014-10-20 09:27 - 00000000 ____D () C:\Program Files (x86)\CSR
2014-10-15 10:33 - 2014-10-20 09:26 - 00000000 ____D () C:\Program Files\CSR
2014-10-14 14:32 - 2014-10-14 14:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_csrusb_01009.Wdf
2014-10-14 14:32 - 2014-10-14 14:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_csrserial_01009.Wdf
2014-10-14 14:32 - 2014-10-14 14:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_csrpan_01009.Wdf
2014-10-14 14:32 - 2014-10-14 14:32 - 00000000 ____D () C:\BluetoothExchangeFolder
2014-10-14 11:17 - 2014-10-11 12:29 - 00917112 ____N (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2014-10-14 11:17 - 2014-10-11 12:27 - 00129168 ____N (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2014-10-14 10:54 - 2014-11-04 13:50 - 00248507 _____ () C:\Windows\WindowsUpdate.log
2014-10-14 10:26 - 2011-08-12 13:55 - 00268840 ____N (Ericsson AB) C:\Windows\system32\Drivers\WwanUsbMp64.sys
2014-10-13 16:22 - 2009-07-14 13:21 - 01721576 ____N (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2014-10-13 14:56 - 2014-10-20 09:26 - 00000000 ____D () C:\Program Files\WIDCOMM
2014-10-13 13:45 - 2013-05-22 15:17 - 00015472 ____N (Lenovo Group Limited) C:\Windows\system32\Drivers\smiifx64.sys
2014-10-13 11:48 - 2014-10-13 13:39 - 00000032 ____N () C:\Windows\0
2014-10-13 11:48 - 2014-10-13 11:48 - 00000000 ____N () C:\Windows\system32\0
2014-10-11 12:27 - 2014-10-11 12:27 - 00157448 ____N (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2014-10-11 12:26 - 2014-10-11 12:26 - 00205352 ____N (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2014-10-10 20:48 - 2014-10-20 09:27 - 00000000 ____D () C:\Program Files (x86)\SDA
2014-10-07 11:05 - 2014-10-20 09:26 - 00000000 ____D () C:\Program Files\Microsoft Research
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-04 19:02 - 2014-04-20 19:57 - 00000000 ____D () C:\Users\HagelEHS\Documents\Outlook-Dateien
2014-11-04 18:59 - 2014-06-13 10:33 - 02901600 _____ () C:\Windows\system32\debug.log
2014-11-04 18:56 - 2014-09-10 11:30 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-04 18:28 - 2014-04-16 16:01 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-04 15:28 - 2014-04-16 16:01 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-04 13:53 - 2009-07-14 05:45 - 00031296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-04 13:53 - 2009-07-14 05:45 - 00031296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-04 12:20 - 2014-08-12 15:25 - 00000000 ____D () C:\Users\HagelEHS\AppData\Roaming\gSyncit
2014-11-04 12:19 - 2014-08-12 15:24 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\gSyncit
2014-11-04 12:00 - 2014-04-15 15:17 - 00003494 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2014-11-04 12:00 - 2014-04-15 15:17 - 00003448 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
2014-11-04 12:00 - 2014-04-15 15:17 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2014-11-04 11:59 - 2011-07-06 03:13 - 00703174 _____ () C:\Windows\system32\perfh007.dat
2014-11-04 11:59 - 2011-07-06 03:13 - 00150782 _____ () C:\Windows\system32\perfc007.dat
2014-11-04 11:59 - 2009-07-14 06:13 - 01629268 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-04 11:56 - 2014-04-17 09:38 - 00000000 ____D () C:\Users\Hagel\.VirtualBox
2014-11-04 01:03 - 2011-07-06 03:12 - 00000000 ____D () C:\Windows\system32\0407
2014-11-04 01:03 - 2011-07-05 17:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-03 16:09 - 2014-04-25 21:25 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\TeamViewer
2014-11-03 11:21 - 2011-07-05 17:42 - 00000000 ____D () C:\swshare
2014-11-03 10:00 - 2014-04-25 13:31 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\Dropbox
2014-11-03 09:52 - 2011-07-05 17:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-03 09:51 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-02 20:49 - 2014-09-21 21:44 - 00000000 ____D () C:\Program Files (x86)\XMedia Recode
2014-11-02 20:45 - 2014-04-15 15:17 - 00000528 ____N () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-11-02 20:01 - 2014-05-14 09:33 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_Tools
2014-11-02 07:00 - 2014-04-15 15:17 - 00004232 ____N () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-11-01 12:29 - 2014-04-16 09:02 - 00000000 ____D () C:\Windows\System32\Tasks\Lenovo
2014-11-01 12:29 - 2011-07-05 17:47 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-11-01 12:29 - 2011-07-05 17:28 - 00000000 ____D () C:\Program Files\Lenovo
2014-11-01 12:26 - 2014-04-23 21:05 - 00001912 ____N () C:\Windows\epplauncher.mif
2014-11-01 11:06 - 2014-04-16 14:38 - 00002772 ____N () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-10-31 12:25 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-31 10:37 - 2014-04-25 12:48 - 00000000 ____D () C:\Program Files (x86)\MyPhoneExplorer
2014-10-31 09:55 - 2014-04-24 13:30 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-31 09:49 - 2014-04-16 09:02 - 00000000 ____D () C:\Windows\System32\Tasks\TVT
2014-10-31 09:45 - 2011-07-05 17:50 - 00000000 ____D () C:\ProgramData\PCDr
2014-10-30 12:25 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-29 22:49 - 2014-05-22 15:56 - 00000000 ____D () C:\Program Files (x86)\Mobile Partner
2014-10-29 11:55 - 2014-05-13 17:07 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\vlc
2014-10-29 09:28 - 2014-09-10 11:30 - 00003822 ____N () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-29 09:28 - 2014-09-07 22:43 - 00701104 ____N (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-29 09:28 - 2014-09-07 22:43 - 00071344 ____N (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-27 20:17 - 2014-08-12 12:49 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\dvdcss
2014-10-23 14:23 - 2014-04-16 16:01 - 00004106 ____N () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-23 14:23 - 2014-04-16 16:01 - 00003854 ____N () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-22 09:00 - 2014-04-16 08:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-22 08:59 - 2014-04-16 09:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-10-22 08:59 - 2010-11-21 08:16 - 00000000 ____D () C:\Windows\ShellNew
2014-10-22 08:54 - 2009-07-14 03:34 - 00000513 ____N () C:\Windows\win.ini
2014-10-21 20:52 - 2011-07-05 17:41 - 00003020 ____N () C:\Windows\System32\Tasks\PMTask
2014-10-21 20:52 - 2009-07-14 04:20 - 00000000 __RSD () C:\Windows\Media
2014-10-20 11:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-10-20 10:18 - 2014-04-16 15:47 - 00000000 ____D () C:\Users\Hagel\Documents\Outlook-Dateien
2014-10-20 10:08 - 2011-07-05 17:41 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\TAPI
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-CS
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sppui
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Recovery
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\ras
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\manifeststore
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\lt-LT
2014-10-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\InstallShield
2014-10-20 10:07 - 2014-04-16 08:59 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-10-20 10:07 - 2011-07-06 03:12 - 00000000 ____D () C:\Windows\SysWOW64\de
2014-10-20 10:07 - 2011-07-05 17:41 - 00000000 ____D () C:\Windows\system32\NV
2014-10-20 10:07 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2014-10-20 10:07 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\WinBioDatabase
2014-10-20 10:07 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\restore
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\icsxml
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\hr-HR
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\et-EE
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\AdvancedInstallers
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\uk-UA
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\th-TH
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sppui
