ich korrigiere... es funktioniert xD
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:11-07-2015
Ran by Celine (administrator) on LENOVO-PC on 12-07-2015 16:24:25
Running from C:\Users\Celine\Desktop
Loaded Profiles: Celine (Available Profiles: Celine)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [903384 2013-07-24] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2013-07-19] (Realtek semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2780400 2013-09-13] (Synaptics Incorporated)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111056 2013-12-20] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2013-12-20] (Lenovo(beijing) Limited)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [Lenovo App Shop] => C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\ismagent.exe [156000 2013-07-19] (Intel Corporation)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-07-12] (Avast Software s.r.o.)
HKLM-x32\...\Run: [mbot_de_195] => [X]
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKU\S-1-5-21-57172400-1432429731-576863915-1002\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-57172400-1432429731-576863915-1002\...\Run: [PriceMeterW] => "C:\Users\Celine\AppData\Local\PriceMeter\pricemeterw.exe"
HKU\S-1-5-21-57172400-1432429731-576863915-1002\...\RunOnce: [Application Restart #2] => C:\Users\Celine\AppData\Local\Pokki\Engine\HostAppService.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-cl (the data entry has 551 more characters).
HKU\S-1-5-21-57172400-1432429731-576863915-1002\...\MountPoints2: {2fbf9484-e800-11e3-825f-342387e76392} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-57172400-1432429731-576863915-1002\...\MountPoints2: {e91f051d-5501-11e4-8268-342387e76392} - "F:\HTC_Sync_Manager_PC.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-12-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-12] (Avast Software s.r.o.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.search.yahoo.com/?fr=hp-ddc-bd&type=bl-bir-sw__alt__ddc_dsssyc_bd_com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1414278339&from=tugs&uid=ST500LT012-9WS142_W0VJ3A8CXXXXW0VJ3A8C&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://isearch.omiga-plus.com/?type=hp&ts=1414278339&from=tugs&uid=ST500LT012-9WS142_W0VJ3A8CXXXXW0VJ3A8C
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1414278339&from=tugs&uid=ST500LT012-9WS142_W0VJ3A8CXXXXW0VJ3A8C&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-57172400-1432429731-576863915-1002\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-57172400-1432429731-576863915-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.search.yahoo.com/?fr=hp-ddc-bd&type=bl-bir-sw__alt__ddc_dsssyc_bd_com
HKU\S-1-5-21-57172400-1432429731-576863915-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-57172400-1432429731-576863915-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM -> OldSearch URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1414278339&from=tugs&uid=ST500LT012-9WS142_W0VJ3A8CXXXXW0VJ3A8C&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-57172400-1432429731-576863915-1002 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://de.search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-sw__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKU\S-1-5-21-57172400-1432429731-576863915-1002 -> OldSearch URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-57172400-1432429731-576863915-1002 -> {34AEEFF3-2325-11E5-827F-342387E76392} URL = hxxp://search.homepage-web.com/?src=omnibox&partner=lenovo&q={searchTerms}
SearchScopes: HKU\S-1-5-21-57172400-1432429731-576863915-1002 -> {74D3C5E3-2CE7-401A-BEE6-BC49347D0FEE} URL =
SearchScopes: HKU\S-1-5-21-57172400-1432429731-576863915-1002 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = https://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-57172400-1432429731-576863915-1002 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-57172400-1432429731-576863915-1002 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = https://de.search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10048_swoc_campaign_150201__yaie&p={searchTerms}
SearchScopes: HKU\S-1-5-21-57172400-1432429731-576863915-1002 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://de.search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-sw__alt__ddc_dss_bd_com&p={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-12] (Avast Software s.r.o.)
BHO-x32: No Name -> {30c85a3d-1d96-4589-b63f-91fb7ef45a41} -> No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-12] (Avast Software s.r.o.)
Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\LavasoftTcpService.dll [332216 2015-02-01] (Lavasoft Limited)
Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\LavasoftTcpService.dll [332216 2015-02-01] (Lavasoft Limited)
Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\LavasoftTcpService.dll [332216 2015-02-01] (Lavasoft Limited)
Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\LavasoftTcpService.dll [332216 2015-02-01] (Lavasoft Limited)
Winsock: Catalog9 16 C:\WINDOWS\SysWOW64\LavasoftTcpService.dll [332216 2015-02-01] (Lavasoft Limited)
Winsock: Catalog9-x64 01 C:\WINDOWS\system32\LavasoftTcpService64.dll [378832 2015-02-01] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\WINDOWS\system32\LavasoftTcpService64.dll [378832 2015-02-01] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\WINDOWS\system32\LavasoftTcpService64.dll [378832 2015-02-01] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\WINDOWS\system32\LavasoftTcpService64.dll [378832 2015-02-01] (Lavasoft Limited)
Winsock: Catalog9-x64 16 C:\WINDOWS\system32\LavasoftTcpService64.dll [378832 2015-02-01] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{4D244A48-0ADA-4EE2-B075-248885EBCEBF}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{68CEDC4C-DA7D-4689-8E51-09B2EEA6E01C}: [DhcpNameServer] 169.254.74.75
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://isearch.omiga-plus.com/?type=sc&ts=1414278339&from=tugs&uid=ST500LT012-9WS142_W0VJ3A8CXXXXW0VJ3A8C
FireFox:
========
FF ProfilePath: C:\Users\Celine\AppData\Roaming\Mozilla\Firefox\Profiles\xvcht4yu.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: Yahoo Search!
