Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Very slow running Lenovo

Started by l.mart , Jun 21 2017 02:42 PM

  • Please log in to reply

#1
l.mart
Posted 21 June 2017 - 02:42 PM

l.mart

    Member

  • Member
  • PipPip
  • 31 posts

Hello,

 

I have a Lenovo with Windows 7 and for the past few weeks the computer has slowed down considerably. Just opening up Mozilla or any program takes ages. Malewarebytes does not seem to find anything wrong with the laptop. Any help would be very much apreciated. 

 

Thanks in advance,

 

Lucas


  • 0

Advertisements

#2
Valinorum
Posted 22 June 2017 - 01:28 AM

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
Post the required logs from this instruction.
  • 0

#3
l.mart
Posted 22 June 2017 - 02:30 AM

l.mart

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts

Good morning, 

thanks for the reply. I have a 64bit Windows 7 laptop. Here are the two logs requested:

 

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-06-2017 01
durchgeführt von Lena Pra (Administrator) auf LENAPRA-PC (22-06-2017 10:26:54)
Gestartet von C:\Users\Lena Pra\Desktop
Geladene Profile: Lena Pra (Verfügbare Profile: Lena Pra)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\T-Mobile\InternetManager_A\BackgroundService\ServiceManager.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Olympus Corporation) C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Panasonic Corporation) C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\EnergyCut\EnergyCut.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Program Files (x86)\T-Mobile\InternetManager_A\Background\ModemListener.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Java\jre6\bin\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Nicht auf der Ausnahmeliste) ====================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9770432 2014-02-06] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5940128 2014-02-06] (Lenovo(beijing) Limited)
HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [6340312 2013-12-10] (Realtek semiconductor)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-05-31] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\EnergyCut\utilty.exe [1581056 2007-04-27] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [EnergyCut] => C:\Program Files (x86)\Lenovo\EnergyCut\EnergyCut.exe [1167360 2007-03-09] (Lenovo (Beijing) Limited)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-22] (Intel Corporation)
HKLM-x32\...\Run: [T-Mobile ModemListener] => C:\Program Files (x86)\T-Mobile\InternetManager_A\Background\ModemListener.exe [114040 2013-01-11] ()
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-05-31] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [OV3_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\FirstStart.exe [40472 2016-03-03] (Olympus Corporation)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2184776 2017-06-14] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Java\jre6\bin\jusched.exe [148888 2016-08-25] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-05-31] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2819346672-853151906-811778091-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7946656 2017-04-22] (SUPERAntiSpyware)
HKU\S-1-5-21-2819346672-853151906-811778091-1000\...\Run: [AVG-Secure-Search-Update_0214c] => C:\Users\Lena Pra\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=54cb91b5815347d2b22edd1de3ce163e-18f29c75e639e91aaa54b599b4e3bd32b98d0511 /CMPID=0214c
HKU\S-1-5-21-2819346672-853151906-811778091-1000\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
HKU\S-1-5-21-2819346672-853151906-811778091-1000\...\Run: [OV3_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe [415768 2016-03-03] (Olympus Corporation)
HKU\S-1-5-21-2819346672-853151906-811778091-1000\...\MountPoints2: {576ed16f-7937-11e4-b017-8056f2e86b78} - F:\Autorun.exe
HKU\S-1-5-21-2819346672-853151906-811778091-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-02-07]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 9.6 PE.lnk [2016-10-05]
ShortcutTarget: PHOTOfunSTUDIO 9.6 PE.lnk -> C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation)
 
==================== Internet (Nicht auf der Ausnahmeliste) ====================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{43FFFB05-1ABD-4A2B-ADB4-6AE78826F132}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{898C0107-D2DD-4A28-80FD-BBBD89BFD830}: [DhcpNameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{AAF313E0-C192-45F8-9E15-08F78EBBF4A9}: [DhcpNameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{F6E5E89E-4568-471A-8DD3-EE3723EBAE45}: [DhcpNameServer] 10.74.210.210 10.74.210.211
 
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2819346672-853151906-811778091-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={6E8C4B26-BA6B-4B77-A50D-42ED952796C8}&mid=54cb91b5815347d2b22edd1de3ce163e-18f29c75e639e91aaa54b599b4e3bd32b98d0511&lang=de&ds=AVG&coid=avgtbavg&cmpid=0816avz&pr=fr&d=2016-08-04 12:06:10&v=4.3.2.18&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-06-20] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-06-20] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-06-20] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-06-20] (Microsoft Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.8.510\AVG Web TuneUp.dll [2017-06-14] (AVG)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-06-20] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-06-20] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2016-08-25] (Sun Microsystems, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
 
FireFox:
========
FF ProfilePath: C:\Users\Lena Pra\AppData\Roaming\Mozilla\Firefox\Profiles\lsnmh4hi.default [2017-06-21]
FF Extension: (AVG Web TuneUp) - C:\Users\Lena Pra\AppData\Roaming\Mozilla\Firefox\Profiles\lsnmh4hi.default\Extensions\[email protected] [2017-06-14]
FF Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Lena Pra\AppData\Roaming\Mozilla\Firefox\Profiles\lsnmh4hi.default\Extensions\[email protected] [2017-04-23]
FF Extension: (Adblock Plus) - C:\Users\Lena Pra\AppData\Roaming\Mozilla\Firefox\Profiles\lsnmh4hi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-05-29]
FF SearchPlugin: C:\Users\Lena Pra\AppData\Roaming\Mozilla\Firefox\Profiles\lsnmh4hi.default\searchplugins\avg-secure-search.xml [2017-06-22]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} [2017-01-16] [ist nicht signiert]
FF Extension: (Hotspot Shield Extension) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\[email protected] [2017-01-16] [ist nicht signiert]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2017-06-14]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-20] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-01-31] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-20] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-29] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-29] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default [2017-06-22]
CHR Extension: (Google Präsentationen) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-20]
CHR Extension: (Google Docs) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-20]
CHR Extension: (Google Drive) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-20]
CHR Extension: (YouTube) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-20]
CHR Extension: (Google-Suche) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-20]
CHR Extension: (Google Tabellen) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-20]
CHR Extension: (Google Docs Offline) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-05]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2017-06-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-05]
CHR Extension: (Google Mail) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-20]
CHR Extension: (Chrome Media Router) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-18]
 
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-04-22] (SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [1002552 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5334432 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428656 2017-05-31] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [729048 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-08-08] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4122816 2017-06-10] (Microsoft Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 Modem Device Helper; C:\Program Files (x86)\T-Mobile\InternetManager_A\BackgroundService\ServiceManager.exe [51576 2013-01-11] () [Datei ist nicht signiert]
R2 vToolbarUpdater40.3.8; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe [1354824 2017-06-14] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [981576 2017-06-14] ()
 
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
S3 AlcatelOTDCWwan; C:\Windows\System32\DRIVERS\AlcatelOTDCWwan.sys [159744 2013-01-11] (TCT International Mobile Ltd.)
S3 ALCATELUSB; C:\Windows\System32\Drivers\AlcatelUsb.sys [25088 2013-01-11] (Windows ® Codename Longhorn DDK provider)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313088 2017-02-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [253184 2017-04-11] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [299264 2016-07-27] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170712 2013-08-08] (Broadcom Corporation.)
S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [123776 2013-01-11] (TCT International Mobile Ltd.)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [127568 2013-03-04] (Qualcomm Atheros Co., Ltd.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2017-06-21] (Malwarebytes)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [9101016 2013-12-10] (Realtek Semiconductor Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-10-16] (Anchorfree Inc.)
 