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Setup
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Recovery
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\ras
2014-10-20 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-10-20 10:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-10-20 10:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\migwiz
2014-10-20 10:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\manifeststore
2014-10-20 10:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-10-20 10:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-10-20 10:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\icsxml
2014-10-20 10:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\ias
2014-10-20 10:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-10-20 10:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\he-IL
2014-10-20 10:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\et-EE
2014-10-20 10:04 - 2014-04-23 16:49 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-20 10:04 - 2011-07-06 03:12 - 00000000 ____D () C:\Windows\system32\de
2014-10-20 10:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-20 10:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\com
2014-10-20 10:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-10-20 10:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-10-20 10:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2014-10-20 10:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\servicing
2014-10-20 10:03 - 2011-02-15 10:42 - 00000000 ____D () C:\Windows\Panther
2014-10-20 10:03 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2014-10-20 10:03 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Registration
2014-10-20 10:03 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-10-20 10:02 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-10-20 09:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\IME
2014-10-20 09:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2014-10-20 09:57 - 2014-06-02 08:59 - 00000000 ____D () C:\Users\HagelEHS\AppData\Roaming\vlc
2014-10-20 09:57 - 2014-04-25 12:55 - 00000000 ____D () C:\Users\Hagel\.android
2014-10-20 09:57 - 2014-04-24 13:31 - 00000000 ____D () C:\Users\Hagel\SystemRequirementsLab
2014-10-20 09:57 - 2014-04-19 21:52 - 00000000 ___RD () C:\Users\HagelEHS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-20 09:57 - 2014-04-19 21:52 - 00000000 ___RD () C:\Users\HagelEHS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-20 09:57 - 2014-04-19 21:52 - 00000000 ____D () C:\Users\HagelEHS
2014-10-20 09:57 - 2014-04-16 11:59 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\Steganos
2014-10-20 09:57 - 2014-04-16 08:59 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\WMCore
2014-10-20 09:57 - 2014-04-15 15:16 - 00000000 ___RD () C:\Users\Hagel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-20 09:57 - 2014-04-15 15:16 - 00000000 ___RD () C:\Users\Hagel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-20 09:57 - 2014-04-15 15:16 - 00000000 ____D () C:\Users\Hagel
2014-10-20 09:57 - 2011-07-05 17:57 - 00000000 ____D () C:\Windows\delnis
2014-10-20 09:57 - 2011-07-05 17:45 - 00000000 ____D () C:\ProgramData\Ulead Systems
2014-10-20 09:57 - 2011-07-05 17:39 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-20 09:57 - 2011-07-05 17:39 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-20 09:57 - 2011-07-05 17:31 - 00000000 ____D () C:\root
2014-10-20 09:57 - 2010-11-21 08:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-10-20 09:57 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\addins
2014-10-20 09:57 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-10-20 09:57 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-10-20 09:57 - 2009-07-14 04:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-20 09:57 - 2009-07-14 04:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-20 09:57 - 2009-07-14 04:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-20 09:57 - 2009-07-14 04:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-20 09:57 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-20 09:57 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-20 09:57 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Cursors
2014-10-20 09:56 - 2014-06-03 16:02 - 00000000 ____D () C:\Program Files (x86)\SimpleADBBackup
2014-10-20 09:56 - 2014-05-26 21:02 - 00000000 ____D () C:\Program Files (x86)\XMediaRecode3188
2014-10-20 09:56 - 2014-04-24 12:53 - 00000000 ____D () C:\Program Files (x86)\SSD Fresh
2014-10-20 09:56 - 2014-04-16 11:59 - 00000000 ____D () C:\Program Files (x86)\Steganos Privacy Suite 12
2014-10-20 09:56 - 2014-04-16 06:46 - 00000000 ____D () C:\ProgramData\backup
2014-10-20 09:56 - 2014-04-15 23:06 - 00000000 ____D () C:\ProgramData\launcher
2014-10-20 09:56 - 2014-04-15 23:02 - 00000000 ____D () C:\ProgramData\explauncher
2014-10-20 09:56 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-10-20 09:56 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-10-20 09:56 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-10-20 09:56 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-10-20 09:55 - 2011-07-05 17:44 - 00000000 ____D () C:\Program Files (x86)\Lenovo Registration
2014-10-20 09:55 - 2011-07-05 17:31 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2014-10-20 09:54 - 2011-07-05 17:32 - 00000000 ____D () C:\Program Files (x86)\Integrated Camera Driver
2014-10-20 09:53 - 2014-05-08 20:03 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-10-20 09:53 - 2014-04-24 12:44 - 00000000 ____D () C:\Program Files\Soluto
2014-10-20 09:53 - 2011-07-05 17:47 - 00000000 ____D () C:\Program Files\ThinkVantage Fingerprint Software
2014-10-20 09:53 - 2010-11-21 08:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-10-20 09:53 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-10-20 09:53 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-10-20 09:53 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-10-20 09:53 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-10-20 09:52 - 2011-07-05 17:50 - 00000000 ____D () C:\Program Files\PC-Doctor
2014-10-20 09:52 - 2011-07-05 17:38 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-10-20 09:52 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-10-20 09:51 - 2014-05-09 16:55 - 00000000 ____D () C:\Program Files\7-Zip
2014-10-20 09:51 - 2014-04-17 09:19 - 00000000 ____D () C:\Program Files\DeskSave 8.2.1
2014-10-20 09:51 - 2014-04-16 09:24 - 00000000 ____D () C:\Program Files\Common Files\SPBA
2014-10-20 09:51 - 2011-07-06 03:00 - 00000000 ____D () C:\mfg
2014-10-20 09:51 - 2011-07-05 17:33 - 00000000 ____D () C:\Program Files\CONEXANT
2014-10-20 09:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-10-20 09:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Services
2014-10-20 09:48 - 2014-09-10 21:40 - 00000000 ____D () C:\Users\Hagel\Documents\My Data Files
2014-10-20 09:48 - 2014-08-05 15:07 - 00000000 ____D () C:\Users\HagelEHS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GO Contact Sync Mod
2014-10-20 09:48 - 2014-06-02 11:47 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\PolarisOfficeLink
2014-10-20 09:47 - 2014-04-24 13:53 - 00000000 ____D () C:\Program Files\FreeFileSync
2014-10-20 09:47 - 2014-04-16 10:52 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-10-20 09:47 - 2014-04-16 10:52 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-10-20 09:46 - 2014-04-27 13:54 - 00000000 ____D () C:\Users\HagelEHS\AppData\Roaming\TeamViewer
2014-10-20 09:44 - 2014-09-24 08:17 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-20 09:44 - 2014-09-24 08:17 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\Skype
2014-10-20 09:44 - 2014-09-23 16:22 - 00000000 ___RD () C:\Users\Hagel\OneDrive
2014-10-20 09:44 - 2014-09-23 16:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive
2014-10-20 09:41 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-10-20 09:39 - 2014-10-01 13:52 - 00000000 ____D () C:\Program Files\Image Resizer for Windows