FF DefaultSearchUrl: https://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Yahoo Search!
FF Homepage: hxxp://www.google.de/
FF Keyword.URL: hxxp://de.search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bfr-sw__alt__ddc_dss_bd_com&p={searchTerms}
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll [2015-07-12] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-12] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2013-08-17] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-07-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-07-12] (Google Inc.)
FF Plugin-x32: @tools.updatepm.com/PriceMeterLiveUpdate Update;version=3 -> C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.updatepm.com/PriceMeterLiveUpdate Update;version=9 -> C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-57172400-1432429731-576863915-1002: intel.com/AppUp -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp.dll [2013-07-19] (Intel)
FF Plugin HKU\S-1-5-21-57172400-1432429731-576863915-1002: intel.com/AppUpx64 -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll [2013-07-19] (Intel)
FF Extension: Avira Browser Safety - C:\Users\Celine\AppData\Roaming\Mozilla\Firefox\Profiles\xvcht4yu.default\Extensions\abs@avira.com [2015-07-12]
FF Extension: WEB.DE MailCheck - C:\Users\Celine\AppData\Roaming\Mozilla\Firefox\Profiles\xvcht4yu.default\Extensions\toolbar@web.de [2014-12-18]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-25]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Celine\AppData\Roaming\Mozilla\Firefox\Profiles\xvcht4yu.default\extensions\faststartff@gmail.com
Chrome:
=======
CHR Profile: C:\Users\Celine\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\Celine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-12]
CHR Extension: (Google Drive) - C:\Users\Celine\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-12]
CHR Extension: (YouTube) - C:\Users\Celine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-12]
CHR Extension: (Google Search) - C:\Users\Celine\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-12]
CHR Extension: (Google Sheets) - C:\Users\Celine\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-12]
CHR Extension: (Avast Online Security) - C:\Users\Celine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-07-12]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Celine\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-12]
CHR Extension: (Gmail) - C:\Users\Celine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-12]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-12]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-07-12] (Avast Software s.r.o.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-08-08] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [976600 2013-09-04] (Broadcom Corporation.)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272440 2015-03-09] (Lenovo)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-08-17] (Nitro PDF Software)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-12-20] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17504 2013-02-07] (Advanced Micro Devices, INC.)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-07-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-07-12] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-12] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-07-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-07-12] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-12] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-07-12] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-07-12] ()
S4 avgntflt; No ImagePath
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-08-08] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7488176 2013-09-29] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated) [File not signed]
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8247640 2013-07-19] (Realtek Semiconductor Corp.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-12 16:24 - 2015-07-12 16:25 - 00019959 _____ C:\Users\Celine\Desktop\FRST.txt
2015-07-12 16:24 - 2015-07-12 16:24 - 00000000 ____D C:\FRST
2015-07-12 16:23 - 2015-07-12 16:23 - 02130944 _____ (Farbar) C:\Users\Celine\Desktop\FRST64.exe
2015-07-12 16:19 - 2015-07-12 16:19 - 00000000 _____ C:\ProgramData\rebootpending.txt
2015-07-12 16:18 - 2015-07-12 16:18 - 00000000 ____D C:\Users\Celine\AppData\Local\Lenovo
2015-07-12 15:16 - 2015-07-12 16:18 - 00000000 ____D C:\ProgramData\Avira
2015-07-12 15:16 - 2015-07-12 15:58 - 00000000 ____D C:\Program Files (x86)\Avira
2015-07-12 13:19 - 2015-07-12 13:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-12 13:18 - 2015-07-12 15:48 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-12 13:18 - 2015-07-12 13:43 - 00004110 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-12 13:18 - 2015-07-12 13:43 - 00003874 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-12 13:18 - 2015-07-12 13:43 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-12 12:34 - 2015-07-12 12:34 - 00001831 _____ C:\Users\Public\Desktop\Canon My Printer.lnk
2015-07-12 12:34 - 2015-07-12 12:34 - 00000000 ____D C:\Program Files\Canon
2015-07-12 11:53 - 2015-07-12 11:53 - 00002018 _____ C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2015-07-12 11:36 - 2015-07-12 11:36 - 00059532 _____ C:\WINDOWS\SysWOW64\CCCInstall_201507121136235927.log
2015-07-12 09:50 - 2015-07-12 09:50 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-07-12 09:50 - 2015-07-12 09:50 - 00002078 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-07-12 09:36 - 2015-07-12 09:36 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-07-12 09:35 - 2015-07-12 09:35 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
2015-07-11 18:06 - 2015-07-11 18:06 - 00242928 _____ C:\Users\Celine\Downloads\Firefox Setup Stub 39.0.exe
2015-06-28 09:37 - 2015-06-28 09:37 - 00002032 _____ C:\Users\Public\Desktop\Canon IJ Network Tool.lnk
2015-06-28 09:37 - 2015-06-28 09:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series
2015-06-28 09:36 - 2011-03-31 10:07 - 00114688 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC_ATU.dll
