FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by (administrator) on on 24-07-2015 08:48:12
Running from C:\Users\\Desktop
Loaded Profiles: (Available Profiles: & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Egis Technology Inc. ) C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\Anna-Lena\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Egis Technology Inc. ) C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Microsoft Corporation) C:\Windows\System32\CompatTel\wicainventory.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11772520 2011-01-04] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2588968 2011-02-14] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9768352 2012-08-07] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5940128 2012-08-07] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2012-08-07] (Lenovo)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [PLTSR] => C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe [364400 2010-10-22] (Egis Technology Inc. )
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-07-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-06-02] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1802212578-255997734-2052238036-1000\...\Run: [Dropbox Update] => C:\Users\Anna-Lena\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-24] (Dropbox, Inc.)
HKU\S-1-5-21-1802212578-255997734-2052238036-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-1802212578-255997734-2052238036-1000\...\Run: [Spotify Web Helper] => C:\Users\Anna-Lena\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2015-07-23] (Spotify Ltd)
Lsa: [Notification Packages] scecli EgisPLPwdFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2015-04-26]
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anna-Lena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anna-Lena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anna-Lena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anna-Lena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anna-Lena\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anna-Lena\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anna-Lena\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1802212578-255997734-2052238036-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COSP&ptag=D070915-A510D0E105D5B4CC49CF&form=CONMHP&conlogo=CT3330941
HKU\S-1-5-21-1802212578-255997734-2052238036-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-1802212578-255997734-2052238036-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1802212578-255997734-2052238036-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN
SearchScopes: HKU\S-1-5-21-1802212578-255997734-2052238036-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D070915-A510D0E105D5B4CC49CF&form=CONBDF&conlogo=CT3330941&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1802212578-255997734-2052238036-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-17] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-17] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{757260EF-B8B7-4449-96E3-CB2AAC2FBE3D}: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Anna-Lena\AppData\Roaming\Mozilla\Firefox\Profiles\rxrro9y2.default
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-17] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Anna-Lena\AppData\Roaming\Mozilla\Firefox\Profiles\rxrro9y2.default\Extensions\abs@avira.com [2015-07-03]
FF Extension: Ghostery - C:\Users\Anna-Lena\AppData\Roaming\Mozilla\Firefox\Profiles\rxrro9y2.default\Extensions\firefox@ghostery.com.xpi [2014-12-22]
FF Extension: NoScript - C:\Users\Anna-Lena\AppData\Roaming\Mozilla\Firefox\Profiles\rxrro9y2.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-01-08]
FF Extension: Adblock Plus - C:\Users\Anna-Lena\AppData\Roaming\Mozilla\Firefox\Profiles\rxrro9y2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-01-08]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-07-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-07-23] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1212048 2015-07-23] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [217280 2015-06-02] (Avira Operations GmbH & Co. KG)
R2 EgisTec Service Help; C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe [327024 2010-10-22] (Egis Technology Inc. )
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2015-01-05] (AVM Berlin)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG)
R3 CVPNDRVA; C:\windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
S3 FsUsbExDisk; C:\windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-04-18] () [File not signed]
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 S6000KNT; C:\Windows\System32\Drivers\S6000KNT.sys [3293272 2010-12-23] (Windows (R) Win 7 DDK provider)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [File not signed]
U3 BcmSqlStartupSvc; No ImagePath
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
U2 DriverService; No ImagePath
U2 IAStorDataMgrSvc; No ImagePath
U2 iATAgentService; No ImagePath
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
U2 nvUpdatusService; No ImagePath
U2 Oasis2Service; No ImagePath
U2 PCCarerService; No ImagePath
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U2 RtLedService; No ImagePath
U2 SoftwareService; No ImagePath
U3 SQLWriter; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-24 08:48 - 2015-07-24 08:48 - 00016022 _____ C:\Users\Anna-Lena\Desktop\FRST.txt
2015-07-24 08:48 - 2015-07-24 08:48 - 00000000 ____D C:\FRST
2015-07-24 08:46 - 2015-07-24 08:46 - 02135552 _____ (Farbar) C:\Users\Anna-Lena\Desktop\FRST64.exe
2015-07-23 19:53 - 2015-07-23 19:53 - 00001208 _____ C:\Users\Anna-Lena\Desktop\mbm.txt
2015-07-23 11:18 - 2015-07-23 11:19 - 00000000 ____D C:\Users\Anna-Lena\AppData\Local\{0110E623-46A6-488C-9750-E2B5E40659E0}
2015-07-21 09:46 - 2015-07-21 09:46 - 00000000 ____D C:\Users\Anna-Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-21 09:38 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-07-21 09:38 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-07-21 09:38 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-07-21 09:38 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-07-21 09:38 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-07-21 09:38 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-07-21 09:38 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-07-21 09:38 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-07-21 09:38 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-07-21 09:38 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-07-20 22:07 - 2015-07-20 22:07 - 00000000 ____D C:\Users\Anna-Lena\AppData\Local\{8FAE1446-253B-4302-B7DC-29643138771F}
