File frst FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by HASSANEIN (administrator) on HASSANEIN-THINK on 31-03-2015 16:17:51
Running from C:\Users\HASSANEIN\Downloads
Loaded Profiles: HASSANEIN & Gast (Available profiles: HASSANEIN & Gast)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Validity Sensors, Inc.) C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
(Validity Sensors, Inc.) C:\Program Files\Lenovo Fingerprint Reader\SwipeMonitor.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Panasonic Corporation) C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
() C:\FGTech\EOBD2S.exe.delete_on_reboot
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
() C:\Program Files (x86)\Opera\28.0.1750.48\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Users\HASSANEIN\Downloads\zu9puvxy (1).exe
() C:\Users\HASSANEIN\AppData\Local\Temp\8BA4ABAA-5B4745D6-9C627ECE-F291E7CE\bivhH9cD9.exe
() C:\Users\HASSANEIN\AppData\Local\Temp\8BA4ABAA-5B4745D6-9C627ECE-F291E7CE\qkUX6D0zDfWE8R.exe
() C:\Users\HASSANEIN\AppData\Local\Temp\8BA4ABAA-5B4745D6-9C627ECE-F291E7CE\DuhDyNcQIqGQ.exe
() C:\Users\HASSAN~1\AppData\Local\Temp\wingqxji.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
() C:\FGTech\EOBD2S.exe.delete_on_reboot
() C:\Users\HASSAN~1\AppData\Local\Temp\wintmeog.exe
() C:\FGTech\EOBD2S.exe.delete_on_reboot
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2986224 2013-07-09] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [382248 2013-06-20] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [296952 2013-07-17] (Lenovo Group Limited)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-14] (Vimicro)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4315872 2011-06-01] (Lenovo, Inc.)
HKLM-x32\...\Run: [Fastboot] => C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [733936 2015-03-31] (Lenovo)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-06-27] (Geek Software GmbH)
HKLM-x32\...\Run: [767a59f92b9c30421dbaaf7719209dc5] => "C:\Users\HASSANEIN\AppData\Local\Temp\googlemap2.exe" .. <===== ATTENTION
HKLM-x32\...\Run: [googlemap1.exe] => "C:\Users\HASSAN~1\AppData\Local\Temp\googlemap1.exe" <===== ATTENTION
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-02-15] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4194908080-3589016638-193389046-1000\...\Run: [767a59f92b9c30421dbaaf7719209dc5] => "C:\Users\HASSANEIN\AppData\Local\Temp\googlemap2.exe" .. <===== ATTENTION
HKU\S-1-5-21-4194908080-3589016638-193389046-1000\...\Run: [googlemap1.exe] => "C:\Users\HASSAN~1\AppData\Local\Temp\googlemap1.exe" <===== ATTENTION
HKU\S-1-5-21-4194908080-3589016638-193389046-1000\...\Run: [PAS Plus] => C:\Program Files\PAS Plus\pas.exe
HKU\S-1-5-21-4194908080-3589016638-193389046-501\...\MountPoints2: {41b52b10-c033-11e3-8749-806e6f6e6963} - Q:\LenovoQDrive.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HD Writer.lnk
ShortcutTarget: HD Writer.lnk -> C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe (Panasonic Corporation)
Startup: C:\Users\HASSANEIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Renault Twingo Wegfahrsperre deaktivieren.mp3.lnk
ShortcutTarget: Renault Twingo Wegfahrsperre deaktivieren.mp3.lnk -> C:\ProgramData\{a0202a53-952b-9add-a020-02a53952a94e}\Renault Twingo Wegfahrsperre deaktivieren.mp3.exe (No File)
Startup: C:\Users\HASSANEIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ross-Tech VCDS DRV Updater-AIB.lnk
ShortcutTarget: Ross-Tech VCDS DRV Updater-AIB.lnk -> C:\Auto-Intern\VCDS-AIB\VCDS.exe (Ross-Tech, LLC)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-4194908080-3589016638-193389046-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4194908080-3589016638-193389046-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4194908080-3589016638-193389046-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4194908080-3589016638-193389046-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-4194908080-3589016638-193389046-501\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13-comm.msn.com/?pc=LNJB
HKU\S-1-5-21-4194908080-3589016638-193389046-501\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com/?pc=LNJB
HKU\S-1-5-21-4194908080-3589016638-193389046-501\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-4194908080-3589016638-193389046-501\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\HASSANEIN\AppData\Roaming\Mozilla\Firefox\Profiles\bj5tva07.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF NetworkProxy: "backup.ftp", "1080"
FF NetworkProxy: "backup.ftp_port", 30
FF NetworkProxy: "backup.socks", "1080"
FF NetworkProxy: "backup.socks_port", 30
FF NetworkProxy: "backup.ssl", "1080"
FF NetworkProxy: "backup.ssl_port", 30
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 1
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-26] ()
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-02-15] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-26] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-07-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-07-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2013-06-17] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll [2015-01-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll [2015-01-26] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-02-15] (Adobe Systems)
FF SearchPlugin: C:\Users\HASSANEIN\AppData\Roaming\Mozilla\Firefox\Profiles\bj5tva07.default\searchplugins\englische-ergebnisse.xml [2014-10-26]
FF SearchPlugin: C:\Users\HASSANEIN\AppData\Roaming\Mozilla\Firefox\Profiles\bj5tva07.default\searchplugins\gmx-suche.xml [2014-10-26]
FF SearchPlugin: C:\Users\HASSANEIN\AppData\Roaming\Mozilla\Firefox\Profiles\bj5tva07.default\searchplugins\lastminute.xml [2014-10-26]
FF SearchPlugin: C:\Users\HASSANEIN\AppData\Roaming\Mozilla\Firefox\Profiles\bj5tva07.default\searchplugins\webde-suche.xml [2014-10-26]
FF Extension: Amazon-Icon - C:\Users\HASSANEIN\AppData\Roaming\Mozilla\Firefox\Profiles\bj5tva07.default\Extensions\amazon-icon@giga.de [2015-02-25]
FF Extension: WEB.DE MailCheck - C:\Users\HASSANEIN\AppData\Roaming\Mozilla\Firefox\Profiles\bj5tva07.default\Extensions\toolbar@web.de [2015-02-28]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFF [2014-05-16]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn [2014-10-01]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\HASSANEIN\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\HASSANEIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-26]
CHR Extension: (Amazon) - C:\Users\HASSANEIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj [2015-02-25]
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\HASSANEIN\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2015-02-25]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
Locked "241006737" service could not be unlocked. <===== ATTENTION
S2 4072cbd7; c:\Program Files (x86)\SectionLogistics\SectionLogistics.dll [1636864 2015-02-13] () [File not signed]
S3 Browser7Maintenance; C:\Program Files (x86)\Browser 7 Maintenance Service\maintenanceservice.exe [114488 2015-01-27] (Deutsche Telekom AG)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2013-08-01] (Lenovo.)