2014-10-20 09:39 - 2014-10-01 13:17 - 00000000 ____D () C:\Program Files (x86)\Image Resizer for Windows
2014-10-20 09:39 - 2014-09-30 20:18 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\Samsung
2014-10-20 09:38 - 2014-09-30 20:19 - 00000000 ____D () C:\Users\Hagel\Documents\SelfMV
2014-10-20 09:38 - 2014-09-21 22:40 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\XMedia Recode
2014-10-20 09:35 - 2014-08-08 08:39 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\Spotify
2014-10-20 09:33 - 2011-07-06 03:12 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-10-20 09:33 - 2011-07-05 17:44 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-10-20 09:33 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2014-10-20 09:33 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2014-10-20 09:33 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2014-10-20 09:33 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2014-10-20 09:33 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2014-10-20 09:33 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\system32\winrm
2014-10-20 09:33 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\system32\WCN
2014-10-20 09:33 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\system32\slmgr
2014-10-20 09:33 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2014-10-20 09:33 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\SysWOW64\WindowsPowerShell
2014-10-20 09:33 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\WindowsPowerShell
2014-10-20 09:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Web
2014-10-20 09:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Vss
2014-10-20 09:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\spp
2014-10-20 09:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Speech
2014-10-20 09:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\NetworkList
2014-10-20 09:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-10-20 09:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Msdtc
2014-10-20 09:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\IME
2014-10-20 09:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\winevt
2014-10-20 09:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\spp
2014-10-20 09:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\spool
2014-10-20 09:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Speech
2014-10-20 09:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\SMI
2014-10-20 09:32 - 2014-04-28 12:24 - 00000000 ____D () C:\Windows\system32\Macromed
2014-10-20 09:32 - 2014-04-15 15:26 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-10-20 09:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NetworkList
2014-10-20 09:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\MUI
2014-10-20 09:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\IME
2014-10-20 09:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Speech
2014-10-20 09:31 - 2014-04-16 09:00 - 00000000 ____D () C:\Windows\PCHEALTH
2014-10-20 09:31 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\Performance
2014-10-20 09:31 - 2009-07-14 05:45 - 00000000 ____D () C:\Windows\Setup
2014-10-20 09:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\security
2014-10-20 09:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\schemas
2014-10-20 09:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Resources
2014-10-20 09:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PLA
2014-10-20 09:30 - 2014-09-03 10:42 - 00000000 ____D () C:\Windows\ERUNT
2014-10-20 09:30 - 2014-04-15 15:14 - 00000000 ____D () C:\Windows\CSC
2014-10-20 09:30 - 2009-07-14 06:37 - 00000000 ____D () C:\Windows\DigitalLocker
2014-10-20 09:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Globalization
2014-10-20 09:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Branding
2014-10-20 09:29 - 2014-10-01 13:43 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\InstallShield
2014-10-20 09:29 - 2014-09-30 20:19 - 00000000 ____D () C:\Users\Hagel\Documents\samsung
2014-10-20 09:29 - 2014-09-14 14:41 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\Python
2014-10-20 09:29 - 2014-08-06 09:59 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\Soluto
2014-10-20 09:29 - 2014-06-19 13:38 - 00000000 ____D () C:\Users\Public\Documents\HP
2014-10-20 09:29 - 2014-05-09 09:00 - 00000000 ____D () C:\Users\HagelEHS\AppData\Roaming\Lenovo
2014-10-20 09:29 - 2014-05-09 08:44 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\Lenovo
2014-10-20 09:29 - 2014-05-08 18:55 - 00000000 ____D () C:\Users\Hagel\Documents\Ulead Burn.Now
2014-10-20 09:29 - 2014-05-08 18:55 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\Ulead Systems
2014-10-20 09:29 - 2014-04-24 13:54 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\FreeFileSync
2014-10-20 09:29 - 2014-04-24 12:20 - 00000000 ____D () C:\Users\HagelEHS\AppData\Roaming\GoContactSyncMOD
2014-10-20 09:29 - 2014-04-24 11:59 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\GoContactSyncMOD
2014-10-20 09:29 - 2014-04-23 09:06 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\NVIDIA
2014-10-20 09:29 - 2014-04-20 21:18 - 00000000 ____D () C:\Users\HagelEHS\AppData\Roaming\Tracker Software
2014-10-20 09:29 - 2014-04-19 22:27 - 00000000 ____D () C:\Users\HagelEHS\AppData\Roaming\PwrMgr
2014-10-20 09:29 - 2014-04-19 21:59 - 00000000 ____D () C:\Users\HagelEHS\AppData\Roaming\LSC
2014-10-20 09:29 - 2014-04-19 21:52 - 00000000 ____D () C:\Users\HagelEHS\AppData\Roaming\Macromedia
2014-10-20 09:29 - 2014-04-19 21:52 - 00000000 ____D () C:\Users\HagelEHS\AppData\Roaming\Leadertech
2014-10-20 09:29 - 2014-04-19 21:52 - 00000000 ____D () C:\Users\HagelEHS\AppData\Roaming\Intel
2014-10-20 09:29 - 2014-04-19 21:52 - 00000000 ____D () C:\Users\HagelEHS\AppData\Roaming\Adobe
2014-10-20 09:29 - 2014-04-16 16:39 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\Tracker Software
2014-10-20 09:29 - 2014-04-16 11:00 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\PCDr
2014-10-20 09:29 - 2014-04-15 15:34 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\Macromedia
2014-10-20 09:29 - 2014-04-15 15:34 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\Adobe
2014-10-20 09:29 - 2014-04-15 15:25 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\PwrMgr
2014-10-20 09:29 - 2014-04-15 15:19 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\Leadertech
2014-10-20 09:29 - 2014-04-15 15:16 - 00000000 ____D () C:\Users\Hagel\AppData\Roaming\Intel
2014-10-20 09:29 - 2011-07-05 17:56 - 00000000 ____D () C:\Users\Public\Lenovo
2014-10-20 09:29 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-10-20 09:28 - 2014-09-30 20:12 - 00000000 ____D () C:\ProgramData\Qualcomm
2014-10-20 09:28 - 2014-09-24 08:17 - 00000000 ____D () C:\ProgramData\Skype
2014-10-20 09:28 - 2014-09-23 16:22 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-10-20 09:28 - 2014-09-11 11:40 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-10-20 09:28 - 2014-09-11 11:40 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-10-20 09:28 - 2014-04-27 13:51 - 00000000 ____D () C:\ProgramData\Western Digital
2014-10-20 09:28 - 2014-04-26 17:40 - 00000000 ____D () C:\ProgramData\Samsung
2014-10-20 09:28 - 2014-04-24 13:30 - 00000000 ____D () C:\ProgramData\Sun
2014-10-20 09:28 - 2014-04-24 12:43 - 00000000 ____D () C:\ProgramData\Soluto
2014-10-20 09:28 - 2014-04-16 08:46 - 00000000 ____D () C:\Users\Hagel\AppData\Local\Apps\2.0
2014-10-20 09:28 - 2014-04-15 23:04 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-20 09:28 - 2011-07-05 17:50 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows
2014-10-20 09:28 - 2011-07-05 17:38 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-10-20 09:27 - 2014-10-01 14:28 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-10-20 09:27 - 2014-09-03 08:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-20 09:27 - 2014-08-14 15:03 - 00000000 ____D () C:\ProgramData\McAfee