2015-07-15 11:24 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-07-15 11:24 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-07-15 11:24 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-07-15 11:24 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-07-15 11:24 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-07-15 11:24 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-07-15 11:24 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-07-15 11:24 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-07-15 11:24 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-07-15 11:24 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-07-15 11:24 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-07-15 11:24 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-07-15 11:24 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-07-15 11:24 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-07-15 11:24 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-07-15 11:24 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-07-15 11:24 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-07-15 11:24 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-07-15 11:24 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-07-15 11:24 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-07-15 11:24 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-07-15 11:24 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-07-15 11:24 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-07-15 11:24 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2015-07-15 11:24 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 11:24 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\windows\system32\cewmdm.dll
2015-07-15 11:24 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\windows\SysWOW64\cewmdm.dll
2015-07-15 11:23 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-07-15 11:23 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-07-15 11:23 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-07-15 11:23 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-07-15 11:23 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-07-15 11:23 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-07-15 11:23 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-07-15 11:23 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-07-15 11:23 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-07-15 11:23 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-07-15 11:23 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-07-15 11:23 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-07-15 11:20 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-07-15 11:20 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-07-15 11:20 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-07-15 11:20 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-07-15 11:20 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-07-15 11:20 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-07-15 11:20 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-07-15 11:20 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-07-15 11:20 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-07-15 11:20 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-07-15 11:20 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-07-15 11:20 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-07-15 11:20 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-07-15 11:20 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-07-15 11:20 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-07-15 11:20 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 11:20 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-07-15 11:20 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-07-15 11:20 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-07-15 11:20 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-07-15 11:20 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-07-15 11:20 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-07-15 11:20 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-07-15 11:20 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-07-15 11:20 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-07-15 11:20 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-07-15 11:20 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-07-15 11:20 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-07-15 11:20 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-07-15 11:20 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-07-15 11:20 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-07-15 11:20 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-07-15 11:20 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-07-15 11:20 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-07-15 11:20 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-07-15 11:20 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 11:20 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-07-15 11:20 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-07-15 11:20 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-07-15 11:20 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-07-15 11:20 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-07-15 11:20 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-07-15 11:20 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-07-15 11:20 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-07-15 11:15 - 2015-07-09 19:59 - 00017856 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-07-15 11:15 - 2015-07-09 19:58 - 01085440 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-07-15 11:15 - 2015-07-09 19:58 - 00765440 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-07-15 11:15 - 2015-07-09 19:58 