R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [140016 2013-08-15] (Lenovo)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-07-16] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-07-16] (Intel Corporation)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [199160 2013-07-17] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-10-16] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-17] ()
S2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-06-17] (Nitro PDF Software)
R2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [59384 2013-07-16] (Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [138744 2013-07-16] (Lenovo Group Limited)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-06-18] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
R2 ValBioService; C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe [24112 2013-05-22] (Validity Sensors, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-04-10] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-17] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 241006737; C:\Windows\System32\Drivers\241006737.sys [25056 2015-03-31] () [File not signed]
S3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20140510.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1385272 2013-08-08] (Motorola Solutions, Inc.)
S3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1405000.01C\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-30] (Intel Corporation)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-05-16] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-05-16] (Symantec Corporation) [File not signed]
S3 Fastboot; C:\Windows\System32\DRIVERS\fastboot.sys [54000 2013-08-15] (Windows (R) Win 7 DDK provider)
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [113096 2013-08-07] (Intel Corporation)
S3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20140522.001\IDSvia64.sys [525016 2014-05-15] (Symantec Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-04-15] ()
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20140522.009\ENG64.SYS [126040 2014-05-16] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20140522.009\EX64.SYS [2099288 2014-05-16] (Symantec Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw02.sys [3434976 2014-04-16] (Intel Corporation)
R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [424664 2013-08-02] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2013-07-09] (Synaptics Incorporated)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1405000.01C\SRTSP64.SYS [796760 2013-05-15] (Symantec Corporation)
S3 SRTSPX; C:\Windows\system32\drivers\NISx64\1405000.01C\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
S3 SymDS; C:\Windows\system32\drivers\NISx64\1405000.01C\SYMDS64.SYS [493656 2013-05-20] (Symantec Corporation)
S3 SymEFA; C:\Windows\system32\drivers\NISx64\1405000.01C\SYMEFA64.SYS [1139800 2013-05-22] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2014-04-10] (Symantec Corporation)
S3 SymIRON; C:\Windows\system32\drivers\NISx64\1405000.01C\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation)
S3 SymNetS; C:\Windows\System32\Drivers\NISx64\1405000.01C\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)
R3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-08] (ThinkVantage Communications Utility)
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [206744 2013-06-20] (Windows (R) Win 7 DDK provider)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1049984 2013-04-30] (Vimicro Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2012-12-30] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-31 18:29 - 2015-03-31 18:29 - 00069112 _____ () C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-31 18:29 - 2015-03-31 18:29 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Leadertech
2015-03-31 18:29 - 2015-03-31 18:29 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\ControlCenter4
2015-03-31 18:29 - 2015-03-31 18:29 - 00000000 ____D () C:\Users\Gast\AppData\Local\Lenovo
2015-03-31 18:29 - 2015-03-31 18:29 - 00000000 ____D () C:\Users\Gast\AppData\Local\Adobe
2015-03-31 18:28 - 2015-03-31 18:29 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Adobe
2015-03-31 18:28 - 2015-03-31 18:28 - 00002258 _____ () C:\Users\Gast\Desktop\Google Chrome.lnk
2015-03-31 18:28 - 2015-03-31 18:28 - 00001432 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-31 18:28 - 2015-03-31 18:28 - 00000020 ___SH () C:\Users\Gast\ntuser.ini
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 _SHDL () C:\Users\Gast\Vorlagen
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 _SHDL () C:\Users\Gast\Startmenü
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 _SHDL () C:\Users\Gast\Netzwerkumgebung
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 _SHDL () C:\Users\Gast\Lokale Einstellungen
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 _SHDL () C:\Users\Gast\Eigene Dateien
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 _SHDL () C:\Users\Gast\Druckumgebung
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 _SHDL () C:\Users\Gast\Documents\Eigene Musik
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 _SHDL () C:\Users\Gast\Documents\Eigene Bilder
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 _SHDL () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 _SHDL () C:\Users\Gast\AppData\Local\Verlauf
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 _SHDL () C:\Users\Gast\AppData\Local\Anwendungsdaten
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 _SHDL () C:\Users\Gast\Anwendungsdaten
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Intel
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 ____D () C:\Users\Gast\AppData\Local\VirtualStore
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2015-03-31 18:28 - 2015-03-31 18:28 - 00000000 ____D () C:\Users\Gast
2015-03-31 18:28 - 2014-06-26 10:54 - 00002131 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2015-03-31 18:28 - 2014-04-10 00:33 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Macromedia
2015-03-31 18:28 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-31 18:28 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-31 17:52 - 2015-03-31 17:52 - 00000589 _____ () C:\Users\Public\Desktop\Galletto Win7.lnk
2015-03-31 17:51 - 2015-03-31 17:51 - 00361233 _____ () C:\Users\HASSANEIN\Downloads\Galletto win7 NO HW ID.rar
2015-03-31 17:50 - 2015-03-31 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Galletto Win7
2015-03-31 17:50 - 2015-03-31 17:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FGTech
2015-03-31 17:50 - 2015-03-31 15:57 - 00000000 ____D () C:\FGTech
2015-03-31 17:50 - 2013-07-06 22:51 - 00000412 _____ () C:\Windows\SysWOW64\regkey.dat
2015-03-31 17:50 - 2013-03-29 16:53 - 00206144 _____ () C:\Windows\SysWOW64\fgt2xx.dll
2015-03-31 16:17 - 2015-03-31 16:18 - 00028196 _____ () C:\Users\HASSANEIN\Downloads\FRST.txt
2015-03-31 16:17 - 2015-03-31 16:17 - 02095616 _____ (Farbar) C:\Users\HASSANEIN\Downloads\FRST64.exe
2015-03-31 15:57 - 2015-03-31 15:57 - 00025056 _____ () C:\Windows\system32\Drivers\241006737.sys
2015-03-31 09:56 - 2015-03-31 09:56 - 00033627 _____ () C:\Users\HASSANEIN\Downloads\F5019000651.rar
2015-03-31 09:36 - 2015-03-31 09:37 - 01087136 _____ () C:\Windows\Minidump\033115-22370-01.dmp
2015-03-30 22:16 - 2015-03-30 22:16 - 00001646 _____ () C:\Users\HASSANEIN\Desktop\ECU_REPAIR_NEW (User-24b92d7e3e) - Verknüpfung.lnk
2015-03-30 13:37 - 2015-03-30 13:37 - 00000000 ____D () C:\Device
2015-03-30 13:12 - 2015-03-30 13:12 - 00000000 ____D () C:\ProgramData\Doctor Web
2015-03-30 13:11 - 2015-03-30 13:37 - 00000000 ____D () C:\Users\HASSANEIN\Doctor Web
2015-03-30 12:16 - 2015-03-30 13:06 - 164662696 _____ () C:\Users\HASSANEIN\Downloads\zu9puvxy (1).exe
2015-03-30 12:16 - 2015-03-30 12:17 - 164662696 _____ () C:\Users\HASSANEIN\Downloads\zu9puvxy.exe
2015-03-29 17:28 - 2015-03-29 17:28 - 01494694 _____ () C:\Users\HASSANEIN\Downloads\wpshopgermany_latest (2).zip
2015-03-29 17:28 - 2015-03-29 17:28 - 01494694 _____ () C:\Users\HASSANEIN\Desktop\wpshopgermany_latest (2).zip