2015-06-28 09:36 - 2011-03-30 12:54 - 00323584 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC_ATL.dll
2015-06-28 09:36 - 2010-11-12 11:13 - 00068096 _____ C:\WINDOWS\SysWOW64\CNC1754D.TBL
2015-06-28 09:36 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNHMCA.dll
2015-06-28 09:29 - 2015-06-28 09:29 - 03550352 _____ C:\Users\Celine\Downloads\treiber-Canon-PIXMAMG5350-windows.exe
2015-06-20 13:19 - 2015-07-12 12:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-06-20 13:19 - 2015-06-20 13:19 - 00000000 ____D C:\ProgramData\Canon IJ Network Tool
2015-06-20 13:18 - 2015-06-20 13:18 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2015-06-20 13:16 - 2015-06-20 13:16 - 00000000 ___HD C:\Program Files\CanonBJ
2015-06-20 13:16 - 2015-06-20 13:16 - 00000000 ____D C:\WINDOWS\system32\STRING
2015-06-20 13:16 - 2012-06-14 17:18 - 00366592 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNMNPPM.DLL
2015-06-20 13:16 - 2012-06-14 17:18 - 00359936 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6PPM.DLL
2015-06-20 13:16 - 2012-06-14 17:18 - 00039424 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6UI.DLL
2015-06-20 13:15 - 2015-07-12 12:34 - 00000000 ____D C:\Program Files (x86)\Canon
2015-06-18 16:52 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-18 16:52 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-18 16:52 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-18 16:52 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-18 16:52 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-18 16:52 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-18 16:52 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-18 16:52 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-18 16:52 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-18 16:52 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-18 16:52 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-18 16:52 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-18 16:52 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-18 16:51 - 2015-04-16 08:17 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-18 16:51 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-18 16:51 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-18 16:51 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-18 16:51 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-18 16:51 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-18 16:51 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-18 16:51 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-18 16:51 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-18 16:51 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-18 16:51 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-18 16:51 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-18 16:51 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-18 16:51 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-18 16:51 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-18 16:51 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-18 16:51 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-18 16:51 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-18 16:51 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-18 16:51 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-18 16:51 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-18 16:51 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-18 16:51 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-18 16:51 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-18 16:51 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-14 16:22 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-14 16:22 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-14 16:21 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-14 16:21 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-14 16:21 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-14 16:21 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-14 16:21 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-14 16:21 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-14 16:21 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-14 16:21 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-14 16:21 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-14 16:21 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-14 16:21 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-14 16:21 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-14 16:21 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-14 16:20 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-14 16:20 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-14 16:20 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-14 16:20 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-14 16:20 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-14 16:20 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-14 16:20 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-14 16:20 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-14 16:20 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-14 16:20 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-14 16:20 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-14 16:20 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-14 16:20 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-14 16:20 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-14 16:20 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-14 16:20 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-14 16:20 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-14 16:20 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-14 16:20 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-14 16:20 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-14 16:20 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-14 16:20 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-14 16:20 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-14 16:20 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-14 16:20 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-14 16:20 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-14 16:20 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-14 16:19 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-14 13:02 - 2015-07-12 09:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-12 16:24 - 2014-03-08 21:57 - 00003592 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-57172400-1432429731-576863915-1002