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-07-15 11:15 - 2015-07-09 19:58 - 00433664 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-07-15 11:15 - 2015-07-09 19:58 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-07-15 11:15 - 2015-07-09 19:58 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-07-15 11:15 - 2015-07-09 19:50 - 01145856 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-07-15 11:15 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2015-07-15 11:15 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2015-07-15 11:15 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-07-15 11:15 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-07-15 11:15 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-07-15 11:15 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-07-15 11:15 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-07-15 11:15 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-07-15 11:15 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-07-15 11:15 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-07-15 11:15 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-07-15 11:15 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-07-15 11:15 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-07-15 11:15 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-07-15 11:15 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-07-15 11:15 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-07-15 11:15 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-07-15 11:15 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-07-15 11:15 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-07-15 11:15 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-07-15 11:15 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-07-15 11:15 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-07-15 11:15 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-07-15 11:15 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-07-15 11:15 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-07-15 11:15 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-07-15 11:15 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-07-15 11:15 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-07-15 11:15 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2015-07-15 11:15 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-07-15 11:15 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-07-15 11:15 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2015-07-15 11:15 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-07-15 11:15 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-07-15 11:15 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-07-15 11:15 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-07-15 11:15 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-07-15 11:15 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-07-15 11:15 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-07-15 11:15 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-07-15 11:15 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2015-07-15 11:15 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2015-07-15 11:15 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-07-15 11:15 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2015-07-15 11:15 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2015-07-15 11:15 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2015-07-15 11:15 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2015-07-15 11:15 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2015-07-15 11:15 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2015-07-15 11:15 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2015-07-15 11:15 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2015-07-15 11:15 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2015-07-15 11:15 - 2015-06-11 19:57 - 06131200 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-07-15 11:15 - 2015-06-11 19:57 - 00856064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2015-07-15 11:15 - 2015-06-11 19:57 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2015-07-15 11:15 - 2015-06-11 19:56 - 07077376 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-07-15 11:15 - 2015-06-11 19:56 - 01057792 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-07-15 11:15 - 2015-06-11 19:56 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-07-15 11:15 - 2015-06-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2015-07-14 08:48 - 2015-07-14 08:48 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-14 08:48 - 2015-07-14 08:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-14 08:47 - 2015-07-14 08:48 - 00000000 ____D C:\Program Files\iTunes
2015-07-14 08:47 - 2015-07-14 08:47 - 00000000 ____D C:\Program Files\iPod
2015-07-09 21:02 - 2015-07-09 21:02 - 00002800 _____ C:\windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-07-09 21:02 - 2015-07-09 21:02 - 00002800 _____ C:\windows\system32\LavasoftTcpServiceOff.ini
2015-07-09 21:02 - 2015-06-08 14:13 - 00428880 _____ (Lavasoft Limited) C:\windows\system32\LavasoftTcpService64.dll
2015-07-09 21:02 - 2015-06-08 14:13 - 00348488 _____ (Lavasoft Limited) C:\windows\SysWOW64\LavasoftTcpService.dll
2015-07-09 21:01 - 2015-07-09 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-07-08 12:05 - 2015-07-08 15:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-25 19:46 - 2015-06-25 19:47 - 00000000 ____D C:\Users\Anna-Lena\AppData\Local\{6D8EA790-D77D-441C-A4AF-1B7065549698}
2015-06-25 19:40 - 2015-06-25 19:40 - 00000000 ____D C:\Users\Anna-Lena\AppData\Local\{532D9446-EFE5-41CA-A15E-704B62EDC557}
2015-06-25 19:40 - 2015-06-25 19:40 - 00000000 ____D C:\Users\Anna-Lena\AppData\Local\{43E0E8C6-CDA9-41A3-942F-0744B7DD1F94}
2015-06-25 19:39 - 2015-06-25 19:39 - 00000000 ____D C:\Users\Anna-Lena\AppData\Local\{5AA57DFB-AFA3-4F6F-847B-B9D62C557A16}
2015-06-24 18:26 - 2015-07-23 21:39 - 00001240 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1802212578-255997734-2052238036-1000UA.job
2015-06-24 18:26 - 2015-07-23 10:39 - 00001188 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1802212578-255997734-2052238036-1000Core.job
