Hallo Schritt1
AdwCleaner Logfile: Code:
# AdwCleaner v3.308 - Bericht erstellt am 22/08/2014 um 10:51:32
# Aktualisiert 20/08/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : KH - KH-LENOVO
# Gestartet von : C:\Users\KH\Desktop\adwcleaner_3.308.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Systweak
Ordner Gelöscht : C:\Program Files (x86)\SiteLookup
Ordner Gelöscht : C:\Users\KH\AppData\Roaming\Systweak
Datei Gelöscht : C:\Windows\System32\roboot64.exe
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17239
-\\ Mozilla Firefox v31.0 (x86 de)
[ Datei : C:\Users\KH\AppData\Roaming\Mozilla\Firefox\Profiles\t99j59im.default\prefs.js ]
-\\ Google Chrome v36.0.1985.143
[ Datei : C:\Users\KH\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [2094 octets] - [22/08/2014 10:47:45]
AdwCleaner[R1].txt - [2154 octets] - [22/08/2014 10:49:42]
AdwCleaner[S0].txt - [1969 octets] - [22/08/2014 10:51:32]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2029 octets] ########## --- --- ---
[CODE]
Schritt2 Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 22.08.2014
Suchlauf-Zeit: 11:49:09
Logdatei: mbam.txt
Administrator: Ja
Version: 2.00.2.1012
Malware Datenbank: v2014.08.22.04
Rootkit Datenbank: v2014.08.21.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: KH
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 355288
Verstrichene Zeit: 4 Min, 50 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 0
(No malicious items detected)
Registrierungswerte: 0
(No malicious items detected)
Registrierungsdaten: 0
(No malicious items detected)
Ordner: 0
(No malicious items detected)
Dateien: 0
(No malicious items detected)
Physische Sektoren: 0
(No malicious items detected)
(end) Schritt3
JRT Logfile: Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by KH on 22.08.2014 at 12:05:21,17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Empty Folder] C:\Users\KH\appdata\local\{0E87BD78-AA93-4400-8E5F-1962038C3EDC}
Successfully deleted: [Empty Folder] C:\Users\KH\appdata\local\{9E353CF3-1907-44EE-8518-5E7CF5A1A69A}
Successfully deleted: [Empty Folder] C:\Users\KH\appdata\local\{C007C478-3C7B-4E9C-A683-EA43122C759A}
Successfully deleted: [Empty Folder] C:\Users\KH\appdata\local\{C1DA356C-B779-4AF6-B699-6023C1CA0302}
~~~ FireFox
Emptied folder: C:\Users\KH\AppData\Roaming\mozilla\firefox\profiles\t99j59im.default\minidumps [84 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.08.2014 at 12:15:40,23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --- --- ---
Schritt4
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by KH (administrator) on KH-LENOVO on 22-08-2014 12:21:07
Running from C:\Users\KH\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(UPEK Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Lenovo Group Limited) C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
(Lenovo.) C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
() C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\KH\Desktop\FRST64(1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2697512 2011-02-17] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2010-12-09] (Lenovo.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2011-01-07] (Conexant systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [41320 2011-02-25] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281448 2010-12-16] (Lenovo Group Limited)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [112152 2011-01-17] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020704 2014-08-05] (Wondershare)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (UPEK Inc.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [226920 2011-04-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [192616 2011-04-05] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {05884976-9D39-496C-9E6E-CF1925C65351} URL =
SearchScopes: HKCU - {E10F6853-D8CF-4A60-A036-E8ABE61ACA16} URL =
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler: WSWSVCUchrome - No CLSID Value -
Handler-x32: WSWSVCUchrome - No CLSID Value -
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\KH\AppData\Roaming\Mozilla\Firefox\Profiles\t99j59im.default
FF Homepage: https://www.google.at/?gws_rd=cr
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Website Xplorer - C:\Users\KH\AppData\Roaming\Mozilla\Firefox\Profiles\t99j59im.default\Extensions\{a2bfe612-4cf5-48ea-907c-f3fb25bc9d6b} [2014-08-17]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com [2013-09-11]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2013-09-11]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com [2013-09-11]
Chrome:
=======
CHR HomePage:
CHR StartupUrls: "hxxp://www.google.com"
CHR Extension: (Google Docs) - C:\Users\KH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-20]
CHR Extension: (Google Drive) - C:\Users\KH\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-20]
CHR Extension: (Kaspersky Protection) - C:\Users\KH\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa [2014-08-20]
CHR Extension: (YouTube) - C:\Users\KH\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-20]
CHR Extension: (Google-Suche) - C:\Users\KH\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-20]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\KH\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-08-20]
CHR Extension: (Google Wallet) - C:\Users\KH\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-20]
CHR Extension: (Google Mail) - C:\Users\KH\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-20]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [2014-08-20]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\urladvisor.crx [2013-08-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512 2013-10-06] (Kaspersky Lab ZAO)
R3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [155496 2011-02-03] (Lenovo.)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [28672 2010-12-14] (Lenovo Group Limited) [File not signed]
R2 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1028096 2010-12-11] (Lenovo Group Limited) [File not signed]
S3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1475896 2010-12-11] (Lenovo Group Limited)
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [61440 2008-01-10] (Ulead Systems, Inc.) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-11-07] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-25] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-03-25] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-06] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-06] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2013-12-19] (Kaspersky Lab ZAO)
R3 LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [118016 2009-05-11] (Lenovo)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-22] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-07-05] ()
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13840 2009-03-13] (UPEK Inc.)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [41536 2009-09-24] (Lenovo (United States) Inc.)