2014-10-20 09:27 - 2014-08-12 15:22 - 00000000 ____D () C:\Program Files (x86)\Fieldston Software
2014-10-20 09:27 - 2014-06-19 14:54 - 00000000 ____D () C:\ProgramData\Conexant
2014-10-20 09:27 - 2014-06-05 15:49 - 00000000 ____D () C:\ProgramData\AVM
2014-10-20 09:27 - 2014-06-03 20:37 - 00000000 ____D () C:\Program Files (x86)\HP
2014-10-20 09:27 - 2014-06-03 20:36 - 00000000 ____D () C:\ProgramData\HP
2014-10-20 09:27 - 2014-06-02 15:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft WSE
2014-10-20 09:27 - 2014-05-28 12:55 - 00000000 ____D () C:\ProgramData\Apple
2014-10-20 09:27 - 2014-04-25 21:25 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-10-20 09:27 - 2014-04-24 11:59 - 00000000 ____D () C:\Program Files (x86)\WebGear
2014-10-20 09:27 - 2014-04-16 16:13 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-10-20 09:27 - 2014-04-16 16:01 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-20 09:27 - 2014-04-16 11:45 - 00000000 ____D () C:\ProgramData\MacheenService
2014-10-20 09:27 - 2014-04-16 08:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-10-20 09:27 - 2014-04-16 08:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-10-20 09:27 - 2014-04-15 23:03 - 00000000 ____D () C:\Program Files (x86)\Paragon Software
2014-10-20 09:27 - 2011-07-06 02:57 - 00000000 ____D () C:\ProgramData\Lenovo
2014-10-20 09:27 - 2011-07-05 17:46 - 00000000 ____D () C:\ProgramData\InterVideo
2014-10-20 09:27 - 2011-07-05 17:43 - 00000000 ____D () C:\ProgramData\Corel
2014-10-20 09:27 - 2011-07-05 17:43 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-20 09:27 - 2011-07-05 17:43 - 00000000 ____D () C:\Program Files (x86)\Corel
2014-10-20 09:27 - 2011-07-05 17:38 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-10-20 09:27 - 2011-07-05 17:33 - 00000000 ____D () C:\Program Files (x86)\ThinkPad
2014-10-20 09:27 - 2011-07-05 17:32 - 00000000 ____D () C:\Program Files (x86)\Ricoh
2014-10-20 09:27 - 2011-07-05 17:32 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-10-20 09:27 - 2011-07-05 17:30 - 00000000 ____D () C:\ProgramData\Intel
2014-10-20 09:27 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-10-20 09:27 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-10-20 09:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files (x86)\Windows NT
2014-10-20 09:26 - 2014-09-11 11:40 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-20 09:26 - 2014-06-05 15:49 - 00000000 ____D () C:\Program Files\FRITZ!Fernzugang
2014-10-20 09:26 - 2014-06-01 21:14 - 00000000 ____D () C:\Program Files (x86)\ClockworkMod
2014-10-20 09:26 - 2014-05-13 17:05 - 00000000 ____D () C:\Program Files\VideoLAN
2014-10-20 09:26 - 2014-04-26 17:41 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-10-20 09:26 - 2014-04-17 09:37 - 00000000 ____D () C:\Program Files\Oracle
2014-10-20 09:26 - 2014-04-16 16:28 - 00000000 ____D () C:\Program Files\Tracker Software
2014-10-20 09:26 - 2014-04-16 14:38 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-20 09:26 - 2014-04-16 11:58 - 00000000 ____D () C:\Program Files\Common Files\Lenovo
2014-10-20 09:26 - 2014-04-16 08:57 - 00000000 __RHD () C:\MSOCache
2014-10-20 09:26 - 2014-04-16 08:57 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-10-20 09:26 - 2014-04-16 06:56 - 00000000 ____D () C:\archive_db
2014-10-20 09:26 - 2014-04-15 16:48 - 00000000 ____D () C:\Program Files\AuthenTec
2014-10-20 09:26 - 2011-07-05 17:47 - 00000000 ____D () C:\Program Files\Protector Suite
2014-10-20 09:26 - 2011-07-05 17:32 - 00000000 ____D () C:\Program Files (x86)\Chicony Electronics Co.,Ltd
2014-10-20 09:26 - 2011-07-05 17:30 - 00000000 ____D () C:\Program Files\Intel
2014-10-20 09:26 - 2011-07-05 17:30 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-10-20 09:26 - 2011-07-05 17:30 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-10-20 09:26 - 2011-07-05 17:28 - 00000000 ____D () C:\Program Files\ThinkPad
2014-10-20 09:26 - 2011-07-05 17:26 - 00000000 ____D () C:\Program Files\Synaptics
2014-10-20 09:26 - 2011-07-05 17:26 - 00000000 ____D () C:\Program Files\DIFX
2014-10-20 09:26 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-10-20 09:26 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\MSBuild
2014-10-20 09:26 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Windows NT
2014-10-20 09:26 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\SpeechEngines
2014-10-20 09:26 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-10-15 11:09 - 2014-04-15 18:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 11:02 - 2014-04-15 18:39 - 103265616 ____N (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-14 10:37 - 2014-09-05 08:34 - 00002337 ____N () C:\Windows\system32\TeamViewer9_Hooks.log
2014-10-13 15:57 - 2014-07-07 12:29 - 00000224 ____N () C:\Windows\system32\snetcfg.log
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-31 00:46
==================== End Of Log ============================
|
|
04.11.2014, 19:09
| #9 |
| | Notebook wird immer langsamer. Lange Bootzeit. Desktop erst spät verfügbar.Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2014
Ran by Hagel at 2014-11-04 19:06:07
Running from C:\Users\Hagel\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 16.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.249 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.73.00 - )
BufferChm (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.44.0 - Conexant)
Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)
Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) Hidden
Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.828 - Corel Inc.)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
CSR Harmony Wireless Software Stack (HKLM\...\{17DEA095-8EE1-49A2-AC5A-9663DB098FA9}) (Version: 2.1.63.0 - CSR Plc.)
DeviceDiscovery (x32 Version: 100.0.190.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Dienstprogramm "ThinkPad UltraNav" (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.66.3 - Lenovo Group Limited)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FreeFileSync 6.10 (HKLM-x32\...\FreeFileSync) (Version: 6.10 - Zenju)
FRITZ!Box-Fernzugang einrichten (HKLM-x32\...\{EFADD989-D9F2-49F6-A280-675951CC78D3}) (Version: 1.0.3 - AVM Berlin)
FRITZ!Fernzugang (HKLM\...\{DD57CC22-8864-4CCA-94D4-600D024C1207}) (Version: 1.3.1 - AVM Berlin)
GO Contact Sync Mod (HKLM-x32\...\{CD178FDD-086A-4C2E-935E-8CDB747B0F29}) (Version: 3.6.1 - WebGear, Create Software, Stru.be, saller.NET)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Cloud Print-Drucker (HKLM-x32\...\{74AA24E0-AC50-4B28-BA46-9CF05467C9B7}) (Version: 28.0.1489.0 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
gSyncit (HKLM-x32\...\{C0838B4B-A793-4927-AE22-1CA84EB6A16E}) (Version: 4.0.289 - Fieldston Software)
HP Color LaserJet CM1312 MFP Series 5.1 (HKLM\...\{8EEDB90E-6ABC-42bb-AD4C-39DEE05E3EEA}) (Version: 5.1 - HP)
HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
hppCLJCM1312 (x32 Version: 005.001.00142 - Hewlett-Packard) Hidden
hppFaxDrvCM1312 (x32 Version: 005.000.00001 - Hewlett-Packard) Hidden
hppFaxUtilityCM1312 (x32 Version: 005.001.00137 - Ihr Firmenname) Hidden
hppFonts (x32 Version: 001.001.00061 - Hewlett-Packard) Hidden
hppManualsCM1312 (x32 Version: 005.001.00145 - Ihr Firmenname) Hidden
hppQFolderCM1312 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
hppScanToCM1312 (x32 Version: 005.001.00140 - Ihr Firmenname) Hidden
hppSendFaxCM1312 (x32 Version: 005.000.00001 - Ihr Firmenname) Hidden
Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Identity Protection Technology 1.2.32.0 (HKLM-x32\...\{2D793E41-F598-1014-9984-F3B169A93F79}) (Version: 1.2.32.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.80.1211 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.7 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2538 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.00 - )
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.09.00 - )
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.2 - Lenovo Inc.)