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 
==================== Ein Monat: Erstellte Dateien und Ordner ========
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 
2017-06-22 10:26 - 2017-06-22 10:27 - 00021291 _____ C:\Users\Lena Pra\Desktop\FRST.txt
2017-06-22 10:26 - 2017-06-22 10:25 - 02439680 _____ (Farbar) C:\Users\Lena Pra\Desktop\FRST64.exe
2017-06-22 10:25 - 2017-06-22 10:25 - 02439680 _____ (Farbar) C:\Users\Lena Pra\Downloads\FRST64.exe
2017-06-20 11:41 - 2017-06-20 11:41 - 06030369 _____ C:\Users\Lena Pra\Downloads\HV_zerebrovaskulär_ICB_SS17_online.pdf
2017-06-20 11:34 - 2017-06-20 11:34 - 01453275 _____ C:\Users\Lena Pra\Downloads\2017 upload Poppert.pdf
2017-06-20 08:27 - 2017-06-20 08:27 - 02086013 _____ C:\Users\Lena Pra\Downloads\Hauptvorlesung Neurologie 14.06.2017.pdf
2017-06-14 10:37 - 2017-06-14 10:37 - 03701918 _____ C:\Users\Lena Pra\Downloads\Gesichtsschmerz_neuropath_Schmerz2017 (1).pdf
2017-06-14 10:36 - 2017-06-02 10:28 - 02317824 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-06-14 10:36 - 2017-06-02 10:28 - 02222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-06-14 10:36 - 2017-06-02 10:28 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-06-14 10:36 - 2017-06-02 10:28 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-06-14 10:36 - 2017-06-02 10:28 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-06-14 10:36 - 2017-06-02 10:28 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-06-14 10:36 - 2017-06-02 10:28 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-06-14 10:36 - 2017-06-02 10:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-06-14 10:36 - 2017-06-02 10:28 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-06-14 10:36 - 2017-06-02 10:11 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-06-14 10:36 - 2017-06-02 10:11 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-06-14 10:36 - 2017-06-02 10:10 - 00733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-06-14 10:36 - 2017-06-02 10:10 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-06-14 10:36 - 2017-06-02 10:09 - 01549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-06-14 10:36 - 2017-06-02 10:09 - 01400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-06-14 10:36 - 2017-06-02 10:09 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-06-14 10:36 - 2017-06-02 10:09 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-06-14 10:36 - 2017-06-02 10:09 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-06-14 10:36 - 2017-06-02 10:09 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-06-14 10:36 - 2017-06-02 10:09 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-06-14 10:36 - 2017-06-02 10:09 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-06-14 10:36 - 2017-06-02 09:58 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-06-14 10:36 - 2017-06-02 09:58 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-06-14 10:36 - 2017-06-02 09:57 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-06-14 10:36 - 2017-06-02 09:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-06-14 10:36 - 2017-05-21 06:28 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-06-14 10:36 - 2017-05-21 06:28 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-06-14 10:36 - 2017-05-21 06:24 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-06-14 10:36 - 2017-05-21 05:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-06-14 10:36 - 2017-05-21 05:48 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-06-14 10:36 - 2017-05-21 05:48 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-06-14 10:36 - 2017-05-21 05:48 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-06-14 10:36 - 2017-05-21 05:47 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-06-14 10:36 - 2017-05-21 05:46 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-06-14 10:36 - 2017-05-21 05:42 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-06-14 10:36 - 2017-05-16 20:19 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-06-14 10:36 - 2017-05-16 19:35 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-06-14 10:36 - 2017-05-14 22:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-06-14 10:36 - 2017-05-14 22:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-06-14 10:36 - 2017-05-14 22:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-06-14 10:36 - 2017-05-14 22:27 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-06-14 10:36 - 2017-05-14 22:27 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-06-14 10:36 - 2017-05-14 22:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-06-14 10:36 - 2017-05-14 22:26 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-06-14 10:36 - 2017-05-14 22:24 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-06-14 10:36 - 2017-05-14 22:19 - 25738752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-06-14 10:36 - 2017-05-14 22:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-06-14 10:36 - 2017-05-14 22:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-06-14 10:36 - 2017-05-14 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-06-14 10:36 - 2017-05-14 22:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-06-14 10:36 - 2017-05-14 22:10 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-06-14 10:36 - 2017-05-14 22:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-06-14 10:36 - 2017-05-14 22:10 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-06-14 10:36 - 2017-05-14 22:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-06-14 10:36 - 2017-05-14 21:57 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-06-14 10:36 - 2017-05-14 21:55 - 05975040 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-06-14 10:36 - 2017-05-14 21:48 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-06-14 10:36 - 2017-05-14 21:47 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-06-14 10:36 - 2017-05-14 21:46 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-06-14 10:36 - 2017-05-14 21:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-06-14 10:36 - 2017-05-14 21:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-06-14 10:36 - 2017-05-14 21:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-06-14 10:36 - 2017-05-14 21:37 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-06-14 10:36 - 2017-05-14 21:36 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-06-14 10:36 - 2017-05-14 21:23 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-06-14 10:36 - 2017-05-14 21:23 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-06-14 10:36 - 2017-05-14 21:22 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-06-14 10:36 - 2017-05-14 21:22 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-06-14 10:36 - 2017-05-14 21:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-06-14 10:36 - 2017-05-14 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-06-14 10:36 - 2017-05-14 21:20 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-06-14 10:36 - 2017-05-14 21:19 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-06-14 10:36 - 2017-05-14 21:18 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-06-14 10:36 - 2017-05-14 21:17 - 02132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-06-14 10:36 - 2017-05-14 21:16 - 02290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-06-14 10:36 - 2017-05-14 21:15 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-06-14 10:36 - 2017-05-14 21:14 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-06-14 10:36 - 2017-05-14 21:12 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-06-14 10:36 - 2017-05-14 21:11 - 20274688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-06-14 10:36 - 2017-05-14 21:11 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-06-14 10:36 - 2017-05-14 21:10 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-06-14 10:36 - 2017-05-14 21:10 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-06-14 10:36 - 2017-05-14 21:02 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-06-14 10:36 - 2017-05-14 20:57 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-06-14 10:36 - 2017-05-14 20:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-06-14 10:36 - 2017-05-14 20:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-06-14 10:36 - 2017-05-14 20:54 - 15252992 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-06-14 10:36 - 2017-05-14 20:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-06-14 10:36 - 2017-05-14 20:52 - 03240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-06-14 10:36 - 2017-05-14 20:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-06-14 10:36 - 2017-05-14 20:50 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-06-14 10:36 - 2017-05-14 20:49 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-06-14 10:36 - 2017-05-14 20:44 - 04549120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-06-14 10:36 - 2017-05-14 20:42 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-06-14 10:36 - 2017-05-14 20:40 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-06-14 10:36 - 2017-05-14 20:39 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-06-14 10:36 - 2017-05-14 20:38 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-06-14 10:36 - 2017-05-14 20:37 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-06-14 10:36 - 2017-05-14 20:30 - 13664768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-06-14 10:36 - 2017-05-14 20:27 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-06-14 10:36 - 2017-05-14 20:15 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-06-14 10:36 - 2017-05-14 20:11 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-06-14 10:36 - 2017-05-14 20:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-06-14 10:36 - 2017-05-12 20:27 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-06-14 10:36 - 2017-05-12 20:26 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-06-14 10:36 - 2017-05-12 20:26 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-06-14 10:36 - 2017-05-12 20:26 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-06-14 10:36 - 2017-05-12 20:24 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:07 - 04001000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-06-14 10:36 - 2017-05-12 20:07 - 03945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-06-14 10:36 - 2017-05-12 20:07 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-06-14 10:36 - 2017-05-12 20:04 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 19:55 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-06-14 10:36 - 2017-05-12 19:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-06-14 10:36 - 2017-05-12 19:54 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-06-14 10:36 - 2017-05-12 19:52 - 03222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-06-14 10:36 - 2017-05-12 19:51 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-06-14 10:36 - 2017-05-12 19:50 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-06-14 10:36 - 2017-05-12 19:46 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-06-14 10:36 - 2017-05-12 19:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-06-14 10:36 - 2017-05-12 19:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-06-14 10:36 - 2017-05-12 19:41 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-06-14 10:36 - 2017-05-12 19:41 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-06-14 10:36 - 2017-05-12 19:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-06-14 10:36 - 2017-05-12 19:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 19:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 19:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 19:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 18:25 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-06-14 10:36 - 2017-05-12 17:58 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-06-14 10:36 - 2017-05-12 17:58 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-06-14 10:36 - 2017-05-10 17:33 - 00091368 _____ (Microsoft Corporation) C:\Windows\system32\MigAutoPlay.exe
2017-06-14 10:36 - 2017-05-10 17:29 - 14183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-06-14 10:36 - 2017-05-10 17:29 - 03165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-06-14 10:36 - 2017-05-10 17:29 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-06-14 10:36 - 2017-05-10 17:29 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-06-14 10:36 - 2017-05-10 17:29 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-06-14 10:36 - 2017-05-10 17:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-06-14 10:36 - 2017-05-10 17:16 - 00091368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MigAutoPlay.exe
2017-06-14 10:36 - 2017-05-10 17:14 - 02651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-06-14 10:36 - 2017-05-10 17:13 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-06-14 10:36 - 2017-05-10 17:13 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-06-14 10:36 - 2017-05-10 17:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-06-14 10:36 - 2017-05-10 17:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-06-14 10:36 - 2017-05-10 17:13 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-06-14 10:36 - 2017-05-10 17:13 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-06-14 10:36 - 2017-05-10 17:12 - 12880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-06-14 10:36 - 2017-05-10 17:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-06-14 10:36 - 2017-05-10 17:12 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-06-14 10:36 - 2017-05-10 17:00 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-06-14 10:36 - 2017-05-10 17:00 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-06-14 10:36 - 2017-05-10 17:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-06-14 10:36 - 2017-05-10 17:00 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-06-14 10:36 - 2017-05-10 16:52 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-06-14 10:36 - 2017-05-09 17:30 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-06-14 10:36 - 2017-05-09 17:29 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-06-14 10:36 - 2017-05-09 17:11 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-06-14 10:36 - 2017-05-07 17:33 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2017-06-14 10:36 - 2017-05-07 17:29 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2017-06-14 10:36 - 2017-04-28 00:50 - 03550208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-06-14 10:36 - 2017-04-12 15:05 - 04296704 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-06-14 10:36 - 2017-03-30 17:03 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\rundll32.exe
2017-06-14 10:36 - 2017-03-30 16:58 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
2017-06-14 10:15 - 2017-06-14 10:15 - 00802148 _____ C:\Users\Lena Pra\Downloads\Einführung_SPSS.pdf
2017-06-14 10:11 - 2017-06-14 10:11 - 06135753 _____ C:\Users\Lena Pra\Downloads\SPSS_Folien_II.pdf
2017-06-13 10:59 - 2017-06-13 10:59 - 04531587 _____ C:\Users\Lena Pra\Downloads\201706SStum_neurohauptvorlhirntumoren.pdf
2017-06-13 10:57 - 2017-06-13 10:57 - 03701918 _____ C:\Users\Lena Pra\Downloads\Gesichtsschmerz_neuropath_Schmerz2017.pdf
2017-06-13 10:33 - 2017-06-13 10:33 - 03075180 _____ C:\Users\Lena Pra\Downloads\DD Gangstörungen 2017-1.pdf
2017-06-13 08:50 - 2017-06-13 08:50 - 03158146 _____ C:\Users\Lena Pra\Downloads\Hauptvorlesung_Kopfschmerz_Sei_05_2017.pdf
2017-06-13 08:42 - 2017-06-13 08:42 - 00000000 ____D C:\Users\Lena Pra\AppData\Local\Microsoft Help
2017-06-12 08:52 - 2017-06-12 08:52 - 10806417 _____ C:\Users\Lena Pra\Downloads\Spinale Syndrome + FallvorstellungSS17.pptx
2017-06-07 09:35 - 2017-06-07 09:35 - 00061453 _____ C:\Users\Lena Pra\Downloads\10991 (1).pdf
2017-06-07 09:34 - 2017-06-07 09:35 - 00061453 _____ C:\Users\Lena Pra\Downloads\10991.pdf
2017-06-05 13:25 - 2017-06-05 13:25 - 03309800 _____ C:\Users\Lena Pra\Downloads\Notfälle in der Gynäkologie_Juni 2017.pdf
2017-05-30 11:51 - 2017-05-30 11:51 - 11068370 _____ C:\Users\Lena Pra\Downloads\01_12_2016_jungwirth_beatmung.pdf
2017-05-29 18:33 - 2017-05-29 18:33 - 01945982 _____ C:\Users\Lena Pra\Downloads\24_11_2016_jungwirth_narkoseeinleitung.pdf
2017-05-29 18:32 - 2017-05-29 18:32 - 06221672 _____ C:\Users\Lena Pra\Downloads\17_11_2016_lewald_muskelrelaxantien.pdf
2017-05-29 18:32 - 2017-05-29 18:32 - 06221672 _____ C:\Users\Lena Pra\Downloads\17_11_2016_lewald_muskelrelaxantien (1).pdf
2017-05-25 11:59 - 2017-05-25 11:59 - 00407061 _____ C:\Users\Lena Pra\Downloads\Dok. 25.05.2017, 11-56.pdf
2017-05-23 09:24 - 2017-05-23 09:24 - 03008282 _____ C:\Users\Lena Pra\Downloads\Vorlesung Urogyn 18.05.17 Dr_B_Niemeyer.pdf
2017-05-23 09:24 - 2017-05-23 09:24 - 02898803 _____ C:\Users\Lena Pra\Downloads\Vorlesung Ovarialkarzinom_JD_2017.pdf
2017-05-23 09:18 - 2017-05-23 09:18 - 05305161 _____ C:\Users\Lena Pra\Downloads\Maligne Tumoren Zervix und Corpus 05-17 final (1).pdf
 
==================== Ein Monat: Geänderte Dateien und Ordner ========
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 
2017-06-22 10:26 - 2015-12-16 11:27 - 00000000 ____D C:\FRST
2017-06-22 08:53 - 2009-07-14 06:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-06-22 08:53 - 2009-07-14 06:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-06-22 08:43 - 2014-02-06 19:06 - 00000000 ____D C:\ProgramData\MFAData
2017-06-22 08:39 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-06-22 08:38 - 2017-01-16 12:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-22 08:38 - 2014-02-06 15:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-21 22:34 - 2016-12-09 21:35 - 00000000 ____D C:\Users\Lena Pra\Desktop\Kallender
2017-06-21 21:37 - 2015-12-14 23:56 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-06-21 20:51 - 2016-11-21 00:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-06-21 20:34 - 2017-01-31 12:25 - 00000000 ____D C:\Users\Lena Pra\AppData\LocalLow\Mozilla
2017-06-21 20:31 - 2016-11-21 00:45 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-06-21 20:29 - 2011-04-12 09:43 - 00699342 _____ C:\Windows\system32\perfh007.dat
2017-06-21 20:29 - 2011-04-12 09:43 - 00149450 _____ C:\Windows\system32\perfc007.dat
2017-06-21 20:29 - 2009-07-14 07:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2017-06-21 20:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-06-21 20:19 - 2009-07-14 06:45 - 00454296 _____ C:\Windows\system32\FNTCACHE.DAT
2017-06-21 20:18 - 2014-03-11 00:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-06-21 20:18 - 2014-03-11 00:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-06-21 20:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2017-06-21 20:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\migwiz
2017-06-21 09:46 - 2014-03-11 00:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-06-21 09:44 - 2014-02-06 13:53 - 00000000 ____D C:\Windows\system32\MRT
2017-06-21 09:35 - 2014-02-06 13:53 - 133627792 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-06-21 09:31 - 2016-09-22 18:38 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2017-06-20 08:12 - 2014-03-03 21:02 - 00004366 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-06-20 08:12 - 2014-03-03 21:01 - 00803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-06-20 08:12 - 2014-03-03 21:01 - 00144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-20 08:11 - 2014-03-03 21:01 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-06-20 08:11 - 2014-03-03 21:01 - 00000000 ____D C:\Windows\system32\Macromed
2017-06-14 10:08 - 2016-08-04 12:05 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2017-06-14 10:06 - 2016-08-04 12:05 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2017-06-05 16:48 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2017-05-31 10:00 - 2014-04-07 15:10 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-05-29 16:38 - 2015-12-08 19:52 - 00000000 ____D C:\ProgramData\Avg
2017-05-29 16:38 - 2014-02-06 19:07 - 00000000 ____D C:\Program Files (x86)\AVG
2017-05-25 12:00 - 2014-05-29 13:31 - 00000000 ____D C:\Users\Lena Pra\Documents\Studium
2017-05-25 10:38 - 2015-01-21 22:08 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
 
Einige Dateien in TEMP:
====================
2007-06-22 20:10 - 2007-06-22 20:10 - 0455600 ____R (Macrovision Corporation) C:\Users\Lena Pra\AppData\Local\Temp\_is4309.exe
 
==================== Bamital & volsnap ======================
 
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
 
LastRegBack: 2017-06-20 09:49
 
==================== Ende von FRST.txt ============================
 
 
 
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-06-2017 01
durchgeführt von Lena Pra (22-06-2017 10:28:19)
Gestartet von C:\Users\Lena Pra\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-02-06 10:10:14)
Start-Modus: Normal
==========================================================
 
 
==================== Konten: =============================
 
Administrator (S-1-5-21-2819346672-853151906-811778091-500 - Administrator - Disabled)
Gast (S-1-5-21-2819346672-853151906-811778091-501 - Limited - Disabled)
Lena Pra (S-1-5-21-2819346672-853151906-811778091-1000 - Administrator - Enabled) => C:\Users\Lena Pra
 
==================== Sicherheits-Center ========================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
 
