Hello, thanks again for your help.
Here are the requested scans:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-06-2017 01
Ran by Lena Pra (administrator) on LENAPRA-PC (24-06-2017 11:13:58)
Running from C:\Users\Lena Pra\Desktop
Loaded Profiles: Lena Pra (Available Profiles: Lena Pra)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\T-Mobile\InternetManager_A\BackgroundService\ServiceManager.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Olympus Corporation) C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Panasonic Corporation) C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\EnergyCut\EnergyCut.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Program Files (x86)\T-Mobile\InternetManager_A\Background\ModemListener.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Java\jre6\bin\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Microsoft Corporation) C:\Windows\System32\DeviceDisplayObjectProvider.exe
(Farbar) C:\Users\Lena Pra\Desktop\EnglishFRST64.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9770432 2014-02-06] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5940128 2014-02-06] (Lenovo(beijing) Limited)
HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [6340312 2013-12-10] (Realtek semiconductor)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-05-31] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15546512 2017-06-19] (Copyright 2017.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [263232 2017-06-24] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\EnergyCut\utilty.exe [1581056 2007-04-27] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [EnergyCut] => C:\Program Files (x86)\Lenovo\EnergyCut\EnergyCut.exe [1167360 2007-03-09] (Lenovo (Beijing) Limited)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-22] (Intel Corporation)
HKLM-x32\...\Run: [T-Mobile ModemListener] => C:\Program Files (x86)\T-Mobile\InternetManager_A\Background\ModemListener.exe [114040 2013-01-11] ()
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-05-31] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [OV3_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\FirstStart.exe [40472 2016-03-03] (Olympus Corporation)
HKLM-x32\...\Run: [vProt] => "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Java\jre6\bin\jusched.exe [148888 2016-08-25] (Sun Microsystems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2819346672-853151906-811778091-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7946656 2017-04-22] (SUPERAntiSpyware)
HKU\S-1-5-21-2819346672-853151906-811778091-1000\...\Run: [AVG-Secure-Search-Update_0214c] => C:\Users\Lena Pra\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=54cb91b5815347d2b22edd1de3ce163e-18f29c75e639e91aaa54b599b4e3bd32b98d0511 /CMPID=0214c
HKU\S-1-5-21-2819346672-853151906-811778091-1000\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
HKU\S-1-5-21-2819346672-853151906-811778091-1000\...\Run: [OV3_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe [415768 2016-03-03] (Olympus Corporation)
HKU\S-1-5-21-2819346672-853151906-811778091-1000\...\MountPoints2: {576ed16f-7937-11e4-b017-8056f2e86b78} - F:\Autorun.exe
HKU\S-1-5-21-2819346672-853151906-811778091-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-02-07]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 9.6 PE.lnk [2016-10-05]
ShortcutTarget: PHOTOfunSTUDIO 9.6 PE.lnk -> C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{43FFFB05-1ABD-4A2B-ADB4-6AE78826F132}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{898C0107-D2DD-4A28-80FD-BBBD89BFD830}: [DhcpNameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{AAF313E0-C192-45F8-9E15-08F78EBBF4A9}: [DhcpNameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{F6E5E89E-4568-471A-8DD3-EE3723EBAE45}: [DhcpNameServer] 10.74.210.210 10.74.210.211
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2819346672-853151906-811778091-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={6E8C4B26-BA6B-4B77-A50D-42ED952796C8}&mid=54cb91b5815347d2b22edd1de3ce163e-18f29c75e639e91aaa54b599b4e3bd32b98d0511&lang=de&ds=AVG&coid=avgtbavg&cmpid=0816avz&pr=fr&d=2016-08-04 12:06:10&v=4.3.2.18&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-06-20] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-06-20] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-06-20] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-06-20] (Microsoft Corporation)
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-06-20] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-06-20] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2016-08-25] (Sun Microsystems, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Lena Pra\AppData\Roaming\Mozilla\Firefox\Profiles\lsnmh4hi.default [2017-06-21]
FF Extension: (AVG Web TuneUp) - C:\Users\Lena Pra\AppData\Roaming\Mozilla\Firefox\Profiles\lsnmh4hi.default\Extensions\
[email protected] [2017-06-14]
FF Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Lena Pra\AppData\Roaming\Mozilla\Firefox\Profiles\lsnmh4hi.default\Extensions\
[email protected] [2017-04-23]
FF Extension: (Adblock Plus) - C:\Users\Lena Pra\AppData\Roaming\Mozilla\Firefox\Profiles\lsnmh4hi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-05-29]
FF SearchPlugin: C:\Users\Lena Pra\AppData\Roaming\Mozilla\Firefox\Profiles\lsnmh4hi.default\searchplugins\avg-secure-search.xml [2017-06-22]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} [2017-01-16] [not signed]
FF Extension: (Hotspot Shield Extension) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\
[email protected] [2017-01-16] [not signed]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2017-06-14]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-20] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-01-31] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-20] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-29] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-29] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default [2017-06-24]
CHR Extension: (Google Präsentationen) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-20]
CHR Extension: (Google Docs) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-20]
CHR Extension: (Google Drive) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-20]
CHR Extension: (YouTube) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-20]
CHR Extension: (Google-Suche) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-20]
CHR Extension: (Google Tabellen) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-20]
CHR Extension: (Google Docs Offline) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-05]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2017-06-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-05]
CHR Extension: (Google Mail) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-20]
CHR Extension: (Chrome Media Router) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-18]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-04-22] (SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [264432 2017-06-24] (AVG Technologies CZ, s.r.o.)
S3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7396872 2017-06-24] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428656 2017-05-31] (AVG Technologies CZ, s.r.o.)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-08-08] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4122816 2017-06-10] (Microsoft Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 Modem Device Helper; C:\Program Files (x86)\T-Mobile\InternetManager_A\BackgroundService\ServiceManager.exe [51576 2013-01-11] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15546512 2017-06-19] (Copyright 2017.)