2015-03-29 16:43 - 2015-03-29 16:43 - 00027342 _____ () C:\Users\HASSANEIN\AppData\Local\recently-used.xbel
2015-03-29 16:37 - 2015-03-29 16:37 - 01494694 _____ () C:\Users\HASSANEIN\Downloads\wpshopgermany_latest (1).zip
2015-03-29 16:36 - 2015-03-29 16:37 - 01494694 _____ () C:\Users\HASSANEIN\Downloads\wpshopgermany_latest.zip
2015-03-28 15:53 - 2015-03-28 15:53 - 00000000 ____D () C:\ProgramData\Licenses
2015-03-28 15:53 - 2015-03-28 15:53 - 00000000 ____D () C:\Bdm-To-Go Files
2015-03-28 15:39 - 2015-03-28 15:41 - 00000000 ____D () C:\Users\HASSANEIN\Documents\EVC
2015-03-27 21:15 - 2015-03-27 21:15 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-03-27 16:06 - 2015-03-27 16:06 - 00000280 _____ () C:\Users\HASSANEIN\Downloads\audi a6.rar
2015-03-27 16:05 - 2015-03-27 16:05 - 00000292 _____ () C:\Users\HASSANEIN\Downloads\A6_24C04_off.rar
2015-03-27 16:04 - 2015-03-27 16:04 - 00000218 _____ () C:\Users\HASSANEIN\Downloads\immo of.rar
2015-03-26 15:38 - 2015-03-26 15:38 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-03-26 15:32 - 2015-03-26 15:32 - 00000000 ____D () C:\ProgramData\McAfee
2015-03-26 15:30 - 2015-03-26 15:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-26 15:29 - 2015-03-26 15:29 - 00321472 _____ () C:\Users\HASSANEIN\Downloads\Firefox Setup Stub 36.0.4.exe
2015-03-25 18:33 - 2015-03-25 18:33 - 00001055 _____ () C:\Users\Public\Desktop\Tango.lnk
2015-03-25 18:32 - 2015-03-25 18:34 - 00000000 ____D () C:\Program Files (x86)\Tango Scorpio-LK
2015-03-25 12:09 - 2015-03-11 06:06 - 00943616 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-25 12:09 - 2015-03-11 06:06 - 00760832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-25 12:09 - 2015-03-11 06:06 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-25 12:09 - 2015-03-11 06:06 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-25 12:09 - 2015-03-11 06:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-25 12:09 - 2015-03-11 06:05 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-25 12:09 - 2015-03-11 06:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-03-25 12:09 - 2015-03-11 06:02 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-24 19:21 - 2015-03-26 10:57 - 01721166 _____ () C:\Users\HASSANEIN\Downloads\Video.MOV
2015-03-24 19:21 - 2015-03-24 19:21 - 01721166 _____ () C:\Users\HASSANEIN\Downloads\Video (1).MOV
2015-03-24 02:44 - 2015-03-24 02:44 - 00091541 _____ () C:\Users\HASSANEIN\Downloads\FERTIGGESTELLT KundenNr. ST50009 KR12262.zip
2015-03-22 22:12 - 2015-03-22 22:12 - 00140091 _____ () C:\Users\HASSANEIN\Downloads\kefico (mass (air) flow sensor).rar
2015-03-20 15:09 - 2015-03-20 15:09 - 00144493 _____ () C:\Users\HASSANEIN\Downloads\IAS (Citroen Jumper (Immo Off Version incl. DTCs (Chk)) - 363534)(2).rar
2015-03-20 15:08 - 2015-03-20 15:08 - 00144493 _____ () C:\Users\HASSANEIN\Downloads\IAS (Citroen Jumper (Immo Off Version incl. DTCs (Chk)) - 363534).rar
2015-03-20 15:08 - 2015-03-20 15:08 - 00144493 _____ () C:\Users\HASSANEIN\Downloads\IAS (Citroen Jumper (Immo Off Version incl. DTCs (Chk)) - 363534)(1).rar
2015-03-19 12:22 - 2015-03-19 12:22 - 00000205 _____ () C:\Users\HASSANEIN\Downloads\GOLF_3_WFS_BOX1H0953257B_immo_yes (2).rar
2015-03-19 12:20 - 2015-03-19 12:20 - 00000205 _____ () C:\Users\HASSANEIN\Downloads\GOLF_3_WFS_BOX1H0953257B_immo_yes (1).rar
2015-03-19 12:18 - 2015-03-19 12:18 - 00000191 _____ () C:\Users\HASSANEIN\Downloads\GOLF_3_WFS_BOX1H0953257B_immo_yes.rar
2015-03-19 11:49 - 2015-03-19 11:49 - 00033830 _____ () C:\Users\HASSANEIN\Downloads\GOLF 1.6 BOSCH 314-5 EPROM-87C510 Immo Off.rar
2015-03-19 11:47 - 2015-03-19 11:47 - 00000179 _____ () C:\Users\HASSANEIN\Downloads\golf 3_off.rar
2015-03-19 11:28 - 2015-03-19 11:28 - 00000169 _____ () C:\Users\HASSANEIN\Downloads\OriginalHc05.rar
2015-03-19 11:20 - 2015-03-19 11:20 - 17189552 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-03-18 15:34 - 2015-03-18 15:35 - 02171392 _____ () C:\Users\HASSANEIN\Downloads\adwcleaner_4.112.exe
2015-03-17 00:25 - 2015-03-17 00:25 - 00033485 _____ () C:\Users\HASSANEIN\Downloads\vr6 0261203568 569 .rar
2015-03-16 23:57 - 2015-03-16 23:57 - 08912597 _____ () C:\Users\HASSANEIN\Downloads\edc17.7z
2015-03-16 23:50 - 2015-03-16 23:50 - 00000447 _____ () C:\Users\HASSANEIN\Downloads\a3_18t_immo_ON.rar
2015-03-16 23:22 - 2015-03-28 15:32 - 00000020 _____ () C:\Users\HASSANEIN\AppData\Roaming\appdataFr3.bin
2015-03-15 18:17 - 2015-03-15 18:38 - 2100000000 _____ () C:\Users\HASSANEIN\Downloads\AllData.10.53_Service.Advisor_SA201Q313.part2.rar
2015-03-15 17:56 - 2015-03-15 18:06 - 2100000000 _____ () C:\Users\HASSANEIN\Downloads\AllData.10.53_Service.Advisor_SA201Q313.part1.rar
2015-03-15 17:44 - 2015-03-15 17:52 - 1105765655 _____ () C:\Users\HASSANEIN\Downloads\AllData.10.53_Service.Advisor_SA101Q313.part2.rar
2015-03-15 17:19 - 2015-03-15 17:36 - 2100000000 _____ () C:\Users\HASSANEIN\Downloads\AllData.10.53_Service.Advisor_SA101Q313.part1.rar
2015-03-15 17:18 - 2015-03-15 17:18 - 05368232 _____ () C:\Users\HASSANEIN\Downloads\AllData.10.53_How.to.Install_Run.From.HD_Manual.Info.rar
2015-03-15 17:18 - 2015-03-15 17:18 - 00028859 _____ () C:\Users\HASSANEIN\Downloads\AllData.10.53_2013Q3_Full_Set_DVD_Contain.txt
2015-03-15 17:18 - 2015-03-15 17:18 - 00028859 _____ () C:\Users\HASSANEIN\Downloads\AllData.10.53_2013Q3_Full_Set_DVD_Contain (1).txt
2015-03-15 17:17 - 2015-03-15 17:17 - 89516239 _____ () C:\Users\HASSANEIN\Downloads\AllData.10.53.1000.101_Install_Disk_2013.08.rar
2015-03-15 17:17 - 2015-03-15 17:17 - 02376082 _____ () C:\Users\HASSANEIN\Downloads\AllData.10.52_Crack.only.rar
2015-03-15 17:16 - 2015-03-15 17:16 - 32195618 _____ () C:\Users\HASSANEIN\Downloads\AD.Support_Utilities.rar
2015-03-15 17:16 - 2015-03-15 17:16 - 03193693 _____ () C:\Users\HASSANEIN\Downloads\AD1053_Disable.the.Rearm.of.Activation.for.Ace.rar
2015-03-15 17:00 - 2015-03-15 17:00 - 00002529 _____ () C:\Users\HASSANEIN\Downloads\AllData_Full_Set_LINKS (1).zip
2015-03-15 16:51 - 2015-03-15 16:51 - 00007307 _____ () C:\Users\HASSANEIN\Downloads\All_Data_10.52_Full_Set_LINKS.zip
2015-03-15 16:45 - 2015-03-15 16:45 - 00002529 _____ () C:\Users\HASSANEIN\Downloads\AllData_Full_Set_LINKS.zip
2015-03-11 11:38 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 11:38 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 11:38 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 11:38 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 11:38 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 11:38 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 11:38 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 11:38 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 11:38 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 11:38 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 11:37 - 2015-02-03 05:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 11:37 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 11:37 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 11:37 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 11:37 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 11:37 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 11:37 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 11:37 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 11:37 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 11:37 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 11:37 - 2015-02-03 05:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 11:37 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 11:37 - 2015-02-03 05:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 11:37 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 11:37 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 11:37 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 11:37 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 11:37 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 11:37 - 2015-02-03 05:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 