==================== Installierte Programme ======================
 
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 
7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.20) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader Driver  (HKLM-x32\...\InstallShield_{C538010A-17CD-461C-B198-E6E3499E4154}) (Version: 20.3.45.53553 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver  (x32 Version: 20.3.45.53553 - Alcor Micro Corp.) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
AVG (Version: 16.151.8013 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4776 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.151.8013 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.8.510 - AVG Technologies)
Benutzerhandbuch anzeigen (HKLM-x32\...\View User Guide) (Version: 3.60.43.0 - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bullzip PDF Printer 10.4.0.2240 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.4.0.2240 - Bullzip)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.4 - Lenovo)
Energy Management (x32 Version: 6.0.2.4 - Lenovo) Hidden
EnergyCut (HKLM-x32\...\{6E127727-CE4B-40E4-9A7D-9D65CDE0A15C}) (Version: 1.00 - Lenovo)
FMW 1 (Version: 1.203.1 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation)
Internet Manager (HKLM-x32\...\Internet Manager_is1) (Version:  - TCT Mobile Limited)
iTunes (HKLM\...\{554C62C7-E6BB-40F1-892B-F0AE02D3C135}) (Version: 12.5.3.17 - Apple Inc.)
Java™ 6 Update 12 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216012FF}) (Version: 6.0.120 - Sun Microsystems, Inc.)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10253 - Realtek Semiconductor Corp.)
Lenovo_Wireless_Driver (HKLM-x32\...\{28ABE740-47F3-441B-9437-852F6A64EFF8}) (Version: 1.02.01 - Lenovo)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.8201.2102 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2819346672-853151906-811778091-1000\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 53.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 en-US)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8201.2102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8201.2102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8201.2102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.8201.2075 - Microsoft Corporation) Hidden
OLYMPUS Digital Camera Updater (HKLM-x32\...\{392427E9-9FA4-4CD2-99EB-FD53A12BDCDA}) (Version: 1.2.1 - Olympus Corporation)
OLYMPUS Viewer 3 (HKLM-x32\...\{0CE3A5C0-9544-4CE0-8AFD-8562CD9E5913}) (Version: 2.0.0 - Olympus Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PHOTOfunSTUDIO 9.6 PE (HKLM-x32\...\{7113ACE0-A2FA-463B-969A-E3FD7BF42573}) (Version: 9.06.724.1031 - Panasonic Corporation)
posterXXL Designer 5.3 (HKLM-x32\...\posterXXL Designer_is1) (Version:  - )
Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.15 - Qualcomm Atheros Communications Inc.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Samsung Drucker-Diagnose (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.0.15 - Samsung Electronics Co., Ltd.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.05.92 (14.03.2014) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.29.00(26.03.2014) - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.12 (15.04.2014) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.02.07.02 - Samsung Electronics Co., Ltd.) Hidden
SILKYPIX Developer Studio 4.2 SE (HKLM-x32\...\InstallShield_{8B9D37A0-F77B-41DD-932A-CE01DEC1ADAA}) (Version: 4 - Ichikawa Soft Laboratory)
SILKYPIX Developer Studio 4.2 SE (x32 Version: 4 - Ichikawa Soft Laboratory) Hidden
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25942 - TeamViewer)
UnJPEG 1.5 (HKLM-x32\...\UnJPEG_is1) (Version:  - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8050 - Broadcom Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (01/28/2011 6.1.0.1) (HKLM\...\EB9B45DC947C2D941CA61B992509A71D738AE888) (Version: 01/28/2011 6.1.0.1 - Lenovo)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. )
 
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
CustomCLSID: HKU\S-1-5-21-2819346672-853151906-811778091-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Lena Pra\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll ()
 
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
Task: {00632DEE-9918-4EBA-AB70-F9CF1F708082} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {03E18D6E-080B-47F7-ABB6-8C3A87313CF7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-06-20] (Microsoft Corporation)
Task: {17C29866-5086-4859-ACE3-A3E9ECA97639} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-17] (Google Inc.)
Task: {3E101FCA-6D5D-4516-996D-A1C09C3403D3} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-10] (Microsoft Corporation)
Task: {4EFF6C01-C93F-4657-A0AB-2D3011385176} - System32\Tasks\{A194828C-4D0E-45B0-A26E-9A09396D8C76} => pcalua.exe -a "C:\drivers\WLAN Driver (Broadcom, Qualcomm)\Setup.exe" -d "C:\drivers\WLAN Driver (Broadcom, Qualcomm)"
Task: {5019A9A0-521A-49D3-837C-2D9C4F78F338} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-20] ()
Task: {78688F85-9AA0-4E75-ACE9-5DD169AEFECC} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-20] ()
Task: {7F7F172C-4206-47B1-9C8F-EF9B0DCA20F9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-06-20] (Microsoft Corporation)
Task: {99DD95D1-C824-4C44-AD04-A559E1AA769E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-06-20] (Microsoft Corporation)
Task: {9DAA4F66-B2FC-4A4A-B9CB-54BA7654DEEE} - System32\Tasks\{C0BC9234-B6F1-4C4A-A999-5F3D15A1495E} => pcalua.exe -a "C:\Users\Lena Pra\Desktop\WLAN_Broadcom_6.30.223.181_W81x64\WLAN\IS.exe" -d "C:\Users\Lena Pra\Desktop\WLAN_Broadcom_6.30.223.181_W81x64\WLAN"
Task: {9F3AF780-0CDC-42BB-820B-5FF850E52F14} - System32\Tasks\{4E58F9EE-1311-4F1D-83BC-9812A26DBED6} => pcalua.exe -a "C:\drivers\WLAN and Bluetooth Driver (Broadcom, Qualcomm)\Setup.exe" -d "C:\drivers\WLAN and Bluetooth Driver (Broadcom, Qualcomm)"
Task: {A0FC34D8-8290-428A-A164-9F46E7CEB420} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-10] (Microsoft Corporation)
Task: {A18EEC6E-1F3B-40FA-9451-06D2F27EC860} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-17] (Google Inc.)
Task: {AAB5D635-0A91-42A9-8105-59F1DD47D0AF} - System32\Tasks\TunnelBear => C:\Program Files (x86)\TunnelBear\TBear.Client.exe
Task: {B2FECCB1-217F-47EB-BA68-F313B3F0D99B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {CBDCEC6C-56AA-415B-9119-C15B3EE97E2D} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {D0332663-B442-44C4-BD23-8CF78948125D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-20] (Adobe Systems Incorporated)
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 
 
==================== Verknüpfungen & WMI ========================
 
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
 
 
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 
2016-08-04 12:05 - 2017-06-14 10:05 - 00981576 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2015-01-23 19:36 - 2013-05-29 14:01 - 00034304 _____ () C:\Windows\System32\ssm4mlm.dll
2016-10-05 19:17 - 2016-10-05 19:17 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 19:17 - 2016-10-05 19:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-10 15:02 - 2013-10-10 15:02 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2014-12-03 20:55 - 2013-01-11 15:27 - 00051576 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_A\BackgroundService\ServiceManager.exe
2016-11-21 01:10 - 2016-11-21 01:10 - 00959168 _____ () C:\Users\Lena Pra\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2012-12-14 03:42 - 2012-12-14 03:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2008-12-20 04:20 - 2014-02-06 18:38 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2008-12-20 04:20 - 2014-02-06 18:38 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2012-03-09 10:58 - 2012-03-09 10:58 - 00462712 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-03-09 10:58 - 2012-03-09 10:58 - 00057208 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2014-12-03 20:55 - 2013-01-11 16:00 - 00114040 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_A\Background\ModemListener.exe
2016-08-04 12:05 - 2017-06-14 10:05 - 02184776 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2017-05-15 16:13 - 2017-05-09 11:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll
2017-05-15 16:13 - 2017-05-09 11:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll
2016-04-05 13:12 - 2006-09-04 20:26 - 00014336 _____ () C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\Tracer.dll
2016-04-05 13:12 - 2015-10-07 09:06 - 00122880 _____ () C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OlyPalm.dll
2016-04-05 13:12 - 2011-08-09 15:22 - 00450560 _____ () C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OSLite.dll
2016-11-29 01:18 - 2016-11-29 01:17 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2014-02-06 16:25 - 2005-06-24 20:05 - 00045056 _____ () C:\Program Files (x86)\Lenovo\EnergyCut\HookLib.dll
 
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 
 
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 
 
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
 
 
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 
 
==================== Hosts Inhalt: ===============================
 
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
 
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Andere Bereiche ============================
 
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 
HKU\S-1-5-21-2819346672-853151906-811778091-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lena Pra\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
 
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 
 
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
FirewallRules: [{81003C78-6166-4A16-A2A4-E128CF8FC4BF}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{59CC6AC2-585E-4263-BD80-87B3164EF914}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{D8DC3A98-3A99-47FC-97D4-C3909B00210D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{B281B689-EC1E-48B5-AE77-5F73BCEA871D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{57294BC2-DB15-46EF-808F-DE074CAE6A35}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{C81716E1-7087-451A-814A-44CA02527A1D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{7D590ABE-AF0D-45DA-8CB4-15C3FF2113F5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BDF12685-08F7-427D-A249-BE445B9F5E14}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C0D110BE-0B5B-4B67-8EAC-8165DABC5A71}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BB9D11E0-72B7-48E6-9D9C-7AF37CAC0C90}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{06CCCF0A-4624-48C3-ACA3-03F140367E58}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{42966517-9181-469B-8C39-7F953AA5F15B}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{5EADCB4B-E9BD-4246-AD9C-424FCFAE144B}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{8BCA98B9-38D6-45BE-9541-E2AF4C5D4A08}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{8FAE7E37-578E-4FE7-856C-BC67E1F29254}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{F8602917-51EA-42D3-9736-9105FB3C4382}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{317700AE-CFCE-411C-8AD2-F919453F2968}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4B57C261-5D2B-4813-8734-2867FA051D14}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{F0DBA4A4-675B-49FF-B95B-8178FC628399}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{DBFF6DD0-4D21-4D90-9CD9-BED6463B1468}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{C7022A12-7997-4036-AFB1-A61BD4147AB6}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{A0033236-BF0D-45FE-81E9-F15163FB6BF3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{27538035-916D-4020-AC35-302F4346BE71}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{98D7FEA6-F99A-4835-A00E-D2F079784356}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{7ACCF245-32A2-4C30-B9E5-ADC3F22A5FB6}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{D7FBA07C-5EA4-4BF7-B0F0-BD202DF24CA6}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{0D65F914-AB08-486E-97E4-B93DBD175713}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{3B42D843-113C-41F4-9FE2-7C2B30AF6E8C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{9C4E68B7-ECA0-44DF-BF49-12CD1BABC562}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{BF7F4E1D-5E48-44C9-B821-AA65B4CC9E15}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{F0DFC8DB-AC55-45D5-A477-011E482DB1E4}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{2DE2F3E8-3333-4470-86CF-36C0FAB4AD71}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{06AE2517-EC12-4DB7-ADF7-F285AA2D65B1}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{97C0DE42-DB78-4B12-B73F-D66615EA06CF}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{479C2D9E-2C05-4541-A810-069EDEC2BD2A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{3AD1527C-6C2C-4DC6-BF8B-340917445E58}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{04734553-3FB9-4C66-BFAF-99020B5ED481}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{D101E40B-A334-4962-A28A-D0A89828E67D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{BA54FD07-6B78-4B16-92BA-7225C24A399E}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{43072359-9DF4-4D84-B4B4-00B08D15C5F6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{452E8B8E-84FF-4F6C-B776-7595556EFF31}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C913CCAB-1F8C-4369-AA7D-426C7621C2DD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{97049270-09E8-40D6-8399-3228516449D7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{84CAEEA3-2EE6-4260-8F12-426C7C5FF229}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{25FF24D1-6490-4911-989C-CE5CAD3D6421}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{9421AF53-BB9D-4EF5-BE6A-61232A205C70}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{85928E0E-BA86-4BDD-8D55-B793FBE73B97}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{3D6AC233-ED50-434E-8C9B-6E08E3ACD231}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{AEECD394-1766-4CB4-9B73-24DE53D641F4}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{7EE0B901-ADFF-4F67-B933-4CA195C836A3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{2A959D4E-E80A-4277-A883-780E363D9B60}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{43E035C4-DFCB-4953-9FD3-9A30770FC922}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{A7DB65EA-5211-4CEA-A414-18EE7D34F20C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{2301B0D5-D8F8-4D2A-A501-1FDA57647166}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{8AACE800-6E77-4BD7-804E-20A52AA6B95C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{ED0630BD-F680-4D1B-8A09-D518D8826DFF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D4A2188A-244F-4B01-8CB1-927FC7B780BC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
 
==================== Wiederherstellungspunkte =========================
 
20-06-2017 09:56:29 Geplanter Prüfpunkt
21-06-2017 09:30:49 Windows Update
 
==================== Fehlerhafte Geräte im Gerätemanager =============
 
Name: Bluetooth L2CAP Interface
Description: Bluetooth L2CAP Interface
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Broadcom Corp.
Service: btwl2cap
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
 
Name: Bluetooth Remote Control
Description: Bluetooth Remote Control
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Broadcom
Service: btwrchid
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
 
 
==================== Fehlereinträge in der Ereignisanzeige: =========================
 
Applikationsfehler:
==================
Error: (06/22/2017 08:49:49 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error: (06/22/2017 08:40:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 
Error: (06/21/2017 08:31:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 
Error: (06/21/2017 08:20:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 
Error: (06/21/2017 05:22:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14602
 
Error: (06/21/2017 05:22:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14602
 
Error: (06/21/2017 05:22:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/21/2017 09:38:29 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error: (06/20/2017 10:24:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3011
 
Error: (06/20/2017 10:24:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3011
 
 
Systemfehler:
=============
Error: (06/22/2017 08:39:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TeamViewer 9" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
 
Error: (06/22/2017 08:39:57 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst TeamViewer 9 erreicht.
 