2015-06-24 18:26 - 2015-07-20 10:34 - 00004218 _____ C:\windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1802212578-255997734-2052238036-1000UA
2015-06-24 18:26 - 2015-07-20 10:34 - 00003822 _____ C:\windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1802212578-255997734-2052238036-1000Core
2015-06-24 18:26 - 2015-06-24 18:26 - 00000000 ____D C:\Users\Anna-Lena\AppData\Local\Dropbox
2015-06-24 18:26 - 2015-06-24 18:26 - 00000000 ____D C:\ProgramData\Dropbox
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-24 08:48 - 2012-08-07 08:09 - 01513301 _____ C:\windows\WindowsUpdate.log
2015-07-24 08:42 - 2012-08-07 09:11 - 00662251 _____ C:\windows\system32\fastboot.set
2015-07-24 08:42 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-07-24 08:42 - 2009-07-14 06:51 - 00139077 _____ C:\windows\setupact.log
2015-07-23 21:40 - 2009-07-14 06:45 - 00028704 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-23 21:40 - 2009-07-14 06:45 - 00028704 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-23 21:38 - 2013-02-03 13:08 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-07-23 21:36 - 2012-08-07 00:00 - 00703230 _____ C:\windows\system32\perfh007.dat
2015-07-23 21:36 - 2012-08-07 00:00 - 00150838 _____ C:\windows\system32\perfc007.dat
2015-07-23 21:36 - 2009-07-14 07:13 - 01629508 _____ C:\windows\system32\PerfStringBackup.INI
2015-07-23 19:13 - 2014-06-27 12:10 - 00113880 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-23 19:11 - 2014-12-17 19:11 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-23 19:11 - 2014-06-27 12:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-23 19:11 - 2014-06-27 12:10 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-23 19:06 - 2013-03-28 21:46 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2015-07-23 19:06 - 2013-03-28 21:46 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2015-07-23 19:06 - 2013-01-07 20:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-23 09:33 - 2014-05-29 21:34 - 00000000 ____D C:\Users\Anna-Lena\AppData\Local\Spotify
2015-07-23 09:33 - 2014-05-29 21:31 - 00000000 ____D C:\Users\Anna-Lena\AppData\Roaming\Spotify
2015-07-22 17:53 - 2014-09-11 23:15 - 00000302 _____ C:\Users\Anna-Lena\Desktop\Neues Textdokument.txt
2015-07-21 20:42 - 2009-07-14 06:45 - 00410000 _____ C:\windows\system32\FNTCACHE.DAT
2015-07-21 09:47 - 2012-10-27 14:29 - 00000000 ____D C:\Users\Anna-Lena\AppData\Roaming\Dropbox
2015-07-19 14:54 - 2015-05-01 11:16 - 00000000 ____D C:\Users\Anna-Lena\Documents\Mitarbeit KJF Fulda
2015-07-16 13:07 - 2012-10-27 14:30 - 00000000 ___RD C:\Users\Anna-Lena\Documents\Dropbox
2015-07-16 11:33 - 2014-05-06 21:05 - 00000000 ___SD C:\windows\system32\CompatTel
2015-07-15 21:36 - 2012-10-14 20:18 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-15 21:30 - 2013-08-10 18:49 - 00000000 ____D C:\windows\system32\MRT
2015-07-15 18:13 - 2014-10-10 21:06 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-15 11:39 - 2013-02-03 13:08 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 11:39 - 2012-10-14 20:37 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-07-15 11:39 - 2012-10-14 20:37 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-14 18:08 - 2014-12-24 11:20 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-14 08:47 - 2015-05-15 10:00 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-07-14 08:47 - 2014-10-23 20:11 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-14 08:47 - 2013-12-24 20:40 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-14 08:23 - 2015-04-04 23:36 - 00000000 ___SD C:\windows\SysWOW64\GWX
2015-07-14 08:23 - 2015-04-04 23:36 - 00000000 ___SD C:\windows\system32\GWX
2015-07-11 11:44 - 2012-10-14 18:03 - 00000000 ____D C:\Users\Anna-Lena\Documents\Feuerwehr Dittlofrod-Körnbach
2015-07-10 08:54 - 2010-11-21 05:47 - 00526072 _____ C:\windows\PFRO.log
2015-07-09 23:27 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2015-07-08 15:18 - 2012-10-14 18:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-08 15:17 - 2014-12-12 11:31 - 00000000 ____D C:\windows\system32\appraiser
2015-07-07 06:13 - 2014-08-24 17:30 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-07 06:13 - 2013-01-07 20:06 - 00000000 ____D C:\Program Files (x86)\Avira
2015-07-05 21:54 - 2012-10-14 18:03 - 00000000 ____D C:\Users\Anna-Lena\Documents\Formales
2015-07-03 08:43 - 2012-11-07 18:58 - 130333168 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-06-28 12:05 - 2015-04-07 20:46 - 00000000 ____D C:\Users\Anna-Lena\AppData\Local\Windows Live
Some files in TEMP:
====================
C:\Users\Anna-Lena\AppData\Local\Temp\avgnt.exe
C:\Users\Anna-Lena\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5rlbtq.dll
C:\Users\Anna-Lena\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Anna-Lena\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Anna-Lena\AppData\Local\Temp\pdf24-creator-update.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-15 15:17
==================== End of log ============================ --- --- ---
[CODE]Additional
FRST Logfile: Code:
scan result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
Ran by Anna-Lena at 2015-07-24 08:49:12
Running from C:\Users\Anna-Lena\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1802212578-255997734-2052238036-500 - Administrator - Disabled)
Anna-Lena (S-1-5-21-1802212578-255997734-2052238036-1000 - Administrator - Enabled) => C:\Users\Anna-Lena
Gast (S-1-5-21-1802212578-255997734-2052238036-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-1802212578-255997734-2052238036-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Client Installation Program (HKLM-x32\...\{D3694B69-6F8C-42D3-8A0A-EB2AB528C02C}) (Version: 7.0 - Atheros)
Avira (HKLM-x32\...\{8467e01f-0496-42ce-b247-88ef205b4880}) (Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.408 - Avira Operations GmbH & Co. KG)
Benutzerhandbuch (x32 Version: 2.0.0.2 - Lenovo) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-1802212578-255997734-2052238036-1000\...\Dropbox) (Version: 3.6.9 - Dropbox, Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.1.16483 - Landesfinanzdirektion Thüringen)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.8 - Lenovo)
Energy Management (x32 Version: 6.0.2.8 - Lenovo) Hidden
ETDWare PS/2-X64 8.0.4.4_WHQL (HKLM\...\Elantech) (Version: 8.0.4.4 - ELAN Microelectronic Corp.)