11:37 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 11:37 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 11:37 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 11:37 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 11:37 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 11:37 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 11:37 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 11:37 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 11:37 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 11:37 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 11:37 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 11:37 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 11:37 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 11:37 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 11:35 - 2015-03-06 07:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 11:35 - 2015-03-06 07:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 11:35 - 2015-03-06 07:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 11:35 - 2015-03-06 07:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 11:35 - 2015-03-06 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 11:35 - 2015-03-06 07:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 11:35 - 2015-03-06 07:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 11:35 - 2015-03-06 07:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 11:35 - 2015-03-06 07:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 11:35 - 2015-03-06 07:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 11:35 - 2015-03-06 07:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 11:35 - 2015-03-06 07:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 11:35 - 2015-03-06 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 11:35 - 2015-03-06 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 11:35 - 2015-03-06 07:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 11:35 - 2015-03-06 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 11:35 - 2015-03-06 07:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 11:35 - 2015-03-06 07:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 11:35 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 11:35 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 11:35 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 11:35 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 11:35 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 11:35 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 11:35 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 11:35 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 11:35 - 2015-03-06 07:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 11:35 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 11:35 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 11:35 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 11:35 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 11:35 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 11:34 - 2015-02-26 05:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 11:34 - 2015-02-24 05:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 11:34 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 11:34 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 11:34 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 11:34 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 11:34 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 11:34 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 11:34 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 11:34 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 11:34 - 2015-02-20 05:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 11:34 - 2015-02-20 05:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 11:34 - 2015-02-20 04:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 11:34 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 11:34 - 2015-02-20 04:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 11:34 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 11:34 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 11:34 - 2015-02-20 04:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 11:34 - 2015-02-20 04:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 11:34 - 2015-02-20 04:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 11:34 - 2015-02-20 04:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 11:34 - 2015-02-20 04:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 11:34 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 11:34 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 11:34 - 2015-02-20 04:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 11:34 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 11:34 - 2015-02-20 04:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 11:34 - 2015-02-20 04:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 11:34 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 11:34 - 2015-02-20 04:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 11:34 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 11:34 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 11:34 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 11:34 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 11:34 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 11:34 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 11:34 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 11:34 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 11:34 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 11:34 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 11:34 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 11:34 - 2015-02-20 03:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 11:34 - 2015-02-20 03:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 11:34 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 11:34 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 11:34 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 11:34 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 11:34 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 11:34 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 11:34 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 11:34 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 11:34 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 11:34 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 11:34 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 11:34 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 11:34 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 11:34 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 11:34 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 11:34 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 11:34 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 11:34 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-11 11:34 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 11:34 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 11:34 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 11:34 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 11:34 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 11:34 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-10 02:16 - 2015-03-10 02:16 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-03-10 02:10 - 2015-03-10 02:10 - 00000755 _____ () C:\Users\HASSANEIN\Downloads\WinOLS_LINKS.zip
2015-03-09 19:58 - 2015-03-09 21:48 - 00000119 _____ () C:\Users\HASSANEIN\Desktop\Koranverse interessant.txt
2015-03-08 21:08 - 2015-03-08 21:08 - 00672944 _____ (Adobe Systems Incorporated) C:\Users\HASSANEIN\Downloads\CreativeCloudSet-Up (1).exe
2015-03-08 19:10 - 2015-03-08 19:10 - 00000000 ____D () C:\ProgramData\8707925833061247103
2015-03-08 18:50 - 2015-03-30 13:38 - 00000000 ____D () C:\Program Files (x86)\StatMaker
2015-03-07 15:06 - 2015-03-07 15:12 - 1266477072 _____ (Adobe Systems Incorporated) C:\Users\HASSANEIN\Downloads\FlashPro_12_LS4.exe