Error: (06/22/2017 08:39:32 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
Zugriff verweigert
 
Error: (06/22/2017 08:39:13 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
Zugriff verweigert
 
Error: (06/21/2017 10:54:41 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
Zugriff verweigert
 
Error: (06/21/2017 10:54:26 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Der Server "{078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 
Error: (06/21/2017 10:29:49 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
 
Error: (06/21/2017 10:29:38 PM) (Source: bcbtums) (EventID: 1026) (User: )
Description: Failed initializing BT device, failed RAM patch download.
 
Error: (06/21/2017 09:35:30 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst NlaSvc erreicht.
 
Error: (06/21/2017 08:25:40 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
 
 
==================== Speicherinformationen =========================== 
 
Prozessor: Intel® Pentium® CPU 2020M @ 2.40GHz
Prozentuale Nutzung des RAM: 60%
Installierter physikalischer RAM: 3975.36 MB
Verfügbarer physikalischer RAM: 1552.82 MB
Summe virtueller Speicher: 7948.89 MB
Verfügbarer virtueller Speicher: 5288.99 MB
 
==================== Laufwerke ================================
 
Drive c: () (Fixed) (Total:148.95 GB) (Free:58.23 GB) NTFS
 
==================== MBR & Partitionstabelle ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: D9FA2484)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=148.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=149 GB) - (Type=06)
 
==================== Ende von Addition.txt ============================

  • 0

#4
Valinorum
Posted 23 June 2017 - 02:01 AM

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
  • Step #1 Scan with Zemana Anti-malware
    Download and install Zemana anti-malware from here.
    • Double-click to run the software;
    • Click on the gear-icon on the top right portion to navigate to Settings.
      • Click on Scan > put a tick on Create System Restore
      • Clickk on Advanced > put a tick on Check for Suspicious Root Certificates
    • Click the home icon on top left and click on Scan
    • After scan finishes click on the report tab on the top right corner;
    • Choose the latest report by clicking on it and click on Open Report afterward.
    • Copy and Paste the contents of the report in your next reply.
 

After the above scan finises, rename FRST64.exe to EnglishFRST.exe and give me a fresh scan logs as well.
  • 0

#5
l.mart
Posted 24 June 2017 - 03:17 AM

l.mart

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts

Hello, thanks again for your help.

 

Here are the requested scans:

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-06-2017 01
Ran by Lena Pra (administrator) on LENAPRA-PC (24-06-2017 11:13:58)
Running from C:\Users\Lena Pra\Desktop
Loaded Profiles: Lena Pra (Available Profiles: Lena Pra)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\T-Mobile\InternetManager_A\BackgroundService\ServiceManager.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Olympus Corporation) C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Panasonic Corporation) C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\EnergyCut\EnergyCut.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Program Files (x86)\T-Mobile\InternetManager_A\Background\ModemListener.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Java\jre6\bin\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Microsoft Corporation) C:\Windows\System32\DeviceDisplayObjectProvider.exe
(Farbar) C:\Users\Lena Pra\Desktop\EnglishFRST64.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9770432 2014-02-06] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5940128 2014-02-06] (Lenovo(beijing) Limited)
HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [6340312 2013-12-10] (Realtek semiconductor)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-05-31] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15546512 2017-06-19] (Copyright 2017.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [263232 2017-06-24] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\EnergyCut\utilty.exe [1581056 2007-04-27] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [EnergyCut] => C:\Program Files (x86)\Lenovo\EnergyCut\EnergyCut.exe [1167360 2007-03-09] (Lenovo (Beijing) Limited)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-22] (Intel Corporation)
HKLM-x32\...\Run: [T-Mobile ModemListener] => C:\Program Files (x86)\T-Mobile\InternetManager_A\Background\ModemListener.exe [114040 2013-01-11] ()
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-05-31] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [OV3_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\FirstStart.exe [40472 2016-03-03] (Olympus Corporation)
HKLM-x32\...\Run: [vProt] => "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Java\jre6\bin\jusched.exe [148888 2016-08-25] (Sun Microsystems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2819346672-853151906-811778091-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7946656 2017-04-22] (SUPERAntiSpyware)
HKU\S-1-5-21-2819346672-853151906-811778091-1000\...\Run: [AVG-Secure-Search-Update_0214c] => C:\Users\Lena Pra\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=54cb91b5815347d2b22edd1de3ce163e-18f29c75e639e91aaa54b599b4e3bd32b98d0511 /CMPID=0214c
HKU\S-1-5-21-2819346672-853151906-811778091-1000\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
HKU\S-1-5-21-2819346672-853151906-811778091-1000\...\Run: [OV3_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe [415768 2016-03-03] (Olympus Corporation)
HKU\S-1-5-21-2819346672-853151906-811778091-1000\...\MountPoints2: {576ed16f-7937-11e4-b017-8056f2e86b78} - F:\Autorun.exe
HKU\S-1-5-21-2819346672-853151906-811778091-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-02-07]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 9.6 PE.lnk [2016-10-05]
ShortcutTarget: PHOTOfunSTUDIO 9.6 PE.lnk -> C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{43FFFB05-1ABD-4A2B-ADB4-6AE78826F132}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{898C0107-D2DD-4A28-80FD-BBBD89BFD830}: [DhcpNameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{AAF313E0-C192-45F8-9E15-08F78EBBF4A9}: [DhcpNameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{F6E5E89E-4568-471A-8DD3-EE3723EBAE45}: [DhcpNameServer] 10.74.210.210 10.74.210.211
 
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2819346672-853151906-811778091-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={6E8C4B26-BA6B-4B77-A50D-42ED952796C8}&mid=54cb91b5815347d2b22edd1de3ce163e-18f29c75e639e91aaa54b599b4e3bd32b98d0511&lang=de&ds=AVG&coid=avgtbavg&cmpid=0816avz&pr=fr&d=2016-08-04 12:06:10&v=4.3.2.18&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-06-20] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-06-20] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-06-20] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-06-20] (Microsoft Corporation)
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-06-20] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-06-20] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2016-08-25] (Sun Microsystems, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
 
