Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
DHL Link geklickt, Windows 8.1. Firefox, Zip Download weggeklickt

DHL Link geklickt, Windows 8.1. Firefox, Zip Download weggeklickt


Log-Analyse und Auswertung: DHL Link geklickt, Windows 8.1. Firefox, Zip Download weggeklickt

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 09.03.2015, 18:52   #1
Bücherdieb
 
DHL Link geklickt, Windows 8.1. Firefox, Zip Download weggeklickt - Standard

DHL Link geklickt, Windows 8.1. Firefox, Zip Download weggeklickt


Hallo,
auch ich habe heute ein Paket erwartet und deshalb vorschnell auf den Link gedrückt. Dabei hat sich im Firefox Browser eine Seite geöffnet und ich sollte eine Zip Datei entpacken.
Diese habe ich dann gleich weggeklickt.
Jetzt weiß ich nicht, ob das gereicht hat oder ob ich mir vielleicht schon etwas eingefangen habe.
Bisher funktioniert mein Computer ganz normal.

Mein Benutzername habe ich durch User ersetzt.

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 18:11 on 09/03/2015 (User)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-03-2015 03
Ran by User (administrator) on User-PC on 09-03-2015 18:11:33
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available profiles: User)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(Lenovo) C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Superfish, Inc.) C:\Program Files (x86)\Lenovo\VisualDiscovery\VisualDiscovery.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
() C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ClientConnect LTD) C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\CltMngSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ClientConnect LTD) C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\cltmng.exe
(ClientConnect LTD) C:\Program Files (x86)\LenovoBrowserGuard\UI\bin\cltmngui.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-03-26] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-01-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2013-10-17] (Realtek semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2781936 2013-12-19] (Synaptics Incorporated)
HKLM\...\Run: [Yoga PhoneCompanion] => C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe [844304 2014-09-24] (Lenovo)
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2014-09-24] ()
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-09-24] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-09-24] (Lenovo(beijing) Limited)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [Yoga Picks] => C:\Program Files (x86)\Lenovo\Yoga Picks\Yoga Picks.exe [119280 2014-01-06] (Lenovo)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-1241451313-3116802256-3693624418-1001\...\Run: [Pokki] => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
AppInit_DLLs: C:\PROGRA~2\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC64Loader.dll => C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC64Loader.dll [206152 2014-08-25] (ClientConnect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC32Loader.dll => C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC32Loader.dll [173896 2014-08-25] (ClientConnect LTD)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1241451313-3116802256-3693624418-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1241451313-3116802256-3693624418-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1241451313-3116802256-3693624418-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-1241451313-3116802256-3693624418-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-12-02] (Microsoft Corporation)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-14] (Microsoft Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\WINDOWS\SysWOW64\mscoree.dll [2013-08-22] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-01-19] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\pihljba9.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-19] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2013-12-12] (Nitro PDF)
FF Extension: Firefox Certificate Store Hotfix - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\pihljba9.default\Extensions\firefox-hotfix@mozilla.org.xpi [2015-02-28]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2015-02-09]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2711736 2015-01-13] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\CltMngSvc.exe [2538824 2014-08-25] (ClientConnect LTD)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-03-26] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282072 2014-03-10] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-21] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-24] (Lenovo(beijing) Limited)
R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2014-09-24] (Lenovo)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-17] ()
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-12] (Nitro PDF Software)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-24] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-24] (PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe [285712 2014-09-24] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe [304144 2014-09-24] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2014-09-24] ()
R2 VisualDiscovery; C:\Program Files (x86)\Lenovo\VisualDiscovery\VisualDiscovery.exe [1354296 2014-06-21] (Superfish, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [33040 2014-09-24] (Lenovo)
R2 YogaPicks.AppService; C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe [19440 2014-01-06] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-17] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [142280 2013-10-18] (Intel Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3433952 2014-02-18] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8876248 2013-10-17] (Realtek Semiconductor Corp.)