2015-07-12 16:15 - 2013-12-20 07:43 - 01962869 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-12 16:15 - 2013-08-22 16:46 - 00069234 _____ C:\WINDOWS\setupact.log
2015-07-12 16:06 - 2014-03-09 10:21 - 00000000 __RDO C:\Users\Celine\SkyDrive
2015-07-12 16:05 - 2013-12-20 07:43 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-12 16:04 - 2014-10-08 12:29 - 00000982 _____ C:\WINDOWS\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job
2015-07-12 16:04 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-07-12 16:01 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-12 16:00 - 2013-10-07 20:23 - 00455458 _____ C:\WINDOWS\PFRO.log
2015-07-12 15:59 - 2014-03-08 21:51 - 00000000 ____D C:\Users\Celine
2015-07-12 15:59 - 2013-12-20 08:34 - 00004608 _____ C:\WINDOWS\system32\VfService.trf
2015-07-12 15:59 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-07-12 15:48 - 2014-08-25 12:19 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-07-12 15:35 - 2014-10-08 12:29 - 00000986 _____ C:\WINDOWS\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job
2015-07-12 14:53 - 2013-12-20 16:19 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2015-07-12 14:53 - 2013-12-20 16:19 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2015-07-12 14:53 - 2013-10-07 20:27 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-12 14:51 - 2014-03-08 22:52 - 00003938 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{544305EA-AF78-45E1-AC15-3ABC6BC582D7}
2015-07-12 13:35 - 2014-05-25 10:12 - 00000000 ____D C:\Users\Celine\AppData\Local\Google
2015-07-12 13:27 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-07-12 13:18 - 2014-05-25 10:12 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-12 13:15 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-07-12 12:03 - 2013-12-20 07:30 - 00057684 _____ C:\WINDOWS\DPINST.LOG
2015-07-12 11:54 - 2014-03-08 22:56 - 00000000 ____D C:\Users\Celine\AppData\Roaming\LSC
2015-07-12 11:53 - 2013-12-20 08:23 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2015-07-12 11:53 - 2013-12-20 07:54 - 00000000 ____D C:\Program Files (x86)\Lenovo
2015-07-12 11:53 - 2013-12-20 07:41 - 00000000 ____D C:\Program Files\Lenovo
2015-07-12 11:51 - 2014-03-08 23:01 - 00000000 ____D C:\Users\Celine\AppData\Roaming\Nitro PDF
2015-07-12 11:51 - 2013-12-20 08:22 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2015-07-12 09:52 - 2015-01-26 19:58 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-07-12 09:52 - 2014-08-25 12:33 - 00000000 ____D C:\Users\Celine\AppData\Local\Adobe
2015-07-12 09:49 - 2013-12-20 08:22 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-12 09:48 - 2013-12-20 08:22 - 00000000 ____D C:\ProgramData\Adobe
2015-07-12 09:39 - 2014-08-25 12:19 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-07-12 09:38 - 2014-08-25 10:58 - 00003924 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-07-12 09:38 - 2014-08-25 10:56 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-07-12 09:36 - 2014-08-25 10:56 - 00272248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-07-12 09:36 - 2014-08-25 10:56 - 00137288 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-07-12 09:36 - 2014-08-25 10:56 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-07-12 09:36 - 2014-08-25 10:56 - 00089944 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-07-12 09:36 - 2014-08-25 10:56 - 00065736 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-07-12 09:36 - 2014-08-25 10:56 - 00029168 _____ C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-07-12 09:34 - 2014-08-25 10:56 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-07-12 09:28 - 2014-10-08 12:28 - 00000316 _____ C:\WINDOWS\Tasks\PriceMeterUpdater.job
2015-07-12 09:26 - 2015-02-10 19:44 - 00000000 __SHD C:\Users\Celine\AppData\Local\EmieBrowserModeList
2015-07-12 09:26 - 2014-05-06 16:35 - 00000000 __SHD C:\Users\Celine\AppData\Local\EmieUserList
2015-07-12 09:26 - 2014-05-06 16:35 - 00000000 __SHD C:\Users\Celine\AppData\Local\EmieSiteList
2015-07-12 09:19 - 2014-08-25 10:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-12 09:18 - 2014-12-14 15:19 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-07-12 09:18 - 2014-08-25 11:45 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-07-12 09:18 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-07-12 09:15 - 2013-08-22 17:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-07-12 08:56 - 2014-10-16 09:28 - 00000085 _____ C:\Users\Celine\AppData\Roaming\WB.CFG
2015-07-12 00:21 - 2014-11-25 23:54 - 00000000 ____D C:\Users\Celine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth
2015-07-12 00:21 - 2013-12-20 07:44 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2015-07-11 18:29 - 2014-03-10 22:16 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-07-11 18:17 - 2014-03-10 22:16 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-07-11 18:11 - 2014-08-25 10:40 - 00001178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-11 18:11 - 2014-08-25 10:40 - 00001166 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-06 23:24 - 2015-05-07 13:25 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-07-06 23:24 - 2015-05-07 13:25 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-05 12:08 - 2014-03-24 19:37 - 00300704 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-06-28 09:36 - 2013-08-22 17:36 - 00000000 __RSD C:\WINDOWS\Media
2015-06-27 12:45 - 2013-08-22 16:44 - 00371584 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-27 12:40 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-18 19:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
==================== Files in the root of some directories =======
2014-10-16 09:28 - 2015-07-12 08:56 - 0000085 _____ () C:\Users\Celine\AppData\Roaming\WB.CFG