FireFox:
========
FF ProfilePath: C:\Users\Lena Pra\AppData\Roaming\Mozilla\Firefox\Profiles\lsnmh4hi.default [2017-06-21]
FF Extension: (AVG Web TuneUp) - C:\Users\Lena Pra\AppData\Roaming\Mozilla\Firefox\Profiles\lsnmh4hi.default\Extensions\[email protected] [2017-06-14]
FF Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Lena Pra\AppData\Roaming\Mozilla\Firefox\Profiles\lsnmh4hi.default\Extensions\[email protected] [2017-04-23]
FF Extension: (Adblock Plus) - C:\Users\Lena Pra\AppData\Roaming\Mozilla\Firefox\Profiles\lsnmh4hi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-05-29]
FF SearchPlugin: C:\Users\Lena Pra\AppData\Roaming\Mozilla\Firefox\Profiles\lsnmh4hi.default\searchplugins\avg-secure-search.xml [2017-06-22]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} [2017-01-16] [not signed]
FF Extension: (Hotspot Shield Extension) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\[email protected] [2017-01-16] [not signed]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2017-06-14]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-20] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-01-31] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-20] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-29] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-29] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default [2017-06-24]
CHR Extension: (Google Präsentationen) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-20]
CHR Extension: (Google Docs) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-20]
CHR Extension: (Google Drive) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-20]
CHR Extension: (YouTube) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-20]
CHR Extension: (Google-Suche) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-20]
CHR Extension: (Google Tabellen) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-20]
CHR Extension: (Google Docs Offline) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-05]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2017-06-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-05]
CHR Extension: (Google Mail) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-20]
CHR Extension: (Chrome Media Router) - C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-18]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-04-22] (SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [264432 2017-06-24] (AVG Technologies CZ, s.r.o.)
S3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7396872 2017-06-24] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428656 2017-05-31] (AVG Technologies CZ, s.r.o.)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-08-08] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4122816 2017-06-10] (Microsoft Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 Modem Device Helper; C:\Program Files (x86)\T-Mobile\InternetManager_A\BackgroundService\ServiceManager.exe [51576 2013-01-11] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15546512 2017-06-19] (Copyright 2017.)
S2 vToolbarUpdater40.3.8; "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe" [X]
S2 WtuSystemSupport; "C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe" [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AlcatelOTDCWwan; C:\Windows\System32\DRIVERS\AlcatelOTDCWwan.sys [159744 2013-01-11] (TCT International Mobile Ltd.)
S3 ALCATELUSB; C:\Windows\System32\Drivers\AlcatelUsb.sys [25088 2013-01-11] (Windows ® Codename Longhorn DDK provider)
R1 avgbdisk; C:\Windows\system32\drivers\avgbdiska.sys [166624 2017-06-24] (AVG Technologies CZ, s.r.o.)
S1 avgbidsdriver; C:\Windows\system32\drivers\avgbidsdrivera.sys [314128 2017-06-24] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\system32\drivers\avgbidsha.sys [192584 2017-06-24] (AVG Technologies CZ, s.r.o.)
S0 avgblog; C:\Windows\system32\drivers\avgbloga.sys [336896 2017-06-24] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\system32\drivers\avgbuniva.sys [51336 2017-06-24] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\system32\drivers\avgHwid.sys [39424 2017-06-24] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\system32\drivers\avgMonFlt.sys [129776 2017-06-24] (AVG Technologies CZ, s.r.o.)
S1 avgRdr; C:\Windows\system32\drivers\avgRdr2.sys [102280 2017-06-24] (AVG Technologies CZ, s.r.o.)
S0 avgRvrt; C:\Windows\system32\drivers\avgRvrt.sys [76832 2017-06-24] (AVG Technologies CZ, s.r.o.)
S1 avgSnx; C:\Windows\system32\drivers\avgSnx.sys [1008288 2017-06-24] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\system32\drivers\avgSP.sys [570320 2017-06-24] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\system32\drivers\avgStm.sys [160008 2017-06-24] (AVG Technologies CZ, s.r.o.)
S0 avgVmm; C:\Windows\system32\drivers\avgVmm.sys [340824 2017-06-24] (AVG Technologies CZ, s.r.o.)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170712 2013-08-08] (Broadcom Corporation.)
S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [123776 2013-01-11] (TCT International Mobile Ltd.)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [127568 2013-03-04] (Qualcomm Atheros Co., Ltd.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2017-06-21] (Malwarebytes)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [9101016 2013-12-10] (Realtek Semiconductor Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-10-16] (Anchorfree Inc.)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-06-24] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-06-24] (Zemana Ltd.)
R4 Avguniva; system32\DRIVERS\avguniva.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-06-24 10:57 - 2017-06-24 10:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2017-06-24 10:43 - 2017-06-24 10:43 - 00160008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgstm.sys
2017-06-24 10:43 - 2017-06-24 10:43 - 00003920 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
2017-06-24 10:43 - 2017-06-24 10:41 - 00570320 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2017-06-24 10:43 - 2017-06-24 10:41 - 00340824 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2017-06-24 10:43 - 2017-06-24 10:41 - 00159496 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgstm.sys.149829382297701
2017-06-24 10:43 - 2017-06-24 10:41 - 00129776 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2017-06-24 10:43 - 2017-06-24 10:41 - 00102280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2017-06-24 10:43 - 2017-06-24 10:41 - 00076832 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2017-06-24 10:43 - 2017-06-24 10:41 - 00039424 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys
2017-06-24 10:43 - 2017-06-24 10:40 - 01008288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2017-06-24 10:43 - 2017-06-24 10:39 - 00336896 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbloga.sys
2017-06-24 10:43 - 2017-06-24 10:39 - 00314128 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdrivera.sys
2017-06-24 10:43 - 2017-06-24 10:39 - 00192584 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsha.sys
2017-06-24 10:43 - 2017-06-24 10:39 - 00166624 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbdiska.sys
2017-06-24 10:43 - 2017-06-24 10:39 - 00051336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniva.sys
2017-06-24 10:41 - 2017-06-24 10:41 - 00401584 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2017-06-24 10:39 - 2017-06-24 11:14 - 00416956 _____ C:\Windows\ZAM.krnl.trace
2017-06-24 10:39 - 2017-06-24 11:14 - 00052171 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-06-24 10:39 - 2017-06-24 10:39 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2017-06-24 10:39 - 2017-06-24 10:39 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2017-06-24 10:38 - 2017-06-24 10:39 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-06-24 10:38 - 2017-06-24 10:38 - 00001148 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2017-06-24 10:38 - 2017-06-24 10:38 - 00000000 ____D C:\Users\Lena Pra\AppData\Local\Zemana
2017-06-24 10:38 - 2017-06-24 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-06-24 10:37 - 2017-06-24 10:37 - 00001008 _____ C:\Users\Public\Desktop\AVG.lnk
2017-06-24 10:36 - 2017-06-24 10:36 - 06589840 _____ (Zemana Ltd. ) C:\Users\Lena Pra\Downloads\Zemana.AntiMalware.Setup.exe
2017-06-22 10:28 - 2017-06-22 10:28 - 00035735 _____ C:\Users\Lena Pra\Desktop\Addition.txt
2017-06-22 10:26 - 2017-06-24 11:14 - 00021290 _____ C:\Users\Lena Pra\Desktop\FRST.txt
2017-06-22 10:26 - 2017-06-22 10:25 - 02439680 _____ (Farbar) C:\Users\Lena Pra\Desktop\EnglishFRST64.exe
2017-06-22 10:25 - 2017-06-22 10:25 - 02439680 _____ (Farbar) C:\Users\Lena Pra\Downloads\FRST64.exe
2017-06-20 11:41 - 2017-06-20 11:41 - 06030369 _____ C:\Users\Lena Pra\Downloads\HV_zerebrovaskulär_ICB_SS17_online.pdf
2017-06-20 11:34 - 2017-06-20 11:34 - 01453275 _____ C:\Users\Lena Pra\Downloads\2017 upload Poppert.pdf
2017-06-20 08:27 - 2017-06-20 08:27 - 02086013 _____ C:\Users\Lena Pra\Downloads\Hauptvorlesung Neurologie 14.06.2017.pdf
2017-06-14 10:37 - 2017-06-14 10:37 - 03701918 _____ C:\Users\Lena Pra\Downloads\Gesichtsschmerz_neuropath_Schmerz2017 (1).pdf
2017-06-14 10:36 - 2017-06-02 10:28 - 02317824 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-06-14 10:36 - 2017-06-02 10:28 - 02222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-06-14 10:36 - 2017-06-02 10:28 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-06-14 10:36 - 2017-06-02 10:28 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-06-14 10:36 - 2017-06-02 10:28 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-06-14 10:36 - 2017-06-02 10:28 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-06-14 10:36 - 2017-06-02 10:28 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-06-14 10:36 - 2017-06-02 10:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-06-14 10:36 - 2017-06-02 10:28 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-06-14 10:36 - 2017-06-02 10:11 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-06-14 10:36 - 2017-06-02 10:11 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-06-14 10:36 - 2017-06-02 10:10 - 00733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-06-14 10:36 - 2017-06-02 10:10 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-06-14 10:36 - 2017-06-02 10:09 - 01549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-06-14 10:36 - 2017-06-02 10:09 - 01400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-06-14 10:36 - 2017-06-02 10:09 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-06-14 10:36 - 2017-06-02 10:09 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-06-14 10:36 - 2017-06-02 10:09 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-06-14 10:36 - 2017-06-02 10:09 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-06-14 10:36 - 2017-06-02 10:09 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-06-14 10:36 - 2017-06-02 10:09 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-06-14 10:36 - 2017-06-02 09:58 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-06-14 10:36 - 2017-06-02 09:58 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-06-14 10:36 - 2017-06-02 09:57 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-06-14 10:36 - 2017-06-02 09:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-06-14 10:36 - 2017-05-21 06:28 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-06-14 10:36 - 2017-05-21 06:28 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-06-14 10:36 - 2017-05-21 06:24 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-06-14 10:36 - 2017-05-21 06:24 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-06-14 10:36 - 2017-05-21 06:06 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-06-14 10:36 - 2017-05-21 05:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-06-14 10:36 - 2017-05-21 05:48 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-06-14 10:36 - 2017-05-21 05:48 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-06-14 10:36 - 2017-05-21 05:48 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-06-14 10:36 - 2017-05-21 05:47 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-06-14 10:36 - 2017-05-21 05:46 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-06-14 10:36 - 2017-05-21 05:42 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-06-14 10:36 - 2017-05-16 20:19 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-06-14 10:36 - 2017-05-16 19:35 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-06-14 10:36 - 2017-05-14 22:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-06-14 10:36 - 2017-05-14 22:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-06-14 10:36 - 2017-05-14 22:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-06-14 10:36 - 2017-05-14 22:27 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-06-14 10:36 - 2017-05-14 22:27 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-06-14 10:36 - 2017-05-14 22:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-06-14 10:36 - 2017-05-14 22:26 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-06-14 10:36 - 2017-05-14 22:24 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-06-14 10:36 - 2017-05-14 22:19 - 25738752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-06-14 10:36 - 2017-05-14 22:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-06-14 10:36 - 2017-05-14 22:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-06-14 10:36 - 2017-05-14 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-06-14 10:36 - 2017-05-14 22:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-06-14 10:36 - 2017-05-14 22:10 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-06-14 10:36 - 2017-05-14 22:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-06-14 10:36 - 2017-05-14 22:10 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-06-14 10:36 - 2017-05-14 22:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-06-14 10:36 - 2017-05-14 21:57 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-06-14 10:36 - 2017-05-14 21:55 - 05975040 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-06-14 10:36 - 2017-05-14 21:48 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-06-14 10:36 - 2017-05-14 21:47 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-06-14 10:36 - 2017-05-14 21:46 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-06-14 10:36 - 2017-05-14 21:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-06-14 10:36 - 2017-05-14 21:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-06-14 10:36 - 2017-05-14 21:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-06-14 10:36 - 2017-05-14 21:37 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-06-14 10:36 - 2017-05-14 21:36 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-06-14 10:36 - 2017-05-14 21:23 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-06-14 10:36 - 2017-05-14 21:23 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-06-14 10:36 - 2017-05-14 21:22 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-06-14 10:36 - 2017-05-14 21:22 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-06-14 10:36 - 2017-05-14 21:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-06-14 10:36 - 2017-05-14 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-06-14 10:36 - 2017-05-14 21:20 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-06-14 10:36 - 2017-05-14 21:19 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-06-14 10:36 - 2017-05-14 21:18 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-06-14 10:36 - 2017-05-14 21:17 - 02132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-06-14 10:36 - 2017-05-14 21:16 - 02290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-06-14 10:36 - 2017-05-14 21:15 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-06-14 10:36 - 2017-05-14 21:14 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-06-14 10:36 - 2017-05-14 21:12 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-06-14 10:36 - 2017-05-14 21:11 - 20274688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-06-14 10:36 - 2017-05-14 21:11 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-06-14 10:36 - 2017-05-14 21:10 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-06-14 10:36 - 2017-05-14 21:10 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-06-14 10:36 - 2017-05-14 21:02 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-06-14 10:36 - 2017-05-14 20:57 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-06-14 10:36 - 2017-05-14 20:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-06-14 10:36 - 2017-05-14 20:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-06-14 10:36 - 2017-05-14 20:54 - 15252992 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-06-14 10:36 - 2017-05-14 20:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-06-14 10:36 - 2017-05-14 20:52 - 03240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-06-14 10:36 - 2017-05-14 20:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-06-14 10:36 - 2017-05-14 20:50 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-06-14 10:36 - 2017-05-14 20:49 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-06-14 10:36 - 2017-05-14 20:44 - 04549120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-06-14 10:36 - 2017-05-14 20:42 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-06-14 10:36 - 2017-05-14 20:40 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-06-14 10:36 - 2017-05-14 20:39 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-06-14 10:36 - 2017-05-14 20:38 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-06-14 10:36 - 2017-05-14 20:37 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-06-14 10:36 - 2017-05-14 20:30 - 13664768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-06-14 10:36 - 2017-05-14 20:27 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-06-14 10:36 - 2017-05-14 20:15 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-06-14 10:36 - 2017-05-14 20:11 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-06-14 10:36 - 2017-05-14 20:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-06-14 10:36 - 2017-05-12 20:27 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-06-14 10:36 - 2017-05-12 20:26 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-06-14 10:36 - 2017-05-12 20:26 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-06-14 10:36 - 2017-05-12 20:26 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-06-14 10:36 - 2017-05-12 20:24 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:07 - 04001000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-06-14 10:36 - 2017-05-12 20:07 - 03945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-06-14 10:36 - 2017-05-12 20:07 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-06-14 10:36 - 2017-05-12 20:04 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 19:55 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-06-14 10:36 - 2017-05-12 19:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-06-14 10:36 - 2017-05-12 19:54 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-06-14 10:36 - 2017-05-12 19:52 - 03222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-06-14 10:36 - 2017-05-12 19:51 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-06-14 10:36 - 2017-05-12 19:50 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-06-14 10:36 - 2017-05-12 19:46 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-06-14 10:36 - 2017-05-12 19:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-06-14 10:36 - 2017-05-12 19:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-06-14 10:36 - 2017-05-12 19:41 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-06-14 10:36 - 2017-05-12 19:41 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-06-14 10:36 - 2017-05-12 19:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-06-14 10:36 - 2017-05-12 19:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 19:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 19:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 19:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-06-14 10:36 - 2017-05-12 18:25 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-06-14 10:36 - 2017-05-12 17:58 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-06-14 10:36 - 2017-05-12 17:58 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-06-14 10:36 - 2017-05-10 17:33 - 00091368 _____ (Microsoft Corporation) C:\Windows\system32\MigAutoPlay.exe
2017-06-14 10:36 - 2017-05-10 17:29 - 14183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-06-14 10:36 - 2017-05-10 17:29 - 03165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-06-14 10:36 - 2017-05-10 17:29 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-06-14 10:36 - 2017-05-10 17:29 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-06-14 10:36 - 2017-05-10 17:29 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-06-14 10:36 - 2017-05-10 17:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-06-14 10:36 - 2017-05-10 17:16 - 00091368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MigAutoPlay.exe
2017-06-14 10:36 - 2017-05-10 17:14 - 02651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-06-14 10:36 - 2017-05-10 17:13 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-06-14 10:36 - 2017-05-10 17:13 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-06-14 10:36 - 2017-05-10 17:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-06-14 10:36 - 2017-05-10 17:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-06-14 10:36 - 2017-05-10 17:13 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-06-14 10:36 - 2017-05-10 17:13 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-06-14 10:36 - 2017-05-10 17:12 - 12880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-06-14 10:36 - 2017-05-10 17:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-06-14 10:36 - 2017-05-10 17:12 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-06-14 10:36 - 2017-05-10 17:00 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-06-14 10:36 - 2017-05-10 17:00 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-06-14 10:36 - 2017-05-10 17:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-06-14 10:36 - 2017-05-10 17:00 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-06-14 10:36 - 2017-05-10 16:52 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-06-14 10:36 - 2017-05-09 17:30 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-06-14 10:36 - 2017-05-09 17:29 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-06-14 10:36 - 2017-05-09 17:11 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-06-14 10:36 - 2017-05-07 17:33 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2017-06-14 10:36 - 2017-05-07 17:29 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2017-06-14 10:36 - 2017-04-28 00:50 - 03550208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-06-14 10:36 - 2017-04-12 15:05 - 04296704 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-06-14 10:36 - 2017-03-30 17:03 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\rundll32.exe
2017-06-14 10:36 - 2017-03-30 16:58 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
2017-06-14 10:15 - 2017-06-14 10:15 - 00802148 _____ C:\Users\Lena Pra\Downloads\Einführung_SPSS.pdf
2017-06-14 10:11 - 2017-06-14 10:11 - 06135753 _____ C:\Users\Lena Pra\Downloads\SPSS_Folien_II.pdf
2017-06-13 10:59 - 2017-06-13 10:59 - 04531587 _____ C:\Users\Lena Pra\Downloads\201706SStum_neurohauptvorlhirntumoren.pdf
2017-06-13 10:57 - 2017-06-13 10:57 - 03701918 _____ C:\Users\Lena Pra\Downloads\Gesichtsschmerz_neuropath_Schmerz2017.pdf
2017-06-13 10:33 - 2017-06-13 10:33 - 03075180 _____ C:\Users\Lena Pra\Downloads\DD Gangstörungen 2017-1.pdf
2017-06-13 08:50 - 2017-06-13 08:50 - 03158146 _____ C:\Users\Lena Pra\Downloads\Hauptvorlesung_Kopfschmerz_Sei_05_2017.pdf
2017-06-13 08:42 - 2017-06-13 08:42 - 00000000 ____D C:\Users\Lena Pra\AppData\Local\Microsoft Help
2017-06-12 08:52 - 2017-06-12 08:52 - 10806417 _____ C:\Users\Lena Pra\Downloads\Spinale Syndrome + FallvorstellungSS17.pptx
2017-06-07 09:35 - 2017-06-07 09:35 - 00061453 _____ C:\Users\Lena Pra\Downloads\10991 (1).pdf
2017-06-07 09:34 - 2017-06-07 09:35 - 00061453 _____ C:\Users\Lena Pra\Downloads\10991.pdf
2017-06-05 13:25 - 2017-06-05 13:25 - 03309800 _____ C:\Users\Lena Pra\Downloads\Notfälle in der Gynäkologie_Juni 2017.pdf
2017-05-30 11:51 - 2017-05-30 11:51 - 11068370 _____ C:\Users\Lena Pra\Downloads\01_12_2016_jungwirth_beatmung.pdf
2017-05-29 18:33 - 2017-05-29 18:33 - 01945982 _____ C:\Users\Lena Pra\Downloads\24_11_2016_jungwirth_narkoseeinleitung.pdf
2017-05-29 18:32 - 2017-05-29 18:32 - 06221672 _____ C:\Users\Lena Pra\Downloads\17_11_2016_lewald_muskelrelaxantien.pdf
2017-05-29 18:32 - 2017-05-29 18:32 - 06221672 _____ C:\Users\Lena Pra\Downloads\17_11_2016_lewald_muskelrelaxantien (1).pdf
2017-05-25 11:59 - 2017-05-25 11:59 - 00407061 _____ C:\Users\Lena Pra\Downloads\Dok. 25.05.2017, 11-56.pdf
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-06-24 11:13 - 2015-12-16 11:27 - 00000000 ____D C:\FRST
2017-06-24 10:57 - 2016-08-04 12:05 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2017-06-24 10:57 - 2015-12-08 20:00 - 00000000 ____D C:\Users\Lena Pra\AppData\Roaming\AVG
2017-06-24 10:57 - 2015-12-08 19:52 - 00000000 ____D C:\ProgramData\Avg
2017-06-24 10:57 - 2015-06-30 11:15 - 00000000 ____D C:\Program Files\Common Files\AV
2017-06-24 10:52 - 2009-07-14 06:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-06-24 10:52 - 2009-07-14 06:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-06-24 10:40 - 2014-02-06 12:10 - 00000000 ____D C:\Users\Lena Pra
2017-06-24 10:38 - 2014-02-06 19:07 - 00000000 ____D C:\Program Files (x86)\AVG
2017-06-24 10:35 - 2016-09-22 18:38 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2017-06-22 08:39 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-06-22 08:38 - 2017-01-16 12:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-22 08:38 - 2014-02-06 15:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-21 22:34 - 2016-12-09 21:35 - 00000000 ____D C:\Users\Lena Pra\Desktop\Kallender
2017-06-21 21:37 - 2015-12-14 23:56 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-06-21 20:51 - 2016-11-21 00:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-06-21 20:34 - 2017-01-31 12:25 - 00000000 ____D C:\Users\Lena Pra\AppData\LocalLow\Mozilla
2017-06-21 20:31 - 2016-11-21 00:45 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-06-21 20:29 - 2011-04-12 09:43 - 00699342 _____ C:\Windows\system32\perfh007.dat
2017-06-21 20:29 - 2011-04-12 09:43 - 00149450 _____ C:\Windows\system32\perfc007.dat
2017-06-21 20:29 - 2009-07-14 07:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2017-06-21 20:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-06-21 20:19 - 2009-07-14 06:45 - 00454296 _____ C:\Windows\system32\FNTCACHE.DAT
2017-06-21 20:18 - 2014-03-11 00:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-06-21 20:18 - 2014-03-11 00:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-06-21 20:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2017-06-21 20:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\migwiz
2017-06-21 09:46 - 2014-03-11 00:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-06-21 09:44 - 2014-02-06 13:53 - 00000000 ____D C:\Windows\system32\MRT
2017-06-21 09:35 - 2014-02-06 13:53 - 133627792 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-06-20 08:12 - 2014-03-03 21:02 - 00004366 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-06-20 08:12 - 2014-03-03 21:01 - 00803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-06-20 08:12 - 2014-03-03 21:01 - 00144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-20 08:11 - 2014-03-03 21:01 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-06-20 08:11 - 2014-03-03 21:01 - 00000000 ____D C:\Windows\system32\Macromed
2017-06-14 10:08 - 2016-08-04 12:05 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2017-06-05 16:48 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2017-05-31 10:00 - 2014-04-07 15:10 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-05-25 12:00 - 2014-05-29 13:31 - 00000000 ____D C:\Users\Lena Pra\Documents\Studium
2017-05-25 10:38 - 2015-01-21 22:08 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
 