R3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-12-19] (Synaptics Incorporated)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S2 VDWFP; \??\C:\WINDOWS\system32\Drivers\VDWFP64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-09 18:11 - 2015-03-09 18:11 - 00018354 _____ () C:\Users\User\Desktop\FRST.txt
2015-03-09 18:11 - 2015-03-09 18:11 - 00000472 _____ () C:\Users\User\Desktop\defogger_disable.log
2015-03-09 18:06 - 2015-03-09 18:11 - 00000000 ____D () C:\FRST
2015-03-09 18:05 - 2015-03-09 18:05 - 02095104 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2015-03-09 18:04 - 2015-03-09 18:04 - 00000000 _____ () C:\Users\User\defogger_reenable
2015-03-09 18:03 - 2015-03-09 18:03 - 00050477 _____ () C:\Users\User\Desktop\Defogger.exe
2015-03-06 11:33 - 2015-03-06 11:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-04 08:14 - 2015-03-04 08:14 - 00001776 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-03-04 08:14 - 2015-03-04 08:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-03-04 08:13 - 2015-03-04 08:14 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-03-04 08:13 - 2015-03-04 08:14 - 00000000 ____D () C:\Program Files\iTunes
2015-03-04 08:13 - 2015-03-04 08:13 - 00000000 ____D () C:\Program Files\iPod
2015-03-04 08:13 - 2015-03-04 08:13 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-03-04 08:11 - 2015-03-04 08:11 - 00001868 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2015-03-04 08:11 - 2015-03-04 08:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-03-04 08:11 - 2015-03-04 08:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-03-04 08:11 - 2015-03-04 08:11 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-02-25 10:32 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-02-25 10:32 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-02-25 10:32 - 2014-10-29 02:27 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-02-25 10:32 - 2014-10-29 02:27 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2015-02-25 10:32 - 2014-10-29 02:04 - 00868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-02-25 10:32 - 2014-10-29 02:04 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2015-02-24 10:20 - 2015-02-24 10:20 - 00000000 ____D () C:\Users\User\AppData\Local\PDF24
2015-02-24 10:19 - 2015-02-24 10:19 - 16342352 _____ (Geek Software GmbH ) C:\Users\User\Downloads\pdf24-creator-6.9.2.exe
2015-02-24 10:19 - 2015-02-24 10:19 - 00001106 _____ () C:\Users\Public\Desktop\PDF24 Creator.lnk
2015-02-24 10:19 - 2015-02-24 10:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2015-02-24 10:19 - 2015-02-24 10:19 - 00000000 ____D () C:\Program Files (x86)\PDF24
2015-02-14 08:24 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-14 08:24 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-13 13:17 - 2015-02-13 13:17 - 00000000 ____D () C:\ProgramData\Gibraltar
2015-02-13 08:17 - 2015-03-02 10:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\Nitro PDF
2015-02-11 16:00 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-02-11 16:00 - 2014-12-19 09:57 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-02-11 16:00 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-02-11 16:00 - 2014-12-09 00:12 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-02-11 09:47 - 2015-01-15 23:43 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-02-11 09:47 - 2015-01-15 23:43 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-02-11 09:47 - 2015-01-14 05:22 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-02-11 09:47 - 2015-01-14 04:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-02-11 09:47 - 2015-01-13 23:11 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-11 09:47 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-11 09:47 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-11 09:47 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-11 09:47 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-11 09:47 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-11 09:47 - 2015-01-12 03:34 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-11 09:47 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-11 09:47 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-02-11 09:47 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-11 09:47 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-11 09:47 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-11 09:47 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-11 09:47 - 2015-01-12 02:58 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-11 09:47 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-11 09:47 - 2015-01-12 02:51 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-11 09:47 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-11 09:47 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-11 09:47 - 2015-01-12 02:48 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-11 09:47 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-11 09:47 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-02-11 09:47 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-11 09:47 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-11 09:47 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-11 09:47 - 2015-01-12 02:27 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-02-11 09:47 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-11 09:47 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-11 09:47 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-11 09:47 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-11 09:47 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-11 09:47 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-11 09:47 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-11 09:47 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-11 