Lenovo Screen Reading Optimizer (HKLM-x32\...\{91A29166-4E1B-4664-B70B-4C4A3B6B3372}) (Version: 1.16 - Lenovo)
Lenovo Solution Center (HKLM\...\{4C2B6F96-3AED-4E3F-8DCE-917863D1E6B1}) (Version: 2.7.003.00 - Lenovo Group Limited)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0016 - Lenovo)
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5802.24 - PC-Doctor, Inc.)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Ihr Firmenname)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 2.02.003.0 - Lenovo)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Message Center Plus (HKLM-x32\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Image Composite Editor (HKLM\...\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}) (Version: 1.4.4 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mobile Broadband Drivers (HKLM-x32\...\{EA9640BE-414E-4195-B53B-7905BF1A5A09}) (Version: 6.5.1.5 - Ericsson AB)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 23.009.05.03.1014 - Huawei Technologies Co.,Ltd)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
NVIDIA 3D Vision Treiber 312.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 312.69 - NVIDIA Corporation)
NVIDIA Grafiktreiber 312.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 312.69 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA nView 140.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.75 - NVIDIA Corporation)
Oracle VM VirtualBox 4.3.18 (HKLM\...\{74B7E6F9-DCAC-4ADB-B2D0-EEFDD1B5AC25}) (Version: 4.3.18 - Oracle Corporation)
Paragon Festplatten Manager™ 2012 Kompakt (HKLM-x32\...\{29258311-EA49-11DE-967C-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDF-XChange 2012 Pro (HKLM\...\{F92F0AAB-2EF6-412C-8BF4-0B11EB535280}_is1) (Version: 5.5.308.2 - Tracker Software Products Ltd)
PDF-XChange Editor (HKLM-x32\...\{87738bc6-bdf0-4e55-86b5-32ddece8f51d}) (Version: 5.5.308.2 - Tracker Software Products (Canada) Ltd.)
PDF-XChange Editor (Version: 5.5.308.2 - Tracker Software Products (Canada) Ltd.) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
RapidBoot (HKLM-x32\...\InstallShield_{C83D5AA1-6A1F-4102-8F7F-C0230DD31FC0}) (Version: 1.00 - Lenovo)
RapidBoot (x32 Version: 1.00 - Lenovo) Hidden
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.39.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.39.0 - Renesas Electronics Corporation) Hidden
Rescue and Recovery (HKLM-x32\...\{BDB3E73F-5ECA-441D-96E1-F1CFCF3D427D}) (Version: 4.52.0005.00 - Lenovo Group Limited)
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.5.0 - Lenovo Group Limited)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Soluto (HKLM\...\{037C627B-384E-450E-866C-95BAB3CDEA17}) (Version: 1.3.1494.0 - Soluto)
Spotify (HKCU\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
SSD Fresh (HKLM-x32\...\SSD Fresh_is1) (Version: 2014 - Abelssoft)
Steganos Privacy Suite 12 (HKLM-x32\...\{0F1D1572-9311-4590-A8A6-425224984E54}) (Version: 12.1.1 - Steganos Software GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.41 - )
ThinkPad Modem Adapter (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.5.0 - Conexant Systems)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.14 - )
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.22 - Lenovo)
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.07 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.11.0.0 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{F58DA859-016E-492D-A588-317D9BB28002}) (Version: 5.9.9.7282 - Authentec Inc.)
ThinkVantage GPS (HKLM-x32\...\{6DB21B2C-2BEF-44B4-B264-8EC2BC2369C6}) (Version: 2.80 - Lenovo)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.79.00.03 - Lenovo)
TrayApp (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
ViewSonic Windows 7 x64 Signed Files (HKLM-x32\...\{FC47C7A5-BE63-11D5-B7C9-005004566E4D}) (Version: - )
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebReg (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
Windows-Treiberpaket - Intel (e1cexpress) Net (12/21/2010 11.8.84.0) (HKLM\...\6D23A494E9A245843FB8584D9307D3E328DF8613) (Version: 12/21/2010 11.8.84.0 - Intel)
Windows-Treiberpaket - Intel (MEIx64) System (10/19/2010 7.0.0.1144) (HKLM\...\90FD26A77B849AE03FF5F07A1CDA7F950406A8D8) (Version: 10/19/2010 7.0.0.1144 - Intel)
Windows-Treiberpaket - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows-Treiberpaket - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\A513FC5E5A08D4EF27F234E91E0E942A0234210B) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows-Treiberpaket - Intel System (10/04/2010 9.2.0.1015) (HKLM\...\FE1BEBFD475BB832AAF104F5C63348E98A9286DF) (Version: 10/04/2010 9.2.0.1015 - Intel)
Windows-Treiberpaket - Intel USB (09/16/2010 9.2.0.1013) (HKLM\...\D97688B8E3830BF9820E15EB8D9552DCBF988CFD) (Version: 09/16/2010 9.2.0.1013 - Intel)
Windows-Treiberpaket - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11) (HKLM\...\466E9B20D871055D6D3CDA2CDD1D355E978A61AF) (Version: 11/11/2010 1.61.00.11 - Lenovo)
Windows-Treiberpaket - Ricoh Company SD Host Controller (03/23/2011 6.10.10.30) (HKLM\...\4534F449D55EE49DEE206B3D9A3B1811E1A495EA) (Version: 03/23/2011 6.10.10.30 - Ricoh Company)
Windows-Treiberpaket - Synaptics (SynTP) Mouse (03/24/2011 15.2.19.0) (HKLM\...\5DF942712DC7660AE4A1B04809A1C3F67B0CA27C) (Version: 03/24/2011 15.2.19.0 - Synaptics)
XMedia Recode Version 3.2.0.1 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.2.0.1 - XMedia Recode)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2672548732-3621259577-1585307691-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Hagel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2672548732-3621259577-1585307691-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Hagel\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2672548732-3621259577-1585307691-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Hagel\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2672548732-3621259577-1585307691-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Hagel\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2672548732-3621259577-1585307691-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Hagel\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2672548732-3621259577-1585307691-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Hagel\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2672548732-3621259577-1585307691-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2672548732-3621259577-1585307691-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2672548732-3621259577-1585307691-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2672548732-3621259577-1585307691-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2672548732-3621259577-1585307691-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2672548732-3621259577-1585307691-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2672548732-3621259577-1585307691-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2672548732-3621259577-1585307691-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
31-10-2014 08:51:25 Installiert Digital Line Detect
01-11-2014 10:15:39 Installed gSyncit
03-11-2014 20:28:57 Windows Update
03-11-2014 22:34:22 SSD Tweaker restore point
03-11-2014 22:36:23 SSD Tweaker restore point
04-11-2014 00:00:21 Installiert Renesas Electronics USB 3.0 Host Controller Driver
04-11-2014 00:02:29 Installiert Renesas Electronics USB 3.0 Host Controller Driver
04-11-2014 00:03:25 Entfernt Renesas Electronics USB 3.0 Host Controller Driver
04-11-2014 00:07:35 Windows-Sicherung
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-05-16 09:40 - 2014-06-19 13:37 - 00000991 ____N C:\Windows\system32\Drivers\etc\hosts
192.168.1.249 EHS-STORAGE
192.168.1.241 EHS-COM
192.168.1.241 ehs-com.intern.EHS.de
192.168.1.244 EHS-Terminal
192.168.55.43 Drucker---HP-CM1312nfi.fritz.box
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0BF68B87-DD44-4A98-BA0E-DA3EC359E8B1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {16F36776-5DC4-4498-B7C8-A2A57CF3B1BA} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-03-31] (PC-Doctor, Inc.)