Some files in TEMP:
====================
2007-06-22 20:10 - 2007-06-22 20:10 - 0455600 ____R (Macrovision Corporation) C:\Users\Lena Pra\AppData\Local\Temp\_is4309.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-06-20 09:49
 
==================== End of FRST.txt ============================
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-06-2017 01
Ran by Lena Pra (24-06-2017 11:15:39)
Running from C:\Users\Lena Pra\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-02-06 10:10:14)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2819346672-853151906-811778091-500 - Administrator - Disabled)
Gast (S-1-5-21-2819346672-853151906-811778091-501 - Limited - Disabled)
Lena Pra (S-1-5-21-2819346672-853151906-811778091-1000 - Administrator - Enabled) => C:\Users\Lena Pra
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.20) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader Driver  (HKLM-x32\...\InstallShield_{C538010A-17CD-461C-B198-E6E3499E4154}) (Version: 20.3.45.53553 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver  (x32 Version: 20.3.45.53553 - Alcor Micro Corp.) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
AVG (Version: 1.191.1 - AVG Technologies) Hidden
AVG Protection (HKLM-x32\...\AVG Antivirus) (Version: 17.4.3014 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.8.510 - AVG Technologies)
Benutzerhandbuch anzeigen (HKLM-x32\...\View User Guide) (Version: 3.60.43.0 - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bullzip PDF Printer 10.4.0.2240 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.4.0.2240 - Bullzip)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.4 - Lenovo)
Energy Management (x32 Version: 6.0.2.4 - Lenovo) Hidden
EnergyCut (HKLM-x32\...\{6E127727-CE4B-40E4-9A7D-9D65CDE0A15C}) (Version: 1.00 - Lenovo)
FMW 1 (Version: 1.203.1 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation)
Internet Manager (HKLM-x32\...\Internet Manager_is1) (Version:  - TCT Mobile Limited)
iTunes (HKLM\...\{554C62C7-E6BB-40F1-892B-F0AE02D3C135}) (Version: 12.5.3.17 - Apple Inc.)
Java™ 6 Update 12 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216012FF}) (Version: 6.0.120 - Sun Microsystems, Inc.)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10253 - Realtek Semiconductor Corp.)
Lenovo_Wireless_Driver (HKLM-x32\...\{28ABE740-47F3-441B-9437-852F6A64EFF8}) (Version: 1.02.01 - Lenovo)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.8201.2102 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2819346672-853151906-811778091-1000\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 53.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 en-US)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8201.2102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8201.2102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8201.2102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.8201.2075 - Microsoft Corporation) Hidden
OLYMPUS Digital Camera Updater (HKLM-x32\...\{392427E9-9FA4-4CD2-99EB-FD53A12BDCDA}) (Version: 1.2.1 - Olympus Corporation)
OLYMPUS Viewer 3 (HKLM-x32\...\{0CE3A5C0-9544-4CE0-8AFD-8562CD9E5913}) (Version: 2.0.0 - Olympus Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PHOTOfunSTUDIO 9.6 PE (HKLM-x32\...\{7113ACE0-A2FA-463B-969A-E3FD7BF42573}) (Version: 9.06.724.1031 - Panasonic Corporation)
posterXXL Designer 5.3 (HKLM-x32\...\posterXXL Designer_is1) (Version:  - )
Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.15 - Qualcomm Atheros Communications Inc.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Samsung Drucker-Diagnose (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.0.15 - Samsung Electronics Co., Ltd.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.05.92 (14.03.2014) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.29.00(26.03.2014) - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.12 (15.04.2014) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.02.07.02 - Samsung Electronics Co., Ltd.) Hidden
SILKYPIX Developer Studio 4.2 SE (HKLM-x32\...\InstallShield_{8B9D37A0-F77B-41DD-932A-CE01DEC1ADAA}) (Version: 4 - Ichikawa Soft Laboratory)
SILKYPIX Developer Studio 4.2 SE (x32 Version: 4 - Ichikawa Soft Laboratory) Hidden
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25942 - TeamViewer)
UnJPEG 1.5 (HKLM-x32\...\UnJPEG_is1) (Version:  - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8050 - Broadcom Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (01/28/2011 6.1.0.1) (HKLM\...\EB9B45DC947C2D941CA61B992509A71D738AE888) (Version: 01/28/2011 6.1.0.1 - Lenovo)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. )
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.76 - Zemana Ltd.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2819346672-853151906-811778091-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Lena Pra\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll ()
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {00632DEE-9918-4EBA-AB70-F9CF1F708082} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {03E18D6E-080B-47F7-ABB6-8C3A87313CF7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-06-20] (Microsoft Corporation)
Task: {17C29866-5086-4859-ACE3-A3E9ECA97639} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-17] (Google Inc.)
Task: {3E101FCA-6D5D-4516-996D-A1C09C3403D3} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-10] (Microsoft Corporation)
Task: {4EFF6C01-C93F-4657-A0AB-2D3011385176} - System32\Tasks\{A194828C-4D0E-45B0-A26E-9A09396D8C76} => pcalua.exe -a "C:\drivers\WLAN Driver (Broadcom, Qualcomm)\Setup.exe" -d "C:\drivers\WLAN Driver (Broadcom, Qualcomm)"
Task: {5019A9A0-521A-49D3-837C-2D9C4F78F338} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-20] ()
Task: {57DEA8AA-7666-45C2-B11E-3338D3069230} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2017-06-24] (AVG Technologies CZ, s.r.o.)
Task: {78688F85-9AA0-4E75-ACE9-5DD169AEFECC} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-20] ()
Task: {7F7F172C-4206-47B1-9C8F-EF9B0DCA20F9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-06-20] (Microsoft Corporation)
Task: {99DD95D1-C824-4C44-AD04-A559E1AA769E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-06-20] (Microsoft Corporation)
Task: {9DAA4F66-B2FC-4A4A-B9CB-54BA7654DEEE} - System32\Tasks\{C0BC9234-B6F1-4C4A-A999-5F3D15A1495E} => pcalua.exe -a "C:\Users\Lena Pra\Desktop\WLAN_Broadcom_6.30.223.181_W81x64\WLAN\IS.exe" -d "C:\Users\Lena Pra\Desktop\WLAN_Broadcom_6.30.223.181_W81x64\WLAN"
Task: {9F3AF780-0CDC-42BB-820B-5FF850E52F14} - System32\Tasks\{4E58F9EE-1311-4F1D-83BC-9812A26DBED6} => pcalua.exe -a "C:\drivers\WLAN and Bluetooth Driver (Broadcom, Qualcomm)\Setup.exe" -d "C:\drivers\WLAN and Bluetooth Driver (Broadcom, Qualcomm)"
Task: {A0FC34D8-8290-428A-A164-9F46E7CEB420} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-10] (Microsoft Corporation)
Task: {A18EEC6E-1F3B-40FA-9451-06D2F27EC860} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-17] (Google Inc.)
Task: {AAB5D635-0A91-42A9-8105-59F1DD47D0AF} - System32\Tasks\TunnelBear => C:\Program Files (x86)\TunnelBear\TBear.Client.exe
Task: {B2FECCB1-217F-47EB-BA68-F313B3F0D99B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {CBDCEC6C-56AA-415B-9119-C15B3EE97E2D} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {D0332663-B442-44C4-BD23-8CF78948125D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-20] (Adobe Systems Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-01-23 19:36 - 2013-05-29 14:01 - 00034304 _____ () C:\Windows\System32\ssm4mlm.dll
2016-10-05 19:17 - 2016-10-05 19:17 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 19:17 - 2016-10-05 19:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-10 15:02 - 2013-10-10 15:02 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2014-12-03 20:55 - 2013-01-11 15:27 - 00051576 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_A\BackgroundService\ServiceManager.exe
2016-11-21 01:10 - 2016-11-21 01:10 - 00959168 _____ () C:\Users\Lena Pra\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2017-06-24 10:39 - 2017-06-24 10:39 - 00155504 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2012-12-14 03:42 - 2012-12-14 03:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2008-12-20 04:20 - 2014-02-06 18:38 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2008-12-20 04:20 - 2014-02-06 18:38 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2012-03-09 10:58 - 2012-03-09 10:58 - 00462712 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-03-09 10:58 - 2012-03-09 10:58 - 00057208 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2014-12-03 20:55 - 2013-01-11 16:00 - 00114040 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_A\Background\ModemListener.exe
2017-05-15 16:13 - 2017-05-09 11:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll
2017-05-15 16:13 - 2017-05-09 11:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll
2016-04-05 13:12 - 2006-09-04 20:26 - 00014336 _____ () C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\Tracer.dll
2016-04-05 13:12 - 2015-10-07 09:06 - 00122880 _____ () C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OlyPalm.dll
2016-04-05 13:12 - 2011-08-09 15:22 - 00450560 _____ () C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OSLite.dll
2016-11-29 01:18 - 2016-11-29 01:17 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2014-02-06 16:25 - 2005-06-24 20:05 - 00045056 _____ () C:\Program Files (x86)\Lenovo\EnergyCut\HookLib.dll
2017-06-24 10:40 - 2017-06-24 10:40 - 00171344 _____ () C:\Program Files (x86)\AVG\Antivirus\JsonRpcServer.dll
2017-06-24 10:40 - 2017-06-24 10:40 - 00178120 _____ () C:\Program Files (x86)\AVG\Antivirus\event_routing_rpc.dll
2017-06-24 10:40 - 2017-06-24 10:40 - 00224352 _____ () C:\Program Files (x86)\AVG\Antivirus\tasks_core.dll
2017-06-24 10:43 - 2017-06-24 10:43 - 05775744 _____ () C:\Program Files (x86)\AVG\Antivirus\defs\17062201\algo.dll
2017-06-24 10:40 - 2017-06-24 10:40 - 00685784 _____ () C:\Program Files (x86)\AVG\Antivirus\ffl2.dll
2017-06-24 10:40 - 2017-06-24 10:40 - 00231760 _____ () C:\Program Files (x86)\AVG\Antivirus\streamback.dll
2017-06-24 10:47 - 2017-06-24 10:47 - 05776320 _____ () C:\Program Files (x86)\AVG\Antivirus\defs\17062304\algo.dll
2017-06-24 10:40 - 2017-06-24 10:40 - 00999024 _____ () C:\Program Files (x86)\AVG\Antivirus\AvChrome.dll
2017-06-24 10:40 - 2017-06-24 10:40 - 67717632 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2819346672-853151906-811778091-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lena Pra\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{81003C78-6166-4A16-A2A4-E128CF8FC4BF}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{59CC6AC2-585E-4263-BD80-87B3164EF914}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{D8DC3A98-3A99-47FC-97D4-C3909B00210D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{B281B689-EC1E-48B5-AE77-5F73BCEA871D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{57294BC2-DB15-46EF-808F-DE074CAE6A35}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{C81716E1-7087-451A-814A-44CA02527A1D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{7D590ABE-AF0D-45DA-8CB4-15C3FF2113F5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BDF12685-08F7-427D-A249-BE445B9F5E14}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C0D110BE-0B5B-4B67-8EAC-8165DABC5A71}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BB9D11E0-72B7-48E6-9D9C-7AF37CAC0C90}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{06CCCF0A-4624-48C3-ACA3-03F140367E58}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{42966517-9181-469B-8C39-7F953AA5F15B}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{5EADCB4B-E9BD-4246-AD9C-424FCFAE144B}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{8BCA98B9-38D6-45BE-9541-E2AF4C5D4A08}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{8FAE7E37-578E-4FE7-856C-BC67E1F29254}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{F8602917-51EA-42D3-9736-9105FB3C4382}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{317700AE-CFCE-411C-8AD2-F919453F2968}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4B57C261-5D2B-4813-8734-2867FA051D14}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{F0DBA4A4-675B-49FF-B95B-8178FC628399}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{DBFF6DD0-4D21-4D90-9CD9-BED6463B1468}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{C7022A12-7997-4036-AFB1-A61BD4147AB6}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{A0033236-BF0D-45FE-81E9-F15163FB6BF3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{27538035-916D-4020-AC35-302F4346BE71}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{98D7FEA6-F99A-4835-A00E-D2F079784356}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{7ACCF245-32A2-4C30-B9E5-ADC3F22A5FB6}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{D7FBA07C-5EA4-4BF7-B0F0-BD202DF24CA6}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{0D65F914-AB08-486E-97E4-B93DBD175713}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{3B42D843-113C-41F4-9FE2-7C2B30AF6E8C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{9C4E68B7-ECA0-44DF-BF49-12CD1BABC562}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{BF7F4E1D-5E48-44C9-B821-AA65B4CC9E15}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{F0DFC8DB-AC55-45D5-A477-011E482DB1E4}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{2DE2F3E8-3333-4470-86CF-36C0FAB4AD71}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{06AE2517-EC12-4DB7-ADF7-F285AA2D65B1}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{97C0DE42-DB78-4B12-B73F-D66615EA06CF}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{479C2D9E-2C05-4541-A810-069EDEC2BD2A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{3AD1527C-6C2C-4DC6-BF8B-340917445E58}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{04734553-3FB9-4C66-BFAF-99020B5ED481}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{D101E40B-A334-4962-A28A-D0A89828E67D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{BA54FD07-6B78-4B16-92BA-7225C24A399E}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{43072359-9DF4-4D84-B4B4-00B08D15C5F6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{452E8B8E-84FF-4F6C-B776-7595556EFF31}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C913CCAB-1F8C-4369-AA7D-426C7621C2DD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{97049270-09E8-40D6-8399-3228516449D7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{84CAEEA3-2EE6-4260-8F12-426C7C5FF229}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{85928E0E-BA86-4BDD-8D55-B793FBE73B97}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{3D6AC233-ED50-434E-8C9B-6E08E3ACD231}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{AEECD394-1766-4CB4-9B73-24DE53D641F4}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{7EE0B901-ADFF-4F67-B933-4CA195C836A3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{2A959D4E-E80A-4277-A883-780E363D9B60}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{2301B0D5-D8F8-4D2A-A501-1FDA57647166}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{8AACE800-6E77-4BD7-804E-20A52AA6B95C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{ED0630BD-F680-4D1B-8A09-D518D8826DFF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D4A2188A-244F-4B01-8CB1-927FC7B780BC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
 