S3 WsAudio_Device; C:\Windows\System32\drivers\VirtualAudio.sys [31080 2013-03-25] (Wondershare)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 PCDSRVC{127174DC-C366ED8B-06020101}_0; \??\c:\program files\pc-doctor\pcdsrvc_x64.pkms [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-22 12:15 - 2014-08-22 12:15 - 00001233 _____ () C:\Users\KH\Desktop\JRT.txt
2014-08-22 12:05 - 2014-08-22 12:05 - 00000000 ____D () C:\Windows\ERUNT
2014-08-22 12:02 - 2014-08-22 12:02 - 01016261 _____ (Thisisu) C:\Users\KH\Desktop\JRT.exe
2014-08-22 11:59 - 2014-08-22 11:59 - 00001153 _____ () C:\Users\KH\Desktop\mbam.txt
2014-08-22 11:48 - 2014-08-22 11:48 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-22 11:47 - 2014-08-22 11:47 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-22 11:47 - 2014-08-22 11:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-22 11:47 - 2014-08-22 11:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-22 11:47 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-22 11:47 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-22 11:47 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-22 11:46 - 2014-08-22 11:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\KH\Desktop\mbam-setup-2.0.2.1012(1).exe
2014-08-22 10:54 - 2014-08-22 10:54 - 00002113 _____ () C:\Users\KH\Desktop\AdwCleaner[S0].txt
2014-08-22 10:48 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-22 10:47 - 2014-08-22 10:51 - 00000000 ____D () C:\AdwCleaner
2014-08-22 10:46 - 2014-08-22 10:46 - 01364531 _____ () C:\Users\KH\Desktop\adwcleaner_3.308.exe
2014-08-22 10:36 - 2014-08-22 10:38 - 00000000 ____D () C:\Users\KH\Desktop\Meine Musik
2014-08-22 10:28 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-22 10:28 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-22 10:28 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-22 10:28 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-22 10:28 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-22 10:28 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-22 10:28 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-22 10:28 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-22 10:28 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-22 10:28 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-22 10:28 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-22 10:28 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-22 10:28 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-22 10:28 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-22 00:41 - 2014-08-22 00:41 - 00019653 _____ () C:\Users\KH\Desktop\combofix.txt
2014-08-22 00:38 - 2014-08-22 00:38 - 00019653 _____ () C:\ComboFix.txt
2014-08-22 00:33 - 2014-08-22 00:38 - 00000000 ____D () C:\Qoobox
2014-08-22 00:33 - 2014-08-22 00:37 - 00000000 ____D () C:\Windows\erdnt
2014-08-22 00:33 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-22 00:33 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-22 00:33 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-22 00:33 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-22 00:33 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-22 00:33 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-22 00:33 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-22 00:33 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-22 00:30 - 2014-08-22 00:30 - 05572006 ____R (Swearware) C:\Users\KH\Desktop\ComboFix.exe
2014-08-21 12:48 - 2014-08-22 12:21 - 00021900 _____ () C:\Users\KH\Desktop\FRST.txt
2014-08-21 12:48 - 2014-08-21 12:48 - 02101760 _____ (Farbar) C:\Users\KH\Desktop\FRST64(1).exe
2014-08-21 11:21 - 2014-08-21 12:09 - 00037014 _____ () C:\Users\KH\Downloads\Addition.txt
2014-08-21 11:20 - 2014-08-22 12:21 - 00000000 ____D () C:\FRST
2014-08-21 11:20 - 2014-08-21 12:09 - 00065357 _____ () C:\Users\KH\Downloads\FRST.txt
2014-08-21 11:20 - 2014-08-21 11:20 - 02101760 _____ (Farbar) C:\Users\KH\Downloads\FRST64.exe
2014-08-21 11:08 - 2014-08-22 11:45 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-21 11:08 - 2014-08-21 11:08 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-21 11:08 - 2014-08-21 11:08 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-21 11:08 - 2014-08-21 11:08 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-21 10:23 - 2014-08-21 10:23 - 00004286 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-21 10:23 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-21 10:23 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-21 10:23 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-21 10:20 - 2014-08-21 10:21 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
2014-08-21 10:20 - 2014-08-21 10:21 - 00002025 _____ () C:\Users\Public\Desktop\Adobe Reader 9.lnk
2014-08-20 17:12 - 2014-08-20 17:12 - 00002258 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-20 17:12 - 2014-08-20 17:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-20 17:10 - 2014-08-22 12:20 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-20 17:10 - 2014-08-22 10:53 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-20 17:10 - 2014-08-20 17:15 - 00004098 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-20 17:10 - 2014-08-20 17:15 - 00003846 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-20 17:10 - 2014-08-20 17:12 - 00000000 ____D () C:\Users\KH\AppData\Local\Google
2014-08-20 17:10 - 2014-08-20 17:12 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-20 17:09 - 2014-08-20 17:09 - 18857880 _____ (SUPERAntiSpyware) C:\Users\KH\Downloads\SUPERAntiSpyware.exe
2014-08-20 16:52 - 2014-08-21 12:46 - 00000000 ____D () C:\Users\KH\AppData\Roaming\Nico Mak Computing
2014-08-20 16:52 - 2014-08-20 16:52 - 04892480 _____ (WinZip International LLC ) C:\Users\KH\Downloads\wzmp_8.exe
2014-08-20 13:56 - 2014-08-20 13:56 - 00001170 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-20 13:56 - 2014-08-20 13:56 - 00001158 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-08-20 13:56 - 2014-08-20 13:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-20 13:46 - 2014-08-20 13:46 - 00000000 __SHD () C:\Users\KH\AppData\Local\EmieUserList