Task: {1E30C44E-853D-4BE9-A19F-A37458155E2A} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2014-09-10] (Lenovo Group Limited)
Task: {2418A00D-ACA8-4903-922B-C52BF6EE5AB2} - System32\Tasks\TVT\ChangePWD => %RR%\rrcmd.exe
Task: {34F6B631-A6C6-49BE-A52A-DE16F5C60015} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {356D8D1D-810F-4C32-B56C-3A8BBD1A9669} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2011-03-31] (PC-Doctor, Inc.)
Task: {50AFEEE1-73F9-4BD9-B637-4793CAC15875} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2014-06-18] ()
Task: {5244ADF1-DAFB-4CEC-A83B-8BEDF3EF8ABC} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-03-31] (PC-Doctor, Inc.)
Task: {5EE6F9CB-E583-460D-A758-57E1ECE805E3} - System32\Tasks\Lenovo\SROptimizer => %TRPATH%\SRORest.exe
Task: {704698A2-2976-4CDF-A71B-04469FB8F5DC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-29] (Adobe Systems Incorporated)
Task: {70E80B87-E62E-40B9-991A-8D98D6CDE696} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {75EEE41F-08BB-4034-82D1-DFE6B3733161} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-10-16] (Lenovo)
Task: {84EE8920-B41E-40D6-A11F-0A894D29FC44} - System32\Tasks\TVT\LaunchRnR => %RR%\rrcmd.exe
Task: {8834920C-6C8F-47B6-BE98-2F32E2764683} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {8B47522E-738F-412E-81FB-AB3B18B0DDD7} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-10-16] ()
Task: {A759975D-4A6E-4A66-8B0E-FE1AFA97FB5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-16] (Google Inc.)
Task: {A8CA83EF-4E12-43B5-8DB1-E220060AB534} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-10-16] (Lenovo)
Task: {B6DACD74-7858-43DC-B3A3-32F0E116F354} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-10-16] ()
Task: {BD598119-5148-4EA9-AC84-E8920B1980BB} - System32\Tasks\Lenovo\LSC\LSCTaskService => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe [2014-10-16] ()
Task: {C3B25026-A1A0-4EB6-97BE-AF6C6A32A1DC} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {CC2DDAB3-819D-49EC-9A99-33FE970A208F} - System32\Tasks\TVT\UpdateRnR => %TVTCOMMON%\Scheduler\tvtsetsched.exe
Task: {D904E9BA-8653-4BB5-85A5-08BC6EFE07B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-16] (Google Inc.)
Task: {E778A9ED-77BA-481C-978E-E6ADC9E8924A} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-27] ()
Task: {ED5A166B-2089-45E4-8E78-2F81ACD5D21E} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2014-10-16] (Lenovo)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe
==================== Loaded Modules (whitelisted) =============
2010-12-17 12:53 - 2010-12-17 12:53 - 01501696 ____N () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2014-10-29 22:49 - 2012-11-01 11:49 - 00657504 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
2014-10-15 11:35 - 2014-10-15 11:35 - 03672064 ____N () C:\Windows\assembly\NativeImages_v2.0.50727_64\PCGPreCompiled\147a38a7653169860dd6816e35e37384\PCGPreCompiled.ni.dll
2014-10-15 11:36 - 2014-10-15 11:36 - 00267264 ____N () C:\Windows\assembly\NativeImages_v2.0.50727_64\PCGAppControlPlugin#\52df5510f23c17994e7bbd8a76a1bdd0\PCGAppControlPluginLoader.ni.dll
2014-10-15 11:36 - 2014-10-15 11:36 - 00068096 ____N () C:\Windows\assembly\NativeImages_v2.0.50727_64\SignalRWrapper\a454c164c98d7f3f6f6c8413b4f8d7d8\SignalRWrapper.ni.dll
2013-11-14 13:26 - 2013-11-14 13:26 - 00090688 ____N () C:\Program Files\Soluto\PCGDllExportInspector.dll
2013-11-14 13:26 - 2013-11-14 13:26 - 00054848 ____R () C:\Program Files\Soluto\PCGDeviceScanLib.dll
2014-04-15 20:32 - 2013-10-29 01:53 - 00087328 ____N () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-10-26 02:46 - 2014-01-06 19:22 - 00710656 ____N () C:\Windows\system32\spool\DRIVERS\x64\3\KOAYQJ_O.DLL
2011-07-05 17:38 - 2011-06-01 05:37 - 00004096 ____N () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-11-14 13:26 - 2013-11-14 13:26 - 00090688 ____N () c:\program files\soluto\PCGDllExportInspector.dll
2014-07-10 10:01 - 2014-09-10 05:06 - 00117760 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2014-04-15 20:33 - 2013-11-15 09:52 - 00518432 ____N () C:\Program Files\NVIDIA Corporation\nview\nvshell.dll
2011-07-05 17:33 - 2010-10-26 09:40 - 00049056 ____N () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2011-07-05 17:38 - 2011-03-06 12:07 - 00094208 ____N () C:\Windows\System32\IccLibDll_x64.dll
2012-03-22 20:11 - 2012-03-22 20:11 - 00244944 ____N () C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
2014-04-17 09:19 - 2008-07-26 18:56 - 00082944 ____N () C:\Program Files\DeskSave 8.2.1\DeskSave.exe
2014-09-25 19:44 - 2014-09-25 19:44 - 00053248 ____N () C:\Program Files\CCleaner\lang\lang-1031.dll
2009-05-27 21:09 - 2009-05-27 21:09 - 00049976 ____N () C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
2014-10-11 12:29 - 2014-10-11 12:29 - 01031936 ____N () C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
2014-10-11 12:22 - 2014-10-11 12:22 - 00012208 ____N () C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL
2014-10-11 12:29 - 2014-10-11 12:29 - 05409960 ____N () C:\Program Files\Oracle\VirtualBox\VBoxRT.dll
2014-10-14 11:13 - 2014-10-14 11:13 - 00037392 ____N () C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.DLL
2014-10-11 12:29 - 2014-10-11 12:29 - 02485272 ____N () C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL
2014-10-11 12:30 - 2014-10-11 12:30 - 00675568 ____N () C:\Program Files\Oracle\VirtualBox\VBoxREM.dll
2014-10-11 12:29 - 2014-10-11 12:29 - 00030768 ____N () C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL
2014-10-11 12:29 - 2014-10-11 12:29 - 00047768 ____N () C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL
2014-10-11 12:29 - 2014-10-11 12:29 - 01131304 ____N () C:\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.DLL
2014-10-11 12:29 - 2014-10-11 12:29 - 00203816 ____N () C:\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
2014-10-11 12:29 - 2014-10-11 12:29 - 00124488 ____N () C:\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll
2014-10-11 12:29 - 2014-10-11 12:29 - 00099256 ____N () C:\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll
2014-10-11 12:29 - 2014-10-11 12:29 - 00049328 ____N () C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL
2014-10-11 12:29 - 2014-10-11 12:29 - 00046744 ____N () C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL
2014-10-11 12:29 - 2014-10-11 12:29 - 02454896 ____N () C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL
2014-10-11 12:29 - 2014-10-11 12:29 - 00384584 ____N () C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll
2014-10-11 12:29 - 2014-10-11 12:29 - 00203840 ____N () C:\Program Files\Oracle\VirtualBox\VBoxDD2.dll
2014-10-14 11:13 - 2014-10-14 11:13 - 00191904 ____N () C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL
2014-10-14 11:13 - 2014-10-14 11:13 - 00069328 ____N () C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL
2014-10-14 11:13 - 2014-10-14 11:13 - 00085808 ____N () C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL
2014-10-14 11:13 - 2014-10-14 11:13 - 00091976 ____N () C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL
2014-10-11 12:29 - 2014-10-11 12:29 - 00041600 ____N () C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL
2014-10-14 11:13 - 2014-10-14 11:13 - 00022488 ____N () C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL
2014-10-29 22:49 - 2009-01-10 11:32 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2014-10-29 22:49 - 2009-06-22 19:42 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2014-10-29 22:49 - 2010-05-10 03:51 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2014-10-29 22:49 - 2010-02-10 15:10 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2014-10-29 22:49 - 2012-11-01 11:26 - 00843264 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2014-10-29 22:49 - 2010-02-10 15:06 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2011-07-05 17:37 - 2011-05-26 16:17 - 00065576 ____R () C:\Program Files (x86)\Mobile Broadband drivers\WMCore\MBMDebug.dll
2014-04-16 11:44 - 2011-06-29 17:09 - 02085888 ____N () C:\Program Files\Lenovo\AutoLock\cv210.dll
2014-04-16 11:44 - 2011-06-29 17:09 - 02201088 ____N () C:\Program Files\Lenovo\AutoLock\cxcore210.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 ____N () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2014-11-03 09:52 - 2014-11-03 09:52 - 00043008 _____ () e:\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppvmofc.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\Hagel\AppData\Roaming\Dropbox\bin\libcef.dll
2014-09-25 18:58 - 2014-09-25 18:58 - 00081056 ____N () C:\Users\Hagel\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.dll
2014-11-03 09:55 - 2014-11-03 09:55 - 00098816 _____ () E:\Temp\_MEI32002\win32api.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 00110080 _____ () E:\Temp\_MEI32002\pywintypes27.dll
2014-11-03 09:55 - 2014-11-03 09:55 - 00364544 _____ () E:\Temp\_MEI32002\pythoncom27.dll
2014-11-03 09:55 - 2014-11-03 09:55 - 00045568 _____ () E:\Temp\_MEI32002\_socket.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 01160704 _____ () E:\Temp\_MEI32002\_ssl.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 00320512 _____ () E:\Temp\_MEI32002\win32com.shell.shell.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 00713216 _____ () E:\Temp\_MEI32002\_hashlib.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 01175040 _____ () E:\Temp\_MEI32002\wx._core_.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 00805888 _____ () E:\Temp\_MEI32002\wx._gdi_.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 00811008 _____ () E:\Temp\_MEI32002\wx._windows_.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 01062400 _____ () E:\Temp\_MEI32002\wx._controls_.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 00735232 _____ () E:\Temp\_MEI32002\wx._misc_.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 00128512 _____ () E:\Temp\_MEI32002\_elementtree.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 00127488 _____ () E:\Temp\_MEI32002\pyexpat.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 00557056 _____ () E:\Temp\_MEI32002\pysqlite2._sqlite.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 00007168 _____ () E:\Temp\_MEI32002\hashobjs_ext.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 00087552 _____ () E:\Temp\_MEI32002\_ctypes.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 00119808 _____ () E:\Temp\_MEI32002\win32file.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 00108544 _____ () E:\Temp\_MEI32002\win32security.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 00018432 _____ () E:\Temp\_MEI32002\win32event.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 00038912 _____ () E:\Temp\_MEI32002\win32inet.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 00070656 _____ () E:\Temp\_MEI32002\wx._html2.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 00167936 _____ () E:\Temp\_MEI32002\win32gui.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 00011264 _____ () E:\Temp\_MEI32002\win32crypt.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 00027136 _____ () E:\Temp\_MEI32002\_multiprocessing.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 00686080 _____ () E:\Temp\_MEI32002\unicodedata.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 00122368 _____ () E:\Temp\_MEI32002\wx._wizard.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 00010240 _____ () E:\Temp\_MEI32002\select.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 00024064 _____ () E:\Temp\_MEI32002\win32pipe.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 00025600 _____ () E:\Temp\_MEI32002\win32pdh.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 00525640 _____ () E:\Temp\_MEI32002\windows._lib_cacheinvalidation.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 00035840 _____ () E:\Temp\_MEI32002\win32process.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 00017408 _____ () E:\Temp\_MEI32002\win32profile.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 00022528 _____ () E:\Temp\_MEI32002\win32ts.pyd
2014-11-03 09:55 - 2014-11-03 09:55 - 00078336 _____ () E:\Temp\_MEI32002\wx._animate.pyd
2014-09-25 18:58 - 2014-09-25 18:58 - 00081056 ____N () C:\Users\Hagel\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.DLL
2014-10-28 15:32 - 2014-10-22 05:04 - 08910664 ____N () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-28 15:32 - 2014-10-22 05:04 - 01681224 ____N () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2013-09-25 09:19 - 2013-09-25 09:19 - 00241664 ____N () C:\Program Files (x86)\Lenovo\Rescue and Recovery\CDRecord.dll
2013-09-25 09:40 - 2013-09-25 09:40 - 00248168 ____N () C:\PROGRAM FILES (X86)\COMMON FILES\LENOVO\CDRecord.dll
2014-10-28 15:32 - 2014-10-22 05:04 - 01042760 ____N () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-10-28 15:32 - 2014-10-22 05:04 - 00211272 ____N () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2013-02-14 14:46 - 2013-02-14 14:46 - 01044048 ____N () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-2672548732-3621259577-1585307691-500 - Administrator - Disabled)
Gast (S-1-5-21-2672548732-3621259577-1585307691-501 - Limited - Disabled)
Hagel (S-1-5-21-2672548732-3621259577-1585307691-1001 - Administrator - Enabled) => C:\Users\Hagel
HagelEHS (S-1-5-21-2672548732-3621259577-1585307691-1002 - Administrator - Enabled) => C:\Users\HagelEHS
HomeGroupUser$ (S-1-5-21-2672548732-3621259577-1585307691-1004 - Limited - Enabled)
UpdatusUser (S-1-5-21-2672548732-3621259577-1585307691-1000 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
Name: F5521gw Mobile Broadband Driver
Description: F5521gw Mobile Broadband Driver
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Ericsson AB
Service: WwanUsbServ
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft Virtual WiFi Miniport Adapter #4
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/04/2014 07:00:10 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (11/04/2014 05:07:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WINWORD.EXE, Version: 14.0.7134.5000, Zeitstempel: 0x541c2dcc
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x367c
Startzeit der fehlerhaften Anwendung: 0xWINWORD.EXE0
Pfad der fehlerhaften Anwendung: WINWORD.EXE1
Pfad des fehlerhaften Moduls: WINWORD.EXE2
Berichtskennung: WINWORD.EXE3
Error: (11/04/2014 04:53:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WINWORD.EXE, Version: 14.0.7134.5000, Zeitstempel: 0x541c2dcc
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x2b48
Startzeit der fehlerhaften Anwendung: 0xWINWORD.EXE0
Pfad der fehlerhaften Anwendung: WINWORD.EXE1
Pfad des fehlerhaften Moduls: WINWORD.EXE2
Berichtskennung: WINWORD.EXE3
Error: (11/04/2014 00:00:22 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (7712) Asapi: (12:00:22:5310)(7712) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.button.text locale: PCDLocale: language = de, customer = lenovo, variant = ltt
Error: (11/04/2014 00:00:22 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (7712) Asapi: (12:00:22:5300)(7712) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.button.text locale: PCDLocale: language = en, customer = lenovo, variant = ltt
Error: (11/04/2014 00:00:22 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (7712) Asapi: (12:00:22:5290)(7712) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.body locale: PCDLocale: language = de, customer = lenovo, variant = ltt
Error: (11/04/2014 00:00:22 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (7712) Asapi: (12:00:22:5170)(7712) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.title locale: PCDLocale: language = de, customer = lenovo, variant = ltt
Error: (11/04/2014 00:00:18 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (7712) Asapi: (12:00:18:7220)(7712) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExtendWarranty.button.text locale: PCDLocale: language = de, customer = lenovo, variant = ltt
Error: (11/04/2014 00:00:18 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (7712) Asapi: (12:00:18:7200)(7712) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExtendWarranty.button.text locale: PCDLocale: language = en, customer = lenovo, variant = ltt
Error: (11/04/2014 00:00:18 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (7712) Asapi: (12:00:18:7200)(7712) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExtendWarranty.body locale: PCDLocale: language = de, customer = lenovo, variant = ltt
System errors:
=============
Error: (11/04/2014 06:57:45 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "Y:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (11/04/2014 06:35:33 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "X:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (11/04/2014 05:28:23 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SolutoService erreicht.
Error: (11/04/2014 05:23:07 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SolutoService erreicht.
Error: (11/04/2014 05:22:37 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SolutoService erreicht.
Error: (11/04/2014 04:47:53 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SolutoService erreicht.
Error: (11/04/2014 10:01:53 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SolutoService erreicht.
Error: (11/04/2014 10:01:22 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SessionEnv erreicht.
Error: (11/04/2014 10:01:22 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SolutoService erreicht.
Error: (11/04/2014 01:05:50 AM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unerwarteter Fehler. Fehlercode: 490@01010004
Microsoft Office Sessions:
=========================
Error: (11/04/2014 07:00:10 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (11/04/2014 05:07:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINWORD.EXE14.0.7134.5000541c2dccKERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d367c01cff84811122237C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXEC:\Windows\syswow64\KERNELBASE.dllb6311b0e-643c-11e4-8543-0021cc60f38b
Error: (11/04/2014 04:53:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINWORD.EXE14.0.7134.5000541c2dccKERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d2b4801cff82d22a1475bC:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXEC:\Windows\syswow64\KERNELBASE.dllc73b5dc5-643a-11e4-8543-0021cc60f38b
Error: (11/04/2014 00:00:22 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (7712) Asapi: (12:00:22:5310)(7712) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.button.text locale: PCDLocale: language = de, customer = lenovo, variant = ltt
Error: (11/04/2014 00:00:22 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (7712) Asapi: (12:00:22:5300)(7712) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.button.text locale: PCDLocale: language = en, customer = lenovo, variant = ltt
Error: (11/04/2014 00:00:22 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (7712) Asapi: (12:00:22:5290)(7712) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.body locale: PCDLocale: language = de, customer = lenovo, variant = ltt
Error: (11/04/2014 00:00:22 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (7712) Asapi: (12:00:22:5170)(7712) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.title locale: PCDLocale: language = de, customer = lenovo, variant = ltt
Error: (11/04/2014 00:00:18 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (7712) Asapi: (12:00:18:7220)(7712) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExtendWarranty.button.text locale: PCDLocale: language = de, customer = lenovo, variant = ltt
Error: (11/04/2014 00:00:18 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (7712) Asapi: (12:00:18:7200)(7712) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExtendWarranty.button.text locale: PCDLocale: language = en, customer = lenovo, variant = ltt
Error: (11/04/2014 00:00:18 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (7712) Asapi: (12:00:18:7200)(7712) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExtendWarranty.body locale: PCDLocale: language = de, customer = lenovo, variant = ltt
CodeIntegrity Errors:
===================================
Date: 2014-11-04 12:17:46.363
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-03 10:01:57.248
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-31 10:11:53.493
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-30 10:09:47.747
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-30 09:55:42.808
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-29 13:00:59.840
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-29 12:32:36.767
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-29 11:16:31.276
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-28 09:46:15.732
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-27 14:57:21.355
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 52%
Total physical RAM: 8075.23 MB
Available physical RAM: 3870.13 MB
Total Pagefile: 20185.41 MB
Available Pagefile: 14292.9 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (Windows7_OS) (Fixed) (Total:57.73 GB) (Free:8.01 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (SGS3 EXTERN) (Removable) (Total:29.23 GB) (Free:6.11 GB) FAT32
Drive e: (Daten) (Fixed) (Total:931.39 GB) (Free:212.45 GB) NTFS
Drive f: (USB 64MB) (Removable) (Total:0.06 GB) (Free:0.06 GB) FAT
Drive g: (ONETOUCHIII) (Fixed) (Total:298.02 GB) (Free:111.94 GB) FAT32
Drive q: (Lenovo_Recovery) (Fixed) (Total:15.62 GB) (Free:6.2 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 74.5 GB) (Disk ID: D24C6A16)
Partition 1: (Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=57.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.6 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 2 (Size: 29.2 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 3 (Size: 62.5 MB) (Disk ID: 585E47B0)
Partition 1: (Active) - (Size=62 MB) - (Type=06)
========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: 8BE2F02B)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=0C)
==================== End Of Log ============================
|
|
05.11.2014, 14:45
| #10 |
| /// the machine /// TB-Ausbilder | Notebook wird immer langsamer. Lange Bootzeit. Desktop erst spät verfügbar. ESET Funde von hand löschen. Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Notebook wird immer langsamer. Lange Bootzeit. Desktop erst spät verfügbar. |
| android/addisplay.appflood.a, android/addisplay.applovin.a, android/admogo.b, android/stopsms.c, fehlercode 0xe06d7363, fehlercode 22, fehlercode 490@01010004, fehlercode 87, fehlercode windows, notebook, pup.optional.searchprotect.a, symbolleiste, this device is disabled. (code 22), verfügbar, win32/adkdllwrapper.a, win32/downware.l, win32/installmonetizer.an, win32/packed.autoit.h, win32/toolbar.conduit, windows 7, zugreifen |
Linear-Darstellung