==================== Restore Points =========================
 
20-06-2017 09:56:29 Geplanter Prüfpunkt
21-06-2017 09:30:49 Windows Update
24-06-2017 10:46:44 Removed AVG
 
==================== Faulty Device Manager Devices =============
 
Name: Bluetooth L2CAP Interface
Description: Bluetooth L2CAP Interface
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Broadcom Corp.
Service: btwl2cap
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
 
Name: Bluetooth Remote Control
Description: Bluetooth Remote Control
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Broadcom
Service: btwrchid
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/24/2017 11:08:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CompatTelRunner.exe, Version: 10.0.14979.1011, Zeitstempel: 0x841859ac
Name des fehlerhaften Moduls: devinv.dll, Version: 10.0.14979.1011, Zeitstempel: 0x3d209c82
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000166bd
ID des fehlerhaften Prozesses: 0x12b4
Startzeit der fehlerhaften Anwendung: 0x01d2ecc4c84acb52
Pfad der fehlerhaften Anwendung: C:\Windows\system32\CompatTelRunner.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\devinv.dll
Berichtskennung: bdc47777-58bc-11e7-a3f4-8056f2e86b78
 
Error: (06/24/2017 11:04:52 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SoftwareUpdate.exe, Version 2.2.0.150 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 
Prozess-ID: 1b84
 
Startzeit: 01d2ecc52b19cd3b
 
Endzeit: 219
 
Anwendungspfad: C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
 
Berichts-ID: 2471fef5-58bc-11e7-a3f4-8056f2e86b78
 
Error: (06/24/2017 10:55:32 AM) (Source: MsiInstaller) (EventID: 11922) (User: NT-AUTORITÄT)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG -- Error 1922. SA_Error1922: StandardAction(0xC0070782): Service 'AVG WatchDog' (avgwd) could not be deleted. Verify that you have sufficient privileges to remove system services.
 
Error: (06/24/2017 10:48:30 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
 
Details:
AddWin32ServiceFiles: Unable to back up image of service AVGIDSAgent since QueryServiceConfig API failed
 
System Error:
Das System kann die angegebene Datei nicht finden.
.
 
Error: (06/24/2017 10:48:30 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary AVGIDSDriver.
 
System Error:
Das System kann die angegebene Datei nicht finden.
.
 
Error: (06/24/2017 10:44:36 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\AVG\Antivirus\setup\iplugins\IStats.dll".
Die abhängige Assemblierung "Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
 
Error: (06/24/2017 10:44:20 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\AVG\Antivirus\setup\iplugins\IStats.dll".
Die abhängige Assemblierung "Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
 
Error: (06/22/2017 08:49:49 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error: (06/22/2017 08:40:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 
Error: (06/21/2017 08:31:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 
 
System errors:
=============
Error: (06/24/2017 10:56:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AVG WatchDog" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 
Error: (06/24/2017 10:56:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "vToolbarUpdater40.3.8" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 
Error: (06/24/2017 10:56:56 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "WtuSystemSupport" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 
Error: (06/24/2017 10:49:24 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "avgbIDSAgent" wurde mit folgendem dienstspezifischem Fehler beendet: %%-536753635.
 
Error: (06/24/2017 10:44:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avgblog" wurde aufgrund folgenden Fehlers nicht gestartet: 
Eine Datei kann nicht erstellt werden, wenn sie bereits vorhanden ist.
 
Error: (06/24/2017 10:44:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avgbidsdriver" wurde aufgrund folgenden Fehlers nicht gestartet: 
Eine Datei kann nicht erstellt werden, wenn sie bereits vorhanden ist.
 
Error: (06/22/2017 08:39:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TeamViewer 9" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
 
Error: (06/22/2017 08:39:57 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst TeamViewer 9 erreicht.
 
Error: (06/22/2017 08:39:32 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
Zugriff verweigert
 
Error: (06/22/2017 08:39:13 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
Zugriff verweigert
 
 
==================== Memory info =========================== 
 
Processor: Intel® Pentium® CPU 2020M @ 2.40GHz
Percentage of memory in use: 62%
Total physical RAM: 3975.36 MB
Available physical RAM: 1471.63 MB
Total Virtual: 7948.89 MB
Available Virtual: 5173.15 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:148.95 GB) (Free:57.32 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: D9FA2484)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=148.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=149 GB) - (Type=06)
 
==================== End of Addition.txt ============================
 
 
 
 
Zemana AntiMalware 2.74.2.76 (Installed)
 
-------------------------------------------------------
Scan Result            : Completed
Scan Date              : 2017.6.24
Operating System       : Windows 7 64-bit
Processor              : 2X Intel® Pentium® CPU 2020M @ 2.40GHz
BIOS Mode              : Legacy
CUID                   : 124B9FFDB168ACC63C9488
Scan Type              : System Scan
Duration               : 30m 34s
Scanned Objects        : 78302
Detected Objects       : 0
Excluded Objects       : 0
Read Level             : SCSI
Auto Upload            : Enabled
Detect All Extensions  : Disabled
Scan Documents         : Disabled
Domain Info            : WORKGROUP,0,2
 
Detected Objects
-------------------------------------------------------
 
No threats detected
 
 
 

  • 0

#6
Valinorum
Posted 29 June 2017 - 04:57 AM

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
Uninstall AVG Web TuneUp.
  • Step #2 Fix with FRST
    Make sure that you still have FRST.exe on your Desktop. If you do not have it, download the suitable version from here to your Desktop.
    • Open Notepad.exe. Do not use any other text editor software;
    • Copy and Paste the contents inside the code-box to your Notepad --
      Start
CreateRestorePoint:
CloseProcesses:
EmptyTemp:
HKLM-x32\...\Run: [vProt] => "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
HKU\S-1-5-21-2819346672-853151906-811778091-1000\...\Run: [AVG-Secure-Search-Update_0214c] => C:\Users\Lena Pra\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=54cb91b5815347d2b22edd1de3ce163e-18f29c75e639e91aaa54b599b4e3bd32b98d0511 /CMPID=0214c
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
SearchScopes: HKU\S-1-5-21-2819346672-853151906-811778091-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={6E8C4B26-BA6B-4B77-A50D-42ED952796C8}&mid=54cb91b5815347d2b22edd1de3ce163e-18f29c75e639e91aaa54b599b4e3bd32b98d0511&lang=de&ds=AVG&coid=avgtbavg&cmpid=0816avz&pr=fr&d=2016-08-04 12:06:10&v=4.3.2.18&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
FF Extension: (AVG Web TuneUp) - C:\Users\Lena Pra\AppData\Roaming\Mozilla\Firefox\Profiles\lsnmh4hi.default\Extensions\[email protected] [2017-06-14]
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
S2 vToolbarUpdater40.3.8; "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe" [X]
S2 WtuSystemSupport; "C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe" [X]
End
    • Click on File > Save as...
      • Inside the File Name box type fixlist.txt;
      • From the Save as type drop down list, choose All Files
    • Save the file to your Desktop;
    • Re-run FRST.exe and click Fix;
      • Note: If FRST advises there is a new updated version to be downloaded, do so/allow this.
    • After the completion, a log will be produced;
    • Copy and Paste the contents of the log in your next reply.
 