2014-08-20 13:46 - 2014-08-20 13:46 - 00000000 __SHD () C:\Users\KH\AppData\Local\EmieSiteList
2014-08-19 18:19 - 2014-08-19 18:19 - 00366936 _____ (Softonic) C:\Users\KH\Downloads\SoftonicDownloader_for_electronic-piano(1).exe
2014-08-19 17:56 - 2014-08-19 17:56 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-19 17:54 - 2014-08-19 17:55 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\KH\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-19 17:21 - 2014-08-19 17:23 - 00000000 ____D () C:\Users\KH\Documents\Java
2014-08-19 17:20 - 2014-08-19 17:20 - 00623144 _____ () C:\Users\KH\Downloads\setup.exe
2014-08-17 13:35 - 2014-08-17 13:35 - 00000000 ____D () C:\Users\KH\Downloads\freepiano_2.2.1_win32
2014-08-17 13:34 - 2014-08-17 13:34 - 03105031 _____ () C:\Users\KH\Downloads\freepiano_2.2.1_win32.zip
2014-08-14 03:00 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 03:00 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 03:00 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 03:00 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 03:00 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 03:00 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 03:00 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 03:00 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 07:50 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-13 07:50 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 07:50 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-13 07:50 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 07:50 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-13 07:50 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 07:50 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 07:50 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 07:50 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 07:50 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 07:50 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 07:50 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 07:50 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 07:50 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 07:50 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 07:50 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 07:50 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 07:50 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 07:50 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 07:50 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 07:50 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 07:50 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 07:50 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 07:50 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 07:50 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 07:50 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 07:50 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 07:49 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 07:49 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 07:49 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 07:49 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 07:49 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 07:49 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 07:49 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 07:49 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 07:49 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 07:49 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 07:49 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 07:49 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 07:49 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 07:49 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 07:49 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 07:49 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 07:49 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 07:49 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 07:49 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 07:49 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 07:49 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 07:49 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 07:49 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 07:49 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 07:49 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 07:49 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 07:49 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 07:49 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 07:49 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 07:49 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 07:49 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 07:49 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 07:49 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 07:49 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 07:49 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 07:49 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 07:49 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 07:49 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 07:49 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 07:49 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 07:49 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 07:49 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 07:49 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 07:49 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 07:49 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 07:49 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 07:49 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 07:49 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 07:49 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 07:49 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 07:49 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 07:49 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 07:49 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 07:49 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 07:49 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 07:49 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 07:47 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 07:47 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-13 07:47 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 07:47 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-07-29 15:15 - 2014-07-29 15:15 - 00001794 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-29 15:15 - 2014-07-29 15:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-29 15:15 - 2014-07-29 15:15 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-29 15:15 - 2014-07-29 15:15 - 00000000 ____D () C:\Program Files\iTunes
2014-07-29 15:15 - 2014-07-29 15:15 - 00000000 ____D () C:\Program Files\iPod
2014-07-29 15:15 - 2014-07-29 15:15 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-27 16:05 - 2014-07-27 16:05 - 00000000 ____D () C:\Users\KH\AppData\Roaming\NVIDIA
2014-07-27 16:04 - 2014-07-27 16:20 - 00000000 ____D () C:\Users\KH\AppData\Roaming\Wondershare Video Converter Ultimate
2014-07-27 16:04 - 2014-07-27 16:05 - 00000000 ____D () C:\Users\KH\Documents\Wondershare Video Converter Ultimate
2014-07-27 16:04 - 2014-07-27 16:04 - 00000000 ____D () C:\Users\KH\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2014-07-27 16:03 - 2014-08-21 10:16 - 00000000 ____D () C:\ProgramData\Wondershare
2014-07-27 16:03 - 2014-08-11 10:01 - 00000000 ____D () C:\Program Files (x86)\Wondershare
2014-07-27 16:03 - 2014-07-27 16:34 - 00000000 ____D () C:\ProgramData\Wondershare Video Converter Ultimate
2014-07-27 16:03 - 2014-07-27 16:03 - 00000000 ____D () C:\Users\KH\AppData\Local\Wondershare
2014-07-27 16:03 - 2013-03-25 10:46 - 00031080 _____ (Wondershare) C:\Windows\system32\Drivers\VirtualAudio.sys
2014-07-27 15:58 - 2014-07-27 16:00 - 41385552 _____ (Wondershare Software ) C:\Users\KH\Downloads\video-converter-ultimate_full1045.exe
2014-07-27 14:26 - 2014-07-27 14:52 - 48223289 _____ () C:\Users\KH\Downloads\Luciano_Pavarotti_O_Sole_Mio(Karaoke_Video_(MP4)_mit_farbigem_Hintergrund)_55973.mp4
2014-07-27 13:21 - 2014-07-27 13:26 - 00000000 ____D () C:\Users\KH\Documents\Downloads Lieder
2014-07-27 13:12 - 2014-07-27 13:13 - 00000000 ____D () C:\Users\KH\Documents\Fax
2014-07-26 13:47 - 2014-08-13 12:23 - 00000000 ____D () C:\Users\KH\AppData\Local\Windows Live
2014-07-23 00:26 - 2014-08-20 13:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-22 12:21 - 2014-08-21 12:48 - 00021900 _____ () C:\Users\KH\Desktop\FRST.txt
2014-08-22 12:21 - 2014-08-21 11:20 - 00000000 ____D () C:\FRST
2014-08-22 12:20 - 2014-08-20 17:10 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-22 12:17 - 2013-09-11 15:12 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-08-22 12:16 - 2011-07-05 08:47 - 00000382 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2014-08-22 12:15 - 2014-08-22 12:15 - 00001233 _____ () C:\Users\KH\Desktop\JRT.txt
2014-08-22 12:14 - 2011-07-05 08:47 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-08-22 12:05 - 2014-08-22 12:05 - 00000000 ____D () C:\Windows\ERUNT
2014-08-22 12:02 - 2014-08-22 12:02 - 01016261 _____ (Thisisu) C:\Users\KH\Desktop\JRT.exe
2014-08-22 11:59 - 2014-08-22 11:59 - 00001153 _____ () C:\Users\KH\Desktop\mbam.txt
2014-08-22 11:48 - 2014-08-22 11:48 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-22 11:47 - 2014-08-22 11:47 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-22 11:47 - 2014-08-22 11:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-22 11:47 - 2014-08-22 11:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-22 11:47 - 2014-08-22 11:46 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\KH\Desktop\mbam-setup-2.0.2.1012(1).exe
2014-08-22 11:45 - 2014-08-21 11:08 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-22 11:25 - 2009-07-14 06:45 - 00031296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-22 11:25 - 2009-07-14 06:45 - 00031296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-22 11:25 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-22 10:57 - 2011-07-05 18:25 - 00705124 _____ () C:\Windows\system32\perfh007.dat
2014-08-22 10:57 - 2011-07-05 18:25 - 00151492 _____ () C:\Windows\system32\perfc007.dat
2014-08-22 10:57 - 2011-07-05 08:46 - 01603633 _____ () C:\Windows\WindowsUpdate.log
2014-08-22 10:57 - 2009-07-14 07:13 - 01629444 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-22 10:54 - 2014-08-22 10:54 - 00002113 _____ () C:\Users\KH\Desktop\AdwCleaner[S0].txt
2014-08-22 10:53 - 2014-08-20 17:10 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-22 10:53 - 2011-07-05 08:41 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-22 10:52 - 2010-11-21 05:47 - 00154044 _____ () C:\Windows\PFRO.log
2014-08-22 10:52 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-22 10:52 - 2009-07-14 06:51 - 00091273 _____ () C:\Windows\setupact.log
2014-08-22 10:52 - 2009-07-14 06:45 - 00440656 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-22 10:51 - 2014-08-22 10:47 - 00000000 ____D () C:\AdwCleaner
2014-08-22 10:46 - 2014-08-22 10:46 - 01364531 _____ () C:\Users\KH\Desktop\adwcleaner_3.308.exe
2014-08-22 10:39 - 2014-04-01 09:24 - 00000000 ____D () C:\Users\KH\Desktop\Divers
2014-08-22 10:38 - 2014-08-22 10:36 - 00000000 ____D () C:\Users\KH\Desktop\Meine Musik
2014-08-22 10:38 - 2014-07-06 14:11 - 00000000 ____D () C:\Users\KH\Desktop\Trudi 95,2
2014-08-22 01:06 - 2014-02-26 04:01 - 01653598 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-08-22 00:41 - 2014-08-22 00:41 - 00019653 _____ () C:\Users\KH\Desktop\combofix.txt
2014-08-22 00:38 - 2014-08-22 00:38 - 00019653 _____ () C:\ComboFix.txt
2014-08-22 00:38 - 2014-08-22 00:33 - 00000000 ____D () C:\Qoobox
2014-08-22 00:37 - 2014-08-22 00:33 - 00000000 ____D () C:\Windows\erdnt
2014-08-22 00:37 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-22 00:30 - 2014-08-22 00:30 - 05572006 ____R (Swearware) C:\Users\KH\Desktop\ComboFix.exe
2014-08-21 12:48 - 2014-08-21 12:48 - 02101760 _____ (Farbar) C:\Users\KH\Desktop\FRST64(1).exe
2014-08-21 12:46 - 2014-08-20 16:52 - 00000000 ____D () C:\Users\KH\AppData\Roaming\Nico Mak Computing
2014-08-21 12:09 - 2014-08-21 11:21 - 00037014 _____ () C:\Users\KH\Downloads\Addition.txt
2014-08-21 12:09 - 2014-08-21 11:20 - 00065357 _____ () C:\Users\KH\Downloads\FRST.txt
2014-08-21 11:20 - 2014-08-21 11:20 - 02101760 _____ (Farbar) C:\Users\KH\Downloads\FRST64.exe
2014-08-21 11:08 - 2014-08-21 11:08 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-21 11:08 - 2014-08-21 11:08 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-21 11:08 - 2014-08-21 11:08 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-21 10:47 - 2011-07-05 08:47 - 00003448 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
2014-08-21 10:47 - 2011-07-05 08:47 - 00000000 ____D () C:\ProgramData\PCDr
2014-08-21 10:23 - 2014-08-21 10:23 - 00004286 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-21 10:23 - 2014-07-13 13:26 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-21 10:23 - 2014-03-06 11:14 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-21 10:21 - 2014-08-21 10:20 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
2014-08-21 10:21 - 2014-08-21 10:20 - 00002025 _____ () C:\Users\Public\Desktop\Adobe Reader 9.lnk
2014-08-21 10:20 - 2013-08-23 11:59 - 00000000 ____D () C:\Users\KH\AppData\Local\Adobe
2014-08-21 10:20 - 2011-07-05 08:43 - 00000000 ____D () C:\ProgramData\Adobe
2014-08-21 10:20 - 2011-07-05 08:43 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-21 10:16 - 2014-07-27 16:03 - 00000000 ____D () C:\ProgramData\Wondershare
2014-08-20 17:15 - 2014-08-20 17:10 - 00004098 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-20 17:15 - 2014-08-20 17:10 - 00003846 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-20 17:12 - 2014-08-20 17:12 - 00002258 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-20 17:12 - 2014-08-20 17:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-20 17:12 - 2014-08-20 17:10 - 00000000 ____D () C:\Users\KH\AppData\Local\Google
2014-08-20 17:12 - 2014-08-20 17:10 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-20 17:09 - 2014-08-20 17:09 - 18857880 _____ (SUPERAntiSpyware) C:\Users\KH\Downloads\SUPERAntiSpyware.exe
2014-08-20 16:52 - 2014-08-20 16:52 - 04892480 _____ (WinZip International LLC ) C:\Users\KH\Downloads\wzmp_8.exe
2014-08-20 13:56 - 2014-08-20 13:56 - 00001170 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-20 13:56 - 2014-08-20 13:56 - 00001158 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-08-20 13:56 - 2014-08-20 13:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-20 13:56 - 2014-07-23 00:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-20 13:46 - 2014-08-20 13:46 - 00000000 __SHD () C:\Users\KH\AppData\Local\EmieUserList
2014-08-20 13:46 - 2014-08-20 13:46 - 00000000 __SHD () C:\Users\KH\AppData\Local\EmieSiteList
2014-08-20 13:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Branding
2014-08-19 18:19 - 2014-08-19 18:19 - 00366936 _____ (Softonic) C:\Users\KH\Downloads\SoftonicDownloader_for_electronic-piano(1).exe
2014-08-19 18:14 - 2011-07-05 08:49 - 00000000 ____D () C:\Windows\de
2014-08-19 17:56 - 2014-08-19 17:56 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-19 17:55 - 2014-08-19 17:54 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\KH\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-19 17:23 - 2014-08-19 17:21 - 00000000 ____D () C:\Users\KH\Documents\Java
2014-08-19 17:20 - 2014-08-19 17:20 - 00623144 _____ () C:\Users\KH\Downloads\setup.exe
2014-08-17 13:35 - 2014-08-17 13:35 - 00000000 ____D () C:\Users\KH\Downloads\freepiano_2.2.1_win32
2014-08-17 13:34 - 2014-08-17 13:34 - 03105031 _____ () C:\Users\KH\Downloads\freepiano_2.2.1_win32.zip
2014-08-16 18:27 - 2014-06-16 12:57 - 00000000 ____D () C:\Users\KH\Documents\meine Lieder
2014-08-16 18:23 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-08-14 12:59 - 2010-11-21 09:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-08-14 03:22 - 2013-08-22 12:54 - 00000000 ___RD () C:\Users\KH\Virtual Machines
2014-08-14 03:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 03:05 - 2013-08-23 12:19 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 03:03 - 2013-09-11 15:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 03:02 - 2013-09-11 15:02 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 03:00 - 2014-04-23 09:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-13 12:23 - 2014-07-26 13:47 - 00000000 ____D () C:\Users\KH\AppData\Local\Windows Live
2014-08-11 10:01 - 2014-07-27 16:03 - 00000000 ____D () C:\Program Files (x86)\Wondershare
2014-08-07 04:06 - 2014-08-13 07:47 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 07:47 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 21:06 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-05 09:20 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-01 01:41 - 2014-08-13 07:49 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-13 07:49 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-29 15:15 - 2014-07-29 15:15 - 00001794 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-29 15:15 - 2014-07-29 15:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-29 15:15 - 2014-07-29 15:15 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-29 15:15 - 2014-07-29 15:15 - 00000000 ____D () C:\Program Files\iTunes
2014-07-29 15:15 - 2014-07-29 15:15 - 00000000 ____D () C:\Program Files\iPod
2014-07-29 15:15 - 2014-07-29 15:15 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-27 16:34 - 2014-07-27 16:03 - 00000000 ____D () C:\ProgramData\Wondershare Video Converter Ultimate
2014-07-27 16:20 - 2014-07-27 16:04 - 00000000 ____D () C:\Users\KH\AppData\Roaming\Wondershare Video Converter Ultimate
2014-07-27 16:05 - 2014-07-27 16:05 - 00000000 ____D () C:\Users\KH\AppData\Roaming\NVIDIA
2014-07-27 16:05 - 2014-07-27 16:04 - 00000000 ____D () C:\Users\KH\Documents\Wondershare Video Converter Ultimate
2014-07-27 16:04 - 2014-07-27 16:04 - 00000000 ____D () C:\Users\KH\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2014-07-27 16:03 - 2014-07-27 16:03 - 00000000 ____D () C:\Users\KH\AppData\Local\Wondershare
2014-07-27 16:00 - 2014-07-27 15:58 - 41385552 _____ (Wondershare Software ) C:\Users\KH\Downloads\video-converter-ultimate_full1045.exe
2014-07-27 14:52 - 2014-07-27 14:26 - 48223289 _____ () C:\Users\KH\Downloads\Luciano_Pavarotti_O_Sole_Mio(Karaoke_Video_(MP4)_mit_farbigem_Hintergrund)_55973.mp4
2014-07-27 13:26 - 2014-07-27 13:21 - 00000000 ____D () C:\Users\KH\Documents\Downloads Lieder
2014-07-27 13:13 - 2014-07-27 13:12 - 00000000 ____D () C:\Users\KH\Documents\Fax
2014-07-27 12:28 - 2013-08-22 12:51 - 00125736 _____ () C:\Users\KH\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-26 19:15 - 2011-07-05 08:43 - 00000000 ____D () C:\Program Files (x86)\Corel
2014-07-26 19:14 - 2013-11-02 21:17 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-07-26 19:12 - 2014-01-15 19:46 - 00000952 ___SH () C:\ProgramData\KGyGaAvL.sys
2014-07-25 16:52 - 2014-08-13 07:49 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-25 16:02 - 2014-08-13 07:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-25 16:01 - 2014-08-13 07:49 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 15:51 - 2014-08-13 07:49 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-25 15:30 - 2014-08-13 07:49 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 15:28 - 2014-08-13 07:49 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 15:28 - 2014-08-13 07:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 15:25 - 2014-08-13 07:49 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 15:25 - 2014-08-13 07:49 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 15:11 - 2014-08-13 07:49 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 15:10 - 2014-08-13 07:49 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 15:04 - 2014-08-13 07:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-25 15:03 - 2014-08-13 07:49 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 15:00 - 2014-08-13 07:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 15:00 - 2014-08-13 07:49 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 14:59 - 2014-08-13 07:49 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 14:47 - 2014-08-13 07:49 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 14:40 - 2014-08-13 07:49 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 14:34 - 2014-08-13 07:49 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-25 14:34 - 2014-08-13 07:49 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-25 14:33 - 2014-08-13 07:49 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-25 14:30 - 2014-08-13 07:49 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-25 14:28 - 2014-08-13 07:49 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 14:28 - 2014-08-13 07:49 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 14:21 - 2014-08-13 07:49 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-25 14:19 - 2014-08-13 07:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 14:18 - 2014-08-13 07:49 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-25 14:17 - 2014-08-13 07:49 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 14:17 - 2014-08-13 07:49 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-25 14:12 - 2014-08-13 07:49 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-25 14:10 - 2014-08-13 07:49 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 14:10 - 2014-08-13 07:49 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-25 14:08 - 2014-08-13 07:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-25 14:06 - 2014-08-13 07:49 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-25 13:52 - 2014-08-13 07:49 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-25 13:47 - 2014-08-13 07:49 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 13:43 - 2014-08-13 07:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 13:42 - 2014-08-13 07:49 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 13:39 - 2014-08-13 07:49 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 13:39 - 2014-08-13 07:49 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 13:36 - 2014-08-13 07:49 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-25 13:34 - 2014-08-13 07:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-25 13:29 - 2014-08-13 07:49 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-25 13:23 - 2014-08-13 07:49 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 13:13 - 2014-08-13 07:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-25 13:07 - 2014-08-13 07:49 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-25 13:07 - 2014-08-13 07:49 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-25 13:03 - 2014-08-13 07:49 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-25 12:55 - 2014-07-13 13:28 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-25 12:52 - 2014-08-13 07:49 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 12:49 - 2014-08-21 10:23 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-25 12:49 - 2014-08-21 10:23 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-25 12:49 - 2014-08-21 10:23 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-25 12:26 - 2014-08-13 07:49 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-25 12:17 - 2014-08-13 07:49 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 12:09 - 2014-08-13 07:49 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-25 12:05 - 2014-08-13 07:49 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-25 12:00 - 2014-08-13 07:49 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-24 13:51 - 2013-08-23 12:49 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-24 13:51 - 2013-08-23 12:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-24 03:01 - 2013-08-23 12:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
Some content of TEMP:
====================
C:\Users\KH\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-17 14:58
==================== End Of Log ============================ --- --- ---
--- --- ---
FRST Additions Logfile: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2014 01
Ran by KH at 2014-08-22 12:21:32
Running from C:\Users\KH\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Illustrator CS (HKLM-x32\...\{91A4AD99-69CE-4745-97B7-0E0DFBECFDE5}) (Version: 11 - Adobe Systems, Inc.)
Adobe Photoshop 6.0 (HKLM-x32\...\Adobe Photoshop 6.0) (Version: 6.0 - Adobe Systems, Inc.)
Adobe Reader 9.5.5 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe SVG Viewer (HKLM-x32\...\Adobe SVG Viewer) (Version: 1.0 - Adobe Systems, Inc.)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.22.00 - )
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.1500 - Broadcom Corporation)
Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.18.0 - Conexant)
Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)
Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) Hidden
Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dienstprogramm "ThinkPad UltraNav" (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Epson Copy Utility 3.5 (HKLM-x32\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.5.0.0 - )
EPSON TWAIN 5 (HKLM-x32\...\{254BEB3E-1085-4D66-9CDC-0152C0DC2E93}) (Version: 5.71.0000 - SEIKO EPSON Corp.)
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Galiastro 4.7.3 (HKLM-x32\...\{4AB11DC7-2FB7-4A41-82C3-1A119BF50B24}) (Version: 4.7.3 - Paessler Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Integrated Camera Driver Installer Package Ver.1.1.0.1141 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1141 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.0.71.0 (HKLM-x32\...\{2C43790E-8470-1027-82D3-DF319F3C410F}) (Version: 1.0.71.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2321 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051F0}) (Version: 7.0.510 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.00 - )
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5717.39 - PC-Doctor, Inc.)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Ihr Firmenname)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 2.02.003.0 - Lenovo)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM-x32\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Treiber 268.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 268.02 - NVIDIA Corporation)
NVIDIA Grafiktreiber 268.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.02 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.19.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.19.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.39.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.0.21 (Version: 1.0.21 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6802 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 268.02 (Version: 268.02 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.0.21 - NVIDIA Corporation) Hidden
Powertraining Noten lernen Version 2.0 (HKLM-x32\...\{06BFD697-968B-4C9D-B971-4DE65C9849B6}_is1) (Version: 2.0 - musicians-place, Thomas Sedlmeier)
RapidBoot (HKLM-x32\...\InstallShield_{C83D5AA1-6A1F-4102-8F7F-C0230DD31FC0}) (Version: 1.00 - Lenovo)
RapidBoot (x32 Version: 1.00 - Lenovo) Hidden
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Rescue and Recovery (HKLM-x32\...\{B383F243-0ABC-4E56-AA30-923B8D85076E}) (Version: 4.31.0010.00 - Lenovo Group Limited)
RICOH Media Driver v2.10.18.02 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.10.18.02 - RICOH)
System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.00.0042 - Lenovo)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.1500 - Broadcom Corporation)
ThinkPad Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.45 - )
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.22 - )
ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.61.00.11 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.14.0 - )
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.00 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.04 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{502EE63C-9A62-4330-8F8B-1EAB51B7BB46}) (Version: 5.9.4.6882 - UPEK Inc.)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.73 - Lenovo)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VueScan x64 (HKLM\...\VueScan x64) (Version: - )
win2day Poker (HKLM-x32\...\win2day Poker ) (Version: - Boss Media AB)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Intel (e1cexpress) Net (12/21/2010 11.8.84.0) (HKLM\...\6D23A494E9A245843FB8584D9307D3E328DF8613) (Version: 12/21/2010 11.8.84.0 - Intel)
Windows-Treiberpaket - Intel (MEIx64) System (10/19/2010 7.0.0.1144) (HKLM\...\90FD26A77B849AE03FF5F07A1CDA7F950406A8D8) (Version: 10/19/2010 7.0.0.1144 - Intel)
Windows-Treiberpaket - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows-Treiberpaket - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\A513FC5E5A08D4EF27F234E91E0E942A0234210B) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows-Treiberpaket - Intel System (10/04/2010 9.2.0.1015) (HKLM\...\FE1BEBFD475BB832AAF104F5C63348E98A9286DF) (Version: 10/04/2010 9.2.0.1015 - Intel)
Windows-Treiberpaket - Intel USB (09/16/2010 9.2.0.1013) (HKLM\...\D97688B8E3830BF9820E15EB8D9552DCBF988CFD) (Version: 09/16/2010 9.2.0.1013 - Intel)
Windows-Treiberpaket - Lenovo (LenovoRd) SmartCardReader (05/11/2009 4.1.0.1) (HKLM\...\9B84710FFAE6C50914FCE568B59E426F1386E7F6) (Version: 05/11/2009 4.1.0.1 - Lenovo)
Windows-Treiberpaket - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11) (HKLM\...\466E9B20D871055D6D3CDA2CDD1D355E978A61AF) (Version: 11/11/2010 1.61.00.11 - Lenovo)
Windows-Treiberpaket - Synaptics (SynTP) Mouse (02/17/2011 15.2.14.0) (HKLM\...\77A943AB876C131591E0EA5DB6AB08D89EE2EA9E) (Version: 02/17/2011 15.2.14.0 - Synaptics)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
12-08-2014 08:51:21 Windows Update
14-08-2014 01:00:12 Windows Update
19-08-2014 10:02:24 Windows Update
19-08-2014 15:23:49 Installed Java 7 Update 51
20-08-2014 15:19:52 Removed Adobe Flash Player 10 ActiveX.
21-08-2014 08:22:46 Installed Java 7 Update 67
22-08-2014 08:28:19 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2014-08-22 00:37 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {12E15112-3C9A-4F7A-91D7-A2DDF2F23CCB} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2011-02-03] (Lenovo Group Limited)
Task: {25C94FA9-6D60-4CC9-98C3-52B99E1DFBE8} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\pcdrcui.exe [2010-12-10] (PC-Doctor, Inc.)
Task: {2E4D0843-70B1-467C-97D3-A898F53BA026} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2010-12-10] ()
Task: {66BF5101-ADF5-432F-8C89-BBCEF32F1431} - System32\Tasks\TVT\UpdateRnR => %TVTCOMMON%\Scheduler\tvtsetsched.exe
Task: {A750535A-8820-40A3-8CF3-4E1E2F89F63E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-20] (Google Inc.)
Task: {B1EC2958-C1BD-4C85-8AE8-3CF2FA1E8720} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe [2010-12-10] (PC-Doctor, Inc.)
Task: {C1ECDC5D-05E9-4235-A438-1CDBEA6C4A8B} - System32\Tasks\TVT\ChangePWD => %RR%\rrcmd.exe
Task: {C5B27F31-0E6C-46F4-B46B-6A537BB0CF0D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {EC455296-E228-47B4-B9B8-E0D136915472} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-27] ()
Task: {EF4FF15E-E145-478D-B2AC-7A1B626FF1A5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-20] (Google Inc.)
Task: {FC6B2FD5-69CC-471D-96EF-F89B4E9A1A1D} - System32\Tasks\TVT\LaunchRnR => %RR%\rrcmd.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\pcdrcui.exe
==================== Loaded Modules (whitelisted) =============
2010-12-17 13:53 - 2010-12-17 13:53 - 01501696 ____N () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-07-05 18:22 - 2011-02-17 12:22 - 00057640 ____N () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
2011-07-05 08:40 - 2010-10-26 05:40 - 00049056 ____N () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2011-07-05 08:40 - 2011-03-06 13:07 - 00094208 ____N () C:\Windows\System32\IccLibDll_x64.dll
2010-12-18 15:50 - 2010-12-18 15:50 - 00173856 ____N () C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll
2009-05-27 22:09 - 2009-05-27 22:09 - 00049976 ____N () C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
2011-07-05 08:42 - 2011-02-03 20:45 - 00054272 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 ____N () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 01044808 ____N () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 ____N () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\kpcengine.2.3.dll
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 ____N () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\dblite.dll
2011-07-05 08:42 - 2010-04-06 09:05 - 02085888 ____N () C:\Program Files\Lenovo\AutoLock\cv210.dll
2011-07-05 08:42 - 2010-04-06 09:04 - 02201088 ____N () C:\Program Files\Lenovo\AutoLock\cxcore210.dll
2014-07-27 16:03 - 2014-08-05 10:22 - 01489408 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2014-07-27 16:03 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2014-08-20 13:56 - 2014-07-17 07:42 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-04-01 14:47 - 2011-04-01 14:47 - 00235112 ____N () C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
Error: (08/22/2014 10:42:13 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash.
Error: (08/22/2014 10:40:07 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-08-22 11:19:23.928
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-22 11:19:23.928
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-22 11:19:23.928
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-22 11:19:23.912
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-22 11:19:23.912
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-22 11:19:23.912
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-22 00:37:07.357
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-08-22 00:37:07.294
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-08-18 11:58:30.381
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-18 11:58:30.381
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 52%
Total physical RAM: 3978.23 MB
Available physical RAM: 1902.13 MB
Total Pagefile: 7954.65 MB
Available Pagefile: 5470.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (Windows7_OS) (Fixed) (Total:132.25 GB) (Free:52.11 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:15.62 GB) (Free:5.63 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: A4DD13A3)
Partition 1: (Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=132.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.6 GB) - (Type=07 NTFS)
==================== End Of Log ============================ --- --- --- |