2015-02-01 13:34 - 2015-02-01 13:34 - 0000000 _____ () C:\Users\Celine\AppData\Local\{AFBD2FC1-43C2-458E-A2DD-78C92AEF5E2F}
2013-12-20 07:48 - 2013-12-20 07:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-07-12 16:19 - 2015-07-12 16:19 - 0000000 _____ () C:\ProgramData\rebootpending.txt
Some files in TEMP:
====================
C:\Users\Celine\AppData\Local\Temp\AMDCleanupUtility.exe
C:\Users\Celine\AppData\Local\Temp\avgnt.exe
C:\Users\Celine\AppData\Local\Temp\BackupSetup.exe
C:\Users\Celine\AppData\Local\Temp\Cleanup.dll
C:\Users\Celine\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Celine\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Celine\AppData\Local\Temp\EAD56AF.exe
C:\Users\Celine\AppData\Local\Temp\EAD72E1.exe
C:\Users\Celine\AppData\Local\Temp\FreeStudio.exe
C:\Users\Celine\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\Celine\AppData\Local\Temp\mpam-82678dd6.exe
C:\Users\Celine\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Celine\AppData\Local\Temp\msvcm80.dll
C:\Users\Celine\AppData\Local\Temp\msvcp80.dll
C:\Users\Celine\AppData\Local\Temp\msvcr80.dll
C:\Users\Celine\AppData\Local\Temp\oct206E.tmp.exe
C:\Users\Celine\AppData\Local\Temp\oct4522.tmp.exe
C:\Users\Celine\AppData\Local\Temp\oct506F.tmp.exe
C:\Users\Celine\AppData\Local\Temp\oct7CE9.tmp.exe
C:\Users\Celine\AppData\Local\Temp\PriceMeterUpdateVer.exe
C:\Users\Celine\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Celine\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Celine\AppData\Local\Temp\SpOrder.dll
C:\Users\Celine\AppData\Local\Temp\tmd_34012950.exe
C:\Users\Celine\AppData\Local\Temp\tmd_34013166.exe
C:\Users\Celine\AppData\Local\Temp\uninstall.exe
C:\Users\Celine\AppData\Local\Temp\UninstallEADM.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-21 11:02
==================== End of log ============================
--- --- ---
[/CODE]
FRST Additions Logfile:
[CODE]Additional
FRST Logfile: Code:
scan result of Farbar Recovery Scan Tool (x64) Version:11-07-2015
Ran by Celine at 2015-07-12 16:27:35
Running from C:\Users\Celine\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-57172400-1432429731-576863915-500 - Administrator - Disabled)
Celine (S-1-5-21-57172400-1432429731-576863915-1002 - Administrator - Enabled) => C:\Users\Celine
Gast (S-1-5-21-57172400-1432429731-576863915-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Ad-Aware Web Companion (x32 Version: 1.1.862.1653 - Lavasoft) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.203 - Adobe Systems Incorporated)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.4.4.2 - AppEx Networks)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Benutzerhandbuch (x32 Version: 1.0.0.17 - Lenovo) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Buzzdock (HKLM-x32\...\{cfd32d46-7d3f-483f-bace-7172aec5592d}) (Version: - Alactro LLC) <==== ATTENTION
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.3.53 - Conexant)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.14 - Lenovo)
Energy Management (x32 Version: 8.0.2.14 - Lenovo) Hidden
FreeOCR v5.4 (HKLM-x32\...\freeocr_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
LavasoftTcpService (x32 Version: 2.3.1.4 - Lavasoft) Hidden
Lenovo App Shop (HKLM-x32\...\Lenovo App Shop 45246) (Version: 3.10.0.45246.24 - Lenovo)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.7850 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10240 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo Solution Center (HKLM\...\{1CA74803-5CB2-4C03-BDBE-061EDC81CC7F}) (Version: 2.8.004.00 - Lenovo Group Limited)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.223.181 - Lenovo)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.1.2.4000 - Maxthon International Limited)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
Nitro Pro 8 (HKLM\...\{84DAF9F1-513C-49F8-89D2-63CB3F4A7E39}) (Version: 8.5.7.1 - Nitro)
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Ihr Firmenname)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Positive Finds (HKLM-x32\...\Positive Finds) (Version: 2.0.5509.36353 - Positive Finds) <==== ATTENTION!
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.0 - Synaptics Incorporated)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.17 - Lenovo)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-57172400-1432429731-576863915-1002_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-57172400-1432429731-576863915-1002_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll (Intel)
==================== Restore Points =========================
17-05-2015 14:01:08 Windows Update
21-05-2015 07:29:07 Windows Update
25-05-2015 08:27:44 Windows Update
21-06-2015 10:04:19 Windows Update
25-06-2015 19:34:56 Windows Update
05-07-2015 16:44:23 Windows Update
11-07-2015 18:08:51 Windows Update
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0E1D816C-F9E8-4A58-94CB-D7C2023D6BC7} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-12] (Adobe Systems Incorporated)
Task: {10150512-A4BD-45C2-9CB0-F84AA5D416AC} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [2013-08-01] (Maxthon International ltd.)
Task: {11037708-C1F7-4E32-9A1A-4AA9E0C06458} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-12] (Avast Software s.r.o.)
Task: {1BCD9F14-7A68-4D52-BC57-0A191F8731CC} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2015-03-09] (Lenovo)
Task: {1F2AA682-845D-4790-9871-E60E37768001} - System32\Tasks\avastBCLRestartS-1-5-21-57172400-1432429731-576863915-1002 => Firefox.exe
Task: {1F87B43C-0367-4E30-AEB8-D0B88AFE2D17} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
Task: {2387CE87-B3AF-41E2-9835-B0AD2B903706} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: {2DBC6FB7-EC67-4F48-A528-5890111BF20F} - System32\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA => C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe <==== ATTENTION
Task: {37BD84E0-D814-40A9-B897-1B0B96AB1853} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3B4E1666-A61A-476B-86F7-FE10B318503F} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-03-09] (Lenovo)
Task: {3EAA320B-118E-456A-9748-47BB7ECF57EB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-12] (Google Inc.)
Task: {49401F5F-C3CE-44BC-AA93-85BCFA4AA9DB} - System32\Tasks\pricemeterdownloader => C:\Users\Celine\AppData\Local\PriceMeter\pricemeterd.exe <==== ATTENTION
Task: {6012DBB1-BB73-43EC-A1F1-DBB266A4DE56} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-07-11] (Microsoft Corporation)
Task: {609BD893-F2ED-404E-8112-FC7591CA47B1} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => c:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: {62B50F73-52D9-4C00-ACC1-08EA45171BA8} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {7637DCA0-AA1F-48EE-872F-421F12B7FDE9} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {7FFE4C06-30E4-4474-90C1-B0A3BD021F21} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-03-09] (Lenovo)
Task: {8AB78C63-0591-49B6-AF8A-CFA8BB1043AF} - System32\Tasks\{3E912598-8467-4670-906C-AC1B5F1E7EA1} => pcalua.exe -a "C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe" -c /REMOVE
Task: {8D21839A-B1D6-462C-8E26-50B5E6592D5A} - System32\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore => C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe <==== ATTENTION
Task: {A2271D48-25BF-4A86-AEC6-558EE1624AC8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-12] (Google Inc.)
Task: {A426831B-12D7-4C93-95D3-BF1406A59172} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {B2738075-0AE5-4C91-9AC3-C8412C30B448} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2015-03-09] (Lenovo)
Task: {B9821059-A13E-4B22-BB64-4138F46509B0} - System32\Tasks\PriceMeterUpdater => C:\Users\Celine\AppData\Roaming\PRICEM~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {DEA4BB2C-903B-4656-A600-5F53BC713E1D} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-03-09] (Lenovo)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\PriceMeterUpdater.job => 0x03060100CE3463EC91467043861DD7D657F8C12146000A010000000044440000200000000014730F000000000013040020208021DF07070000000C0009001C0001006A0200003F0043003A005C00550073006500720073005C00430065006C0069006E0065005C0041007000700044006100740061005C0052006F0061006D0069006E0067005C00500052004900430045004D007E0031005C005500500044004100540045007E0031005C005500500044004100540045007E0031002E00450058004500000007002F0043006800650063006B000000000011004C0045004E004F0056004F002D00500043005C00430065006C0069006E00650000000000000008000000000000000000010030000000D207030007000000000000000C001C00A00500003C0000000000000001000000010000000000000000000000 <==== ATTENTION
==================== Loaded Modules (Whitelisted) ==============
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-04 21:13 - 2013-09-04 21:13 - 00049368 _____ () C:\Program Files\Lenovo\Bluetooth Software\btwleapi.dll
2013-10-17 16:27 - 2013-10-17 16:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2013-12-20 08:22 - 2012-04-24 12:43 - 00390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2013-12-20 08:34 - 2013-12-20 08:34 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2013-12-20 08:34 - 2013-12-20 08:34 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2015-07-12 09:35 - 2015-07-12 09:35 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-12 09:35 - 2015-07-12 09:35 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-12 13:17 - 2015-07-12 13:17 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15071200\algo.dll
2015-07-12 09:35 - 2015-07-12 09:36 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Users\Celine\SkyDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-57172400-1432429731-576863915-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Celine\Pictures\Hintergrund.jpg
DNS Servers: 192.168.0.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run: => "EnergyUtility"
HKLM\...\StartupApproved\Run: => "Energy Management"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run32: => "Lenovo App Shop"
HKLM\...\StartupApproved\Run32: => "UpdateP2GShortCut"
HKU\S-1-5-21-57172400-1432429731-576863915-1002\...\StartupApproved\Run: => "Pokki"
HKU\S-1-5-21-57172400-1432429731-576863915-1002\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-57172400-1432429731-576863915-1002\...\StartupApproved\Run: => "PriceMeterW"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{3AFEFD33-819E-4197-9DF2-792DA5C31865}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{4E4B748D-CC4F-4FBE-91A3-7B58514F011A}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{B8A717D6-9157-4DB6-966A-6DECBDCD85D3}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{A6A3F315-281E-4BBF-920A-F4418341295B}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{318C1491-A15D-4F02-B34C-6E65AEC824EB}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{DB481306-B96A-4C59-B2F0-765FC3C125E6}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{D292ADEE-A0D7-409D-9B59-FC76EF4230DC}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{08C8BF58-6DF2-4D3D-A858-484A29857B9F}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{22B05252-029C-48D7-BEEB-A6EFDFB329DD}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{3A72F39E-B17B-4922-B1B3-40CBF024D192}] => (Allow) C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\ismagent.exe
FirewallRules: [{DFB5AADE-6BED-45F9-AAFD-CB299B2F4726}] => (Allow) C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\ismloader.exe
FirewallRules: [{150C6323-B768-4AC9-9437-207C8815A62C}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{C14A20F4-1A45-49FC-BDC8-9300A2A3AB23}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{AE22A973-C5F5-4246-9FB2-54CF88721C5D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1C3F2DA9-FF9D-4C53-989F-C2CC1B52A952}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D46CD187-6190-4567-A0F5-CF81D201D174}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0401239C-A39B-4FF2-96B7-F8930C98672B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5743A95F-8119-49C8-A7F4-2D48481D5FCD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BC7001DC-4A1B-4B55-901D-9C45D1A6C066}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{710F2B05-5BA3-4482-94A3-743392438DB8}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{B12DC754-FA0C-4E9A-AB82-1422799682EA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/12/2015 04:24:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MsMpEng.exe, Version: 4.7.205.0, Zeitstempel: 0x54cb5aeb
Name des fehlerhaften Moduls: mpengine.dll, Version: 1.1.10401.0, Zeitstempel: 0x53194e31
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000005fc212
ID des fehlerhaften Prozesses: 0x1378
Startzeit der fehlerhaften Anwendung: 0xMsMpEng.exe0
Pfad der fehlerhaften Anwendung: MsMpEng.exe1
Pfad des fehlerhaften Moduls: MsMpEng.exe2
Berichtskennung: MsMpEng.exe3
Vollständiger Name des fehlerhaften Pakets: MsMpEng.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MsMpEng.exe5
Error: (07/12/2015 04:18:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm avscan.exe, Version 15.0.11.576 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: f00
Startzeit: 01d0bcacbd7823d5
Endzeit: 15
Anwendungspfad: C:\Program Files (x86)\Avira\Antivirus\avscan.exe
Berichts-ID: cba34a09-28a0-11e5-8282-342387e76392
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (07/12/2015 04:17:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: dc
Startzeit: 01d0bcac628805a6
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe
Berichts-ID: b12f455a-28a0-11e5-8282-342387e76392
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (07/12/2015 04:12:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MsMpEng.exe, Version: 4.7.205.0, Zeitstempel: 0x54cb5aeb
Name des fehlerhaften Moduls: mpengine.dll, Version: 1.1.10401.0, Zeitstempel: 0x53194e31
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000005fc212
ID des fehlerhaften Prozesses: 0x7a0
Startzeit der fehlerhaften Anwendung: 0xMsMpEng.exe0
Pfad der fehlerhaften Anwendung: MsMpEng.exe1
Pfad des fehlerhaften Moduls: MsMpEng.exe2
Berichtskennung: MsMpEng.exe3
Vollständiger Name des fehlerhaften Pakets: MsMpEng.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MsMpEng.exe5
Error: (07/12/2015 04:02:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MsMpEng.exe, Version: 4.7.205.0, Zeitstempel: 0x54cb5aeb
Name des fehlerhaften Moduls: mpengine.dll, Version: 1.1.10401.0, Zeitstempel: 0x53194e31
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000005fc212
ID des fehlerhaften Prozesses: 0x8bc
Startzeit der fehlerhaften Anwendung: 0xMsMpEng.exe0
Pfad der fehlerhaften Anwendung: MsMpEng.exe1
Pfad des fehlerhaften Moduls: MsMpEng.exe2
Berichtskennung: MsMpEng.exe3
Vollständiger Name des fehlerhaften Pakets: MsMpEng.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MsMpEng.exe5
Error: (07/12/2015 03:59:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rundll32.exe, Version: 6.3.9600.17415, Zeitstempel: 0x545045a2
Name des fehlerhaften Moduls: MSI249C.tmp, Version: 1.1.40.29325, Zeitstempel: 0x52974d21
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000403f
ID des fehlerhaften Prozesses: 0x1f20
Startzeit der fehlerhaften Anwendung: 0xrundll32.exe0
Pfad der fehlerhaften Anwendung: rundll32.exe1
Pfad des fehlerhaften Moduls: rundll32.exe2
Berichtskennung: rundll32.exe3
Vollständiger Name des fehlerhaften Pakets: rundll32.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: rundll32.exe5
Error: (07/12/2015 03:59:01 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: rundll32.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 735D403F
Stapel:
Error: (07/12/2015 03:58:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rundll32.exe, Version: 6.3.9600.17415, Zeitstempel: 0x545045a2
Name des fehlerhaften Moduls: MSI1142.tmp, Version: 1.1.40.29325, Zeitstempel: 0x52974d21
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000403f
ID des fehlerhaften Prozesses: 0x1ccc
Startzeit der fehlerhaften Anwendung: 0xrundll32.exe0
Pfad der fehlerhaften Anwendung: rundll32.exe1
Pfad des fehlerhaften Moduls: rundll32.exe2
Berichtskennung: rundll32.exe3
Vollständiger Name des fehlerhaften Pakets: rundll32.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: rundll32.exe5
Error: (07/12/2015 03:58:56 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: rundll32.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 6D60403F
Stapel:
Error: (07/12/2015 03:58:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rundll32.exe, Version: 6.3.9600.17415, Zeitstempel: 0x545045a2
Name des fehlerhaften Moduls: MSI4DD.tmp, Version: 1.1.40.29325, Zeitstempel: 0x52974d21
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00002cd5
ID des fehlerhaften Prozesses: 0x2078
Startzeit der fehlerhaften Anwendung: 0xrundll32.exe0
Pfad der fehlerhaften Anwendung: rundll32.exe1
Pfad des fehlerhaften Moduls: rundll32.exe2
Berichtskennung: rundll32.exe3
Vollständiger Name des fehlerhaften Pakets: rundll32.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: rundll32.exe5
System errors:
=============
Error: (07/12/2015 04:24:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Defender-Dienst" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
Error: (07/12/2015 04:12:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Defender-Dienst" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/12/2015 04:08:05 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (07/12/2015 04:07:29 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Search" wurde nicht richtig gestartet.
Error: (07/12/2015 04:02:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Defender-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/12/2015 03:59:29 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\WINDOWS\System32\bcmihvsrv64.dll
Error: (07/12/2015 03:45:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Service Mgr PositiveFinds" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/12/2015 03:45:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Update Mgr PositiveFinds" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/12/2015 01:42:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Defender-Dienst" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
Error: (07/12/2015 01:29:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Defender-Dienst" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Microsoft Office:
=========================
Error: (07/12/2015 04:24:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MsMpEng.exe4.7.205.054cb5aebmpengine.dll1.1.10401.053194e31c000000500000000005fc212137801d0bcacee2c4769C:\Program Files\Windows Defender\MsMpEng.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B1561F5A-F18D-4482-8EA0-F6959CFFBB90}\mpengine.dllad0f209d-28a1-11e5-8282-342387e76392
Error: (07/12/2015 04:18:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: avscan.exe15.0.11.576f0001d0bcacbd7823d515C:\Program Files (x86)\Avira\Antivirus\avscan.execba34a09-28a0-11e5-8282-342387e76392
Error: (07/12/2015 04:17:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.17415dc01d0bcac628805a64294967295C:\WINDOWS\syswow64\wwahost.exeb12f455a-28a0-11e5-8282-342387e76392Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5cApp
Error: (07/12/2015 04:12:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MsMpEng.exe4.7.205.054cb5aebmpengine.dll1.1.10401.053194e31c000000500000000005fc2127a001d0bcab9819a41aC:\Program Files\Windows Defender\MsMpEng.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B1561F5A-F18D-4482-8EA0-F6959CFFBB90}\mpengine.dll02128551-28a0-11e5-8282-342387e76392
Error: (07/12/2015 04:02:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MsMpEng.exe4.7.205.054cb5aebmpengine.dll1.1.10401.053194e31c000000500000000005fc2128bc01d0bcab3dec4b76C:\Program Files\Windows Defender\MsMpEng.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B1561F5A-F18D-4482-8EA0-F6959CFFBB90}\mpengine.dllb05754fa-289e-11e5-8282-342387e76392
Error: (07/12/2015 03:59:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: rundll32.exe6.3.9600.17415545045a2MSI249C.tmp1.1.40.2932552974d21c00000050000403f1f2001d0bcaae613f6efC:\WINDOWS\SysWOW64\rundll32.exeC:\WINDOWS\Installer\MSI249C.tmp268dcb01-289e-11e5-8281-342387e76392
Error: (07/12/2015 03:59:01 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: rundll32.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 735D403F
Stapel:
Error: (07/12/2015 03:58:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: rundll32.exe6.3.9600.17415545045a2MSI1142.tmp1.1.40.2932552974d21c00000050000403f1ccc01d0bcaae30f59f6C:\WINDOWS\SysWOW64\rundll32.exeC:\WINDOWS\Installer\MSI1142.tmp23fc1da7-289e-11e5-8281-342387e76392
Error: (07/12/2015 03:58:56 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: rundll32.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 6D60403F
Stapel:
Error: (07/12/2015 03:58:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: rundll32.exe6.3.9600.17415545045a2MSI4DD.tmp1.1.40.2932552974d21c000000500002cd5207801d0bcaae113a5d1C:\WINDOWS\SysWOW64\rundll32.exeC:\WINDOWS\Installer\MSI4DD.tmp2001ee50-289e-11e5-8281-342387e76392
==================== Memory info ===========================
Processor: AMD E1-2100 APU with Radeon(TM) HD Graphics
Percentage of memory in use: 36%
Total physical RAM: 3529.26 MB
Available physical RAM: 2227.8 MB
Total Virtual: 4809.26 MB
Available Virtual: 3270.54 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:427.32 GB) (Free:380.42 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:24.65 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2868AED6)
Partition: GPT Partition Type.
==================== End of log ============================
--- --- ---
--- --- --- |
FRST 32-Bit | FRST 64-Bit
Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
dann auf 
und dann auf 
. 