2015-03-07 14:54 - 2015-03-07 14:54 - 00001129 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2014.lnk
2015-03-07 14:45 - 2015-03-07 14:45 - 00000999 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Flash Professional CC 2014.lnk
2015-03-07 14:42 - 2015-03-25 18:19 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-03-07 14:40 - 2015-03-08 21:33 - 00000000 ____D () C:\Program Files\Adobe
2015-03-07 14:34 - 2015-03-07 14:34 - 00000000 ___RD () C:\Users\HASSANEIN\Creative Cloud Files
2015-03-07 14:21 - 2015-03-07 14:21 - 00001320 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-03-07 14:12 - 2015-03-07 14:12 - 00672944 _____ (Adobe Systems Incorporated) C:\Users\HASSANEIN\Downloads\CreativeCloudSet-Up.exe
2015-03-05 16:50 - 2015-03-05 16:50 - 00000248 _____ () C:\Users\HASSANEIN\Downloads\6N0909603_HC05B16_crash_clear.rar
2015-03-05 16:49 - 2015-03-05 16:49 - 00000219 _____ () C:\Users\HASSANEIN\Downloads\LKclear.rar
2015-03-05 11:49 - 2015-03-05 11:49 - 00499929 _____ () C:\Users\HASSANEIN\Downloads\Outlook.com (1).zip
2015-03-03 09:33 - 2015-03-03 09:33 - 01203488 _____ () C:\Users\HASSANEIN\Downloads\VLC media player 64 Bit - CHIP-Installer.exe
2015-03-03 02:09 - 2015-03-03 02:11 - 00000000 ____D () C:\Users\HASSANEIN\Desktop\Formulare erstellen
2015-03-03 02:04 - 2015-03-03 02:04 - 00001883 _____ () C:\Users\HASSANEIN\Downloads\iphorm-form-builder.php
2015-03-02 16:28 - 2015-03-02 16:28 - 00824237 _____ () C:\Users\HASSANEIN\Downloads\d01ad202.sql
2015-03-02 15:56 - 2015-03-02 15:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-03-02 15:56 - 2015-03-02 15:56 - 00000000 ____D () C:\Program Files\7-Zip
2015-03-02 15:55 - 2015-03-02 15:55 - 01376768 _____ () C:\Users\HASSANEIN\Downloads\7z920-x64.msi
2015-03-02 11:56 - 2015-03-02 11:58 - 42883064 _____ () C:\Users\HASSANEIN\Downloads\template_39030_69F6xHrM0dCh4R2ciWES.zip
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-31 18:20 - 2014-05-16 16:34 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-31 17:37 - 2014-04-10 00:12 - 01308134 _____ () C:\Windows\WindowsUpdate.log
2015-03-31 17:36 - 2014-06-17 00:34 - 00000000 ____D () C:\Users\HASSANEIN\AppData\Local\Adobe
2015-03-31 17:32 - 2014-04-10 09:37 - 00699342 _____ () C:\Windows\system32\perfh007.dat
2015-03-31 17:32 - 2014-04-10 09:37 - 00149450 _____ () C:\Windows\system32\perfc007.dat
2015-03-31 17:32 - 2009-07-14 07:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-31 16:17 - 2014-10-01 09:48 - 00000000 ____D () C:\FRST
2015-03-31 16:16 - 2009-07-14 06:45 - 00034208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-31 16:16 - 2009-07-14 06:45 - 00034208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-31 16:15 - 2015-01-26 11:10 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-31 09:36 - 2014-05-21 16:34 - 966248467 _____ () C:\Windows\MEMORY.DMP
2015-03-31 09:36 - 2014-05-21 16:34 - 00000000 ____D () C:\Windows\Minidump
2015-03-30 15:41 - 2014-05-20 04:35 - 00044554 _____ () C:\Windows\SysWOW64\QuickControlService.dmp
2015-03-30 15:26 - 2014-07-31 15:19 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-03-30 13:38 - 2015-02-13 12:06 - 00000000 ____D () C:\ProgramData\{a0202a53-952b-9add-a020-02a53952a94e}
2015-03-30 13:11 - 2014-05-16 10:27 - 00000000 ____D () C:\Users\HASSANEIN
2015-03-30 12:03 - 2014-05-24 21:31 - 00000000 ____D () C:\Users\HASSANEIN\AppData\Local\CrashDumps
2015-03-29 16:43 - 2015-02-25 16:15 - 00000000 ____D () C:\Users\HASSANEIN\.gimp-2.8
2015-03-28 15:53 - 2014-04-10 00:37 - 00000000 ____D () C:\ProgramData\Temp
2015-03-28 15:51 - 2015-02-08 15:57 - 00000000 ____D () C:\Program Files\EVC
2015-03-28 15:38 - 2014-05-16 10:30 - 00000000 ____D () C:\Users\HASSANEIN\AppData\Local\VirtualStore
2015-03-27 21:15 - 2014-04-10 00:33 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-27 21:11 - 2014-08-12 00:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-26 15:57 - 2014-05-16 18:32 - 00000000 ____D () C:\Users\HASSANEIN\AppData\Roaming\Nitro PDF
2015-03-26 15:38 - 2014-04-10 00:33 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-03-26 15:32 - 2014-05-16 16:34 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-26 15:32 - 2014-05-16 16:34 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-26 15:32 - 2014-05-16 16:34 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-26 15:30 - 2014-08-12 00:37 - 00001170 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-26 15:30 - 2014-08-12 00:37 - 00001158 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-26 04:19 - 2014-12-12 04:17 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-26 04:19 - 2014-05-20 04:10 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-25 18:33 - 2014-11-26 11:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tango Scorpio-LK
2015-03-25 18:19 - 2014-05-16 10:31 - 00000000 ____D () C:\Users\HASSANEIN\AppData\Roaming\Adobe
2015-03-24 02:43 - 2014-10-17 11:35 - 00000000 ____D () C:\HDW51_TMP
2015-03-18 15:49 - 2014-07-31 15:19 - 00003866 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1406812780
2015-03-18 15:38 - 2014-10-06 10:12 - 00000000 ____D () C:\AdwCleaner
2015-03-17 10:41 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-13 22:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-03-13 04:27 - 2009-07-14 06:45 - 00306656 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-13 04:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-13 04:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-11 20:55 - 2015-02-25 16:58 - 00000000 ____D () C:\Users\HASSANEIN\AppData\Local\gtk-2.0
2015-03-09 00:17 - 2014-12-18 12:37 - 00081920 ___SH () C:\Users\HASSANEIN\Thumbs.db
2015-03-07 14:20 - 2014-04-10 00:20 - 00000000 ____D () C:\ProgramData\Package Cache
==================== Files in the root of some directories =======
2014-05-16 10:27 - 2014-05-19 00:48 - 0005408 _____ () C:\Users\HASSANEIN\AppData\Roaming\AbsoluteReminder.xml
2015-03-16 23:22 - 2015-03-28 15:32 - 0000020 _____ () C:\Users\HASSANEIN\AppData\Roaming\appdataFr3.bin
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\HASSANEIN\AppData\Roaming\QEFL
2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\HASSANEIN\AppData\Roaming\SXLAIST
2015-03-29 16:43 - 2015-03-29 16:43 - 0027342 _____ () C:\Users\HASSANEIN\AppData\Local\recently-used.xbel
2014-05-16 17:05 - 2014-05-16 17:06 - 0034499 _____ () C:\Users\HASSANEIN\AppData\Local\WiDiSetupLog.20140516.170550.wdl
2014-04-10 00:27 - 2014-04-10 00:27 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-04-10 00:39 - 2014-04-10 00:40 - 0000107 _____ () C:\ProgramData\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}.log
2014-04-10 00:37 - 2014-04-10 00:38 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2014-04-10 00:38 - 2014-04-10 00:39 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2014-04-10 00:39 - 2014-04-10 00:39 - 0000115 _____ () C:\ProgramData\{D6E853EC-8960-4D44-AF03-7361BB93227C}.log
Some content of TEMP:
====================
C:\Users\HASSANEIN\AppData\Local\Temp\dateinj01.dll
C:\Users\HASSANEIN\AppData\Local\Temp\SpOrder.dll
C:\Users\HASSANEIN\AppData\Local\Temp\sqlite3.dll
C:\Users\HASSANEIN\AppData\Local\Temp\tf00294823.dll
C:\Users\HASSANEIN\AppData\Local\Temp\wingqxji.exe
C:\Users\HASSANEIN\AppData\Local\Temp\wintmeog.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-25 14:16
==================== End Of Log ============================ --- --- ---
--- --- ---
FRST Additions Logfile: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by HASSANEIN at 2015-03-31 16:19:08
Running from C:\Users\HASSANEIN\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.0.0.19 - Absolute Software)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.1.474 - Adobe Systems Incorporated)
Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.310 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Professional CC 2014 (HKLM-x32\...\{AA704223-E11C-11E3-8A38-C09A633B72AF}) (Version: 14.2 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.0.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Brother MFL-Pro Suite MFC-7360N (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Browser 7 der Telekom 35.0.11 (x86 de) (HKLM-x32\...\Browser 7 der Telekom 35.0.11 (x86 de)) (Version: 35.0.11 - Deutsche Telekom AG)