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{AF43C18E-693D-4126-B190-8F55E3623D5D}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo EasyCamera (HKLM-x32\...\{FC9B811E-39BC-4813-9E29-B83CCF700010}) (Version: 2.16.23.3 - Alcor)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.2.3 - Lenovo)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.0.3212 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.0.3212 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3521.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.3521.52 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3728 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 3.1.3728 - CyberLink Corp.) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Port Locker (HKLM-x32\...\InstallShield_{A6FEE06D-C7E1-48CB-A9DF-1E317CF83CA4}) (Version: 1.0.5.24 - Egis Technology Inc.)
Port Locker (Version: 1.0.5.24 - Egis Technology Inc.) Hidden
Port Locker (x32 Version: 1.0.5.24 - Egis Technology Inc.) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7303 - CyberLink Corp.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6282 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10008 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.23.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1802212578-255997734-2052238036-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Studie zur Verbesserung von HP Officejet 6500 E710n-z Produkten (HKLM\...\{E8C633FD-8719-448F-9A55-F04CFDD53E67}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 2.0.0.2 - Lenovo)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
VoiceOver Kit (HKLM-x32\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (08/04/2011 6.1.0.1) (HKLM\...\03A1C6133CBCFD1D944CAC45762E2EC5CD524136) (Version: 08/04/2011 6.1.0.1 - Lenovo)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1802212578-255997734-2052238036-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Anna-Lena\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1802212578-255997734-2052238036-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anna-Lena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File
CustomCLSID: HKU\S-1-5-21-1802212578-255997734-2052238036-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anna-Lena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File
CustomCLSID: HKU\S-1-5-21-1802212578-255997734-2052238036-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anna-Lena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File
CustomCLSID: HKU\S-1-5-21-1802212578-255997734-2052238036-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anna-Lena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File
CustomCLSID: HKU\S-1-5-21-1802212578-255997734-2052238036-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anna-Lena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File
CustomCLSID: HKU\S-1-5-21-1802212578-255997734-2052238036-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anna-Lena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File
CustomCLSID: HKU\S-1-5-21-1802212578-255997734-2052238036-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anna-Lena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File
CustomCLSID: HKU\S-1-5-21-1802212578-255997734-2052238036-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anna-Lena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File
==================== Restore Points =========================
05-07-2015 20:33:20 Geplanter Prüfpunkt
08-07-2015 15:15:30 Windows Update
09-07-2015 20:59:57 LavasoftWeCompanion
09-07-2015 21:03:33 LavasoftWeCompanion
14-07-2015 08:22:48 Windows Update
15-07-2015 21:26:01 Windows Update
21-07-2015 12:05:11 Windows Update
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2014-12-22 17:06 - 00000035 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0EF82614-A0F2-4E3B-9591-D6C879431E76} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29] (CyberLink)
Task: {3487B068-A369-444A-9418-0A2AD75DE7BA} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {595C830B-4838-4165-9B5F-D1D013F6F2C0} - System32\Tasks\HPCustParticipation HP Officejet 6500 E710n-z => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {77B0535D-65AD-4CD5-84CE-AB2E470D3C05} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1802212578-255997734-2052238036-1000UA => C:\Users\Anna-Lena\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-24] (Dropbox, Inc.)