S2 vToolbarUpdater40.3.8; "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe" [X]
S2 WtuSystemSupport; "C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AlcatelOTDCWwan; C:\Windows\System32\DRIVERS\AlcatelOTDCWwan.sys [159744 2013-01-11] (TCT International Mobile Ltd.)
S3 ALCATELUSB; C:\Windows\System32\Drivers\AlcatelUsb.sys [25088 2013-01-11] (Windows ® Codename Longhorn DDK provider)
R1 avgbdisk; C:\Windows\system32\drivers\avgbdiska.sys [166624 2017-06-24] (AVG Technologies CZ, s.r.o.)
S1 avgbidsdriver; C:\Windows\system32\drivers\avgbidsdrivera.sys [314128 2017-06-24] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\system32\drivers\avgbidsha.sys [192584 2017-06-24] (AVG Technologies CZ, s.r.o.)
S0 avgblog; C:\Windows\system32\drivers\avgbloga.sys [336896 2017-06-24] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\system32\drivers\avgbuniva.sys [51336 2017-06-24] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\system32\drivers\avgHwid.sys [39424 2017-06-24] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\system32\drivers\avgMonFlt.sys [129776 2017-06-24] (AVG Technologies CZ, s.r.o.)
S1 avgRdr; C:\Windows\system32\drivers\avgRdr2.sys [102280 2017-06-24] (AVG Technologies CZ, s.r.o.)
S0 avgRvrt; C:\Windows\system32\drivers\avgRvrt.sys [76832 2017-06-24] (AVG Technologies CZ, s.r.o.)
S1 avgSnx; C:\Windows\system32\drivers\avgSnx.sys [1008288 2017-06-24] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\system32\drivers\avgSP.sys [570320 2017-06-24] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\system32\drivers\avgStm.sys [160008 2017-06-24] (AVG Technologies CZ, s.r.o.)
S0 avgVmm; C:\Windows\system32\drivers\avgVmm.sys [340824 2017-06-24] (AVG Technologies CZ, s.r.o.)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170712 2013-08-08] (Broadcom Corporation.)
S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [123776 2013-01-11] (TCT International Mobile Ltd.)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [127568 2013-03-04] (Qualcomm Atheros Co., Ltd.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2017-06-21] (Malwarebytes)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [9101016 2013-12-10] (Realtek Semiconductor Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-10-16] (Anchorfree Inc.)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-06-24] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-06-24] (Zemana Ltd.)
R4 Avguniva; system32\DRIVERS\avguniva.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-24 10:57 - 2017-06-24 10:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2017-06-24 10:43 - 2017-06-24 10:43 - 00160008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgstm.sys
2017-06-24 10:43 - 2017-06-24 10:43 - 00003920 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
2017-06-24 10:43 - 2017-06-24 10:41 - 00570320 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2017-06-24 10:43 - 2017-06-24 10:41 - 00340824 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2017-06-24 10:43 - 2017-06-24 10:41 - 00159496 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgstm.sys.149829382297701
2017-06-24 10:43 - 2017-06-24 10:41 - 00129776 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2017-06-24 10:43 - 2017-06-24 10:41 - 00102280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2017-06-24 10:43 - 2017-06-24 10:41 - 00076832 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2017-06-24 10:43 - 2017-06-24 10:41 - 00039424 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys
2017-06-24 10:43 - 2017-06-24 10:40 - 01008288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2017-06-24 10:43 - 2017-06-24 10:39 - 00336896 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbloga.sys
2017-06-24 10:43 - 2017-06-24 10:39 - 00314128 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdrivera.sys
2017-06-24 10:43 - 2017-06-24 10:39 - 00192584 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsha.sys
2017-06-24 10:43 - 2017-06-24 10:39 - 00166624 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbdiska.sys
2017-06-24 10:43 - 2017-06-24 10:39 - 00051336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniva.sys
2017-06-24 10:41 - 2017-06-24 10:41 - 00401584 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2017-06-24 10:39 - 2017-06-24 11:14 - 00416956 _____ C:\Windows\ZAM.krnl.trace
2017-06-24 10:39 - 2017-06-24 11:14 - 00052171 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-06-24 10:39 - 2017-06-24 10:39 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2017-06-24 10:39 - 2017-06-24 10:39 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2017-06-24 10:38 - 2017-06-24 10:39 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-06-24 10:38 - 2017-06-24 10:38 - 00001148 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2017-06-24 10:38 - 2017-06-24 10:38 - 00000000 ____D C:\Users\Lena Pra\AppData\Local\Zemana
2017-06-24 10:38 - 2017-06-24 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-06-24 10:37 - 2017-06-24 10:37 - 00001008 _____ C:\Users\Public\Desktop\AVG.lnk
2017-06-24 10:36 - 2017-06-24 10:36 - 06589840 _____ (Zemana Ltd. ) C:\Users\Lena Pra\Downloads\Zemana.AntiMalware.Setup.exe
2017-06-22 10:28 - 2017-06-22 10:28 - 00035735 _____ C:\Users\Lena Pra\Desktop\Addition.txt
2017-06-22 10:26 - 2017-06-24 11:14 - 00021290 _____ C:\Users\Lena Pra\Desktop\FRST.txt
2017-06-22 10:26 - 2017-06-22 10:25 - 02439680 _____ (Farbar) C:\Users\Lena Pra\Desktop\EnglishFRST64.exe
2017-06-22 10:25 - 2017-06-22 10:25 - 02439680 _____ (Farbar) C:\Users\Lena Pra\Downloads\FRST64.exe
2017-06-20 11:41 - 2017-06-20 11:41 - 06030369 _____ C:\Users\Lena Pra\Downloads\HV_zerebrovaskulär_ICB_SS17_online.pdf
2017-06-20 11:34 - 2017-06-20 11:34 - 01453275 _____ C:\Users\Lena Pra\Downloads\2017 upload Poppert.pdf
2017-06-20 08:27 - 2017-06-20 08:27 - 02086013 _____ C:\Users\Lena Pra\Downloads\Hauptvorlesung Neurologie 14.06.2017.pdf
2017-06-14 10:37 - 2017-06-14 10:37 - 03701918 _____ C:\Users\Lena Pra\Downloads\Gesichtsschmerz_neuropath_Schmerz2017 (1).pdf
2017-06-14 10:36 - 2017-06-02 10:28 - 02317824 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-06-14 10:36 - 2017-06-02 10:28 - 02222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-06-14 10:36 - 2017-06-02 10:28 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-06-14 10:36 - 2017-06-02 10:28 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-06-14 10:36 - 2017-06-02 10:28 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-06-14 10:36 - 2017-06-02 10:28 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-06-14 10:36 - 2017-06-02 10:28 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-06-14 10:36 - 2017-06-02 10:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-06-14 10:36 - 2017-06-02 10:28 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-06-14 10:36 - 2017-06-02 10:11 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-06-14 10:36 - 2017-06-02 10:11 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-06-14 10:36 - 2017-06-02 10:10 - 00733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-06-14 10:36 - 2017-06-02 10:10 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-06-14 10:36 - 2017-06-02 10:09 - 01549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-06-14 10:36 - 2017-06-02 10:09 - 01400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-06-14 10:36 - 2017-06-02 10:09 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-06-14 10:36 - 2017-06-02 10:09 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-06-14 10:36 - 2017-06-02 10:09 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-06-14 10:36 - 2017-06-02 10:09 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-06-14 10:36 - 2017-06-02 10:09 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-06-14 10:36 - 2017-06-02 10:09 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-06-14 10:36 - 2017-06-02 09:58 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-06-14 10:36 - 2017-06-02 09:58 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-06-14 10:36 - 2017-06-02 09:57 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-06-14 10:36 - 2017-06-02 09:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-06-14 10:36 - 2017-05-21 06:28 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-06-14 10:36 - 2017-05-21 06:28 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-06-14 10:36 - 2017-05-21 06:24 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-06-14 10:36 - 2017-05-21 05:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-06-14 10:36 - 2017-05-21 05:48 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-06-14 10:36 - 2017-05-21 05:48 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-06-14 10:36 - 2017-05-21 05:48 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-06-14 10:36 - 2017-05-21 05:47 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-06-14 10:36 - 2017-05-21 05:46 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-06-14 10:36 - 2017-05-21 05:42 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-06-14 10:36 - 2017-05-16 20:19 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-06-14 10:36 - 2017-05-16 19:35 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-06-14 10:36 - 2017-05-14 22:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-06-14 10:36 - 2017-05-14 22:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-06-14 10:36 - 2017-05-14 22:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-06-14 10:36 - 2017-05-14 22:27 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-06-14 10:36 - 2017-05-14 22:27 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-06-14 10:36 - 2017-05-14 22:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-06-14 10:36 - 2017-05-14 22:26 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-06-14 10:36 - 2017-05-14 22:24 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-06-14 10:36 - 2017-05-14 22:19 - 25738752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-06-14 10:36 - 2017-05-14 22:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-06-14 10:36 - 2017-05-14 22:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-06-14 10:36 - 2017-05-14 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-06-14 10:36 - 2017-05-14 22:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-06-14 10:36 - 2017-05-14 22:10 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-06-14 10:36 - 2017-05-14 22:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-06-14 10:36 - 2017-05-14 22:10 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-06-14 10:36 - 2017-05-14 22:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-06-14 10:36 - 2017-05-14 21:57 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-06-14 10:36 - 2017-05-14 21:55 - 05975040 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-06-14 10:36 - 2017-05-14 21:48 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-06-14 10:36 - 2017-05-14 21:47 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-06-14 10:36 - 2017-05-14 21:46 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-06-14 10:36 - 2017-05-14 21:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-06-14 10:36 - 2017-05-14 21:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-06-14 10:36 - 2017-05-14 21:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-06-14 10:36 - 2017-05-14 21:37 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-06-14 10:36 - 2017-05-14 21:36 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-06-14 10:36 - 2017-05-14 21:23 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-06-14 10:36 - 2017-05-14 21:23 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-06-14 10:36 - 2017-05-14 21:22 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-06-14 10:36 - 2017-05-14 21:22 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-06-14 10:36 - 2017-05-14 21:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-06-14 10:36 - 2017-05-14 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-06-14 10:36 - 2017-05-14 21:20 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-06-14 10:36 - 2017-05-14 21:19 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-06-14 10:36 - 2017-05-14 21:18 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-06-14 10:36 - 2017-05-14 21:17 - 02132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-06-14 10:36 - 2017-05-14 21:16 - 02290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-06-14 10:36 - 2017-05-14 21:15 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-06-14 10:36 - 2017-05-14 21:14 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-06-14 10:36 - 2017-05-14 21:12 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-06-14 10:36 - 2017-05-14 21:11 - 20274688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-06-14 10:36 - 2017-05-14 21:11 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-06-14 10:36 - 2017-05-14 21:10 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-06-14 10:36 - 2017-05-14 21:10 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-06-14 10:36 - 2017-05-14 21:02 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-06-14 10:36 - 2017-05-14 20:57 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-06-14 10:36 - 2017-05-14 20:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-06-14 10:36 - 2017-05-14 20:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-06-14 10:36 - 2017-05-14 20:54 - 15252992 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-06-14 10:36 - 2017-05-14 20:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-06-14 10:36 - 2017-05-14 20:52 - 03240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-06-14 10:36 - 2017-05-14 20:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-06-14 10:36 - 2017-05-14 20:50 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-06-14 10:36 - 2017-05-14 20:49 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-06-14 10:36 - 2017-05-14 20:44 - 04549120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-06-14 10:36 - 2017-05-14 20:42 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-06-14 10:36 - 2017-05-14 20:40 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-06-14 10:36 - 2017-05-14 20:39 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-06-14 10:36 - 2017-05-14 20:38 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-06-14 10:36 - 2017-05-14 20:37 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-06-14 10:36 - 2017-05-14 20:30 - 13664768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-06-14 10:36 - 2017-05-14 20:27 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-06-14 10:36 - 2017-05-14 20:15 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-06-14 10:36 - 2017-05-14 20:11 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-06-14 10:36 - 2017-05-14 20:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-06-14 10:36 - 2017-05-12 20:27 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-06-14 10:36 - 2017-05-12 20:26 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-06-14 10:36 - 2017-05-12 20:26 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-06-14 10:36 - 2017-05-12 20:26 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-06-14 10:36 - 2017-05-12 20:24 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:07 - 04001000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-06-14 10:36 - 2017-05-12 20:07 - 03945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-06-14 10:36 - 2017-05-12 20:07 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-06-14 10:36 - 2017-05-12 20:04 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 19:55 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-06-14 10:36 - 2017-05-12 19:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-06-14 10:36 - 2017-05-12 19:54 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-06-14 10:36 - 2017-05-12 19:52 - 03222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-06-14 10:36 - 2017-05-12 19:51 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-06-14 10:36 - 2017-05-12 19:50 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-06-14 10:36 - 2017-05-12 19:46 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-06-14 10:36 - 2017-05-12 19:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-06-14 10:36 - 2017-05-12 19:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-06-14 10:36 - 2017-05-12 19:41 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-06-14 10:36 - 2017-05-12 19:41 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-06-14 10:36 - 2017-05-12 19:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-06-14 10:36 - 2017-05-12 19:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 19:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 19:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 19:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 18:25 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-06-14 10:36 - 2017-05-12 17:58 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-06-14 10:36 - 2017-05-12 17:58 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-06-14 10:36 - 2017-05-10 17:33 - 00091368 _____ (Microsoft Corporation) C:\Windows\system32\MigAutoPlay.exe
2017-06-14 10:36 - 2017-05-10 17:29 - 14183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-06-14 10:36 - 2017-05-10 17:29 - 03165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-06-14 10:36 - 2017-05-10 17:29 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-06-14 10:36 - 2017-05-10 17:29 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-06-14 10:36 - 2017-05-10 17:29 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-06-14 10:36 - 2017-05-10 17:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-06-14 10:36 - 2017-05-10 17:16 - 00091368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MigAutoPlay.exe
2017-06-14 10:36 - 2017-05-10 17:14 - 02651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-06-14 10:36 - 2017-05-10 17:13 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-06-14 10:36 - 2017-05-10 17:13 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-06-14 10:36 - 2017-05-10 17:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-06-14 10:36 - 2017-05-10 17:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-06-14 10:36 - 2017-05-10 17:13 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-06-14 10:36 - 2017-05-10 17:13 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-06-14 10:36 - 2017-05-10 17:12 - 12880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-06-14 10:36 - 2017-05-10 17:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-06-14 10:36 - 2017-05-10 17:12 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-06-14 10:36 - 2017-05-10 17:00 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-06-14 10:36 - 2017-05-10 17:00 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-06-14 10:36 - 2017-05-10 17:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-06-14 10:36 - 2017-05-10 17:00 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-06-14 10:36 - 2017-05-10 16:52 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-06-14 10:36 - 2017-05-09 17:30 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-06-14 10:36 - 2017-05-09 17:29 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-06-14 10:36 - 2017-05-09 17:11 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-06-14 10:36 - 2017-05-07 17:33 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2017-06-14 10:36 - 2017-05-07 17:29 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2017-06-14 10:36 - 2017-04-28 00:50 - 03550208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-06-14 10:36 - 2017-04-12 15:05 - 04296704 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-06-14 10:36 - 2017-03-30 17:03 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\rundll32.exe
2017-06-14 10:36 - 2017-03-30 16:58 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
2017-06-14 10:15 - 2017-06-14 10:15 - 00802148 _____ C:\Users\Lena Pra\Downloads\Einführung_SPSS.pdf
2017-06-14 10:11 - 2017-06-14 10:11 - 06135753 _____ C:\Users\Lena Pra\Downloads\SPSS_Folien_II.pdf
2017-06-13 10:59 - 2017-06-13 10:59 - 04531587 _____ C:\Users\Lena Pra\Downloads\201706SStum_neurohauptvorlhirntumoren.pdf
2017-06-13 10:57 - 2017-06-13 10:57 - 03701918 _____ C:\Users\Lena Pra\Downloads\Gesichtsschmerz_neuropath_Schmerz2017.pdf
2017-06-13 10:33 - 2017-06-13 10:33 - 03075180 _____ C:\Users\Lena Pra\Downloads\DD Gangstörungen 2017-1.pdf
2017-06-13 08:50 - 2017-06-13 08:50 - 03158146 _____ C:\Users\Lena Pra\Downloads\Hauptvorlesung_Kopfschmerz_Sei_05_2017.pdf
2017-06-13 08:42 - 2017-06-13 08:42 - 00000000 ____D C:\Users\Lena Pra\AppData\Local\Microsoft Help
2017-06-12 08:52 - 2017-06-12 08:52 - 10806417 _____ C:\Users\Lena Pra\Downloads\Spinale Syndrome + FallvorstellungSS17.pptx
2017-06-07 09:35 - 2017-06-07 09:35 - 00061453 _____ C:\Users\Lena Pra\Downloads\10991 (1).pdf
2017-06-07 09:34 - 2017-06-07 09:35 - 00061453 _____ C:\Users\Lena Pra\Downloads\10991.pdf
2017-06-05 13:25 - 2017-06-05 13:25 - 03309800 _____ C:\Users\Lena Pra\Downloads\Notfälle in der Gynäkologie_Juni 2017.pdf
2017-05-30 11:51 - 2017-05-30 11:51 - 11068370 _____ C:\Users\Lena Pra\Downloads\01_12_2016_jungwirth_beatmung.pdf
2017-05-29 18:33 - 2017-05-29 18:33 - 01945982 _____ C:\Users\Lena Pra\Downloads\24_11_2016_jungwirth_narkoseeinleitung.pdf
2017-05-29 18:32 - 2017-05-29 18:32 - 06221672 _____ C:\Users\Lena Pra\Downloads\17_11_2016_lewald_muskelrelaxantien.pdf
2017-05-29 18:32 - 2017-05-29 18:32 - 06221672 _____ C:\Users\Lena Pra\Downloads\17_11_2016_lewald_muskelrelaxantien (1).pdf
2017-05-25 11:59 - 2017-05-25 11:59 - 00407061 _____ C:\Users\Lena Pra\Downloads\Dok. 25.05.2017, 11-56.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-24 11:13 - 2015-12-16 11:27 - 00000000 ____D C:\FRST
2017-06-24 10:57 - 2016-08-04 12:05 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2017-06-24 10:57 - 2015-12-08 20:00 - 00000000 ____D C:\Users\Lena Pra\AppData\Roaming\AVG
2017-06-24 10:57 - 2015-12-08 19:52 - 00000000 ____D C:\ProgramData\Avg
2017-06-24 10:57 - 2015-06-30 11:15 - 00000000 ____D C:\Program Files\Common Files\AV
2017-06-24 10:52 - 2009-07-14 06:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-06-24 10:52 - 2009-07-14 06:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-06-24 10:40 - 2014-02-06 12:10 - 00000000 ____D C:\Users\Lena Pra
2017-06-24 10:38 - 2014-02-06 19:07 - 00000000 ____D C:\Program Files (x86)\AVG
2017-06-24 10:35 - 2016-09-22 18:38 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2017-06-22 08:39 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-06-22 08:38 - 2017-01-16 12:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-22 08:38 - 2014-02-06 15:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-21 22:34 - 2016-12-09 21:35 - 00000000 ____D C:\Users\Lena Pra\Desktop\Kallender
2017-06-21 21:37 - 2015-12-14 23:56 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-06-21 20:51 - 2016-11-21 00:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-06-21 20:34 - 2017-01-31 12:25 - 00000000 ____D C:\Users\Lena Pra\AppData\LocalLow\Mozilla
2017-06-21 20:31 - 2016-11-21 00:45 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-06-21 20:29 - 2011-04-12 09:43 - 00699342 _____ C:\Windows\system32\perfh007.dat
2017-06-21 20:29 - 2011-04-12 09:43 - 00149450 _____ C:\Windows\system32\perfc007.dat
2017-06-21 20:29 - 2009-07-14 07:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2017-06-21 20:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-06-21 20:19 - 2009-07-14 06:45 - 00454296 _____ C:\Windows\system32\FNTCACHE.DAT
2017-06-21 20:18 - 2014-03-11 00:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-06-21 20:18 - 2014-03-11 00:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-06-21 20:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2017-06-21 20:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\migwiz
2017-06-21 09:46 - 2014-03-11 00:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-06-21 09:44 - 2014-02-06 13:53 - 00000000 ____D C:\Windows\system32\MRT
2017-06-21 09:35 - 2014-02-06 13:53 - 133627792 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-06-20 08:12 - 2014-03-03 21:02 - 00004366 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-06-20 08:12 - 2014-03-03 21:01 - 00803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-06-20 08:12 - 2014-03-03 21:01 - 00144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-20 08:11 - 2014-03-03 21:01 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-06-20 08:11 - 2014-03-03 21:01 - 00000000 ____D C:\Windows\system32\Macromed
2017-06-14 10:08 - 2016-08-04 12:05 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2017-06-05 16:48 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2017-05-31 10:00 - 2014-04-07 15:10 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-05-25 12:00 - 2014-05-29 13:31 - 00000000 ____D C:\Users\Lena Pra\Documents\Studium
2017-05-25 10:38 - 2015-01-21 22:08 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
Some files in TEMP:
====================
2007-06-22 20:10 - 2007-06-22 20:10 - 0455600 ____R (Macrovision Corporation) C:\Users\Lena Pra\AppData\Local\Temp\_is4309.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-06-20 09:49
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-06-2017 01
Ran by Lena Pra (24-06-2017 11:15:39)
Running from C:\Users\Lena Pra\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-02-06 10:10:14)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2819346672-853151906-811778091-500 - Administrator - Disabled)
Gast (S-1-5-21-2819346672-853151906-811778091-501 - Limited - Disabled)
Lena Pra (S-1-5-21-2819346672-853151906-811778091-1000 - Administrator - Enabled) => C:\Users\Lena Pra
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.20) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{C538010A-17CD-461C-B198-E6E3499E4154}) (Version: 20.3.45.53553 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.3.45.53553 - Alcor Micro Corp.) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
AVG (Version: 1.191.1 - AVG Technologies) Hidden
AVG Protection (HKLM-x32\...\AVG Antivirus) (Version: 17.4.3014 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.8.510 - AVG Technologies)
Benutzerhandbuch anzeigen (HKLM-x32\...\View User Guide) (Version: 3.60.43.0 - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bullzip PDF Printer 10.4.0.2240 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.4.0.2240 - Bullzip)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.4 - Lenovo)
Energy Management (x32 Version: 6.0.2.4 - Lenovo) Hidden
EnergyCut (HKLM-x32\...\{6E127727-CE4B-40E4-9A7D-9D65CDE0A15C}) (Version: 1.00 - Lenovo)
FMW 1 (Version: 1.203.1 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation)
Internet Manager (HKLM-x32\...\Internet Manager_is1) (Version: - TCT Mobile Limited)
iTunes (HKLM\...\{554C62C7-E6BB-40F1-892B-F0AE02D3C135}) (Version: 12.5.3.17 - Apple Inc.)
Java 6 Update 12 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216012FF}) (Version: 6.0.120 - Sun Microsystems, Inc.)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10253 - Realtek Semiconductor Corp.)
Lenovo_Wireless_Driver (HKLM-x32\...\{28ABE740-47F3-441B-9437-852F6A64EFF8}) (Version: 1.02.01 - Lenovo)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.8201.2102 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2819346672-853151906-811778091-1000\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 53.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 en-US)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8201.2102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8201.2102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8201.2102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.8201.2075 - Microsoft Corporation) Hidden
OLYMPUS Digital Camera Updater (HKLM-x32\...\{392427E9-9FA4-4CD2-99EB-FD53A12BDCDA}) (Version: 1.2.1 - Olympus Corporation)
OLYMPUS Viewer 3 (HKLM-x32\...\{0CE3A5C0-9544-4CE0-8AFD-8562CD9E5913}) (Version: 2.0.0 - Olympus Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PHOTOfunSTUDIO 9.6 PE (HKLM-x32\...\{7113ACE0-A2FA-463B-969A-E3FD7BF42573}) (Version: 9.06.724.1031 - Panasonic Corporation)
posterXXL Designer 5.3 (HKLM-x32\...\posterXXL Designer_is1) (Version: - )
Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.15 - Qualcomm Atheros Communications Inc.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Samsung Drucker-Diagnose (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.0.15 - Samsung Electronics Co., Ltd.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.05.92 (14.03.2014) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.29.00(26.03.2014) - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.12 (15.04.2014) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.02.07.02 - Samsung Electronics Co., Ltd.) Hidden
SILKYPIX Developer Studio 4.2 SE (HKLM-x32\...\InstallShield_{8B9D37A0-F77B-41DD-932A-CE01DEC1ADAA}) (Version: 4 - Ichikawa Soft Laboratory)
SILKYPIX Developer Studio 4.2 SE (x32 Version: 4 - Ichikawa Soft Laboratory) Hidden
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25942 - TeamViewer)
UnJPEG 1.5 (HKLM-x32\...\UnJPEG_is1) (Version: - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8050 - Broadcom Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (01/28/2011 6.1.0.1) (HKLM\...\EB9B45DC947C2D941CA61B992509A71D738AE888) (Version: 01/28/2011 6.1.0.1 - Lenovo)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. )
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.76 - Zemana Ltd.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2819346672-853151906-811778091-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Lena Pra\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll ()
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00632DEE-9918-4EBA-AB70-F9CF1F708082} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {03E18D6E-080B-47F7-ABB6-8C3A87313CF7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-06-20] (Microsoft Corporation)
Task: {17C29866-5086-4859-ACE3-A3E9ECA97639} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-17] (Google Inc.)
Task: {3E101FCA-6D5D-4516-996D-A1C09C3403D3} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-10] (Microsoft Corporation)
Task: {4EFF6C01-C93F-4657-A0AB-2D3011385176} - System32\Tasks\{A194828C-4D0E-45B0-A26E-9A09396D8C76} => pcalua.exe -a "C:\drivers\WLAN Driver (Broadcom, Qualcomm)\Setup.exe" -d "C:\drivers\WLAN Driver (Broadcom, Qualcomm)"
Task: {5019A9A0-521A-49D3-837C-2D9C4F78F338} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-20] ()
Task: {57DEA8AA-7666-45C2-B11E-3338D3069230} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2017-06-24] (AVG Technologies CZ, s.r.o.)
Task: {78688F85-9AA0-4E75-ACE9-5DD169AEFECC} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-20] ()
Task: {7F7F172C-4206-47B1-9C8F-EF9B0DCA20F9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-06-20] (Microsoft Corporation)
Task: {99DD95D1-C824-4C44-AD04-A559E1AA769E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-06-20] (Microsoft Corporation)
Task: {9DAA4F66-B2FC-4A4A-B9CB-54BA7654DEEE} - System32\Tasks\{C0BC9234-B6F1-4C4A-A999-5F3D15A1495E} => pcalua.exe -a "C:\Users\Lena Pra\Desktop\WLAN_Broadcom_6.30.223.181_W81x64\WLAN\IS.exe" -d "C:\Users\Lena Pra\Desktop\WLAN_Broadcom_6.30.223.181_W81x64\WLAN"
Task: {9F3AF780-0CDC-42BB-820B-5FF850E52F14} - System32\Tasks\{4E58F9EE-1311-4F1D-83BC-9812A26DBED6} => pcalua.exe -a "C:\drivers\WLAN and Bluetooth Driver (Broadcom, Qualcomm)\Setup.exe" -d "C:\drivers\WLAN and Bluetooth Driver (Broadcom, Qualcomm)"
Task: {A0FC34D8-8290-428A-A164-9F46E7CEB420} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-10] (Microsoft Corporation)
Task: {A18EEC6E-1F3B-40FA-9451-06D2F27EC860} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-17] (Google Inc.)
Task: {AAB5D635-0A91-42A9-8105-59F1DD47D0AF} - System32\Tasks\TunnelBear => C:\Program Files (x86)\TunnelBear\TBear.Client.exe
Task: {B2FECCB1-217F-47EB-BA68-F313B3F0D99B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {CBDCEC6C-56AA-415B-9119-C15B3EE97E2D} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {D0332663-B442-44C4-BD23-8CF78948125D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-20] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-01-23 19:36 - 2013-05-29 14:01 - 00034304 _____ () C:\Windows\System32\ssm4mlm.dll
2016-10-05 19:17 - 2016-10-05 19:17 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 19:17 - 2016-10-05 19:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-10 15:02 - 2013-10-10 15:02 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2014-12-03 20:55 - 2013-01-11 15:27 - 00051576 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_A\BackgroundService\ServiceManager.exe
2016-11-21 01:10 - 2016-11-21 01:10 - 00959168 _____ () C:\Users\Lena Pra\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2017-06-24 10:39 - 2017-06-24 10:39 - 00155504 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2012-12-14 03:42 - 2012-12-14 03:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2008-12-20 04:20 - 2014-02-06 18:38 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2008-12-20 04:20 - 2014-02-06 18:38 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2012-03-09 10:58 - 2012-03-09 10:58 - 00462712 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-03-09 10:58 - 2012-03-09 10:58 - 00057208 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2014-12-03 20:55 - 2013-01-11 16:00 - 00114040 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_A\Background\ModemListener.exe
2017-05-15 16:13 - 2017-05-09 11:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll
2017-05-15 16:13 - 2017-05-09 11:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll
2016-04-05 13:12 - 2006-09-04 20:26 - 00014336 _____ () C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\Tracer.dll
2016-04-05 13:12 - 2015-10-07 09:06 - 00122880 _____ () C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OlyPalm.dll
2016-04-05 13:12 - 2011-08-09 15:22 - 00450560 _____ () C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OSLite.dll
2016-11-29 01:18 - 2016-11-29 01:17 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2014-02-06 16:25 - 2005-06-24 20:05 - 00045056 _____ () C:\Program Files (x86)\Lenovo\EnergyCut\HookLib.dll
2017-06-24 10:40 - 2017-06-24 10:40 - 00171344 _____ () C:\Program Files (x86)\AVG\Antivirus\JsonRpcServer.dll
2017-06-24 10:40 - 2017-06-24 10:40 - 00178120 _____ () C:\Program Files (x86)\AVG\Antivirus\event_routing_rpc.dll
2017-06-24 10:40 - 2017-06-24 10:40 - 00224352 _____ () C:\Program Files (x86)\AVG\Antivirus\tasks_core.dll
2017-06-24 10:43 - 2017-06-24 10:43 - 05775744 _____ () C:\Program Files (x86)\AVG\Antivirus\defs\17062201\algo.dll
2017-06-24 10:40 - 2017-06-24 10:40 - 00685784 _____ () C:\Program Files (x86)\AVG\Antivirus\ffl2.dll
2017-06-24 10:40 - 2017-06-24 10:40 - 00231760 _____ () C:\Program Files (x86)\AVG\Antivirus\streamback.dll
2017-06-24 10:47 - 2017-06-24 10:47 - 05776320 _____ () C:\Program Files (x86)\AVG\Antivirus\defs\17062304\algo.dll
2017-06-24 10:40 - 2017-06-24 10:40 - 00999024 _____ () C:\Program Files (x86)\AVG\Antivirus\AvChrome.dll
2017-06-24 10:40 - 2017-06-24 10:40 - 67717632 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2819346672-853151906-811778091-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lena Pra\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{81003C78-6166-4A16-A2A4-E128CF8FC4BF}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{59CC6AC2-585E-4263-BD80-87B3164EF914}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{D8DC3A98-3A99-47FC-97D4-C3909B00210D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{B281B689-EC1E-48B5-AE77-5F73BCEA871D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{57294BC2-DB15-46EF-808F-DE074CAE6A35}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{C81716E1-7087-451A-814A-44CA02527A1D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{7D590ABE-AF0D-45DA-8CB4-15C3FF2113F5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BDF12685-08F7-427D-A249-BE445B9F5E14}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C0D110BE-0B5B-4B67-8EAC-8165DABC5A71}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BB9D11E0-72B7-48E6-9D9C-7AF37CAC0C90}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{06CCCF0A-4624-48C3-ACA3-03F140367E58}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{42966517-9181-469B-8C39-7F953AA5F15B}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{5EADCB4B-E9BD-4246-AD9C-424FCFAE144B}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{8BCA98B9-38D6-45BE-9541-E2AF4C5D4A08}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{8FAE7E37-578E-4FE7-856C-BC67E1F29254}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{F8602917-51EA-42D3-9736-9105FB3C4382}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{317700AE-CFCE-411C-8AD2-F919453F2968}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4B57C261-5D2B-4813-8734-2867FA051D14}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{F0DBA4A4-675B-49FF-B95B-8178FC628399}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{DBFF6DD0-4D21-4D90-9CD9-BED6463B1468}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{C7022A12-7997-4036-AFB1-A61BD4147AB6}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{A0033236-BF0D-45FE-81E9-F15163FB6BF3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{27538035-916D-4020-AC35-302F4346BE71}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{98D7FEA6-F99A-4835-A00E-D2F079784356}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{7ACCF245-32A2-4C30-B9E5-ADC3F22A5FB6}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{D7FBA07C-5EA4-4BF7-B0F0-BD202DF24CA6}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{0D65F914-AB08-486E-97E4-B93DBD175713}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{3B42D843-113C-41F4-9FE2-7C2B30AF6E8C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{9C4E68B7-ECA0-44DF-BF49-12CD1BABC562}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{BF7F4E1D-5E48-44C9-B821-AA65B4CC9E15}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{F0DFC8DB-AC55-45D5-A477-011E482DB1E4}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{2DE2F3E8-3333-4470-86CF-36C0FAB4AD71}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{06AE2517-EC12-4DB7-ADF7-F285AA2D65B1}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{97C0DE42-DB78-4B12-B73F-D66615EA06CF}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{479C2D9E-2C05-4541-A810-069EDEC2BD2A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{3AD1527C-6C2C-4DC6-BF8B-340917445E58}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{04734553-3FB9-4C66-BFAF-99020B5ED481}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{D101E40B-A334-4962-A28A-D0A89828E67D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{BA54FD07-6B78-4B16-92BA-7225C24A399E}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{43072359-9DF4-4D84-B4B4-00B08D15C5F6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{452E8B8E-84FF-4F6C-B776-7595556EFF31}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C913CCAB-1F8C-4369-AA7D-426C7621C2DD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{97049270-09E8-40D6-8399-3228516449D7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{84CAEEA3-2EE6-4260-8F12-426C7C5FF229}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{85928E0E-BA86-4BDD-8D55-B793FBE73B97}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{3D6AC233-ED50-434E-8C9B-6E08E3ACD231}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{AEECD394-1766-4CB4-9B73-24DE53D641F4}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{7EE0B901-ADFF-4F67-B933-4CA195C836A3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{2A959D4E-E80A-4277-A883-780E363D9B60}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{2301B0D5-D8F8-4D2A-A501-1FDA57647166}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{8AACE800-6E77-4BD7-804E-20A52AA6B95C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{ED0630BD-F680-4D1B-8A09-D518D8826DFF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D4A2188A-244F-4B01-8CB1-927FC7B780BC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
==================== Restore Points =========================
20-06-2017 09:56:29 Geplanter Prüfpunkt
21-06-2017 09:30:49 Windows Update
24-06-2017 10:46:44 Removed AVG
==================== Faulty Device Manager Devices =============
Name: Bluetooth L2CAP Interface
Description: Bluetooth L2CAP Interface
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Broadcom Corp.
Service: btwl2cap
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
Name: Bluetooth Remote Control
Description: Bluetooth Remote Control
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Broadcom
Service: btwrchid
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/24/2017 11:08:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CompatTelRunner.exe, Version: 10.0.14979.1011, Zeitstempel: 0x841859ac
Name des fehlerhaften Moduls: devinv.dll, Version: 10.0.14979.1011, Zeitstempel: 0x3d209c82
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000166bd
ID des fehlerhaften Prozesses: 0x12b4
Startzeit der fehlerhaften Anwendung: 0x01d2ecc4c84acb52
Pfad der fehlerhaften Anwendung: C:\Windows\system32\CompatTelRunner.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\devinv.dll
Berichtskennung: bdc47777-58bc-11e7-a3f4-8056f2e86b78
Error: (06/24/2017 11:04:52 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SoftwareUpdate.exe, Version 2.2.0.150 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1b84
Startzeit: 01d2ecc52b19cd3b
Endzeit: 219
Anwendungspfad: C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Berichts-ID: 2471fef5-58bc-11e7-a3f4-8056f2e86b78
Error: (06/24/2017 10:55:32 AM) (Source: MsiInstaller) (EventID: 11922) (User: NT-AUTORITÄT)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG -- Error 1922. SA_Error1922: StandardAction(0xC0070782): Service 'AVG WatchDog' (avgwd) could not be deleted. Verify that you have sufficient privileges to remove system services.
Error: (06/24/2017 10:48:30 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service AVGIDSAgent since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (06/24/2017 10:48:30 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary AVGIDSDriver.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (06/24/2017 10:44:36 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\AVG\Antivirus\setup\iplugins\IStats.dll".
Die abhängige Assemblierung "Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/24/2017 10:44:20 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\AVG\Antivirus\setup\iplugins\IStats.dll".
Die abhängige Assemblierung "Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/22/2017 08:49:49 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (06/22/2017 08:40:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (06/21/2017 08:31:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
System errors:
=============
Error: (06/24/2017 10:56:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AVG WatchDog" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/24/2017 10:56:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "vToolbarUpdater40.3.8" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/24/2017 10:56:56 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "WtuSystemSupport" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/24/2017 10:49:24 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "avgbIDSAgent" wurde mit folgendem dienstspezifischem Fehler beendet: %%-536753635.
Error: (06/24/2017 10:44:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avgblog" wurde aufgrund folgenden Fehlers nicht gestartet:
Eine Datei kann nicht erstellt werden, wenn sie bereits vorhanden ist.
Error: (06/24/2017 10:44:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avgbidsdriver" wurde aufgrund folgenden Fehlers nicht gestartet:
Eine Datei kann nicht erstellt werden, wenn sie bereits vorhanden ist.
Error: (06/22/2017 08:39:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TeamViewer 9" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (06/22/2017 08:39:57 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst TeamViewer 9 erreicht.
Error: (06/22/2017 08:39:32 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
Zugriff verweigert
Error: (06/22/2017 08:39:13 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
Zugriff verweigert
==================== Memory info ===========================
Processor: Intel® Pentium® CPU 2020M @ 2.40GHz
Percentage of memory in use: 62%
Total physical RAM: 3975.36 MB
Available physical RAM: 1471.63 MB
Total Virtual: 7948.89 MB
Available Virtual: 5173.15 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:148.95 GB) (Free:57.32 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: D9FA2484)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=148.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=149 GB) - (Type=06)
==================== End of Addition.txt ============================
Zemana AntiMalware 2.74.2.76 (Installed)
-------------------------------------------------------
Scan Result : Completed
Scan Date : 2017.6.24
Operating System : Windows 7 64-bit
Processor : 2X Intel® Pentium® CPU 2020M @ 2.40GHz
BIOS Mode : Legacy
CUID : 124B9FFDB168ACC63C9488
Scan Type : System Scan
Duration : 30m 34s
Scanned Objects : 78302
Detected Objects : 0
Excluded Objects : 0
Read Level : SCSI
Auto Upload : Enabled
Detect All Extensions : Disabled
Scan Documents : Disabled
Domain Info : WORKGROUP,0,2
Detected Objects
-------------------------------------------------------
No threats detected