  • 0

#7
l.mart
Posted 01 July 2017 - 04:56 AM

l.mart

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts

Hi,

 

for some reason I could not Uninstall the AVG Web Tune Up. I could get to the uninstall window but when I press uninstall it does not respond. 

 

Here is the requested Fixlog:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-06-2017
Ran by Lena Pra (01-07-2017 12:35:41) Run:2
Running from C:\Users\Lena Pra\Desktop
Loaded Profiles: Lena Pra (Available Profiles: Lena Pra)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
EmptyTemp:
HKLM-x32\...\Run: [vProt] => "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
HKU\S-1-5-21-2819346672-853151906-811778091-1000\...\Run: [AVG-Secure-Search-Update_0214c] => C:\Users\Lena Pra\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=54cb91b5815347d2b22edd1de3ce163e-18f29c75e639e91aaa54b599b4e3bd32b98d0511 /CMPID=0214c
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
SearchScopes: HKU\S-1-5-21-2819346672-853151906-811778091-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={6E8C4B26-BA6B-4B77-A50D-42ED952796C8}&mid=54cb91b5815347d2b22edd1de3ce163e-18f29c75e639e91aaa54b599b4e3bd32b98d0511&lang=de&ds=AVG&coid=avgtbavg&cmpid=0816avz&pr=fr&d=2016-08-04 12:06:10&v=4.3.2.18&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
FF Extension: (AVG Web TuneUp) - C:\Users\Lena Pra\AppData\Roaming\Mozilla\Firefox\Profiles\lsnmh4hi.default\Extensions\[email protected] [2017-06-14]
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
S2 vToolbarUpdater40.3.8; "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe" [X]
S2 WtuSystemSupport; "C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe" [X]
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\vProt => value removed successfully
HKU\S-1-5-21-2819346672-853151906-811778091-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AVG-Secure-Search-Update_0214c => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => key removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found. 
HKU\S-1-5-21-2819346672-853151906-811778091-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => key removed successfully
HKLM\Software\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found. 
C:\Users\Lena Pra\AppData\Roaming\Mozilla\Firefox\Profiles\lsnmh4hi.default\Extensions\[email protected] => moved successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin => key removed successfully
HKLM\System\CurrentControlSet\Services\vToolbarUpdater40.3.8 => key removed successfully
vToolbarUpdater40.3.8 => service removed successfully
HKLM\System\CurrentControlSet\Services\WtuSystemSupport => key removed successfully
WtuSystemSupport => service removed successfully
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5395282 B
Java, Flash, Steam htmlcache => 740 B
Windows/system/drivers => 1012073768 B
Edge => 0 B
Chrome => 616187497 B
Firefox => 354850538 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 432 B
LocalService => 0 B
NetworkService => 0 B
Lena Pra => 459471532 B
 
RecycleBin => 338409604 B
EmptyTemp: => 2.6 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 12:39:34 ====
 
 
 
Thanks for your help

  • 0

#8
Valinorum
Posted 01 July 2017 - 01:24 PM

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
  • Step #3 Fix with AdwCleaner
    • Download AdwCleaner by Xplode to your Desktop from the following link.
    • Right-click on AdwCleaner.exe and choose Run as administrator;
    • Click on Option and put a tick mark on everything;
    • Click on Scan and let the program run unhindered;
    • When done, click on Clean and allow the system to reboot after it is done;
    • A log will be opened automatically after the restart. If not, it is located in C:\AdwCleaner\AdwCleaner[CX].txt, where X is replaced with a number;
    • Copy and Paste the contents of this log in your reply.
 
  • Step #4 ESET Online Scanner
    Disable your security programs which includes but not limited to anti-virus, anti-malware, anti-spyware et cetera. Peruse this for additional information.
    • Download esetsmartinstaller_enu.exe by clicking here.
    • Right-click on the program and choose Run as administrator.
    • Accept their terms and condition and proceed.
    • Install Add-On/Active X if prompted.
    • From the Computer Scan Setting check the following box --
      • Enable detection for potentially unwanted programs
    • Click on Advanced Setting --
      • Check the box beside Remove Found Threats;
      • Check the box beside Scan archives
      • Check the box beside Scan for potentially unsafe applications
      • Check the box beside Enable Anti-Stealth Technology
    • Click on Start and wait for the virus signature database to update.
    • The online scan will begin automatically and can take several hours.
      • Note: Do not touch either the Mouse or keyboard during the scan. Otherwise it may stall.
    • After the Scan finishes --
      • If no threats were found:
        • Put a checkmark in Uninstall application on close.
        • Close the program and report that nothing was found
      • If threats were found:
        • Open the file located in C:\Program Files\ESET\ESET Online Scanner\log.txt (32-bit) or C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt (64-bit).
        • Copy and Paste contents of the log file in your next reply.
    Note: Enable your security programs afterwards.

  • 0

#9
l.mart
Posted 02 July 2017 - 05:23 AM

l.mart

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts

Hello, 

 

here are the requested scans:

 

# AdwCleaner v6.047 - Logfile created 02/07/2017 at 10:36:33
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-06-29.3 [Local]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Lena Pra - LENAPRA-PC
# Running from : C:\Users\Lena Pra\Downloads\AdwCleaner.exe
# Mode: Clean
 
 
 
***** [ Services ] *****
 
[-] Service deleted: DrvAgent64
 
 
***** [ Folders ] *****
 
[-] Folder deleted: C:\ProgramData\Avg_Update_0517tb_a04308
[-] Folder deleted: C:\Users\Lena Pra\AppData\Local\avg web tuneup
[-] Folder deleted: C:\Users\Lena Pra\AppData\Roaming\MPC
[-] Folder deleted: C:\Program Files\Common Files\AVG Secure Search
[-] Folder deleted: C:\ProgramData\avg web tuneup
[#] Folder deleted on reboot: C:\ProgramData\Application Data\avg web tuneup
[-] Folder deleted: C:\Program Files (x86)\avg web tuneup
[-] Folder deleted: C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\avg web tuneup
 
 
***** [ Files ] *****
 
[-] File deleted: C:\Windows\SysWOW64\drivers\DRVAGENT64.SYS
[-] File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
[#] File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
[#] File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
 
 
***** [ DLL ] *****
 
 
 
***** [ WMI ] *****
 
 
 
***** [ Shortcuts ] *****
 
 
 
***** [ Scheduled Tasks ] *****
 
 
 
***** [ Registry ] *****
 
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Key deleted: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
[-] Key deleted: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key deleted: HKLM\SOFTWARE\AVG Tuneup
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
 
 
***** [ Web browsers ] *****
 
[-] Firefox preferences cleaned: "browser.search.hiddenOneOffs" -  "Yahoo,Bing,Amazon.com,AVG Secure Search,DuckDuckGo,Twitter,Wikipedia (en)"
 
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
:: " Image File Execution Options" keys deleted
:: "Prefetch" files deleted
:: Proxy settings cleared
:: TCP/IP settings cleared
:: Firewall rules cleared
:: IPSec settings cleared
:: BITS queue cleared
:: IE policies deleted
:: Chrome policies deleted
:: Chrome preferences reset: C:\Users\Lena Pra\AppData\Local\Google\Chrome\User Data\Default
:: Hosts file cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [3495 Bytes] - [17/12/2015 10:29:54]
C:\AdwCleaner\AdwCleaner[C2].txt - [4287 Bytes] - [02/07/2017 10:36:33]
C:\AdwCleaner\AdwCleaner[S1].txt - [3247 Bytes] - [17/12/2015 10:28:50]
C:\AdwCleaner\AdwCleaner[S2].txt - [4024 Bytes] - [02/07/2017 10:35:06]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [4506 Bytes] ##########
 
 
 
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=cd77239d99c4ba408c74b0eb74ae1901
# end=init
# utc_time=2017-07-02 08:52:42
# local_time=2017-07-02 10:52:42 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 33919
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=cd77239d99c4ba408c74b0eb74ae1901
# end=updated
# utc_time=2017-07-02 08:56:50
# local_time=2017-07-02 10:56:50 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=cd77239d99c4ba408c74b0eb74ae1901
# engine=33919
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2017-07-02 11:04:24
# local_time=2017-07-02 01:04:24 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 107300091 250623314 0 0
# scanned=313032
# found=4
# cleaned=4
# scan_time=7654
sh=273A2A936AEC8B68DE2329EF69996F616B0D757E ft=1 fh=6e75ff11b16007d4 vn="NSIS/StartPage.CC trojan (cleaned by deleting)" ac=C fn="C:\Users\Lena Pra\Downloads\vlc-2.1.3-win64.exe"
sh=E69BCACB130F2390E51DD5171D7C671DCBC75F59 ft=0 fh=0000000000000000 vn="a variant of Win32/Systweak.L potentially unwanted application (deleted)" ac=C fn="C:\Users\Lena Pra\Downloads\wz180gev-64.msi"
sh=8897369209BC58C470D772DE87987B5BFB2589E2 ft=0 fh=0000000000000000 vn="a variant of Win32/Systweak.L potentially unwanted application (deleted)" ac=C fn="C:\Users\Lena Pra\Downloads\wz185gev-64.msi"
sh=8897369209BC58C470D772DE87987B5BFB2589E2 ft=0 fh=0000000000000000 vn="a variant of Win32/Systweak.L potentially unwanted application (deleted)" ac=C fn="C:\Windows\Installer\55f1e3f.msi"
 

  • 0

#10
Valinorum
Posted 03 July 2017 - 03:54 AM

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
How is your system performing?
  • 0

Advertisements

#11
l.mart
Posted 03 July 2017 - 11:09 AM

l.mart

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts

I have definately noticed a difference to before but overall the computer is still a bit slow; especially booting up seems to take quite long. I have also noticed that there are some odd documents on my desktop. They all end in .dll and I dont really know what they are, nor did I paste them to the desktop. I've attached a screenshot so you can see which files Im talking about. 

 

Thanks for your continued help.

 

 

Attached Thumbnails

  • desktop image.png

  • 0

#12
Valinorum
Posted 05 July 2017 - 06:10 AM

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
You can remove them. Perform a clean boot and check.
  • 0

#13
l.mart
Posted 05 July 2017 - 11:26 AM

l.mart

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts

Hello,

I don't really know how to proceed. Do I delete all those icons with the .dll ending plus a folder like "Orderproccess" and "VrCredist2010.exe" and the run the clean boot? Or do I run the clean boot and then delete them? 


  • 0

#14
SleepyDude
Posted 08 July 2017 - 09:23 AM

SleepyDude

    Trusted Helper

  • Malware Removal
  • 4,975 posts

Hi Lucas,

 

Unfortunately Valinorum is sick, I will continue to work with you to try fix your computer problem if you agree.

 

Can you check and tell me what is inside the Orderproccess folder?

 

Lets remove the dll's...

 

- Open Start -> Run -> on the run window type: cmd and click Ok

- now inside the black window type the following commands one by one followed by pressing the enter key.

cd  desktop
del  *.dll
del  VrCredist2010.exe

Note: The commands when executed correctly will not produce any response.

 

After this the files should disappear from the Desktop and you can close the Windows Command Prompt (the black window)

 

- Can you tell me exact model of the Lenovo machine you have?

- Another question can you install Windows Updates?


  • 0

#15
l.mart
Posted 09 July 2017 - 01:45 AM

l.mart

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts

Hi SleepyDude,

 

thank you for your help. 

 

I deleted the .dll as requested and have added a few more sreenshots at the bottom, not only of the "orderprocess" folder but of a few more folders which I did not recognize.

 

Regarding your questions: 

 

1. Im using a Lenovo G700

 

2. I've tried installing a Windows Update and it seems to be stuck on the install screen.

Attached Thumbnails

  • Order process img.png
  • desktop image.png

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP