Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 21.07.2015, 21:22   #1
jurekjurek
 
Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus - Böse

Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus



Hallo zusammen,

ich habe schon gesehen, dass einige hier offensichtliche ein vergleichbares Problem, wie ich haben/hatten:

Seit dem letzten Windows-Update kann ich mich leider bei Windows 7 nicht mehr im "Normalmodus" einloggen. Ich habe - falls es was hilft - ein Lenovo Thinc Pad X1 (ca. 2012)

Beim hochfahren, erscheint immer ein schwarzer Bildschirm mit einer weißen, bewegbaren Maus. Der Fingerabdruck-Scanner ist leider auch deaktiviert. Das Problem ist bei mir am Samstag schon mal aufgetreten nach einem Neustart im Safe-Mode ging es dann wieder. Sonntag ist das gleiche noch mal passiert (wieder nach einem Windows Update) nur klappt jetzt nicht mehr der "Safe-Mode-Umweg".

Mein reduzierten PC-Kenntnisse sind somit ergebnislos in Gänze ausgeschöpft.

In den Safe-Modus komme ich natürlich noch rein.

Über Eure Hilfe würde ich mich sehr freuen.

Vielen Dank im Voraus und viele Grüße
Jurek

Alt 21.07.2015, 21:47   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus - Standard

Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus



hi,

Scan mit Farbar's Recovery Scan Tool (Recovery Mode - Windows Vista, 7, 8)
Hinweise für Windows 8-Nutzer: Anleitung 1 (FRST-Variante) und Anleitung 2 (zweiter Teil)
  • Downloade dir bitte die passende Version des Tools (im Zweifel beide) und speichere diese auf einen USB Stick: FRST Download FRST 32-Bit | FRST 64-Bit
  • Schließe den USB Stick an das infizierte System an und boote das System in die System Reparatur Option.
  • Scanne jetzt nach der bebilderten Anleitung oder verwende die folgende Kurzanleitung:
Über den Boot Manager:
  • Starte den Rechner neu.
  • Während dem Hochfahren drücke mehrmals die F8 Taste
  • Wähle nun Computer reparieren.
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Mit Windows CD/DVD (auch bei Windows 8 möglich):
  • Lege die Windows CD in dein Laufwerk.
  • Starte den Rechner neu und starte von der CD.
  • Wähle die Spracheinstellungen und klicke "Weiter".
  • Klicke auf Computerreparaturoptionen !
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Wähle in den Reparaturoptionen: Eingabeaufforderung
  • Gib nun bitte notepad ein und drücke Enter.
  • Im öffnenden Textdokument: Datei > Speichern unter... und wähle Computer.
    Hier wird dir der Laufwerksbuchstabe deines USB Sticks angezeigt, merke ihn dir.
  • Schließe Notepad wieder
  • Gib nun bitte folgenden Befehl ein.
    e:\frst.exe bzw. e:\frst64.exe
    Hinweis: e steht für den Laufwerksbuchstaben deines USB Sticks, den du dir gemerkt hast. Gegebenfalls anpassen.
  • Akzeptiere den Disclaimer mit Ja und klicke Untersuchen
Das Tool erstellt eine FRST.txt auf deinem USB Stick. Poste den Inhalt bitte hier nach Möglichkeit in Code-Tags (Anleitung).

__________________

__________________

Alt 22.07.2015, 21:30   #3
jurekjurek
 
Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus - Standard

Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus



Hallo Schrauber,

danke zunächst für die ersten Schritte. Ich hatte die 64er Exe verwenden können, hatte da ein paar mehr auswahlfelder bei "Scan" u.A. "LIST BCD", "Drivers MD5" und "90 Days Files".

nach dem Motto "viel hilft viel habe ich die mal in den Suchlauf reingepackt. Hoffe das ist nicht hinderlich…

der Log unten
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by SYSTEM on MININT-GR88KCR on 22-07-2015 22:26:58
Running from F:\
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2854448 2011-12-01] (Synaptics Incorporated)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-25] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2011-03-14] (Conexant systems, Inc.)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2011-01-14] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [40808 2011-05-31] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281960 2011-05-25] (Lenovo Group Limited)
HKLM\...\Run: [IntelliType Pro] => c:\Program Files\Microsoft Device Center\itype.exe [1464928 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft Device Center\ipoint.exe [2004584 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-06] (Apple Inc.)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3727824 2015-06-16] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1684360 2015-05-26] (APN)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [3174800 2015-07-18] ()
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [415232 2009-07-13] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (UPEK Inc.)
HKU\Default\...\RunOnce: [Lenovo.ShowBand] => C:\SWTOOLS\SimpleTap DeskBand\ShowBand.exe [156472 2011-12-20] ()
HKU\Default\...\RunOnce: [] => [X]
HKU\Default\...\RunOnce: [Lenovoautoqdrive] => C:\Program Files (x86)\Common Files\Lenovo\LenovoDrive\LenovoAutorunreg.exe [159744 2009-03-24] ()
HKU\Default User\...\RunOnce: [Lenovo.ShowBand] => C:\SWTOOLS\SimpleTap DeskBand\ShowBand.exe [156472 2011-12-20] ()
HKU\Default User\...\RunOnce: [] => [X]
HKU\Default User\...\RunOnce: [Lenovoautoqdrive] => C:\Program Files (x86)\Common Files\Lenovo\LenovoDrive\LenovoAutorunreg.exe [159744 2009-03-24] ()
HKU\Jurek\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-05-12] (Google Inc.)
HKU\Jurek\...\Run: [Facebook Update] => C:\Users\Jurek\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-02-18] (Facebook Inc.)
HKU\Jurek\...\Run: [AVG-Secure-Search-Update_0913b] => C:\Users\Jurek\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid 2f8fc8cc3ae247d09df72197b7087f6f-4f72fbb98038d7a1c2d8fd59307a6e825a5f9aa0 --CMPID 0913b
HKU\Jurek\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [6886752 2015-01-07] (Binary Fortress Software)
HKU\Jurek\...\Run: [Dropbox Update] => C:\Users\Jurek\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\TEMP\...\RunOnce: [Lenovo.ShowBand] => C:\SWTOOLS\SimpleTap DeskBand\ShowBand.exe [156472 2011-12-20] ()
HKU\TEMP\...\RunOnce: [] => [X]
HKU\TEMP\...\RunOnce: [Lenovoautoqdrive] => C:\Program Files (x86)\Common Files\Lenovo\LenovoDrive\LenovoAutorunreg.exe [159744 2009-03-24] ()
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1355040 2014-03-30] (Conduit)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1050400 2014-03-30] (Conduit)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\Users\Jurek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-05-18]
ShortcutTarget: Dropbox.lnk ->  (No File)

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [178568 2015-04-27] (APN LLC.)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3461072 2015-06-16] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [312816 2015-06-16] (AVG Technologies CZ, s.r.o.)
S2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [3169648 2015-01-07] (Binary Fortress Software)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [478056 2011-08-31] (Lenovo.)
S2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-11] (Lenovo Group Limited)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S2 SROSVC; C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [446800 2011-12-21] (Lenovo Group Limited)
S2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-18] (Symantec Corporation)
S2 vToolbarUpdater18.7.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\ToolbarUpdater.exe [1874320 2015-07-18] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1195920 2015-07-18] ()
S2 0321771354829162mcinstcleanup; C:\Users\Jurek\AppData\Local\Temp\032177~1.EXE -cleanup -nolog [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [287200 2015-05-18] (AVG Technologies CZ, s.r.o.)
S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253408 2015-05-12] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.)
S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [224224 2015-05-12] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [281568 2015-05-12] (AVG Technologies CZ, s.r.o.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13840 2009-03-13] (UPEK Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\5U877.sys F4AF97702BAD85BFEF64B9A557F11B6F
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys 90C53BD47979FB8814F465A08B885102
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\system32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\avgdiska.sys E7C8FBDCB1C079C332F962DD1C075E5E
C:\Windows\System32\DRIVERS\avgidsdrivera.sys BDE56ADE3E236E659B3A4ADC3AD71413
C:\Windows\System32\DRIVERS\avgidsha.sys 54384FC2230B4469E7EDF938B7CF5FF7
C:\Windows\System32\DRIVERS\avgldx64.sys 4FB010DEA1028ED0A26F20D2F404210F
C:\Windows\System32\DRIVERS\avgloga.sys 7EC2B7BBA7A30691D2E0D8478F219B90
C:\Windows\System32\DRIVERS\avgmfx64.sys 90F4D9B3118A4913124CDEDD4CDD4E4C
C:\Windows\System32\DRIVERS\avgrkx64.sys 719EF00B1C5BED9CF5675274A4F774B9
C:\Windows\System32\DRIVERS\avgtdia.sys EB9606C7C31E2C90BD9A81B0BEE01C28
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bridge.sys 5C2F352A4E961D72518261257AAE204B
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\DRIVERS\btwampfl.sys 8767C8B416B6D583881F0FD7A0555135
C:\Windows\System32\drivers\btwaudio.sys 44770A3C07EBD5D6D7CD7DBA915B49BC
C:\Windows\System32\DRIVERS\btwavdt.sys 75B59923087AE6EB064D13D8F58A02B6
C:\Windows\System32\DRIVERS\btwl2cap.sys B9354F9F111C64F2495B60F1E24CB453
C:\Windows\System32\DRIVERS\btwrchid.sys 9555E15F828760341751E9183BD34E60
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys 404B7DF9CA4D1CB675045AF220FF3285
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 27667A788130A7F7A5858DE27572E6D7
C:\Windows\System32\drivers\CHDRT64.sys DB6F09464C57606892BF6D2458483417
C:\Windows\System32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415
C:\Windows\System32\DRIVERS\Dot4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4Prt.sys E9F5969233C5D89F3C35E3A66A52A361
C:\Windows\System32\DRIVERS\dot4usb.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\System32\DRIVERS\DzHDD64.sys CE4CFFD9F64B86BCEB1C343FC9924D72
C:\Windows\System32\DRIVERS\e1c62x64.sys 992F625B74C675087B5629FC79ABA55B
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys F61634BEC53F73702A10DE69F6DCAF57
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\drivers\iaStor.sys D7921D5A870B11CC1ADAB198A519D50A
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\ibmpmdrv.sys E03FA8B9C161E34D21A4E3850E490EB7
C:\Windows\System32\DRIVERS\igdkmd64.sys 33FAA40B288002C89529DBD14F3AB72C
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\IntcDAud.sys FC727061C0F47C8059E88E05D5C8E381
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys BF69D973523D539A35807946C6DA7E16
C:\Windows\System32\Drivers\ksecpkg.sys 272C27711C8AA6E7815EE33F8ACA9C66
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smiifx64.sys 2B9D8555DC004E240082D18E7725CE20
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys A6518DCC42F7A6E999BB3BEA8FD87567
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys 87BCD1034CBF33537D4D4C251D39BA26
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys AE3334958D8F631FF14A0AEB3D7EFB3A
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netaapl64.sys 6F4607E2333FE21E9E3FF8133A88B35B
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NETwNs64.sys 50AD7F7040C22BB7CAA59A0880875A21
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ED6E75158D28D33A2E2A020AC5B2B59D
C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS 52C9F4359AF4A25969B882AECC6F3BDA
C:\Windows\System32\DRIVERS\point64.sys 32D374C60778253B81FA76C2FE19E155
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\psadd.sys B8035AF9CC0CCBA9A09AC0A0D9801797
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\Drivers\RimUsb_AMD64.sys 7B04C9843921AB1F695FB395422C5360
C:\Windows\System32\DRIVERS\risdxc64.sys 5A227511ED22DDFEDF7EF7323C8F7D2F
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Sftfslh.sys 21AB491BBCC8C1B26FDC402A374AB196
C:\Windows\System32\DRIVERS\Sftplaylh.sys 3B8D43FEEFF7A187534DDDFD675FE123
C:\Windows\System32\DRIVERS\Sftredirlh.sys F1D1B1DC7A8765A09D7640FBF8D20970
C:\Windows\System32\DRIVERS\Sftvollh.sys B3B9ADE7F8C4AF0C20E712E040588543
C:\Windows\System32\DRIVERS\Apsx64.sys 380B52126E62C6C2D3C8BA805AADFDC7
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys C5B1A19B14F19B08AE72FCB20A3075B6
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys 3B9F01B06E9C65BC182131B673DD03DA
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ApsHM64.sys 5523C729F1ED31B63C88490AF3D220FA
C:\Windows\System32\drivers\tpm.sys DBCC20C02E8A3E43B03C304A4E40A84F
C:\Windows\System32\drivers\Tppwr64v.sys 7165B5A9B4867F64A6D6935F57D4196B
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\system32\drivers\TsUsbGD.sys 9CC2CCAE8A84820EAECB886D477CBCB8
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys 5C3BE22E485B9BF11FCEFDC676C728D0
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WSDPrint.sys 8D918B1DB190A4D9B1753A66FA8C96E8
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three Months Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-22 22:26 - 2015-07-22 22:26 - 00000000 ____D C:\FRST
2015-07-21 12:33 - 2015-07-21 12:33 - 00446768 _____ C:\Windows\Minidump\072115-10670-01.dmp
2015-07-19 21:26 - 2015-07-21 12:33 - 390091419 _____ C:\Windows\MEMORY.DMP
2015-07-19 21:26 - 2015-07-19 21:26 - 00446768 _____ C:\Windows\Minidump\072015-13665-01.dmp
2015-07-19 21:26 - 2015-07-19 21:26 - 00000000 ____D C:\Windows\Minidump
2015-07-18 13:23 - 2015-07-18 13:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-18 13:18 - 2015-07-18 13:25 - 00000000 ____D C:\Users\Jurek\AppData\Local\AVG Web TuneUp
2015-07-18 13:18 - 2015-07-18 13:18 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2015-07-18 13:18 - 2015-07-18 13:18 - 00000000 ____D C:\ProgramData\AVG Secure Search
2015-07-18 13:18 - 2015-07-18 13:18 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2015-06-18 12:11 - 2015-07-18 23:16 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1555867607-2248845844-4263563132-1001UA.job
2015-06-18 12:11 - 2015-06-29 12:38 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1555867607-2248845844-4263563132-1001Core.job
2015-06-18 12:11 - 2015-06-18 12:11 - 00004194 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1555867607-2248845844-4263563132-1001UA
2015-06-18 12:11 - 2015-06-18 12:11 - 00003798 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1555867607-2248845844-4263563132-1001Core
2015-06-18 12:11 - 2015-06-18 12:11 - 00000000 ____D C:\Users\Jurek\AppData\Local\Dropbox
2015-06-18 12:11 - 2015-06-18 12:11 - 00000000 ____D C:\ProgramData\Dropbox
2015-06-16 15:01 - 2015-06-16 15:01 - 01202856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20.DLL
2015-06-12 01:17 - 2015-06-12 01:17 - 00000000 ____D C:\Program Files\Common Files\AV
2015-06-09 23:22 - 2015-06-01 11:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2015-06-09 23:22 - 2015-06-01 10:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-09 23:22 - 2015-05-27 06:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2015-06-09 23:22 - 2015-05-27 06:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-09 23:22 - 2015-05-25 10:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2015-06-09 23:22 - 2015-05-25 10:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2015-06-09 23:22 - 2015-05-25 10:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2015-06-09 23:22 - 2015-05-25 10:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2015-06-09 23:22 - 2015-05-25 10:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2015-06-09 23:22 - 2015-05-25 10:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\System32\diagtrack.dll
2015-06-09 23:22 - 2015-05-25 10:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2015-06-09 23:22 - 2015-05-25 10:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\System32\tdh.dll
2015-06-09 23:22 - 2015-05-25 10:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2015-06-09 23:22 - 2015-05-25 10:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\System32\srcore.dll
2015-06-09 23:22 - 2015-05-25 10:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2015-06-09 23:22 - 2015-05-25 10:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2015-06-09 23:22 - 2015-05-25 10:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2015-06-09 23:22 - 2015-05-25 10:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2015-06-09 23:22 - 2015-05-25 10:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2015-06-09 23:22 - 2015-05-25 10:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2015-06-09 23:22 - 2015-05-25 10:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2015-06-09 23:22 - 2015-05-25 10:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll
2015-06-09 23:22 - 2015-05-25 10:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2015-06-09 23:22 - 2015-05-25 10:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\System32\sechost.dll
2015-06-09 23:22 - 2015-05-25 10:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2015-06-09 23:22 - 2015-05-25 10:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\System32\srclient.dll
2015-06-09 23:22 - 2015-05-25 10:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2015-06-09 23:22 - 2015-05-25 10:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2015-06-09 23:22 - 2015-05-25 10:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2015-06-09 23:22 - 2015-05-25 10:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2015-06-09 23:22 - 2015-05-25 10:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\System32\advapi32.dll
2015-06-09 23:22 - 2015-05-25 10:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\System32\tracerpt.exe
2015-06-09 23:22 - 2015-05-25 10:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\System32\conhost.exe
2015-06-09 23:22 - 2015-05-25 10:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\rstrui.exe
2015-06-09 23:22 - 2015-05-25 10:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe
2015-06-09 23:22 - 2015-05-25 10:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\System32\logman.exe
2015-06-09 23:22 - 2015-05-25 10:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\System32\auditpol.exe
2015-06-09 23:22 - 2015-05-25 10:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\System32\typeperf.exe
2015-06-09 23:22 - 2015-05-25 10:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2015-06-09 23:22 - 2015-05-25 10:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\System32\relog.exe
2015-06-09 23:22 - 2015-05-25 10:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2015-06-09 23:22 - 2015-05-25 10:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll
2015-06-09 23:22 - 2015-05-25 10:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\System32\diskperf.exe
2015-06-09 23:22 - 2015-05-25 10:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\System32\msaudite.dll
2015-06-09 23:22 - 2015-05-25 10:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\msobjs.dll
2015-06-09 23:22 - 2015-05-25 10:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\System32\adtschema.dll
2015-06-09 23:22 - 2015-05-25 10:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll
2015-06-09 23:22 - 2015-05-25 10:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 10:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 10:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 10:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 10:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 10:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 10:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 10:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 10:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 10:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 10:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 10:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 10:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 10:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 10:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 10:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 10:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 10:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 10:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 10:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 10:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 10:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 10:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 10:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 10:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 10:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 10:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 10:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 10:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-09 23:22 - 2015-05-25 10:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-09 23:22 - 2015-05-25 10:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-09 23:22 - 2015-05-25 10:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-09 23:22 - 2015-05-25 10:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-09 23:22 - 2015-05-25 10:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-09 23:22 - 2015-05-25 10:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-09 23:22 - 2015-05-25 10:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-09 23:22 - 2015-05-25 10:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-09 23:22 - 2015-05-25 10:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-09 23:22 - 2015-05-25 10:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-09 23:22 - 2015-05-25 10:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-09 23:22 - 2015-05-25 10:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-09 23:22 - 2015-05-25 10:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-09 23:22 - 2015-05-25 10:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-09 23:22 - 2015-05-25 10:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-09 23:22 - 2015-05-25 10:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-09 23:22 - 2015-05-25 10:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-09 23:22 - 2015-05-25 10:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-09 23:22 - 2015-05-25 10:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-09 23:22 - 2015-05-25 10:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-09 23:22 - 2015-05-25 10:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-09 23:22 - 2015-05-25 10:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-09 23:22 - 2015-05-25 09:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-09 23:22 - 2015-05-25 09:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-09 23:22 - 2015-05-25 09:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-09 23:22 - 2015-05-25 09:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-09 23:22 - 2015-05-25 09:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-09 23:22 - 2015-05-25 09:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-09 23:22 - 2015-05-25 09:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-09 23:22 - 2015-05-25 09:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-09 23:22 - 2015-05-25 09:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 09:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 09:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 09:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 09:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 09:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 09:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 09:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 09:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 09:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 09:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 09:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 09:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 09:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 09:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 09:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 09:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 09:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 09:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 09:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 09:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 09:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 09:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 09:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 09:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2015-06-09 23:22 - 2015-05-25 09:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\System32\UtcResources.dll
2015-06-09 23:22 - 2015-05-25 08:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-09 23:22 - 2015-05-25 08:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-09 23:22 - 2015-05-25 08:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 08:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 08:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-09 23:22 - 2015-05-25 08:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-09 23:22 - 2015-05-22 19:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-09 23:22 - 2015-05-22 19:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-09 23:22 - 2015-05-22 19:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-09 23:22 - 2015-05-22 19:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-09 23:22 - 2015-05-22 19:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-09 23:22 - 2015-05-22 19:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-09 23:22 - 2015-05-22 19:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-09 23:22 - 2015-05-22 19:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-09 23:22 - 2015-05-22 19:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-09 23:22 - 2015-05-22 19:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-09 23:22 - 2015-05-22 19:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-09 23:22 - 2015-05-22 19:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-09 23:22 - 2015-05-22 19:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-09 23:22 - 2015-05-22 18:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-09 23:22 - 2015-05-22 18:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-09 23:22 - 2015-05-22 18:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-09 23:22 - 2015-05-22 18:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-09 23:22 - 2015-05-22 18:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-09 23:22 - 2015-05-22 18:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-09 23:22 - 2015-05-22 18:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-09 23:22 - 2015-05-22 18:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-09 23:22 - 2015-05-22 18:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-09 23:22 - 2015-05-22 18:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-09 23:22 - 2015-05-22 18:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-09 23:22 - 2015-05-22 18:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-09 23:22 - 2015-05-22 18:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-09 23:22 - 2015-05-22 11:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2015-06-09 23:22 - 2015-05-22 11:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2015-06-09 23:22 - 2015-05-22 11:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2015-06-09 23:22 - 2015-05-22 11:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2015-06-09 23:22 - 2015-05-22 11:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2015-06-09 23:22 - 2015-05-22 11:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2015-06-09 23:22 - 2015-05-22 11:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2015-06-09 23:22 - 2015-05-22 10:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2015-06-09 23:22 - 2015-05-22 10:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2015-06-09 23:22 - 2015-05-22 10:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2015-06-09 23:22 - 2015-05-22 10:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2015-06-09 23:22 - 2015-05-22 10:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2015-06-09 23:22 - 2015-05-22 10:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2015-06-09 23:22 - 2015-05-22 10:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2015-06-09 23:22 - 2015-05-22 10:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2015-06-09 23:22 - 2015-05-22 10:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2015-06-09 23:22 - 2015-05-22 10:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2015-06-09 23:22 - 2015-05-22 10:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2015-06-09 23:22 - 2015-05-22 10:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-06-09 23:22 - 2015-05-22 10:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2015-06-09 23:22 - 2015-05-22 10:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2015-06-09 23:22 - 2015-05-22 10:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2015-06-09 23:22 - 2015-05-22 10:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll
2015-06-09 23:22 - 2015-05-22 10:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\System32\invagent.dll
2015-06-09 23:22 - 2015-05-22 10:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll
2015-06-09 23:22 - 2015-05-22 10:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\System32\devinv.dll
2015-06-09 23:22 - 2015-05-22 10:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2015-06-09 23:22 - 2015-05-22 10:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\System32\acmigration.dll
2015-06-09 23:22 - 2015-05-22 10:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2015-06-09 23:22 - 2015-05-22 10:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2015-06-09 23:22 - 2015-05-22 10:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2015-06-09 23:22 - 2015-05-22 10:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2015-06-09 23:22 - 2015-05-22 10:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2015-06-09 23:22 - 2015-05-22 09:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2015-06-09 23:22 - 2015-05-22 09:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2015-06-09 23:22 - 2015-05-22 09:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2015-06-09 23:22 - 2015-05-22 09:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2015-06-09 23:22 - 2015-05-21 05:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\System32\aepic.dll
2015-06-09 23:22 - 2015-04-29 10:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\System32\wmp.dll
2015-06-09 23:22 - 2015-04-29 10:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\System32\spwmp.dll
2015-06-09 23:22 - 2015-04-29 10:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\System32\msdxm.ocx
2015-06-09 23:22 - 2015-04-29 10:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\System32\dxmasf.dll
2015-06-09 23:22 - 2015-04-29 10:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\System32\wmploc.DLL
2015-06-09 23:22 - 2015-04-29 10:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-09 23:22 - 2015-04-29 10:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-09 23:22 - 2015-04-29 10:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-09 23:22 - 2015-04-29 10:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-09 23:22 - 2015-04-29 10:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-09 23:22 - 2015-04-24 10:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\System32\comctl32.dll
2015-06-09 23:22 - 2015-04-24 09:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-09 23:22 - 2015-04-10 19:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\stream.sys
2015-06-01 21:58 - 2015-06-01 21:58 - 00000000 ____D C:\Users\Jurek\AppData\Local\GWX
2015-05-30 14:25 - 2015-05-30 14:25 - 00001764 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-05-30 14:25 - 2015-05-30 14:25 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-30 14:25 - 2015-05-30 14:25 - 00000000 ____D C:\Program Files\iTunes
2015-05-30 14:25 - 2015-05-30 14:25 - 00000000 ____D C:\Program Files\iPod
2015-05-30 14:25 - 2015-05-30 14:25 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-05-24 03:46 - 2015-05-24 03:46 - 00000000 ____D C:\Users\Jurek\AppData\Local\Avg
2015-05-22 15:44 - 2015-05-01 05:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2015-05-22 15:44 - 2015-05-01 05:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-21 01:20 - 2015-05-21 01:20 - 00000000 _____ C:\Users\Jurek\AppData\Local\{B52A4833-D64A-484F-AB47-130AF92A8704}
2015-05-18 23:52 - 2015-05-18 23:52 - 00287200 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgidsdrivera.sys
2015-05-17 08:36 - 2015-05-17 08:36 - 00561248 _____ (Oracle Corporation) C:\Users\Jurek\Desktop\jxpiinstall.exe
2015-05-17 08:15 - 2015-04-17 19:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\System32\certcli.dll
2015-05-17 08:15 - 2015-04-17 18:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-17 08:15 - 2015-03-03 20:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\System32\apphelp.dll
2015-05-17 08:15 - 2015-03-03 20:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\System32\aelupsvc.dll
2015-05-17 08:15 - 2015-03-03 20:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\System32\sdbinst.exe
2015-05-17 08:15 - 2015-03-03 20:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\shimeng.dll
2015-05-17 08:15 - 2015-03-03 20:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-17 08:15 - 2015-03-03 20:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-17 08:15 - 2015-03-03 20:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-17 08:14 - 2015-04-19 19:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2015-05-17 08:14 - 2015-04-19 19:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2015-05-17 08:14 - 2015-04-19 18:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-17 08:14 - 2015-04-12 19:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\System32\services.exe
2015-05-17 08:14 - 2015-04-07 19:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\System32\InkEd.dll
2015-05-17 08:14 - 2015-04-07 19:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\System32\jnwmon.dll
2015-05-17 08:14 - 2015-04-07 19:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-17 08:14 - 2015-02-17 23:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-17 08:14 - 2015-02-17 23:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2015-05-17 08:14 - 2015-01-28 19:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\System32\wpdshext.dll
2015-05-17 08:14 - 2015-01-28 19:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-12 04:39 - 2015-05-12 04:39 - 00281568 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgtdia.sys
2015-05-12 04:36 - 2015-05-12 04:36 - 00253408 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgidsha.sys
2015-05-12 04:36 - 2015-05-12 04:36 - 00224224 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgmfx64.sys
2015-05-07 03:50 - 2015-05-07 03:50 - 00378336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgloga.sys
2015-04-25 03:34 - 2015-06-24 02:49 - 00000992 _____ C:\Users\Public\Desktop\AVG 2015.lnk
2015-04-23 23:19 - 2015-04-23 23:20 - 00000000 ____D C:\Users\Jurek\Desktop\Bilder Solar

==================== Three Months Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-22 12:09 - 2012-09-22 10:04 - 00000000 ____D C:\ProgramData\MFAData
2015-07-19 06:29 - 2009-07-13 20:45 - 00411984 _____ C:\Windows\System32\FNTCACHE.DAT
2015-07-19 06:28 - 2015-04-05 17:01 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-19 06:28 - 2015-04-05 17:01 - 00000000 ___SD C:\Windows\System32\GWX
2015-07-19 06:28 - 2014-12-13 18:17 - 00000000 ____D C:\Windows\System32\appraiser
2015-07-19 06:28 - 2014-05-06 14:58 - 00000000 ___SD C:\Windows\System32\CompatTel
2015-07-19 06:28 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-18 23:31 - 2012-05-12 19:51 - 02004307 _____ C:\Windows\WindowsUpdate.log
2015-07-18 23:08 - 2012-07-28 02:32 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-18 23:06 - 2009-07-13 20:45 - 00031296 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-18 23:06 - 2009-07-13 20:45 - 00031296 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-18 23:01 - 2013-05-18 03:13 - 00000000 ___RD C:\Users\Jurek\Dropbox
2015-07-18 23:01 - 2013-05-18 03:08 - 00000000 ____D C:\Users\Jurek\AppData\Roaming\Dropbox
2015-07-18 23:01 - 2012-07-28 02:32 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-18 23:01 - 2012-07-28 02:32 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-18 23:01 - 2012-07-28 02:32 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-18 23:00 - 2013-06-03 14:08 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2015-07-18 23:00 - 2012-05-12 20:00 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-18 22:51 - 2009-07-13 21:13 - 00792452 _____ C:\Windows\System32\PerfStringBackup.INI
2015-07-18 22:44 - 2013-08-01 09:21 - 00174321 _____ C:\Windows\setupact.log
2015-07-18 22:44 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-18 22:33 - 2013-09-06 03:20 - 00192010 _____ C:\Windows\PFRO.log
2015-07-18 14:01 - 2012-09-02 08:30 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-18 13:42 - 2012-05-12 20:00 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-18 13:25 - 2012-07-28 02:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-18 13:18 - 2013-09-29 10:33 - 00000000 ____D C:\ProgramData\AVG Security Toolbar
2015-07-18 12:53 - 2014-12-26 04:16 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-18 12:48 - 2013-02-18 13:42 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1555867607-2248845844-4263563132-1001UA.job
2015-07-18 12:48 - 2013-02-18 13:42 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1555867607-2248845844-4263563132-1001Core.job
2015-07-18 12:37 - 2012-05-12 20:00 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-18 12:37 - 2012-05-12 20:00 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

Some files in TEMP:
====================
C:\Users\Jurek\AppData\Local\Temp\APNSetup.exe
C:\Users\Jurek\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpm7g9cw.dll
C:\Users\Jurek\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Jurek\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Jurek\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Jurek\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Jurek\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\Jurek\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Jurek\AppData\Local\Temp\jre-8u40-windows-au.exe
C:\Users\Jurek\AppData\Local\Temp\nsbE9D6.exe
C:\Users\Jurek\AppData\Local\Temp\nsh3980.exe
C:\Users\Jurek\AppData\Local\Temp\nsm350B.exe
C:\Users\Jurek\AppData\Local\Temp\nsm372E.exe
C:\Users\Jurek\AppData\Local\Temp\nswE794.exe
C:\Users\Jurek\AppData\Local\Temp\nswEC28.exe
C:\Users\Jurek\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Jurek\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Jurek\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jurek\AppData\Local\Temp\SPSetup.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points =========================

Restore point made on: 2015-06-09 06:26:43
Restore point made on: 2015-06-10 03:17:55
Restore point made on: 2015-06-17 04:21:20
Restore point made on: 2015-06-28 10:12:06
Restore point made on: 2015-07-18 13:57:27
Restore point made on: 2015-07-18 23:28:39

==================== BCD ================================

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=Y:
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
extendedinput           Yes
default                 {default}
resumeobject            {6a24a184-9caa-11e1-b2e5-f0def1ec969c}
displayorder            {default}
toolsdisplayorder       {memdiag}
timeout                 0
customactions           0x10000ba000001
                        0x54000001
custom:54000001         {current}
custom:5400000f         {current}

Windows Boot Loader
-------------------
identifier              {current}
device                  ramdisk=[Y:]\Recovery\WindowsRE\Winre.wim,{5b07c2dd-d899-11e1-974f-7ce9d3bc4c92}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[Y:]\Recovery\WindowsRE\Winre.wim,{5b07c2dd-d899-11e1-974f-7ce9d3bc4c92}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Windows Boot Loader
-------------------
identifier              {default}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {current}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {6a24a184-9caa-11e1-b2e5-f0def1ec969c}
nx                      OptIn

Resume from Hibernate
---------------------
identifier              {6a24a184-9caa-11e1-b2e5-f0def1ec969c}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=Y:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {5b07c2dd-d899-11e1-974f-7ce9d3bc4c92}
description             Ramdisk Options
ramdisksdidevice        partition=Y:
ramdisksdipath          \Recovery\WindowsRE\boot.sdi

Setup Ramdisk Options
---------------------
identifier              {ramdiskoptions}
description             Ramdisk options
ramdisksdidevice        boot
ramdisksdipath          \boot\boot.sdi


==================== Memory info =========================== 

Percentage of memory in use: 21%
Total physical RAM: 3979.23 MB
Available physical RAM: 3117.86 MB
Total Virtual: 3977.43 MB
Available Virtual: 3110.32 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:135.86 GB) (Free:33.2 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive e: (Lenovo_Recovery) (Fixed) (Total:11.72 GB) (Free:2.25 GB) NTFS
Drive f: (PUBLIC) (Removable) (Total:3.59 GB) (Free:3.52 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM_DRV) (Fixed) (Total:1.46 GB) (Free:1.13 GB) NTFS ==>[system with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: 186BBC21)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=135.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 3.6 GB) (Disk ID: 2C6B7369)
No partition Table on disk 1.


LastRegBack: 2015-06-28 08:52

==================== End of log ============================
         
--- --- ---
__________________

Alt 23.07.2015, 07:41   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus - Standard

Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus



Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1355040 2014-03-30] (Conduit)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1050400 2014-03-30] (Conduit)
         
Speichere diese bitte als Fixlist.txt auf deinem USB Stick.
  • Starte deinen Rechner erneut in die Reparaturoptionen
  • Starte nun die FRST.exe erneut und klicke den Entfernen Button.

Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.


FRST bitte im Safe Mode scannen lassen, vom Desktop aus, falls der normale nicht geht.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 23.07.2015, 21:34   #5
jurekjurek
 
Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus - Standard

Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus



Fix result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
Ran by SYSTEM at 2015-07-23 22:30:59 Run:1
Running from F:\
Boot Mode: Recovery
==============================================

fixlist content:
*****************
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1355040 2014-03-30] (Conduit)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1050400 2014-03-30] (Conduit)

*****************

"C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll" => value data removed successfully.
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" => value data removed successfully.

==== End of Fixlog 22:30:59 ====


Alt 24.07.2015, 07:16   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus - Standard

Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus



Zitat:
FRST bitte im Safe Mode scannen lassen, vom Desktop aus, falls der normale nicht geht.
.
__________________
--> Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus

Alt 24.07.2015, 09:45   #7
jurekjurek
 
Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus - Standard

Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus



Hehe... wer lesen kann ist klar im Vorteil...

Ich habe 3 TXT Logs bekommen

1) FRST.txt
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by Jurek (administrator) on JUREK-THINK on 24-07-2015 10:35:58
Running from D:\
Loaded Profiles: Jurek (Available Profiles: Jurek)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2854448 2011-12-01] (Synaptics Incorporated)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2011-03-14] (Conexant systems, Inc.)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2011-01-14] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [40808 2011-05-31] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281960 2011-05-25] (Lenovo Group Limited)
HKLM\...\Run: [IntelliType Pro] => c:\Program Files\Microsoft Device Center\itype.exe [1464928 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft Device Center\ipoint.exe [2004584 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-31] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-14] (Lenovo, Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3727824 2015-06-16] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1684360 2015-05-26] (APN)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [3174800 2015-07-18] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (UPEK Inc.)
HKU\S-1-5-21-1555867607-2248845844-4263563132-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-05-13] (Google Inc.)
HKU\S-1-5-21-1555867607-2248845844-4263563132-1001\...\Run: [Facebook Update] => C:\Users\Jurek\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-02-18] (Facebook Inc.)
HKU\S-1-5-21-1555867607-2248845844-4263563132-1001\...\Run: [AVG-Secure-Search-Update_0913b] => C:\Users\Jurek\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid 2f8fc8cc3ae247d09df72197b7087f6f-4f72fbb98038d7a1c2d8fd59307a6e825a5f9aa0 --CMPID 0913b
HKU\S-1-5-21-1555867607-2248845844-4263563132-1001\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [6886752 2015-01-07] (Binary Fortress Software)
HKU\S-1-5-21-1555867607-2248845844-4263563132-1001\...\Run: [Dropbox Update] => C:\Users\Jurek\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2012-05-13]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2013-05-08]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Jurek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-05-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\Jurek\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jurek\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jurek\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jurek\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jurek\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jurek\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jurek\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jurek\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1555867607-2248845844-4263563132-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=dnldmsd&cd=2XzuyEtN2Y1L1Qzu0FtD0D0E0FtC0E0CzyyCzy0CzztAtByDtN0D0Tzu0CyDyBzztN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=666455238&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=dnldmsd&cd=2XzuyEtN2Y1L1Qzu0FtD0D0E0FtC0E0CzyyCzy0CzztAtByDtN0D0Tzu0CyDyBzztN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=666455238&ir=
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1555867607-2248845844-4263563132-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={6078D782-36A9-4B01-81CC-2BAE013DD776}&mid=2f8fc8cc3ae247d09df72197b7087f6f-4f72fbb98038d7a1c2d8fd59307a6e825a5f9aa0&lang=de&ds=AVG&coid=avgtbavg&cmpid=0715av&pr=fr&d=2015-07-18 23:18:20&v=4.1.4.948&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-1555867607-2248845844-4263563132-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1555867607-2248845844-4263563132-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldmsd&cd=2XzuyEtN2Y1L1Qzu0FtD0D0E0FtC0E0CzyyCzy0CzztAtByDtN0D0Tzu0CyDyBzztN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=666455238&ir=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldmsd&cd=2XzuyEtN2Y1L1Qzu0FtD0D0E0FtC0E0CzyyCzy0CzztAtByDtN0D0Tzu0CyDyBzztN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=666455238&ir=
SearchScopes: HKLM-x32 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldmsd&cd=2XzuyEtN2Y1L1Qzu0FtD0D0E0FtC0E0CzyyCzy0CzztAtByDtN0D0Tzu0CyDyBzztN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=666455238&ir=
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldmsd&cd=2XzuyEtN2Y1L1Qzu0FtD0D0E0FtC0E0CzyyCzy0CzztAtByDtN0D0Tzu0CyDyBzztN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=666455238&ir=
SearchScopes: HKU\S-1-5-21-1555867607-2248845844-4263563132-1001 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPE65922FC-CA86-490D-9A91-52EFF32F2DD5&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1555867607-2248845844-4263563132-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPE65922FC-CA86-490D-9A91-52EFF32F2DD5&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1555867607-2248845844-4263563132-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldmsd&cd=2XzuyEtN2Y1L1Qzu0FtD0D0E0FtC0E0CzyyCzy0CzztAtByDtN0D0Tzu0CyDyBzztN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=666455238&ir=
SearchScopes: HKU\S-1-5-21-1555867607-2248845844-4263563132-1001 -> {4886D5DF-47DB-EC58-436D-57C53D65136E} URL = 
SearchScopes: HKU\S-1-5-21-1555867607-2248845844-4263563132-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_enDE494
SearchScopes: HKU\S-1-5-21-1555867607-2248845844-4263563132-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={6078D782-36A9-4B01-81CC-2BAE013DD776}&mid=2f8fc8cc3ae247d09df72197b7087f6f-4f72fbb98038d7a1c2d8fd59307a6e825a5f9aa0&lang=de&ds=AVG&coid=avgtbavg&cmpid=0715av&pr=fr&d=2015-07-18 23:18:20&v=4.1.4.948&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)
BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll [2012-04-19] (Symantec Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-17] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.1.4.948\AVG Web TuneUp.dll [2015-07-18] (AVG)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-28] (Google Inc.)
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll [2012-04-19] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-17] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-1555867607-2248845844-4263563132-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-1555867607-2248845844-4263563132-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{40029175-67C7-4A73-8C96-A2D45F21C2D5}: [DhcpNameServer] 139.7.30.126 139.7.30.125
Tcpip\..\Interfaces\{6ADB892E-EFA9-4FD9-9F99-2AF4C45F8E1F}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Jurek\AppData\Roaming\Mozilla\Firefox\Profiles\7sqnjn1x.default
FF DefaultSearchEngine: AVG Secure Search
FF SearchEngineOrder.1: Mysearchdial
FF SelectedSearchEngine: AVG Nation Search
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-19] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-19] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.7.0\\npsitesafety.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=1.2.22 -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll [2011-09-29] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll [2011-09-29] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-07-19] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1555867607-2248845844-4263563132-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Jurek\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF user.js: detected! => C:\Users\Jurek\AppData\Roaming\Mozilla\Firefox\Profiles\7sqnjn1x.default\user.js [2013-07-31]
FF SearchPlugin: C:\Users\Jurek\AppData\Roaming\Mozilla\Firefox\Profiles\7sqnjn1x.default\searchplugins\ask-search.xml [2014-03-06]
FF SearchPlugin: C:\Users\Jurek\AppData\Roaming\Mozilla\Firefox\Profiles\7sqnjn1x.default\searchplugins\avg-nation-search.xml [2014-04-28]
FF SearchPlugin: C:\Users\Jurek\AppData\Roaming\Mozilla\Firefox\Profiles\7sqnjn1x.default\searchplugins\avg-secure-search.xml [2015-07-18]
FF SearchPlugin: C:\Users\Jurek\AppData\Roaming\Mozilla\Firefox\Profiles\7sqnjn1x.default\searchplugins\conduit-search.xml [2014-04-01]
FF SearchPlugin: C:\Users\Jurek\AppData\Roaming\Mozilla\Firefox\Profiles\7sqnjn1x.default\searchplugins\Mysearchdial.xml [2013-07-31]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\nation-secure-search.xml [2014-04-27]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2015-07-18]
FF Extension: AVG Web TuneUp - C:\Users\Jurek\AppData\Roaming\Mozilla\Firefox\Profiles\7sqnjn1x.default\Extensions\avg@toolbar [2015-07-18]
FF Extension: MySearchDial - C:\Users\Jurek\AppData\Roaming\Mozilla\Firefox\Profiles\7sqnjn1x.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} [2013-07-31]
FF Extension: Ask Toolbar - C:\Users\Jurek\AppData\Roaming\Mozilla\Firefox\Profiles\7sqnjn1x.default\Extensions\toolbar_ORJ-V7C@apn.ask.com.xpi [2014-02-25]
FF Extension: Soundcloud SUPER +2: Downloader and Recommender - C:\Users\Jurek\AppData\Roaming\Mozilla\Firefox\Profiles\7sqnjn1x.default\Extensions\{988da70d-b78d-44a1-a9c7-ed11832a9e2e}.xpi [2012-11-07]
FF HKLM-x32\...\Firefox\Extensions: [VIP1X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2012-05-13]
FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF HKLM-x32\...\Firefox\Extensions: [VIP3X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF HKU\S-1-5-21-1555867607-2248845844-4263563132-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR Profile: C:\Users\Jurek\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (AVG Secure Search) - C:\Users\Jurek\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2015-07-18]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Jurek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-18]
CHR Extension: (Google Wallet) - C:\Users\Jurek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-18]
CHR Extension: (Newtab) - C:\Users\Jurek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff [2015-07-18]
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Jurek\AppData\Local\mysearchdial_speedial_v9.0.2.crx [2013-07-31]
CHR HKU\S-1-5-21-1555867607-2248845844-4263563132-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Jurek\AppData\Local\mysearchdial_speedial_v9.0.2.crx [2013-07-31]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Jurek\AppData\Local\mysearchdial_speedial_v9.0.2.crx [2013-07-31]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [178568 2015-04-28] (APN LLC.)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3461072 2015-06-16] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [312816 2015-06-16] (AVG Technologies CZ, s.r.o.)
S2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [3169648 2015-01-07] (Binary Fortress Software)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [478056 2011-08-31] (Lenovo.)
S2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-08] (Hewlett-Packard Co.) [File not signed]
S2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S2 SROSVC; C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [446800 2011-12-22] (Lenovo Group Limited)
S2 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [28672 2011-07-26] (Lenovo Group Limited) [File not signed]
S2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-19] (Symantec Corporation)
S2 vToolbarUpdater18.7.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\ToolbarUpdater.exe [1874320 2015-07-18] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1195920 2015-07-18] ()
S2 0321771354829162mcinstcleanup; C:\Users\Jurek\AppData\Local\Temp\032177~1.EXE -cleanup -nolog [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [287200 2015-05-19] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253408 2015-05-12] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.)
S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [224224 2015-05-12] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [281568 2015-05-12] (AVG Technologies CZ, s.r.o.)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2012-03-26] (Apple Inc.) [File not signed]
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13840 2009-03-13] (UPEK Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\5U877.sys F4AF97702BAD85BFEF64B9A557F11B6F
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys 90C53BD47979FB8814F465A08B885102
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\system32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\avgdiska.sys E7C8FBDCB1C079C332F962DD1C075E5E
C:\Windows\System32\DRIVERS\avgidsdrivera.sys BDE56ADE3E236E659B3A4ADC3AD71413
C:\Windows\System32\DRIVERS\avgidsha.sys 54384FC2230B4469E7EDF938B7CF5FF7
C:\Windows\System32\DRIVERS\avgldx64.sys 4FB010DEA1028ED0A26F20D2F404210F
C:\Windows\System32\DRIVERS\avgloga.sys 7EC2B7BBA7A30691D2E0D8478F219B90
C:\Windows\System32\DRIVERS\avgmfx64.sys 90F4D9B3118A4913124CDEDD4CDD4E4C
C:\Windows\System32\DRIVERS\avgrkx64.sys 719EF00B1C5BED9CF5675274A4F774B9
C:\Windows\System32\DRIVERS\avgtdia.sys EB9606C7C31E2C90BD9A81B0BEE01C28
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bridge.sys 5C2F352A4E961D72518261257AAE204B
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\DRIVERS\btwampfl.sys 8767C8B416B6D583881F0FD7A0555135
C:\Windows\System32\drivers\btwaudio.sys 44770A3C07EBD5D6D7CD7DBA915B49BC
C:\Windows\System32\DRIVERS\btwavdt.sys 75B59923087AE6EB064D13D8F58A02B6
C:\Windows\System32\DRIVERS\btwl2cap.sys B9354F9F111C64F2495B60F1E24CB453
C:\Windows\System32\DRIVERS\btwrchid.sys 9555E15F828760341751E9183BD34E60
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys 404B7DF9CA4D1CB675045AF220FF3285
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 27667A788130A7F7A5858DE27572E6D7
C:\Windows\System32\drivers\CHDRT64.sys DB6F09464C57606892BF6D2458483417
C:\Windows\System32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415
C:\Windows\System32\DRIVERS\Dot4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4Prt.sys E9F5969233C5D89F3C35E3A66A52A361
C:\Windows\System32\DRIVERS\dot4usb.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\System32\DRIVERS\DzHDD64.sys CE4CFFD9F64B86BCEB1C343FC9924D72
C:\Windows\System32\DRIVERS\e1c62x64.sys 992F625B74C675087B5629FC79ABA55B
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys F61634BEC53F73702A10DE69F6DCAF57
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\drivers\iaStor.sys D7921D5A870B11CC1ADAB198A519D50A
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\ibmpmdrv.sys E03FA8B9C161E34D21A4E3850E490EB7
C:\Windows\System32\DRIVERS\igdkmd64.sys 33FAA40B288002C89529DBD14F3AB72C
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\IntcDAud.sys FC727061C0F47C8059E88E05D5C8E381
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys BF69D973523D539A35807946C6DA7E16
C:\Windows\System32\Drivers\ksecpkg.sys 272C27711C8AA6E7815EE33F8ACA9C66
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smiifx64.sys 2B9D8555DC004E240082D18E7725CE20
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys A6518DCC42F7A6E999BB3BEA8FD87567
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys 87BCD1034CBF33537D4D4C251D39BA26
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys AE3334958D8F631FF14A0AEB3D7EFB3A
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netaapl64.sys 6F4607E2333FE21E9E3FF8133A88B35B
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NETwNs64.sys 50AD7F7040C22BB7CAA59A0880875A21
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ED6E75158D28D33A2E2A020AC5B2B59D
C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS 52C9F4359AF4A25969B882AECC6F3BDA
C:\Windows\System32\DRIVERS\point64.sys 32D374C60778253B81FA76C2FE19E155
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\psadd.sys B8035AF9CC0CCBA9A09AC0A0D9801797
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\Drivers\RimUsb_AMD64.sys 7B04C9843921AB1F695FB395422C5360
C:\Windows\System32\DRIVERS\risdxc64.sys 5A227511ED22DDFEDF7EF7323C8F7D2F
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Sftfslh.sys 21AB491BBCC8C1B26FDC402A374AB196
C:\Windows\System32\DRIVERS\Sftplaylh.sys 3B8D43FEEFF7A187534DDDFD675FE123
C:\Windows\System32\DRIVERS\Sftredirlh.sys F1D1B1DC7A8765A09D7640FBF8D20970
C:\Windows\System32\DRIVERS\Sftvollh.sys B3B9ADE7F8C4AF0C20E712E040588543
C:\Windows\System32\DRIVERS\Apsx64.sys 380B52126E62C6C2D3C8BA805AADFDC7
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys C5B1A19B14F19B08AE72FCB20A3075B6
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys 3B9F01B06E9C65BC182131B673DD03DA
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ApsHM64.sys 5523C729F1ED31B63C88490AF3D220FA
C:\Windows\System32\drivers\tpm.sys DBCC20C02E8A3E43B03C304A4E40A84F
C:\Windows\System32\drivers\Tppwr64v.sys 7165B5A9B4867F64A6D6935F57D4196B
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\system32\drivers\TsUsbGD.sys 9CC2CCAE8A84820EAECB886D477CBCB8
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys 5C3BE22E485B9BF11FCEFDC676C728D0
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WSDPrint.sys 8D918B1DB190A4D9B1753A66FA8C96E8
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three Months Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-23 08:26 - 2015-07-24 10:36 - 00000000 ____D C:\FRST
2015-07-21 22:33 - 2015-07-21 22:33 - 00446768 _____ C:\Windows\Minidump\072115-10670-01.dmp
2015-07-20 07:26 - 2015-07-21 22:33 - 390091419 _____ C:\Windows\MEMORY.DMP
2015-07-20 07:26 - 2015-07-20 07:26 - 00446768 _____ C:\Windows\Minidump\072015-13665-01.dmp
2015-07-20 07:26 - 2015-07-20 07:26 - 00000000 ____D C:\Windows\Minidump
2015-07-18 23:23 - 2015-07-18 23:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-18 23:18 - 2015-07-18 23:25 - 00000000 ____D C:\Users\Jurek\AppData\Local\AVG Web TuneUp
2015-07-18 23:18 - 2015-07-18 23:18 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2015-07-18 23:18 - 2015-07-18 23:18 - 00000000 ____D C:\ProgramData\AVG Secure Search
2015-07-18 23:18 - 2015-07-18 23:18 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2015-07-02 23:18 - 2015-07-02 23:18 - 00000000 ____D C:\Users\Jurek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-18 22:11 - 2015-07-19 09:16 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1555867607-2248845844-4263563132-1001UA.job
2015-06-18 22:11 - 2015-06-29 22:38 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1555867607-2248845844-4263563132-1001Core.job
2015-06-18 22:11 - 2015-06-18 22:11 - 00004194 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1555867607-2248845844-4263563132-1001UA
2015-06-18 22:11 - 2015-06-18 22:11 - 00003798 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1555867607-2248845844-4263563132-1001Core
2015-06-18 22:11 - 2015-06-18 22:11 - 00000000 ____D C:\Users\Jurek\AppData\Local\Dropbox
2015-06-18 22:11 - 2015-06-18 22:11 - 00000000 ____D C:\ProgramData\Dropbox
2015-06-17 01:01 - 2015-06-17 01:01 - 01202856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20.DLL
2015-06-12 11:17 - 2015-06-12 11:17 - 00000000 ____D C:\Program Files\Common Files\AV
2015-06-10 09:22 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 09:22 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 09:22 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 09:22 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 09:22 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 09:22 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 09:22 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 09:22 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 09:22 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 09:22 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 09:22 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 09:22 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 09:22 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 09:22 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 09:22 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 09:22 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 09:22 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 09:22 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 09:22 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 09:22 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 09:22 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 09:22 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 09:22 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 09:22 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 09:22 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 09:22 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 09:22 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 09:22 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 09:22 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 09:22 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 09:22 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 09:22 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 09:22 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 09:22 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 09:22 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 09:22 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 09:22 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 09:22 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 09:22 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 09:22 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 09:22 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 09:22 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 09:22 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 09:22 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 09:22 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 09:22 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 09:22 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 09:22 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 09:22 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 09:22 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 09:22 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 09:22 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 09:22 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 09:22 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 09:22 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 09:22 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 09:22 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 09:22 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 09:22 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 09:22 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 09:22 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 09:22 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 09:22 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 09:22 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 09:22 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 09:22 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 09:22 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 09:22 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 09:22 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 09:22 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 09:22 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 09:22 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 09:22 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 09:22 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 09:22 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 09:22 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 09:22 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 09:22 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 09:22 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 09:22 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 09:22 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 09:22 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 09:22 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 09:22 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 09:22 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 09:22 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 09:22 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 09:22 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 09:22 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 09:22 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 09:22 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 09:22 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 09:22 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 09:22 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 09:22 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 09:22 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 09:22 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 09:22 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 09:22 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 09:22 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 09:22 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 09:22 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 09:22 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 09:22 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 09:22 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 09:22 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 09:22 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 09:22 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 09:22 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 09:22 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 09:22 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 09:22 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 09:22 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 09:22 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 09:22 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 09:22 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 09:22 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 09:22 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 09:22 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 09:22 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 09:22 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 09:22 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 09:22 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 09:22 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 09:22 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 09:22 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 09:22 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 09:22 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 09:22 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 09:22 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 09:22 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 09:22 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 09:22 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-10 09:22 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-10 09:22 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-10 09:22 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-10 09:22 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-10 09:22 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-10 09:22 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-10 09:22 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 09:22 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 09:22 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 09:22 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 09:22 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 09:22 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 09:22 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 09:22 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 09:22 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-10 09:22 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 09:22 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 09:22 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 09:22 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 09:22 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 09:22 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 09:22 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 09:22 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 09:22 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 09:22 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 09:22 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 09:22 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 09:22 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-02 07:58 - 2015-06-02 07:58 - 00000000 ____D C:\Users\Jurek\AppData\Local\GWX
2015-05-31 00:25 - 2015-05-31 00:25 - 00001764 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-05-31 00:25 - 2015-05-31 00:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-05-31 00:25 - 2015-05-31 00:25 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-31 00:25 - 2015-05-31 00:25 - 00000000 ____D C:\Program Files\iTunes
2015-05-31 00:25 - 2015-05-31 00:25 - 00000000 ____D C:\Program Files\iPod
2015-05-31 00:25 - 2015-05-31 00:25 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-05-24 13:46 - 2015-05-24 13:46 - 00000000 ____D C:\Users\Jurek\AppData\Local\Avg
2015-05-23 01:44 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-23 01:44 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-21 11:20 - 2015-05-21 11:20 - 00000000 _____ C:\Users\Jurek\AppData\Local\{B52A4833-D64A-484F-AB47-130AF92A8704}
2015-05-19 09:52 - 2015-05-19 09:52 - 00287200 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2015-05-17 18:36 - 2015-05-17 18:36 - 00561248 _____ (Oracle Corporation) C:\Users\Jurek\Desktop\jxpiinstall.exe
2015-05-17 18:15 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-17 18:15 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-17 18:15 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-17 18:15 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-17 18:15 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-17 18:15 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-17 18:15 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-17 18:15 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-17 18:15 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-17 18:14 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-17 18:14 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-17 18:14 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-17 18:14 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-17 18:14 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-17 18:14 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-17 18:14 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-17 18:14 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-17 18:14 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-17 18:14 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-17 18:14 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-12 14:39 - 2015-05-12 14:39 - 00281568 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
2015-05-12 14:36 - 2015-05-12 14:36 - 00253408 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys
2015-05-12 14:36 - 2015-05-12 14:36 - 00224224 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2015-05-07 13:50 - 2015-05-07 13:50 - 00378336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys
2015-04-25 13:34 - 2015-06-24 12:49 - 00000992 _____ C:\Users\Public\Desktop\AVG 2015.lnk

==================== Three Months Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-22 22:09 - 2012-09-22 20:04 - 00000000 ____D C:\ProgramData\MFAData
2015-07-19 16:29 - 2009-07-14 06:45 - 00411984 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-19 16:28 - 2015-04-06 03:01 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-19 16:28 - 2015-04-06 03:01 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-19 16:28 - 2014-12-14 04:17 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-19 16:28 - 2014-05-07 00:58 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-19 16:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-19 09:31 - 2012-05-13 05:51 - 02004307 _____ C:\Windows\WindowsUpdate.log
2015-07-19 09:08 - 2012-07-28 12:32 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-19 09:06 - 2009-07-14 06:45 - 00031296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-19 09:06 - 2009-07-14 06:45 - 00031296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-19 09:01 - 2013-05-18 13:13 - 00000000 ___RD C:\Users\Jurek\Dropbox
2015-07-19 09:01 - 2013-05-18 13:08 - 00000000 ____D C:\Users\Jurek\AppData\Roaming\Dropbox
2015-07-19 09:01 - 2012-07-28 12:32 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-19 09:01 - 2012-07-28 12:32 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-19 09:01 - 2012-07-28 12:32 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-19 09:00 - 2013-06-04 00:08 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2015-07-19 09:00 - 2012-05-13 06:00 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-19 08:51 - 2009-07-14 07:13 - 00792452 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-19 08:44 - 2013-08-01 19:21 - 00174321 _____ C:\Windows\setupact.log
2015-07-19 08:44 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-19 08:33 - 2013-09-06 13:20 - 00192010 _____ C:\Windows\PFRO.log
2015-07-19 00:01 - 2012-09-02 18:30 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-18 23:42 - 2012-05-13 06:00 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-18 23:25 - 2012-07-28 12:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-18 23:18 - 2013-09-29 20:33 - 00000000 ____D C:\ProgramData\AVG Security Toolbar
2015-07-18 22:54 - 2012-12-08 22:25 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-18 22:53 - 2014-12-26 14:16 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-18 22:48 - 2013-02-18 23:42 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1555867607-2248845844-4263563132-1001UA.job
2015-07-18 22:48 - 2013-02-18 23:42 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1555867607-2248845844-4263563132-1001Core.job
2015-07-18 22:37 - 2012-05-13 06:00 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-18 22:37 - 2012-05-13 06:00 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-06-24 12:49 - 2014-04-01 03:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

==================== Files in the root of some directories =======

2013-09-29 20:33 - 2014-04-27 17:45 - 0001704 _____ () C:\Program Files (x86)\Mozilla Firefoxnation-secure-search.xml
2013-07-31 12:09 - 2013-07-31 12:09 - 0423709 _____ () C:\Users\Jurek\AppData\Local\mysearchdial_speedial_v9.0.2.crx
2015-05-21 11:20 - 2015-05-21 11:20 - 0000000 _____ () C:\Users\Jurek\AppData\Local\{B52A4833-D64A-484F-AB47-130AF92A8704}
2013-06-29 11:04 - 2013-06-29 11:08 - 0000388 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\Jurek\AppData\Local\Temp\APNSetup.exe
C:\Users\Jurek\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpm7g9cw.dll
C:\Users\Jurek\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Jurek\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Jurek\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Jurek\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Jurek\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\Jurek\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Jurek\AppData\Local\Temp\jre-8u40-windows-au.exe
C:\Users\Jurek\AppData\Local\Temp\nsbE9D6.exe
C:\Users\Jurek\AppData\Local\Temp\nsh3980.exe
C:\Users\Jurek\AppData\Local\Temp\nsm350B.exe
C:\Users\Jurek\AppData\Local\Temp\nsm372E.exe
C:\Users\Jurek\AppData\Local\Temp\nswE794.exe
C:\Users\Jurek\AppData\Local\Temp\nswEC28.exe
C:\Users\Jurek\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Jurek\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Jurek\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jurek\AppData\Local\Temp\SPSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
extendedinput           Yes
default                 {current}
resumeobject            {6a24a184-9caa-11e1-b2e5-f0def1ec969c}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 0
customactions           0x10000ba000001
                        0x54000001
custom:54000001         {5b07c2dc-d899-11e1-974f-7ce9d3bc4c92}
custom:5400000f         {5b07c2dc-d899-11e1-974f-7ce9d3bc4c92}

Windows Boot Loader
-------------------
identifier              {5b07c2dc-d899-11e1-974f-7ce9d3bc4c92}
device                  ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{5b07c2dd-d899-11e1-974f-7ce9d3bc4c92}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{5b07c2dd-d899-11e1-974f-7ce9d3bc4c92}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {5b07c2dc-d899-11e1-974f-7ce9d3bc4c92}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {6a24a184-9caa-11e1-b2e5-f0def1ec969c}
nx                      OptIn

Resume from Hibernate
---------------------
identifier              {6a24a184-9caa-11e1-b2e5-f0def1ec969c}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {5b07c2dd-d899-11e1-974f-7ce9d3bc4c92}
description             Ramdisk Options
ramdisksdidevice        partition=\Device\HarddiskVolume1
ramdisksdipath          \Recovery\WindowsRE\boot.sdi

Setup Ramdisk Options
---------------------
identifier              {ramdiskoptions}
description             Ramdisk options
ramdisksdidevice        boot
ramdisksdipath          \boot\boot.sdi



LastRegBack: 2015-06-28 18:52

==================== End of log ============================
         
--- --- ---

Alt 24.07.2015, 09:46   #8
jurekjurek
 
Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus - Standard

Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus



2) addition.txtFRST Additions Logfile:
[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
Ran by Jurek at 2015-07-24 10:37:04
Running from D:\
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1555867607-2248845844-4263563132-500 - Administrator - Disabled)
Guest (S-1-5-21-1555867607-2248845844-4263563132-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1555867607-2248845844-4263563132-1002 - Limited - Enabled)
Jurek (S-1-5-21-1555867607-2248845844-4263563132-1001 - Administrator - Enabled) => C:\Users\Jurek

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4500_G510nz_Help_Web (x32 Version: 000.0.440.000 - Hewlett-Packard) Hidden
4500G510nz_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510nz_web (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Toolbar (HKLM-x32\...\{4F524A2D-5637-4300-76A7-A758B70C1D00}) (Version: 12.29.0.224 - APN, LLC) <==== ATTENTION
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6037 - AVG Technologies)
AVG 2015 (Version: 15.0.4392 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.6037 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.1.4.948 - AVG Technologies)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.2200 - Broadcom Corporation)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Canon CanoScan Toolbox 5.0 (HKLM-x32\...\CanoScan Toolbox 5.0) (Version:  - )
CanoScan LiDE 600F (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.26 - Piriform)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.0 - Conexant)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
DisplayFusion 7.1 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 7.1.0.0 - Binary Fortress Software)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.4 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-1555867607-2248845844-4263563132-1001\...\Dropbox) (Version: 3.6.8 - Dropbox, Inc.)
Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.15 - Evernote Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
HP Officejet 4500 G510n-z (HKLM\...\{F27CFD16-939A-4232-98CD-180898D14713}) (Version: 13.0 - HP)
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel PROSet Wireless (x32 Version:  - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.2.22.0 (HKLM-x32\...\{387B63A5-5016-1015-B06B-A9A1030E3125}) (Version: 1.2.22.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2476 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{25FBDA9A-E868-4B3B-B9FF-D923818511A1}) (Version: 14.2.0000 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - )
Lenovo Patch Utility (HKLM-x32\...\{24E92E7A-6848-4747-A3EA-3AAC0576BE52}) (Version: 1.0.1.1 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (HKLM\...\{39A04221-294E-4D90-A0F2-CCB1EF15CB56}) (Version: 1.2.0.1 - Lenovo Group Limited)
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)
Lenovo Screen Reading Optimizer (HKLM-x32\...\{91A29166-4E1B-4664-B70B-4C4A3B6B3372}) (Version: 1.15 - Lenovo)
Lenovo SimpleTap (HKLM\...\{EFC9FE7C-ECE8-4282-8F77-FEDCAD374C77}) (Version: 3.0.0010.00 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{828CE72E-718B-4FDC-A469-8DE674CE8C4D}) (Version: 1.0.006.00 - Lenovo Group Limited)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Lenovo)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 3.00.006.0 - Lenovo)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM-x32\...\{7F8205DE-DDFA-4156-ADA2-766E9CB4FABC}) (Version: 3.0.0011.00 - Lenovo Group Limited)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 1.1.500.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 130.0.550.000 - Hewlett-Packard) Hidden
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-1555867607-2248845844-4263563132-1001\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.60.03 - )
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.4.3 - Frank Heindörfer, Philip Chinery)
RapidBoot (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.11 - Lenovo)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.12.11.11 - Conduit) <==== ATTENTION
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SopCast 3.5.0 (HKLM-x32\...\SopCast) (Version: 3.5.0 - www.sopcast.com)
System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.01.0015 - Lenovo)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.2200 - Broadcom Corporation)
ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.63.00.10 - )
ThinkPad Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.63 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.36.0 - )
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.74 - Lenovo)
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.03 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.07 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{502EE63C-9A62-4330-8F8B-1EAB51B7BB46}) (Version: 5.9.4.6882 - UPEK Inc.)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.5.13 - VeriSign)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows 7 Codec Pack 4.0.4 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: 4.0.4 - Windows 7 Codec Pack)
Windows Driver Package - Intel (e1cexpress) Net  (08/04/2011 11.12.38.2001) (HKLM\...\63880A9F40B9FAAD6DCE70BBFA350093067E1E3B) (Version: 08/04/2011 11.12.38.2001 - Intel)
Windows Driver Package - Intel System  (09/10/2010 9.2.0.1011) (HKLM\...\0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows Driver Package - Intel System  (09/10/2010 9.2.0.1011) (HKLM\...\8058FF31D7C7F4818DC176DAF53CD379968C86E4) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows Driver Package - Intel System  (11/20/2010 9.2.0.1016) (HKLM\...\43B5066463CEBC83E99586A67037B6F9FC4193FE) (Version: 11/20/2010 9.2.0.1016 - Intel)
Windows Driver Package - Intel USB  (12/21/2010 9.2.0.1021) (HKLM\...\0DD5528A211904214F70A66DE6ADBD378B21566D) (Version: 12/21/2010 9.2.0.1021 - Intel)
Windows Driver Package - Lenovo 1.63.00.10 (06/21/2011 1.63.00.10) (HKLM\...\07870527D698B459CD67B2A59A26645B2C152DE1) (Version: 06/21/2011 1.63.00.10 - Lenovo)
Windows Driver Package - Synaptics (SynTP) Mouse  (12/01/2011 15.3.36.0) (HKLM\...\B9F747896491CB2E36D226D27C1C02F48C07AE33) (Version: 12/01/2011 15.3.36.0 - Synaptics)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1555867607-2248845844-4263563132-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jurek\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1555867607-2248845844-4263563132-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Jurek\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1555867607-2248845844-4263563132-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jurek\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1555867607-2248845844-4263563132-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jurek\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1555867607-2248845844-4263563132-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jurek\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1555867607-2248845844-4263563132-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jurek\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1555867607-2248845844-4263563132-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jurek\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1555867607-2248845844-4263563132-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jurek\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1555867607-2248845844-4263563132-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jurek\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1555867607-2248845844-4263563132-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jurek\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)

==================== Restore Points =========================

09-06-2015 16:26:34 Scheduled Checkpoint
10-06-2015 13:17:49 Windows Update
17-06-2015 14:21:10 Scheduled Checkpoint
28-06-2015 20:11:56 Scheduled Checkpoint
18-07-2015 23:57:21 Windows Update
19-07-2015 09:28:33 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2012-12-06 00:13 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06DD8FA3-440A-4B01-863B-6668EE6FFA99} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {0BC30568-DA92-4C33-945D-907AD35CB3D5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-12-19] (Piriform Ltd)
Task: {0C82A316-D47B-4C12-A237-BEDE26792499} - System32\Tasks\Lenovo\SROptimizer => %TRPATH%\SRORest.exe
Task: {0EDA02B8-FF74-4D5E-AD7D-9B82477CE2A5} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Device Center\itype.exe [2012-06-26] (Microsoft Corporation)
Task: {169109C5-501B-47E2-A0B6-5FEE63F943B7} - System32\Tasks\Lenovo\Message Center Plus Launcher => C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe [2011-12-21] (Lenovo)
Task: {257B11D5-3EA1-4273-AEA4-AF862BFFDC3A} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe [2012-06-26] (Microsoft)
Task: {36C627BF-6951-4148-AD2E-B29AD510E88E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1555867607-2248845844-4263563132-1001Core => C:\Users\Jurek\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-02-18] (Facebook Inc.)
Task: {3749F544-04D0-480B-92BD-E37A0B396665} - System32\Tasks\DiskUpdate => C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe [2009-02-10] ()
Task: {54E19114-9F09-4378-B199-DE1A1F92D2D0} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Device Center\ipoint.exe [2012-06-26] (Microsoft Corporation)
Task: {635A6954-2BBF-478C-8EB1-57D0105DA6E3} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{385B44B1-1DEE-4129-A990-E58C002F62EF}.exe
Task: {6843579D-CEBC-4748-8E7F-2473EC0C20A2} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2012-01-10] (Lenovo)
Task: {6F19BDBC-AE79-4AA1-A4DB-607D0630B2C4} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1555867607-2248845844-4263563132-1001Core => C:\Users\Jurek\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {80ACBAB6-AFF5-49E5-BD11-57D691CFBDB4} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1555867607-2248845844-4263563132-1001UA => C:\Users\Jurek\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-02-18] (Facebook Inc.)
Task: {819FFBDE-289B-4E2B-976F-469E21A42D2B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {81B1E4EF-9789-4DD3-B631-A83E5608C97F} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1555867607-2248845844-4263563132-1001UA => C:\Users\Jurek\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {874128A1-A3CA-495B-9720-EC4BB4E9665A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-19] (Adobe Systems Incorporated)
Task: {8A5D5FD3-6DB6-40F5-B9F2-B9FB4A627A06} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [2011-12-21] (Lenovo)
Task: {8AA14E29-FEE7-4744-8AAF-B4EDFED87EE9} - System32\Tasks\{22CF24D6-070F-4FC2-AFF6-8D806914E544} => Firefox.exe hxxp://ui.skype.com/ui/0/5.0.0.152.375/de/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {8FE0ED74-9ECD-4D53-B9A5-1FEC5814C882} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2011-08-31] (Lenovo Group Limited)
Task: {B7BBA6F7-0812-47CB-8AE7-15ACB04B00C5} - System32\Tasks\{7C288CDA-F2C7-4055-A0DE-586821388AEF} => pcalua.exe -a C:\Users\Jurek\Desktop\lide600fvst1212ea15.exe -d C:\Users\Jurek\Desktop
Task: {C4A2252B-8C08-4F01-B1D1-4382A20694CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {DB65A0BF-9B35-4775-83A0-6E0BC818B17D} - System32\Tasks\Lenovo\SimpleTap\Start SimpleTap for Jurek-THINK.Jurek => C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe [2011-12-22] (Lenovo)
Task: {E6A5ACD7-D3B2-4F0C-A410-783BBB850045} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{385B44B1-1DEE-4129-A990-E58C002F62EF}.exe <==== ATTENTION
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1555867607-2248845844-4263563132-1001Core.job => C:\Users\Jurek\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1555867607-2248845844-4263563132-1001UA.job => C:\Users\Jurek\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1555867607-2248845844-4263563132-1001Core.job => C:\Users\Jurek\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1555867607-2248845844-4263563132-1001UA.job => C:\Users\Jurek\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2011-12-21 09:28 - 2012-01-11 16:25 - 00636216 _____ () C:\SWTOOLS\SimpleTap DeskBand\DeskBand64.dll
2012-05-13 05:58 - 2011-08-31 20:03 - 00045568 ____N () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1555867607-2248845844-4263563132-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jurek\AppData\Local\DisplayFusion\Wallpaper_1
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{9C361BB3-29F7-408B-8DA4-FFE81D0E87E2}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{484547D4-1840-43BB-BEFE-130FE9434822}] => (Allow) LPort=2869
FirewallRules: [{B43C13F4-C27A-4E89-9AEB-91F94466C084}] => (Allow) LPort=1900
FirewallRules: [{B5920DAD-5ABF-48B9-A9B8-3AC513EFFF28}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{5D3124C1-2B80-4327-BFA3-57BFE85BBA7F}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{A65659D5-4E55-4F5E-BFC6-21284C91A345}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{31DFD4CF-C2CB-4F3D-A84C-BDB236A8D0BB}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{6BD81EE7-E18C-42BF-A307-1CBDD016E58F}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [{EF53EDF2-DC8E-4422-90C6-E2094F530460}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FB02850C-0EB9-4A91-A75C-0277214EDB37}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F3BA984F-96E4-4AFD-9991-E2E49D44C429}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{73A9421B-BDBE-4EBC-B3A3-F164A5AB8221}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8BC86381-784E-42DB-BD1B-1F11189977BA}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{8AB17FD7-112D-42CC-9847-AF1BE9578DC8}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{8E380F03-5CE0-4673-B117-AE926D801B4A}] => (Allow) C:\Users\Jurek\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{A960AE33-5AB1-427D-A4AC-71546869946E}] => (Allow) C:\Users\Jurek\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{8536FA25-52AD-4F33-A4D0-7623A71C1200}C:\users\jurek\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\jurek\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{BBC4C078-0103-466E-8FCD-9EF4E0F29EF1}C:\users\jurek\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\jurek\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{CE1E23FA-6EB0-429F-9FDE-D6F6810BACDA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{F41ACE30-6A6D-4E43-ABB8-0A2B478A1580}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{9C0B6795-31FE-4CDA-BB11-919CA454E660}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{566F3928-1832-43B0-BBB9-AC385EFC8E62}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{945BFAC5-606B-420B-935B-82CECBB00B7D}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{0278AC23-42F9-427F-B542-E6CEA4416E98}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{8AE0CD71-8A47-4F25-A3AB-5E8AEECA1D27}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{C84BE087-0E8D-45EF-BEB4-D07013C28165}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{099C9CE9-784A-423A-993A-8869D8C55863}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [TCP Query User{547E0A40-67E4-4D1C-84FC-5D56658A564E}C:\users\jurek\desktop\eigene datein\revolt\re-volt\revolt.exe] => (Allow) C:\users\jurek\desktop\eigene datein\revolt\re-volt\revolt.exe
FirewallRules: [UDP Query User{3DD8342A-4472-4499-B9FD-7D4FC44E7520}C:\users\jurek\desktop\eigene datein\revolt\re-volt\revolt.exe] => (Allow) C:\users\jurek\desktop\eigene datein\revolt\re-volt\revolt.exe
FirewallRules: [TCP Query User{87F52F3F-D5D1-4C23-9129-6AB778ABE545}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{23FA8687-87F7-4D6D-BB24-80AE9193312C}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{A507CA67-4F3E-438A-B182-AB77139AB55A}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{5075DCEF-5628-49D0-9611-AAB1A6DC0529}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{4100BAA8-323D-4878-BAE1-C5D140875D4E}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{512726E2-F506-4462-A0F5-68FBEB0F0750}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{2BEBA9A5-EBA1-4877-8239-0DE6A3230AFA}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{D282FD77-29EF-48BE-AE5A-0EECA262DB35}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{132F5716-8309-4F99-86DB-281A3F1DD9FE}] => (Allow) C:\Users\Jurek\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{A0368DAF-DD63-4F0A-B7B3-80A529EE68C8}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{DBEDD44A-F377-4070-B75A-F87986A263A3}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{D7E4C874-5A56-4EA6-ACC8-029682BC50D5}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{E6B4A538-83DF-423E-B472-81129745B8BD}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{E28D5F86-B355-4C49-A9AF-8524C82F5BCE}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{EC994F83-E7E8-45D8-B253-22BBD1C05195}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{45D83D18-FC8F-4A13-BC40-588D623DE86A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{85D3177A-1EFB-49AC-A57F-A9B2C829553E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{AF2422D6-35E2-4388-9FD8-58C9B62B687B}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{291315E0-2DC2-421D-8E44-A0A1E644463F}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{B545E636-7348-4028-B410-08A373FBAF4E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{17EB7477-BC28-483A-831C-D2EC69014759}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{1EBE04F7-C585-4359-BCB6-90E4685A966C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{DE9527E1-B824-46B3-9FC0-5F96B2CF3B28}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{42EEF581-AF44-454C-9D69-D1CC86D00084}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FAB09509-8200-4097-95F0-BD514EB78E99}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{D2D34ADD-C30B-47BF-90D2-1D32714C0F51}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{1EE7196C-8AA2-40AF-A1AC-9857752EFF8A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{23D23565-4EE3-4747-9246-40DE353D7E99}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{82C31AAD-E82A-46A4-BFFC-21120818387D}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{D7459348-2B54-457C-A1D6-7D676B5ADA1D}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9F1FC40B-9BC1-4501-8F81-EE540E333E05}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{127BD396-45AC-4C8F-A69C-342EF5EA51B1}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{92B74467-A408-4F51-B4A2-E02A56292304}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{ED1C6BB3-2C49-4335-9DF8-7ADC85D8E400}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{803A9F36-464E-4916-A611-B385B0C8E8E9}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{7ADC1843-B490-430B-9BFE-BB4D4100A0B1}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{64E043B7-0D15-4FF2-8478-62827D4F3868}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/24/2015 10:37:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/23/2015 10:27:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/22/2015 10:15:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/21/2015 09:50:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/19/2015 05:16:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/19/2015 04:36:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/19/2015 04:27:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/19/2015 09:28:33 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-1555867607-2248845844-4263563132-1001.bak).  hr = 0x80070539, The security ID structure is invalid.
.


Operation:
   OnIdentify event
   Gathering Writer Data

Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {2e9ba213-7706-4768-ba82-d96c07a60293}

Error: (07/19/2015 08:44:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/18/2015 11:57:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-1555867607-2248845844-4263563132-1001.bak).  hr = 0x80070539, The security ID structure is invalid.
.


Operation:
   OnIdentify event
   Gathering Writer Data

Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {521f4636-3ec4-4fc3-ac32-dad9fe14be81}


System errors:
=============
Error: (07/24/2015 10:35:58 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068

Error: (07/24/2015 10:35:58 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068

Error: (07/24/2015 10:35:58 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068

Error: (07/24/2015 10:35:46 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068

Error: (07/24/2015 10:35:46 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068

Error: (07/24/2015 10:35:46 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068

Error: (07/24/2015 10:35:45 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: 
%%1068

Error: (07/24/2015 10:35:42 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\System32\IWMSSvc.dll
Error Code: 21

Error: (07/24/2015 10:35:37 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (07/24/2015 10:35:37 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}


Microsoft Office:
=========================

CodeIntegrity Errors:
===================================
  Date: 2012-12-05 23:12:25.557
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-12-05 23:12:25.510
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 19%
Total physical RAM: 3979.23 MB
Available physical RAM: 3214.03 MB
Total Virtual: 7956.68 MB
Available Virtual: 7228.72 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:135.86 GB) (Free:32.97 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (PUBLIC) (Removable) (Total:3.59 GB) (Free:3.52 GB) FAT32
Drive q: (Lenovo_Recovery) (Fixed) (Total:11.72 GB) (Free:2.25 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: 186BBC21)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=135.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 3.6 GB) (Disk ID: 2C6B7369)
No partition Table on disk 1.

==================== End of log ============================
         
--- --- ---

--- --- ---


3) shortcut.txt

Users shortcut scan result (x64) Version:20-07-2015
Ran by Jurek at 2015-07-24 10:37:33
Running from D:\
Boot Mode: Safe Mode (with Networking)
==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)



Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Lenovo App Shop.lnk -> C:\SWTOOLS\AppShopLauncher\AppShopLauncher.exe (Lenovo)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1031-7B44-AB0000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk -> C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIP Access.lnk -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPUIManager.exe (Symantec Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk -> C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk -> C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Mesh.lnk -> C:\Program Files (x86)\Windows Live\Mesh\WLSync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Writer.lnk -> C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriter.exe (Microsoft Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack\Uninstall.lnk -> C:\Windows\System32\C2MP\Uninst.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack\Helpful Resources\How to play unusual files.lnk -> C:\Windows\SysWOW64\C2MP\doc_open_with.pdf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files (x86)\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast\SopCast web site.lnk -> C:\Program Files (x86)\SopCast\SopCast web site.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast\SopCast.lnk -> C:\Program Files (x86)\SopCast\SopCast.exe (SopCast - Free P2P internet TV | live football, NBA, cricket)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast\Uninstall.lnk -> C:\Program Files (x86)\SopCast\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Re-Volt\Re-Volt.lnk -> C:\Spiele\ReVolt\editor\revolt.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Re-Volt\Uninstall.lnk -> C:\Spiele\ReVolt\editor\uninst.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Historie.lnk -> C:\Program Files (x86)\PDFCreator\History.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\PDFArchitect.lnk -> C:\Program Files (x86)\PDFCreator\PDFArchitect\PDFArchitect.exe (pdfforge GbR)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\PDFCreator Hilfe.lnk -> C:\Program Files (x86)\PDFCreator\PDFCreator_german.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\PDFCreator im Internet.lnk -> C:\Program Files (x86)\PDFCreator\PDFCreator.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\PDFCreator.lnk -> C:\Program Files (x86)\PDFCreator\PDFCreator.exe (pdfforge pdfforge | The free PDF Creator, Converter and PDF Editor)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Translation Tool.lnk -> C:\Program Files (x86)\PDFCreator\languages\TransTool.exe (pdfforge pdfforge | The free PDF Creator, Converter and PDF Editor)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Unterstütze PDFCreator.lnk -> C:\Program Files (x86)\PDFCreator\Unterstütze PDFCreator.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Licenses\AFPL License.lnk -> C:\Program Files (x86)\PDFCreator\AFPL License.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Licenses\FairPlay License.lnk -> C:\Program Files (x86)\PDFCreator\FairPlay License.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Licenses\GPL License.lnk -> C:\Program Files (x86)\PDFCreator\GNU License.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Images2PDF\Images2PDF.lnk -> C:\Program Files (x86)\PDFCreator\Images2PDF\Images2PDF.exe (pdfforge GbR)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005\Visual Studio Tools\Visual Studio 2005 Remote Debugger Configuration Wizard.lnk -> C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\rdbgwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Access 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Groove 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\GrooveIcon.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office InfoPath 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office OneNote 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Outlook 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office PowerPoint 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Publisher 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Digital Certificate for VBA Projects.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Clip Organizer.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office 2007 Language Settings.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Diagnostics.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center\Microsoft Mouse and Keyboard Center.lnk -> c:\Windows\Installer\{AEF6C676-D7A2-4487-BD4B-1BED17B229B5}\DeviceCenter.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools\Active Protection System.lnk -> C:\Windows\System32\TpShCPL.cpl (Lenovo.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools\Create Recovery Media.lnk -> C:\Program Files (x86)\Lenovo\Factory Recovery\recovburncd.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools\Lenovo User Guide.lnk -> C:\ProgramData\Lenovo\userguides\viewer\LenovoUserGuide.exe (Lenovo)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools\Power Manager.lnk -> C:\Program Files (x86)\ThinkPad\Utilities\PWMUI.EXE (Lenovo Group Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools\System Update.lnk -> C:\Program Files (x86)\Lenovo\System Update\tvsu.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools\ThinkVantage Fingerprint Software.lnk -> C:\Program Files\ThinkVantage Fingerprint Software\ctlcntrv.exe (UPEK Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools\Warranty Information.lnk -> C:\Program Files (x86)\Lenovo\Warranty Viewer\WarrantyViewer.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Über iTunes.lnk -> C:\Program Files\iTunes\iTunes.Resources\de.lproj\About iTunes.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Wireless Display\INSTALL Intel(R) Wireless Display.lnk -> C:\SWTOOLS\DRIVERS\WiDi\WiDiSetup.exe (Lenovo Group Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel Control Center.lnk -> C:\Program Files (x86)\Intel\Intel Control Center\IntelControlCenter.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Officejet 4500 G510n-z\Help.lnk -> C:\Program Files (x86)\HP\Digital Imaging\Help\inkjet28.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Officejet 4500 G510n-z\Product Support Website.lnk -> C:\Program Files (x86)\HP\Digital Imaging\HP Officejet 4500 G510n-z\help\HP Product Support Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Officejet 4500 G510n-z\Readme.lnk -> C:\Program Files (x86)\HP\Digital Imaging\{F27CFD16-939A-4232-98CD-180898D14713}\help\readme.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote\Evernote.lnk -> C:\Windows\Installer\{F761359C-9CED-45AE-9A51-9D6605CD55C4}\Evernote.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\DVDVideoSoft Free Studio.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe (DvdVideoSoft Ltd. )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Free YouTube to MP3 Converter.lnk -> C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe (DVDVideoSoft Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Log Report.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\DVSSysReport.exe (DVDVideoSoft Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Premium Membership.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\PremiumMembershipOffer.exe (DVDVideoSoft Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Uninstall.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby\Dolby Home Theater Demo.lnk -> C:\Program Files (x86)\Dolby Home Theater v4\pcee4d.exe (Dolby Laboratories Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby\Dolby Home Theater.lnk -> C:\Program Files (x86)\Dolby Home Theater v4\pcee4l.exe (Dolby Laboratories Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion\DisplayFusion Uninstall.lnk -> C:\Program Files (x86)\DisplayFusion\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion\DisplayFusion.lnk -> C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe (Binary Fortress Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\Uninstall CCleaner.lnk -> C:\Program Files\CCleaner\uninst.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan LiDE 600F\Liesmich.lnk -> C:\Program Files\CanonBJ\IJScan\CNQ4802\readme_German.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\CanoScan Toolbox 5.0\CanoScan Toolbox 5.0 Liesmich.lnk -> C:\Program Files (x86)\Canon\CanoScan Toolbox Ver5.0\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\CanoScan Toolbox 5.0\CanoScan Toolbox 5.0.lnk -> C:\Program Files (x86)\Canon\CanoScan Toolbox Ver5.0\CSTBox.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2015.lnk -> C:\Program Files (x86)\AVG\AVG2015\avgui.exe (AVG Technologies CZ, s.r.o.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Microsoft .NET Framework 2.0 Configuration.lnk -> C:\Program Files (x86)\Microsoft Visual Studio 8\SDK\v2.0\Bin\mscorcfg.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk -> C:\Windows\System32\NetProj.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Intel\ExtremeGraphics\CUI\Resource\Intel® HD Graphics.lnk -> C:\Windows\System32\GfxUI.exe (Intel Corporation)
Shortcut: C:\ProgramData\Intel\ExtremeGraphics\CUI\Resource\Intel® HD-Grafik.lnk -> C:\Windows\System32\GfxUI.exe (Intel Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Jurek\Links\Desktop.lnk -> C:\Users\Jurek\Desktop ()
Shortcut: C:\Users\Jurek\Links\Downloads.lnk -> C:\Users\Jurek\Downloads ()
Shortcut: C:\Users\Jurek\Links\Dropbox.lnk -> C:\Users\Jurek\Dropbox ()
Shortcut: C:\Users\Jurek\Desktop\Jordanien.lnk -> C:\Users\Jurek\Desktop\Eigene Datein\PVPM\Jordanien ()
Shortcut: C:\Users\Jurek\Desktop\Eigene Datein\Uni\Master\3. Block\Seminararbeit\Call Göttgens\Fragen.lnk -> C:\Users\Jurek\Desktop\Eigene Datein\Uni\Master\3. Block\Seminararbeit\Call Wüstemann\Fragen an Wüstemann.xlsx ()
Shortcut: C:\Users\Jurek\Desktop\Eigene Datein\Papa\VuS\POWER POINT\Weberbank Grundschulung 17. Mai 2005.lnk -> C:\Präsentationen 05\Weberbank Grundschulung 17. Mai 2005.ppt (No File)
Shortcut: C:\Users\Jurek\Desktop\Eigene Datein\Papa\VuS\Organisation\Finanzplaner 1.10.lnk -> C:\Program Files\Finanzportal24\Finanzplaner\Finanzplaner.exe (No File)
Shortcut: C:\Users\Jurek\Desktop\Eigene Datein\Papa\VuS\Organisation\Hoppenstedt Auskunfts-CD Großunternehmen.lnk -> C:\Program Files\Guoncd32\Hfdb32.exe (No File)
Shortcut: C:\Users\Jurek\Desktop\Eigene Datein\Papa\VuS\Organisation\Hoppenstedt Auskunfts-CD Mittelständische Unternehmen.lnk -> C:\Program Files\Muoncd32\Hfdb32.exe (No File)
Shortcut: C:\Users\Jurek\Desktop\Eigene Datein\Papa\VuS\Organisation\Verknüpfung mit Druckvorlagen.lnk -> C:\Users\Jurek\Desktop\DEMOKRATEN\Phönix 2006\Druckvorlagen (No File)
Shortcut: C:\Users\Jurek\Desktop\Eigene Datein\Papa\VuS\Organisation\Was bringt das AltersEinkünfteGesetz Artus Tagung.lnk -> C:\Präsentationen 05\Was bringt das AltersEinkünfteGesetz Artus Tagung.ppt (No File)
Shortcut: C:\Users\Jurek\Desktop\Eigene Datein\Papa\VuS\Organisation\Weberbank\Vorsorge- und Steuerrechner.lnk -> C:\Program Files\OASE\OASE.exe (No File)
Shortcut: C:\Users\Jurek\Desktop\Eigene Datein\Papa\VuS\Demokraten 2008\DEMOKRATEN\Phönix 2006\Druckvorlagen\KlickTel2002.lnk -> D:\Programme\klickTel Januar 2002\Ktel32.exe (No File)
Shortcut: C:\Users\Jurek\Desktop\Eigene Datein\Papa\VuS\Demokraten 2008\DEMOKRATEN\Phönix 2006\Druckvorlagen\Word Vorlagen vom Server kopieren.lnk -> G:\Batch\Kopien vom Server\Vorlagen.bat (No File)
Shortcut: C:\Users\Jurek\Desktop\Eigene Datein\Papa\VuS\Akquisition\Microsoft PowerPoint.lnk -> C:\Programme\Microsoft Office\Office\Powerpnt.exe (No File)
Shortcut: C:\Users\Jurek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Jurek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\Jurek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\Jurek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Jurek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Jurek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite\CopyTrans Control Center.lnk -> C:\Users\Jurek\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransControlCenter.exe (WindSolutions)
Shortcut: C:\Users\Jurek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Jurek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Jurek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Jurek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Jurek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Jurek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Jurek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Jurek\AppData\Roaming\Microsoft\Windows\SendTo\Dropbox.lnk -> C:\Users\Jurek\Dropbox ()
Shortcut: C:\Users\Jurek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Jurek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Jurek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\Users\Jurek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Jurek\AppData\Local\Microsoft\Windows\GameExplorer\{CA252239-B513-46F0-A3FE-FAE6ADA6F593}\PlayTasks\0\Play.lnk -> C:\Users\Jurek\Desktop\Eigene Datein\revolt\Re-Volt\revolt.exe ()
Shortcut: C:\Users\Jurek\AppData\Local\Microsoft\Windows\GameExplorer\{6AF80B05-755D-4FEA-9319-1347F7ED38E7}\PlayTasks\0\Play.lnk -> C:\Spiele\ReVolt\revolt.exe ()
Shortcut: C:\Users\Public\Desktop\AVG 2015.lnk -> C:\Program Files (x86)\AVG\AVG2015\avgui.exe (AVG Technologies CZ, s.r.o.)
Shortcut: C:\Users\Public\Desktop\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)




ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Business-in-a-Box Installer.lnk -> C:\SWTOOLS\BIZTREE\MODULECUST\execcmd.exe () -> C:\SWTOOLS\BIZTREE\MODULECUST\SETUP.cmd
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\SimpleTap.lnk -> C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe (Lenovo) -> /CALLER=TASKBAR
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Device Experience.lnk -> C:\Windows\System32\Dxpserver.exe (Microsoft Corporation) -> /c
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{26EE0668-A00A-44D7-9371-BEB064C98683}\2\::{A8A91A66-3A7D-4424-8D24-04E180695C7A}\Provider%5CMicrosoft.Base.DeviceDisplayObjects//DDO:%7B00000000-0000-0000-FFFF-FFFFFFFFFFFF%7D\cat{8AA6B0C2-14A6-4da8-BF36-F7D93ACE9ACE}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack\ffdshow Audio.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\Windows\SysWOW64\ffdshow.ax,configureAudio
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack\ffdshow DXVA Configuration.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\Windows\SysWOW64\ffdshow.ax,configureDXVA
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack\ffdshow Raw Video.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\Windows\SysWOW64\ffdshow.ax,configureRaw
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack\ffdshow VFW.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\Windows\SysWOW64\ff_vfw.dll,configureVFW
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack\ffdshow Video Configuration.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\Windows\SysWOW64\ffdshow.ax,configure
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack\ffdshow x64 Audio.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> ffdshow.ax,configureAudio
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack\ffdshow x64 DXVA Configuration.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\Windows\system32\ffdshow.ax,configureDXVA
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack\ffdshow x64 Raw Video.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\Windows\system32\ffdshow.ax,configureRaw
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack\ffdshow x64 VFW.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\Windows\system32\ff_vfw.dll,configureVFW
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack\ffdshow x64 Video Configuration.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\Windows\system32\ffdshow.ax,configure
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack\Haali Splitter Config.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\Windows\SysWOW64\splitter.ax,Configure
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack\LAV Audio Configuration.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> LAVAudio.ax,OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack\LAV Splitter Configuration.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> LAVSplitter.ax,OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack\LAV Video Configuration.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> LAVVideo.ax,OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack\LAV x64 Audio Configuration.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\Windows\system32\LAVAudio.ax,OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack\LAV x64 Splitter Configuration.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\Windows\system32\LAVSplitter.ax,OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack\LAV x64 Video Configuration.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\Windows\system32\LAVVideo.ax,OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack\VSFilter Config.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\Windows\SysWOW64\vsfilter.dll,DirectVobSub
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack\VSFilter x64 Config.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\Windows\system32\vsfilter.dll,DirectVobSub
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Reset VLC media player preferences and cache files.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe () -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe () -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Images2PDF\Images2PDF Console Application.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "C:\Program Files (x86)\PDFCreator\Images2PDF\Images2PDFC.exe"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)\Microsoft Excel Starter 2010.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Excel Starter 2010 9014006604090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)\Microsoft Word Starter 2010.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Word Starter 2010 9014006604090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)\Microsoft Office 2010 Tools\Microsoft Clip Organizer.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Clip Organizer 9014006604090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)\Microsoft Office 2010 Tools\Microsoft Office 2010 Upload Center.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Office 2010 Upload Center 9014006604090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)\Microsoft Office 2010 Tools\Microsoft Office Picture Manager.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Office Picture Manager 9014006604090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)\Microsoft Office 2010 Tools\Microsoft Office Starter To-Go Device Manager 2010.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Office Starter To-Go Device Manager 2010 9014006604090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\Deinstallieren.lnk -> C:\Program Files\McAfee Security Scan\uninstall.exe (McAfee, Inc.) -> C:\Program Files\McAfee Security Scan\3.8.150\McAfee.ico
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\McUICnt.exe (McAfee, Inc.) -> SecurityScanner.dll
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools\Message Center Plus.lnk -> C:\Program Files (x86)\Lenovo\Message Center Plus\MCPConfig.exe (Lenovo) -> /page=viewall
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Officejet 4500 G510n-z\Add A Device.lnk -> C:\Program Files (x86)\HP\Digital Imaging\{F27CFD16-939A-4232-98CD-180898D14713}\hpzstub.exe (Hewlett-Packard) -> -addadevice
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Officejet 4500 G510n-z\Configure Wireless Settings.lnk -> C:\Program Files (x86)\HP\Digital Imaging\{F27CFD16-939A-4232-98CD-180898D14713}\hpzstub.exe (Hewlett-Packard) -> -addadevice -usbsetup
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Officejet 4500 G510n-z\Product Registration.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwrg.exe (Hewlett-Packard Company) -> "HP Officejet 4500 G510n-z"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Officejet 4500 G510n-z\Toolbox.lnk -> C:\Program Files (x86)\HP\Digital Imaging\hp officejet 4500 G510n-z\data\hpbLTBX.exe () ->
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Officejet 4500 G510n-z\Uninstall.lnk -> C:\Program Files (x86)\HP\Digital Imaging\{F27CFD16-939A-4232-98CD-180898D14713}\setup\hpzscr40.exe (Hewlett-Packard) -> -datfile hpwscr28.dat -onestop -forcereboot
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion\DisplayFusion Desktop Wallpaper.lnk -> C:\Program Files (x86)\DisplayFusion\DisplayFusionCommand.exe (Binary Fortress Software) -> -windowwallpaper
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion\DisplayFusion Monitor Configuration.lnk -> C:\Program Files (x86)\DisplayFusion\DisplayFusionCommand.exe (Binary Fortress Software) -> -windowmonitorconfig
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion\DisplayFusion Settings.lnk -> C:\Program Files (x86)\DisplayFusion\DisplayFusionCommand.exe (Binary Fortress Software) -> -windowsettings
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan LiDE 600F\Deinstallieren.lnk -> C:\Windows\System32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\DelDrv.exe (CANON INC.) -> /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802 /L0x0007
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\CanoScan Toolbox 5.0\CanoScan Toolbox 5.0 - Deinstallation.lnk -> C:\Program Files (x86)\Canon\CanoScan Toolbox Ver5.0\Maint.exe (CANON INC.) -> /UninstallRemove C:\Program Files (x86)\Canon\CanoScan Toolbox Ver5.0\uninst.ini
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\ProgramData\Lenovo\LenovoTvtTools\Lenovo Device Experience.lnk -> C:\Windows\System32\Dxpserver.exe (Microsoft Corporation) -> /c
ShortcutWithArgument: C:\ProgramData\Lenovo\LenovoTvtTools\Lenovo Think.lnk -> C:\Windows\System32\Dxpserver.exe (Microsoft Corporation) -> /c
ShortcutWithArgument: C:\ProgramData\Lenovo\LenovoTvtTools\Lenovo ThinkVantage Tools.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{26EE0668-A00A-44D7-9371-BEB064C98683}\2\::{A8A91A66-3A7D-4424-8D24-04E180695C7A}\Provider%5CMicrosoft.Base.DeviceDisplayObjects//DDO:%7B00000000-0000-0000-FFFF-FFFFFFFFFFFF%7D\cat{8AA6B0C2-14A6-4da8-BF36-F7D93ACE9ACE}
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Jurek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk -> C:\Users\Jurek\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /systemstartup
ShortcutWithArgument: C:\Users\Jurek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Users\Jurek\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\Users\Jurek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite\Deinstallieren.lnk -> C:\Users\Jurek\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransControlCenter.exe (WindSolutions) -> /uninstall
ShortcutWithArgument: C:\Users\Jurek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -extoff
ShortcutWithArgument: C:\Users\Jurek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Jurek\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Jurek\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack\Package Homepage.url -> hxxp://www.windows7codecs.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack\Helpful Resources\Clone Copy Protected CD's.url -> hxxp://www.slysoft.com/en/clonecd.html?aid=52057
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack\Helpful Resources\Clone Copy Protected DVD's.url -> hxxp://www.slysoft.com/en/clonedvd.html?aid=52057
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack\Helpful Resources\Play any Copy Protected Disc.url -> hxxp://www.slysoft.com/en/anydvd.html?aid=52057
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion\DisplayFusion on the Web.url -> hxxp://www.displayfusion.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> hxxp://www.piriform.com/ccleaner
InternetURL: C:\Users\Jurek\Favorites\Links\Suggested Sites.url -> 0
InternetURL: C:\Users\Jurek\Favorites\Lenovo Recommended Websites\Home.url -> hxxp://www.lenovo.com/welcome/thinkpad
InternetURL: C:\Users\Jurek\Favorites\Lenovo Recommended Websites\iGoogle.url -> hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
InternetURL: C:\Users\Jurek\Favorites\Lenovo Recommended Websites\News.url -> hxxp://www.lenovo.com/news/us/en
InternetURL: C:\Users\Jurek\Favorites\Lenovo Recommended Websites\Product Registration.url -> hxxp://www.lenovo.com/register
InternetURL: C:\Users\Jurek\Favorites\Lenovo Recommended Websites\Products.url -> hxxp://www.lenovo.com/products/us/en
InternetURL: C:\Users\Jurek\Favorites\Lenovo Recommended Websites\Services, Software, and Accessories.url -> hxxp://www.lenovo.com/accessories
InternetURL: C:\Users\Jurek\Favorites\Lenovo Recommended Websites\Support and Downloads.url -> hxxp://www.lenovo.com/support
InternetURL: C:\Users\Jurek\Favorites\Lenovo Recommended Websites\The Intel WiMAX website.url -> hxxp://www.intel.com/go/getwimax
InternetURL: C:\Users\Jurek\Favorites\Lenovo Recommended Websites\ThinkVantage Technologies.url -> hxxp://www.lenovo.com/thinkvantage
InternetURL: C:\Users\Jurek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL -> 0

==================== End of log =============================


Vielen Dank + Grüße
jurekjurek

Alt 24.07.2015, 16:34   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus - Standard

Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus



Windows Repair Tool laufen lassen:
Windows reparieren - so geht's - Anleitungen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 27.07.2015, 15:18   #10
jurekjurek
 
Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus - Standard

Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus



Hallo,
Habe das tool wie beschrieben laufen lassen... Nachdem es fertig war wurde das system heruntergefahren. Beim hochfahren allerdings war das problem nicht behoben... Gibt es noch etwas zu beachten?

Habe es im safemode+network laufen lassen
Gruss
Jurekjurek

Alt 28.07.2015, 07:11   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus - Standard

Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus



Hast Du schon eine Systemwiederherstellung auf nen Punkt vor dem Update versucht?

Ansonsten bleibt eigentlich nur ein Inplace Upgrade.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 28.07.2015, 07:22   #12
jurekjurek
 
Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus - Standard

Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus



Das hab ich leider nie gemacht.

Was ist ein inplace-update?

Gruss
Jurekjurek

Alt 28.07.2015, 11:26   #13
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus - Standard

Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus



Inplace Upgrade:
Reparaturinstallation / Inplace-Upgrade (Windows 7/8) - Microsoft Community
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus
bildschirm, erschein, erscheint, freue, hallo zusammen, hilft, hochfahren, log-in, maus, natürlich, neustart, nicht mehr, normalmodus, problem, samstag, schwarzer, schwarzer bildschim, schwarzer bildschirm, sonntag, weiße, weißer, windows, windows 7, windows update, windows-update, windows7, würde, zusammen



Ähnliche Themen: Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus


  1. Windows 8: Schwarzer Bildschirm, sehe nur noch die Maus und kann nicht booten :(
    Log-Analyse und Auswertung - 04.02.2015 (9)
  2. Windows 7 Laptop Schwarzer Bildschirm, weiße Maus direkt beim Knopf drücken
    Alles rund um Windows - 06.08.2014 (9)
  3. Windows 8 Schwarzer Bildschirm mit Maus (bei Anmeldung)
    Log-Analyse und Auswertung - 25.07.2014 (3)
  4. Schwarzer Bildschirm + Mauszeiger statt Login-Screen
    Log-Analyse und Auswertung - 26.04.2014 (13)
  5. Windows 8: Schwarzer Bildschirm mit beweglicher Maus
    Plagegeister aller Art und deren Bekämpfung - 31.03.2014 (7)
  6. [Windows 7] Nach Login bei Windows erscheint nur noch ein schwarzer Bildschirm mit Mauszeiger
    Plagegeister aller Art und deren Bekämpfung - 12.03.2014 (1)
  7. weißer bildschirm, schwarzer bildschirm, maus laggs nach systemstart, mausbewegungen in boxen.
    Plagegeister aller Art und deren Bekämpfung - 02.12.2013 (3)
  8. Windows Vista schwarzer Bildschirm nur Maus
    Plagegeister aller Art und deren Bekämpfung - 28.09.2013 (11)
  9. Windows 7: Weißer Bildschirm mit sichtbarem Maus-Cursor
    Plagegeister aller Art und deren Bekämpfung - 07.08.2013 (19)
  10. Windows 7 bootet nicht mehr (schwarzer Bildschirm, weiße Maus)
    Plagegeister aller Art und deren Bekämpfung - 30.07.2013 (7)
  11. Virus! Nur schwarzer Bildschirm mit Maus! Windows Vista
    Log-Analyse und Auswertung - 19.07.2013 (5)
  12. Virus! Nur schwarzer Bildschirm mit Maus! Windows Vista
    Mülltonne - 19.07.2013 (1)
  13. Nach Virusentfernung immer noch weißer gesperrter Bildschirm beim Windows Login
    Log-Analyse und Auswertung - 01.02.2013 (15)
  14. Weißer Bildschirm nach Benutzer Login, Windows 7
    Plagegeister aller Art und deren Bekämpfung - 24.01.2013 (24)
  15. Windows 7 schwarzer Bildschirm mit Maus nach dem booten
    Plagegeister aller Art und deren Bekämpfung - 20.11.2012 (62)
  16. weißer Bildschirm bei Windows-Login (Desktop nicht sichtbar)
    Plagegeister aller Art und deren Bekämpfung - 13.10.2012 (5)
  17. Viren? schwarzer Bildschirm nach Windows Login
    Log-Analyse und Auswertung - 03.06.2012 (1)

Zum Thema Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus - Hallo zusammen, ich habe schon gesehen, dass einige hier offensichtliche ein vergleichbares Problem, wie ich haben/hatten: Seit dem letzten Windows-Update kann ich mich leider bei Windows 7 nicht mehr im - Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus...
Archiv
Du betrachtest: Windows 7: Schwarzer LogIn-Bildschirm nur mit weißer Maus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.