Task: {B4AF4BB4-1B17-4704-87CC-15342E20A8AA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {E74BDE3D-C889-4920-A125-36BD922E9F64} - System32\Tasks\{A2A2BB78-5960-4037-86EB-DFD415251C94} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.11.0.102&LastError=404
Task: {F592692A-A3E2-47FE-813F-5580BCF05E9A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F79F2F17-E757-4D8A-AD44-E8A4E572A989} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1802212578-255997734-2052238036-1000Core => C:\Users\Anna-Lena\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-24] (Dropbox, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1802212578-255997734-2052238036-1000Core.job => C:\Users\Anna-Lena\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1802212578-255997734-2052238036-1000UA.job => C:\Users\Anna-Lena\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2010-10-22 16:38 - 2010-10-22 16:38 - 01407344 _____ () C:\Program Files (x86)\EgisTec Port Locker\x64\LIBEAY32.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2008-12-20 05:20 - 2012-08-07 09:09 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2008-12-20 05:20 - 2012-08-07 09:09 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2011-04-15 07:28 - 2011-03-25 11:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-03-23 13:26 - 2010-03-23 13:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Anna-Lena\Desktop\DSC_0519.JPG:com.dropbox.attributes
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1802212578-255997734-2052238036-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1802212578-255997734-2052238036-1000\...\webcompanion.com -> hxxp://webcompanion.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1802212578-255997734-2052238036-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Anna-Lena\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Anna-Lena^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: S6000Mnt => C:\windows\SysWOW64\Rundll32.exe S6000Rmv.dll,WinMainRmv /StartStillMnt
MSCONFIG\startupreg: Spotify => "C:\Users\Anna-Lena\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Anna-Lena\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: UpdateP2GShortCut => "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
MSCONFIG\startupreg: UpdatePRCShortCut => "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
MSCONFIG\startupreg: YouCam Tray => "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{6DC0E446-506C-4326-BDD4-F354343002D3}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{E2D57A70-42EF-4D82-AF02-9D8B31C95DFC}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{BB394F91-96A5-43D2-8125-62949E11BE0E}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{3739298E-8493-4C28-A418-B82892D52F6A}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{11523807-E92A-4B41-8B5D-546FE2F1276A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{6B615827-1F8B-4363-8D76-9FFAEFE2A164}] => (Allow) LPort=2869
FirewallRules: [{D04CE923-248E-423C-9AA9-E65D46760475}] => (Allow) LPort=1900
FirewallRules: [{9155AA3C-1A44-4D00-9785-1956DFB97E4E}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{A3BFB7FC-4409-4B39-8394-EAC9074ECA56}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{798057DD-BC14-4870-AEA0-F9CA2F875A31}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe
FirewallRules: [{8DD5D438-49A9-4BAC-BCA4-B9E9CEFDB1F1}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe
FirewallRules: [{B746CE39-5A25-479D-A633-BB08C3B47A4A}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
FirewallRules: [{6B888A51-0D0C-434B-AE89-1FCD4ABA33BB}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
FirewallRules: [{CD1E0C75-8442-45E0-89E4-B5D021F37532}] => (Allow) C:\Users\Anna-Lena\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{40B4C31D-C222-473F-9C74-61B61DC47475}] => (Allow) C:\Users\Anna-Lena\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{D389E756-30F8-4551-BC55-F830C30109A1}C:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{F0EA9C49-C2EC-4C2F-83D2-A3FFFBA37BC9}C:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe
FirewallRules: [TCP Query User{8E5D9996-FBE7-49CD-8760-EE1C60C8AC0E}C:\users\anna-lena\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\anna-lena\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{03CDCA67-F447-418A-9303-CE891B89263C}C:\users\anna-lena\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\anna-lena\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{112DA170-6454-4AE2-970D-604437C310EB}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{EA8CACAA-52C4-4538-87B0-B41435DCA9E5}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{75ACF49D-58BF-41F0-A23D-96EE747D0AF0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A7AC1769-1BB0-479B-B851-E72B24D5B006}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CB915981-5B9B-47D4-AE18-1A4DB18E07A2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{08146A3B-A535-4425-9838-39D83456BF30}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{074054B2-72DC-433A-91BA-9977DA26F583}C:\users\anna-lena\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\anna-lena\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{20B66CC2-A71F-4BF4-B189-0CF584241968}C:\users\anna-lena\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\anna-lena\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{C7BCA460-2067-4875-AB00-8F053BAEAAA7}C:\users\anna-lena\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\anna-lena\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6505C66F-4F39-4982-A464-E9ABB73F0EE5}C:\users\anna-lena\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\anna-lena\appdata\roaming\spotify\spotify.exe
FirewallRules: [{6C54AA57-34E5-4AF6-B8F0-D3A83227F3F0}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{714F3255-ADCC-46B2-B5EB-2F87F357ED7D}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{1CA132F7-05F3-4EEE-B7E3-B8A3EADADC79}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{10C2C44B-4921-441A-9B22-3DB37065C796}] => (Allow) C:\Users\Anna-Lena\AppData\Local\Apps\2.0\PYC21BDV.3V9\1Q7D9MNM.Z2P\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
FirewallRules: [{C9CC2FA4-CEEE-4E74-8462-51051C10CA9F}] => (Allow) C:\Users\Anna-Lena\AppData\Local\Apps\2.0\PYC21BDV.3V9\1Q7D9MNM.Z2P\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
FirewallRules: [TCP Query User{610052CB-859B-46E8-B2EF-4B0BFB4D4184}C:\users\anna-lena\appdata\local\apps\2.0\pyc21bdv.3v9\1q7d9mnm.z2p\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe] => (Allow) C:\users\anna-lena\appdata\local\apps\2.0\pyc21bdv.3v9\1q7d9mnm.z2p\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
FirewallRules: [UDP Query User{FDE96AA7-C45A-49D1-B47F-A972384368F4}C:\users\anna-lena\appdata\local\apps\2.0\pyc21bdv.3v9\1q7d9mnm.z2p\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe] => (Allow) C:\users\anna-lena\appdata\local\apps\2.0\pyc21bdv.3v9\1q7d9mnm.z2p\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
FirewallRules: [{2912DBB0-78A6-4A07-B686-DB0BF81A54FA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FCD637AD-BBD4-4AA6-A137-D0E5AC51AB23}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4A5FD02A-991E-4ED4-992A-12C571A6115B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{7EF974CB-4CA9-490C-9A0F-B5D9FDBF98B0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{4558EA29-6DA3-413E-B67B-77204BB4C2BB}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Faulty Device Manager Devices =============
Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/24/2015 08:43:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/23/2015 08:19:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/22/2015 05:10:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3042
Error: (07/22/2015 05:10:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3042
Error: (07/22/2015 05:10:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/22/2015 05:10:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2044
Error: (07/22/2015 05:10:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2044
Error: (07/22/2015 05:10:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/22/2015 05:10:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1045
Error: (07/22/2015 05:10:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1045
System errors:
=============
Error: (07/16/2015 11:37:56 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
%%13
Error: (07/16/2015 11:37:52 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x8007045b
Error: (07/15/2015 09:26:19 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (07/14/2015 07:50:43 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst lmhosts erreicht.
Error: (07/14/2015 08:51:30 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {16D99191-6280-4B33-A2F5-04805A0FC582}
Error: (07/12/2015 05:33:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (07/12/2015 05:33:10 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MBAMService erreicht.
Error: (07/10/2015 04:56:33 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy5" den Befehl "chkdsk" aus.
Error: (07/09/2015 09:04:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LavasoftTcpService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (07/09/2015 09:04:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst LavasoftTcpService erreicht.
Microsoft Office:
=========================
Error: (03/06/2013 07:25:11 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 111 seconds with 0 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2013-04-25 14:51:46.514
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-25 14:51:46.481
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-25 14:51:43.980
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-25 14:51:43.938
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-25 14:51:41.691
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-25 14:51:41.661
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-25 14:51:39.607
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-25 14:51:39.576
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-25 14:51:37.485
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-25 14:51:37.454
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2330M CPU @ 2.20GHz
Percentage of memory in use: 52%
Total physical RAM: 4010.14 MB
Available physical RAM: 1918.42 MB
Total Virtual: 8018.49 MB
Available Virtual: 5756.34 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:421.81 GB) (Free:355.77 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:26.88 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 2518DE65)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=421.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)
==================== End of log ============================ --- --- --- |