Browser 7 Maintenance Service (HKLM-x32\...\Browser7MaintenanceService) (Version: 35.0.11 - Deutsche Telekom AG)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.8.2 - Bloodshed Software)
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7/8 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.62.10 - Lenovo Group Limited)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.2.802 - Foxit Corporation)
Freemake Video Converter Version 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
Full Screen (HKLM-x32\...\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}) (Version: - ) <==== ATTENTION
Galletto version 1.0 (HKLM-x32\...\{40DCEDEA-401A-485C-B238-D9E9FADDB132}_is1) (Version: 1.0 - )
Galletto Win7 version 1.1 (HKLM-x32\...\{BF9D514F-E44F-4EF4-AB03-925F44BD3F8E}_is1) (Version: 1.1 - )
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
HD Writer AE 5.1 (HKLM-x32\...\{0303619A-9690-4007-A9D8-CEF5B2CF5A0C}) (Version: 5.01.012.1031 - Panasonic Corporation)
HxD Hex Editor Version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
Integrated Camera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 5.13.514.3 - Vimicro)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.13.1402 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3272 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1332.1) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0366 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{6555226B-7295-4CFD-9D5B-9C8F394BE03A}) (Version: 4.1.41.2234 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{F949AE30-83D1-41B2-92D2-F44478DD058A}) (Version: 4.2.24.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{75895d95-3e4b-42b6-8440-97a0e234aeb3}) (Version: 17.0.2 - Intel Corporation)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.01 - )
Lenovo Fingerprint Manager (HKLM\...\{45CC6269-15F2-4734-A7D1-46A032E85CAE}) (Version: 4.5.127.0 - Validity Sensors, Inc.)
Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.00.02 - )
Lenovo QuickCast (HKLM-x32\...\Lenovo QuickCast_is1) (Version: 2.0.10.0 - Lenovo Group Limited)
Lenovo QuickControl (HKLM-x32\...\{4855C42F-5197-4AAD-A50D-5066D2CC4647}) (Version: 1.10 - Lenovo Group Limited)
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.3 - Lenovo Inc.)
Lenovo Solution Center (HKLM\...\{4C2B6F96-3AED-4E3F-8DCE-917863D1E6B1}) (Version: 2.7.003.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0016 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}) (Version: 3.1.0022.00 - Lenovo Group Limited)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-4194908080-3589016638-193389046-1000\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 36.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 de)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.4 - Mozilla)
MultiEcuX UHDS version 2.01.2.3 (HKLM-x32\...\{2D4186EB-B904-497F-A293-129145AAC143}_is1) (Version: 2.01.2.3 - Smok)
MultiProg version 1.37.0.8 (HKLM-x32\...\{90F9C7B5-E80C-4D74-8E40-1AF3034B3951}_is1) (Version: 1.37.0.8 - Smok)
Nitro Pro 8 (HKLM\...\{C97CFB86-B083-4BAE-90B2-D141500A5ACA}) (Version: 8.5.5.2 - Nitro)
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Opera Stable 28.0.1750.48 (HKLM-x32\...\Opera 28.0.1750.48) (Version: 28.0.1750.48 - Opera Software ASA)
PDF24 Creator 6.6.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
RapidBoot HDD Accelerator (HKLM-x32\...\Fastboot) (Version: 1.1.1.1 - Lenovo)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21237 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7064 - Realtek Semiconductor Corp.)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
Shopping Helper Smartbar Engine (HKU\S-1-5-21-4194908080-3589016638-193389046-1000\...\{1c400b46-f9de-47e8-97ed-bdff5cd99760}) (Version: 11.113.63.19229 - ReSoft Ltd.) <==== ATTENTION
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Tango Version 1.94 (HKLM-x32\...\{58C6F81E-2619-4CDF-A427-B540563B0A00}_is1) (Version: 1.94 - Scorpio-LK Ltd.)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.39052 - TeamViewer)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.4.27 - )
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.1.5.0 - Lenovo)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.77.0.26 - Lenovo)
UltraProg (HKLM-x32\...\UltraProg 14.5.5.0) (Version: 3.2.7.0 - UltraProg.co.uk)
UltraProg (Version: 14.5.5.0 - UltraProg.co.uk) Hidden
VCDS AIB 12.12 (HKLM-x32\...\VCDS AIB) (Version: AIB 12.12 - Auto-Intern GmbH)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Auto-Intern USB-Treiber (03/30/2010 2.06.02) (HKLM\...\42B17F23052FF114E91E57E2287CCEEDF216888D) (Version: 03/30/2010 2.06.02 - Auto-Intern)
Windows-Treiberpaket - Auto-Intern Virtueller COM-Port-Treiber (03/30/2010 2.06.02) (HKLM\...\5EFB68C2F0CD0DB3442B0733C6FAB545A71A88FF) (Version: 03/30/2010 2.06.02 - Auto-Intern)
Windows-Treiberpaket - FTDI CDM Driver Package (02/17/2009 2.04.16) (HKLM\...\2DC0AA065FA83047D7ECD51C7000C1620D79A4C5) (Version: 02/17/2009 2.04.16 - FTDI)
Windows-Treiberpaket - FTDI CDM Driver Package (02/17/2009 2.04.16) (HKLM\...\51A4D522DD31538335EF5736F0E7F588C70BCB12) (Version: 02/17/2009 2.04.16 - FTDI)
Windows-Treiberpaket - Intel (e1dexpress) Net (05/30/2013 12.8.33.0) (HKLM\...\F7EF7D3FC047624123718E936825427CBE9603C0) (Version: 05/30/2013 12.8.33.0 - Intel)
Windows-Treiberpaket - Lenovo 1.67.00.02 (04/17/2013 1.67.00.02) (HKLM\...\907DA143458FE258EFEB416B946DE8DF2B87A0BA) (Version: 04/17/2013 1.67.00.02 - Lenovo)
Windows-Treiberpaket - Synaptics (SmbDrv) System (07/09/2013 16.6.4.27) (HKLM\...\DD595BFA8811E95794F6C59241A045308186FF6D) (Version: 07/09/2013 16.6.4.27 - Synaptics)
Windows-Treiberpaket - Synaptics (SynTP) Mouse (07/09/2013 16.6.4.27) (HKLM\...\B9820F573E0DD3A982ABE811E2913896FAFE911A) (Version: 07/09/2013 16.6.4.27 - Synaptics)
Winols 2.24 (HKLM-x32\...\Winols 2.24) (Version: 2.24 - OLS)
WinRAR 5.10 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-4194908080-3589016638-193389046-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\HASSANEIN\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4194908080-3589016638-193389046-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\HASSANEIN\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4194908080-3589016638-193389046-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\HASSANEIN\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4194908080-3589016638-193389046-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\HASSANEIN\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
20-03-2015 11:37:56 Windows Update
24-03-2015 10:20:51 Windows Update
26-03-2015 04:00:15 Windows Update
31-03-2015 09:42:33 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2014-10-06 10:35 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0B8E07A9-048E-4136-8722-EAEA7D8C5C06} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {0C64D015-8A13-4459-977F-AAC5494DAFB9} - System32\Tasks\{17243A97-9C53-4E6E-A533-773F5FB45F50} => pcalua.exe -a "C:\Program Files (x86)\SupTab\uninstall.exe" -d "C:\Program Files (x86)\SupTab"
Task: {25E1814A-1F77-4998-833C-E1F5308F0ACE} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\WSCStub.exe
Task: {2E265404-1831-4A7F-BCFC-5A85140F9A4B} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-10-16] (Lenovo)
Task: {4115DED7-78A9-426E-AB82-196F4BF4D72D} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2014-06-18] ()
Task: {4BE9FCB5-AB74-497C-A23F-5F794B05E651} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2014-10-16] (Lenovo)
Task: {4C31115C-1D52-4014-9CA6-37444B11E533} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-10-16] (Lenovo)
Task: {4E5520E8-F165-405B-90DB-506CBEAD07AF} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-10-16] ()
Task: {4F71817B-8B48-4D72-99AF-D61A734F78F1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-26] (Google Inc.)
Task: {50B96AAA-77CF-45CF-A47B-D309F12499B6} - System32\Tasks\{3F3EF4A8-AC32-4103-B641-9AEA49902109} => pcalua.exe -a "C:\Program Files (x86)\SupTab\uninstall.exe" -d "C:\Program Files (x86)\SupTab"
Task: {63B90E29-F6CC-4443-B7A6-81709127EE33} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe
Task: {760C4046-289E-4558-8BC4-835A16D20B7E} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-10-04] (Realtek Semiconductor)
Task: {99D06051-E696-43C7-AD13-3C785C16361D} - System32\Tasks\SXLAIST => C:\Users\HASSANEIN\AppData\Roaming\SXLAIST.exe <==== ATTENTION
Task: {99F2E6B8-717E-4B01-A127-C1A05ED75B58} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-26] (Adobe Systems Incorporated)
Task: {9BE80658-FAB4-4C35-BF9D-E6AA3289A077} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2013-08-01] (Lenovo Group Limited)
Task: {9CF6874D-E7AF-4B3E-899E-B5626344661B} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-10-14] (Realtek Semiconductor)
Task: {A6F0A362-192F-4B09-9318-CE1A32288B67} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-26] (Google Inc.)
Task: {B219AE13-638C-4523-B530-E36225F2E319} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {CE616928-C475-41E5-9F8F-FA728CCF66A0} - System32\Tasks\StartPowerDVDService => C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
Task: {D5861008-D825-4F7F-9B71-81752660D372} - System32\Tasks\Opera scheduled Autoupdate 1406812780 => C:\Program Files (x86)\Opera\launcher.exe [2015-03-16] (Opera Software)
Task: {DFC59160-4643-4269-B49B-02E89542A2E2} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe
Task: {E74AB2B2-9D8B-4459-93FB-65BA1B8818C6} - System32\Tasks\QEFL => C:\Users\HASSANEIN\AppData\Roaming\QEFL.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\QEFL.job => C:\Users\HASSANEIN\AppData\Roaming\QEFL.exe <==== ATTENTION
Task: C:\Windows\Tasks\SXLAIST.job => C:\Users\HASSANEIN\AppData\Roaming\SXLAIST.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) ==============
2013-04-15 15:45 - 2013-04-15 15:45 - 00182760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-04-15 15:45 - 2013-04-15 15:45 - 00060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2015-02-11 16:13 - 2015-02-11 16:13 - 00997536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-04-10 00:31 - 2013-08-01 00:02 - 00117248 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2015-02-11 16:12 - 2015-02-11 16:12 - 05739680 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2015-03-31 17:50 - 2015-03-31 15:57 - 00165376 _____ () C:\FGTech\EOBD2S.exe
2015-03-18 15:49 - 2015-03-18 15:49 - 00484472 _____ () C:\Program Files (x86)\Opera\28.0.1750.48\opera_crashreporter.exe
2015-03-30 12:16 - 2015-03-30 13:06 - 164662696 _____ () C:\Users\HASSANEIN\Downloads\zu9puvxy (1).exe
2012-12-30 18:32 - 2012-12-30 18:32 - 02134440 _____ () c:\users\hassanein\appdata\local\temp\8BA4ABAA-5B4745D6-9C627ECE-F291E7CE\bivhH9cD9.exe
2012-12-30 18:32 - 2012-12-30 18:32 - 07154944 _____ () c:\users\hassanein\appdata\local\temp\8BA4ABAA-5B4745D6-9C627ECE-F291E7CE\qkUX6D0zDfWE8R.exe
2012-12-30 18:32 - 2012-12-30 18:32 - 00442680 _____ () c:\users\hassanein\appdata\local\temp\8BA4ABAA-5B4745D6-9C627ECE-F291E7CE\DuhDyNcQIqGQ.exe
2012-12-30 18:34 - 2012-12-30 18:34 - 00012970 ____N () C:\Users\HASSAN~1\AppData\Local\Temp\wingqxji.exe
2012-12-30 17:39 - 2012-12-30 17:39 - 00049834 ____N () C:\Users\HASSAN~1\AppData\Local\Temp\wintmeog.exe
2014-04-10 00:35 - 2013-08-15 06:26 - 00033520 ____N () C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBServiceps.dll
2014-04-10 00:33 - 2011-08-02 20:58 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2014-04-10 00:33 - 2011-08-02 20:58 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2014-05-16 22:57 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-04-10 00:37 - 2013-07-16 09:39 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-02-15 15:58 - 2015-02-15 15:58 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2015-03-18 15:49 - 2015-03-18 15:49 - 01488504 _____ () C:\Program Files (x86)\Opera\28.0.1750.48\libglesv2.dll
2015-03-18 15:49 - 2015-03-18 15:49 - 00079992 _____ () C:\Program Files (x86)\Opera\28.0.1750.48\libegl.dll
2015-03-18 15:49 - 2015-03-18 15:49 - 09625720 _____ () C:\Program Files (x86)\Opera\28.0.1750.48\pdf.dll
2015-02-15 15:58 - 2015-02-15 15:58 - 00746160 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libglesv2.dll
2015-02-15 15:58 - 2015-02-15 15:58 - 00136368 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libegl.dll
2015-03-19 11:20 - 2015-03-19 11:20 - 14964912 _____ () C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_310.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:E8956AB5
AlternateDataStreams: C:\ProgramData\Temp:EFB09287
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MyOSProtect => ""="service" <==== ATTENTION
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4194908080-3589016638-193389046-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\HASSANEIN\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-4194908080-3589016638-193389046-501\Control Panel\Desktop\\Wallpaper -> C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-4194908080-3589016638-193389046-500 - Administrator - Disabled)
Gast (S-1-5-21-4194908080-3589016638-193389046-501 - Limited - Enabled) => C:\Users\Gast
HASSANEIN (S-1-5-21-4194908080-3589016638-193389046-1000 - Administrator - Enabled) => C:\Users\HASSANEIN
HomeGroupUser$ (S-1-5-21-4194908080-3589016638-193389046-1002 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/30/2012 06:26:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/30/2012 05:57:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/31/2015 09:37:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/30/2015 08:38:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/30/2015 03:41:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: QuickControlService.exe, Version: 1.1.0.38, Zeitstempel: 0x51e5b1b2
Name des fehlerhaften Moduls: QuickControlService.exe, Version: 1.1.0.38, Zeitstempel: 0x51e5b1b2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000eb9a
ID des fehlerhaften Prozesses: 0xd28
Startzeit der fehlerhaften Anwendung: 0xQuickControlService.exe0
Pfad der fehlerhaften Anwendung: QuickControlService.exe1
Pfad des fehlerhaften Moduls: QuickControlService.exe2
Berichtskennung: QuickControlService.exe3
Error: (03/30/2015 03:21:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/30/2015 03:17:12 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Der Filterhostprozess kann nicht initialisiert werden. Der Vorgang wird abgebrochen.
Details:
Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben. (HRESULT : 0x800705b4) (0x800705b4)
Error: (03/30/2015 03:13:10 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Der Filterhostprozess kann nicht initialisiert werden. Der Vorgang wird abgebrochen.
Details:
Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben. (HRESULT : 0x800705b4) (0x800705b4)
Error: (03/30/2015 03:09:08 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Der Filterhostprozess kann nicht initialisiert werden. Der Vorgang wird abgebrochen.
Details:
Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben. (HRESULT : 0x800705b4) (0x800705b4)
Error: (03/30/2015 03:05:06 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Der Filterhostprozess kann nicht initialisiert werden. Der Vorgang wird abgebrochen.
Details:
Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben. (HRESULT : 0x800705b4) (0x800705b4)
System errors:
=============
Error: (12/30/2012 06:32:30 PM) (Source: Schannel) (EventID: 4113) (User: HASSANEIN-THINK)
Description: Das vom Remoteserver empfangene Zertifikat ist abgelaufen. Fehler bei der SSL-Verbindungsanforderung. Die angefügten Daten enthalten das Serverzertifikat.
Error: (12/30/2012 06:32:30 PM) (Source: Schannel) (EventID: 4120) (User: HASSANEIN-THINK)
Description: Es wurde eine schwerwiegende Warnung generiert: 45. Der interne Fehlerstatus lautet: 552.
Error: (12/30/2012 06:32:18 PM) (Source: Schannel) (EventID: 4113) (User: HASSANEIN-THINK)
Description: Das vom Remoteserver empfangene Zertifikat ist abgelaufen. Fehler bei der SSL-Verbindungsanforderung. Die angefügten Daten enthalten das Serverzertifikat.
Error: (12/30/2012 06:32:18 PM) (Source: Schannel) (EventID: 4120) (User: HASSANEIN-THINK)
Description: Es wurde eine schwerwiegende Warnung generiert: 45. Der interne Fehlerstatus lautet: 552.
Error: (12/30/2012 06:32:10 PM) (Source: Schannel) (EventID: 4113) (User: HASSANEIN-THINK)
Description: Das vom Remoteserver empfangene Zertifikat ist abgelaufen. Fehler bei der SSL-Verbindungsanforderung. Die angefügten Daten enthalten das Serverzertifikat.
Error: (12/30/2012 06:32:10 PM) (Source: Schannel) (EventID: 4120) (User: HASSANEIN-THINK)
Description: Es wurde eine schwerwiegende Warnung generiert: 45. Der interne Fehlerstatus lautet: 552.
Error: (12/30/2012 06:32:04 PM) (Source: Schannel) (EventID: 4113) (User: HASSANEIN-THINK)
Description: Das vom Remoteserver empfangene Zertifikat ist abgelaufen. Fehler bei der SSL-Verbindungsanforderung. Die angefügten Daten enthalten das Serverzertifikat.
Error: (12/30/2012 06:32:04 PM) (Source: Schannel) (EventID: 4120) (User: HASSANEIN-THINK)
Description: Es wurde eine schwerwiegende Warnung generiert: 45. Der interne Fehlerstatus lautet: 552.
Error: (03/31/2015 06:29:23 PM) (Source: DCOM) (EventID: 10016) (User: HASSANEIN-THINK)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}HASSANEIN-THINKGastS-1-5-21-4194908080-3589016638-193389046-501LocalHost (unter Verwendung von LRPC)
Error: (03/31/2015 06:29:23 PM) (Source: DCOM) (EventID: 10016) (User: HASSANEIN-THINK)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}HASSANEIN-THINKGastS-1-5-21-4194908080-3589016638-193389046-501LocalHost (unter Verwendung von LRPC)
Microsoft Office Sessions:
=========================
Error: (12/30/2012 06:26:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/30/2012 05:57:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/31/2015 09:37:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/30/2015 08:38:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/30/2015 03:41:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: QuickControlService.exe1.1.0.3851e5b1b2QuickControlService.exe1.1.0.3851e5b1b2c00000050000eb9ad2801d06aec80efc12fC:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exeC:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe7e7aa939-d6e2-11e4-a57c-7c7a916bf5d9
Error: (03/30/2015 03:21:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/30/2015 03:17:12 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description:
Details:
Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben. (HRESULT : 0x800705b4) (0x800705b4)
Error: (03/30/2015 03:13:10 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description:
Details:
Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben. (HRESULT : 0x800705b4) (0x800705b4)
Error: (03/30/2015 03:09:08 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description:
Details:
Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben. (HRESULT : 0x800705b4) (0x800705b4)
Error: (03/30/2015 03:05:06 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description:
Details:
Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben. (HRESULT : 0x800705b4) (0x800705b4)
CodeIntegrity Errors:
===================================
Date: 2014-10-06 10:31:56.359
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-06 10:31:56.297
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-14 16:45:32.112
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-14 16:45:31.993
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-14 16:45:31.854
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-14 16:45:31.694
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-14 16:45:31.575
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-14 16:45:31.444
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-14 16:45:31.332
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-14 16:45:31.204
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz
Percentage of memory in use: 67%
Total physical RAM: 3816.56 MB
Available physical RAM: 1222.94 MB
Total Pagefile: 7631.31 MB
Available Pagefile: 3670.44 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (Windows7_OS) (Fixed) (Total:347.6 GB) (Free:259.22 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Win XP) (Fixed) (Total:101.75 GB) (Free:100.7 GB) NTFS
Drive q: (Lenovo_Recovery) (Fixed) (Total:14.94 GB) (Free:3.63 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: F1860EA5)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=347.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=101.8 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.9 GB) - (Type=07 NTFS)
==================== End Of Log ============================ --- --- --- |