09:47 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-11 09:47 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-11 09:47 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-11 09:47 - 2015-01-10 10:10 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-02-11 09:47 - 2015-01-10 10:10 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-11 09:47 - 2015-01-10 09:28 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-11 09:47 - 2015-01-10 09:22 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-02-11 09:47 - 2015-01-10 08:00 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-02-11 09:47 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-02-11 09:47 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-02-11 09:47 - 2014-12-09 02:56 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-02-11 09:47 - 2014-10-29 03:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2015-02-11 09:47 - 2014-10-29 03:50 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2015-02-11 09:47 - 2014-10-29 03:06 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2015-02-11 09:47 - 2014-10-29 03:06 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2015-02-11 09:47 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-02-11 09:47 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-02-11 09:47 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-02-11 09:47 - 2014-10-29 02:31 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-02-11 09:47 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-02-11 09:47 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-02-11 09:47 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-02-11 09:47 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-02-11 09:47 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-02-10 17:08 - 2015-02-10 17:09 - 00000000 ____D () C:\Users\User\Documents\Tagesspiegel
2015-02-09 10:58 - 2015-03-02 10:01 - 00000000 ____D () C:\Users\User\Documents\Citavi 4
2015-02-09 10:58 - 2015-02-13 13:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\Swiss Academic Software
2015-02-09 10:58 - 2015-02-09 10:58 - 00000000 ____D () C:\Users\User\AppData\Local\Swiss Academic Software
2015-02-09 10:57 - 2015-02-09 10:57 - 00001976 _____ () C:\Users\Public\Desktop\Citavi 4.lnk
2015-02-09 10:57 - 2015-02-09 10:57 - 00000000 ____D () C:\ProgramData\Swiss Academic Software
2015-02-09 10:57 - 2015-02-09 10:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 4
2015-02-09 10:57 - 2015-02-09 10:57 - 00000000 ____D () C:\Program Files (x86)\Citavi 4
2015-02-09 10:56 - 2015-02-09 10:56 - 00000000 ____D () C:\Users\User\AppData\Local\Downloaded Installations
2015-02-09 10:53 - 2015-02-09 10:55 - 81307064 _____ (Swiss Academic Software) C:\Users\User\Downloads\Citavi4Setup.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-09 18:08 - 2014-09-24 13:36 - 01695824 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-09 18:04 - 2015-01-17 12:42 - 00000000 ____D () C:\Users\User
2015-03-09 18:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-09 17:59 - 2015-01-17 13:37 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-09 17:48 - 2014-09-24 23:29 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2015-03-09 17:48 - 2014-09-24 23:29 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2015-03-09 17:48 - 2014-03-18 10:53 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-09 14:55 - 2015-01-17 12:56 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6239BBC2-3E89-4143-A927-B3F40EAD0AE5}
2015-03-09 11:51 - 2015-01-17 12:42 - 00000000 ____D () C:\Users\User\AppData\Local\Packages
2015-03-09 11:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-03-09 10:52 - 2015-01-18 17:41 - 00000000 ____D () C:\Users\User\Documents\Hochzeit
2015-03-08 19:01 - 2013-08-22 15:46 - 00027534 _____ () C:\WINDOWS\setupact.log
2015-03-07 12:02 - 2015-01-17 12:47 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1241451313-3116802256-3693624418-1001
2015-03-06 16:41 - 2015-01-18 16:51 - 00135168 ___SH () C:\Users\User\Documents\Thumbs.db
2015-03-06 16:40 - 2015-01-18 11:45 - 00000000 ____D () C:\Users\User\Documents\Bewerbung Neu
2015-03-06 16:39 - 2015-01-18 11:28 - 00000000 ____D () C:\Users\User\Documents\Uni
2015-03-06 14:36 - 2015-01-18 10:39 - 00003094 _____ () C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1241451313-3116802256-3693624418-1001
2015-03-06 14:36 - 2015-01-18 10:39 - 00000000 ___RD () C:\Users\User\OneDrive
2015-03-06 14:29 - 2015-01-17 12:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-06 14:29 - 2014-03-18 10:44 - 00009776 _____ () C:\WINDOWS\PFRO.log
2015-03-06 14:29 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-06 14:28 - 2014-09-24 14:14 - 00002560 _____ () C:\WINDOWS\system32\VfService.trf
2015-03-06 14:28 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-04 08:21 - 2015-01-18 12:09 - 00000000 ____D () C:\Users\User\AppData\Roaming\Apple Computer
2015-03-04 08:13 - 2015-01-18 12:08 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-03-03 14:17 - 2015-01-19 08:18 - 00295552 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-03-01 15:01 - 2015-01-18 10:34 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-03-01 15:00 - 2015-01-18 17:45 - 00000000 ____D () C:\Users\User\Documents\Benutzerdefinierte Office-Vorlagen
2015-02-25 12:00 - 2013-08-22 16:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-14 14:30 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-13 13:25 - 2013-08-22 15:44 - 00491720 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-12 13:12 - 2015-01-22 21:22 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-12 13:09 - 2015-01-22 21:22 - 116773704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-12 13:09 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared

==================== Files in the root of some directories =======

2014-09-24 13:50 - 2014-09-24 13:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\SetupO365HomePremRetail.x86.de-DE_O365HomePremRetail_NR3FF-393K4-T9R7X-4FVXT-VCB44_act_1_.exe
C:\Users\User\AppData\Local\Temp\SPSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-04 15:26

==================== End Of Log ============================



	
Code: 

 
ATTFilter


  

	
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2015 03
Ran by User at 2015-03-09 18:11:52
Running from C:\Users\User\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
 Lenovo Photo Master (x32 Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Benutzerhandbücher (x32 Version: 3.0.0.3 - Lenovo) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre 64bit (HKLM\...\{31ED17F1-B223-404B-9415-C31404A24CE9}) (Version: 2.16.0 - Kovid Goyal)
Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.5.0.11 - Swiss Academic Software)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.32.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo)
Energy Manager (x32 Version: 1.0.0.35 - Lenovo) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.2.1000 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) 4.0 (HKLM-x32\...\{C23B292D-2656-4A05-97D5-41FDC040158C}) (Version: 3.0.1342.02 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{7e493493-a430-4b7b-b8a2-48d61599e220}) (Version: 17.0.0 - Intel Corporation)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Lenovo Browser Guard (HKLM-x32\...\LenovoBrowserGuard) (Version: 2.16.50.5 - ClientConnect LTD)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.19.0 - Lenovo)
Lenovo FusionEngine  (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{E9325F15-6339-45E8-9DC4-C2D44B623039}) (Version: 2.5.1.0224 - PointGrab)
Lenovo Motion Control (x32 Version: 2.5.1.0224 - PointGrab) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Smart Voice (HKLM\...\Lenovo SmartVoice) (Version: 1.0.2.4 - Lenovo)
Lenovo Transition (HKLM\...\Lenovo Transition) (Version: 2.0.13.10181 - Lenovo)
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.0.14.1061 - Lenovo)
Lenovo Yoga 2 Demo (HKLM-x32\...\{03C682A4-05CD-4D22-B50A-B9C3C5F2B137}) (Version: 1.0.7 - Lenovo)
Lenovo Yoga PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.1.9.5 - Lenovo)
Lenovo Yoga PhoneCompanion (x32 Version: 1.1.9.5 - Lenovo) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4693.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1241451313-3116802256-3693624418-1001\...\OneDriveSetup.exe) (Version: 17.3.4724.0224 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
Nitro Pro 9 (HKLM\...\{4C32F7E8-A65F-4D3C-9153-9F3B57CB6872}) (Version: 9.0.5.9 - Nitro)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4693.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4693.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4693.1002 - Microsoft Corporation) Hidden
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Pokki (HKU\S-1-5-21-1241451313-3116802256-3693624418-1001\...\Pokki) (Version: 0.269.2.471 - Pokki)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39053 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7161 - Realtek Semiconductor Corp.)
Superfish Inc. VisualDiscovery (HKLM-x32\...\Superfish Inc. VisualDiscovery) (Version: 1.0.0.1 - Superfish) <==== ATTENTION
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.71 - Synaptics Incorporated)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Yoga Picks (HKLM-x32\...\{267C8BA0-876B-4589-9F14-EFB84ABCEA7F}) (Version: 1.5.014.0106 - Lenovo)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1241451313-3116802256-3693624418-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1241451313-3116802256-3693624418-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

12-02-2015 13:08:43 Windows Update
25-02-2015 12:00:32 Windows Update
06-03-2015 11:38:25 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {02EFEA18-6CB4-4DB2-B82C-1107B50D3864} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-12-30] (Microsoft Corporation)
Task: {0942C5B2-223E-4E37-ADFA-6EFBDD8F9230} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1241451313-3116802256-3693624418-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {1587750C-CD47-4462-9188-173B98C58880} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2015-01-17] (Lenovo)
Task: {187E5ECF-7E9A-4A54-B036-D02DAC7635D2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {36B053CC-D84E-491D-9836-45555B4786CD} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {6353F099-4441-42B5-85E0-A8003AA69B14} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-01-14] (Microsoft Corporation)
Task: {A4517D5D-A4C5-4652-8357-EDE5862853E6} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {A82AA85C-71EC-436E-A71E-8B40D6E39218} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {A928A369-63BA-4F38-8738-28D2D3B38886} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-21] ()
Task: {C0E11139-C682-4305-B244-3D990E5BC756} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-12-30] (Microsoft Corporation)
Task: {E0395A5B-65B4-41CC-BA4A-F6F0E5929982} - System32\Tasks\Lenovo Smart Voice => C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe [2014-09-24] (Lenovo)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) ==============

2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-18 10:34 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-09-24 14:13 - 2012-04-24 11:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-09-24 14:14 - 2014-09-24 14:14 - 00067856 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
2014-09-24 14:14 - 2014-09-24 14:14 - 00672016 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfDataStorageInterface.dll
2014-09-24 14:14 - 2014-09-24 14:14 - 00061200 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2014-09-24 14:12 - 2014-01-06 14:14 - 00019440 _____ () C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
2014-02-24 15:39 - 2014-02-24 15:39 - 00013576 _____ () C:\Program Files (x86)\Lenovo\Motion Control\PointGrabDeviceAPI.dll
2014-09-24 13:48 - 2013-09-16 11:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-01-18 10:34 - 2015-01-19 18:23 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2014-09-24 14:14 - 2014-09-24 14:14 - 00101648 _____ () C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LUpdatePackage.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDWFP => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VisualDiscovery => ""="service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1241451313-3116802256-3693624418-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "Yoga PhoneCompanion"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run: => "AutoStartTransition"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Yoga Picks"

==================== Accounts: =============================

Administrator (S-1-5-21-1241451313-3116802256-3693624418-500 - Administrator - Disabled)
User (S-1-5-21-1241451313-3116802256-3693624418-1001 - Administrator - Enabled) => C:\Users\User
Gast (S-1-5-21-1241451313-3116802256-3693624418-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1241451313-3116802256-3693624418-1003 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/09/2015 00:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1391

Error: (03/09/2015 00:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1391

Error: (03/09/2015 00:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/09/2015 11:16:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9843

Error: (03/09/2015 11:16:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9843

Error: (03/09/2015 11:16:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/09/2015 09:23:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1554875

Error: (03/09/2015 09:23:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1554875

Error: (03/09/2015 09:23:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/09/2015 08:57:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1312


System errors:
=============
Error: (03/09/2015 10:18:34 AM) (Source: DCOM) (EventID: 10010) (User: User-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (03/09/2015 10:18:04 AM) (Source: DCOM) (EventID: 10010) (User: User-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (03/09/2015 09:24:10 AM) (Source: DCOM) (EventID: 10010) (User: User-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (03/09/2015 09:23:40 AM) (Source: DCOM) (EventID: 10010) (User: User-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (03/08/2015 00:01:36 PM) (Source: DCOM) (EventID: 10010) (User: User-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (03/08/2015 00:01:06 PM) (Source: DCOM) (EventID: 10010) (User: User-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (03/08/2015 10:20:22 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "UserPC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{9671A901-1C46-4E7C-B630-296B940422F5}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (03/07/2015 09:57:03 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "UserPC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{9671A901-1C46-4E7C-B630-296B940422F5}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (03/07/2015 08:31:04 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 20.

Error: (03/07/2015 08:17:46 AM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 2a02:8109:8a80:16d0::3 mit dem Computer mit der
Netzwerkhardwareadresse 38-48-4C-B4-B6-09 ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.


Microsoft Office Sessions:
=========================
Error: (03/09/2015 00:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1391

Error: (03/09/2015 00:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1391

Error: (03/09/2015 00:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/09/2015 11:16:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9843

Error: (03/09/2015 11:16:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9843

Error: (03/09/2015 11:16:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/09/2015 09:23:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1554875

Error: (03/09/2015 09:23:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1554875

Error: (03/09/2015 09:23:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/09/2015 08:57:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1312


CodeIntegrity Errors:
===================================
  Date: 2015-03-09 14:48:44.060
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-03-09 14:48:43.149
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-03-09 12:10:39.130
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-03-09 12:10:39.005
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-03-09 12:10:38.833
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-03-09 12:10:38.708
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-03-09 12:10:38.583
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-03-09 12:10:38.458
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-03-09 12:10:38.349
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-03-09 12:10:38.224
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 24%
Total physical RAM: 8112.96 MB
Available physical RAM: 6137.71 MB
Total Pagefile: 9392.96 MB
Available Pagefile: 6959.91 MB
Total Virtual: 131072 MB
Available Virtual: 131071.82 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:196.7 GB) (Free:123.82 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.56 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 04D7BDD6)

Partition: GPT Partition Type.

==================== End Of Log ============================



	
Code: 

 
ATTFilter


  

	
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-03-09 18:33:02
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000034 SAMSUNG_MZNTD256HAGL-000L1 rev.DXT23L0Q 238,47GB
Running: Gmer-19357.exe; Driver: C:\Users\Useri\AppData\Local\Temp\kxldrpog.sys


---- User code sections - GMER 2.1 ----

.text    C:\WINDOWS\system32\WLANExt.exe[352] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                  00007fffd575169a 4 bytes [75, D5, FF, 7F]
.text    C:\WINDOWS\system32\WLANExt.exe[352] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                  00007fffd57516a2 4 bytes [75, D5, FF, 7F]
.text    C:\WINDOWS\system32\WLANExt.exe[352] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                     00007fffd575181a 4 bytes [75, D5, FF, 7F]
.text    C:\WINDOWS\system32\WLANExt.exe[352] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                     00007fffd5751832 4 bytes [75, D5, FF, 7F]
.text    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1324] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 194                                00007fffcb7e1f6a 4 bytes [7E, CB, FF, 7F]
.text    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1324] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 218                                00007fffcb7e1f82 4 bytes [7E, CB, FF, 7F]
.text    C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe[1380] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                             00007fffd575169a 4 bytes [75, D5, FF, 7F]
.text    C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe[1380] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                             00007fffd57516a2 4 bytes [75, D5, FF, 7F]
.text    C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe[1380] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                00007fffd575181a 4 bytes [75, D5, FF, 7F]
.text    C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe[1380] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                00007fffd5751832 4 bytes [75, D5, FF, 7F]
.text    C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1432] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                      00007fffd575169a 4 bytes [75, D5, FF, 7F]
.text    C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1432] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                      00007fffd57516a2 4 bytes [75, D5, FF, 7F]
.text    C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1432] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                         00007fffd575181a 4 bytes [75, D5, FF, 7F]
.text    C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1432] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                         00007fffd5751832 4 bytes [75, D5, FF, 7F]
.text    C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1432] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 194                                                                            00007fffcb7e1f6a 4 bytes [7E, CB, FF, 7F]
.text    C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1432] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 218                                                                            00007fffcb7e1f82 4 bytes [7E, CB, FF, 7F]
.text    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2016] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                  00007fffd575169a 4 bytes [75, D5, FF, 7F]
.text    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2016] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                  00007fffd57516a2 4 bytes [75, D5, FF, 7F]
.text    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2016] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                     00007fffd575181a 4 bytes [75, D5, FF, 7F]
.text    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2016] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                     00007fffd5751832 4 bytes [75, D5, FF, 7F]
.text    C:\Program Files\Windows Defender\MsMpEng.exe[2164] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 506                                                                   00007fffd575169a 4 bytes [75, D5, FF, 7F]
.text    C:\Program Files\Windows Defender\MsMpEng.exe[2164] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 514                                                                   00007fffd57516a2 4 bytes [75, D5, FF, 7F]
.text    C:\Program Files\Windows Defender\MsMpEng.exe[2164] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 118                                                                      00007fffd575181a 4 bytes [75, D5, FF, 7F]
.text    C:\Program Files\Windows Defender\MsMpEng.exe[2164] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 142                                                                      00007fffd5751832 4 bytes [75, D5, FF, 7F]
.text    C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2292] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                           00007fffd575169a 4 bytes [75, D5, FF, 7F]
.text    C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2292] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                           00007fffd57516a2 4 bytes [75, D5, FF, 7F]
.text    C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2292] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                              00007fffd575181a 4 bytes [75, D5, FF, 7F]
.text    C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2292] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                              00007fffd5751832 4 bytes [75, D5, FF, 7F]
.text    C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                           00007fffd575169a 4 bytes [75, D5, FF, 7F]
.text    C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                           00007fffd57516a2 4 bytes [75, D5, FF, 7F]
.text    C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                              00007fffd575181a 4 bytes [75, D5, FF, 7F]
.text    C:\WINDOWS\system32\wbem\wmiprvse.exe[2632] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                              00007fffd5751832 4 bytes [75, D5, FF, 7F]
.text    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[7724] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                   00007fffd575169a 4 bytes [75, D5, FF, 7F]
.text    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[7724] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                   00007fffd57516a2 4 bytes [75, D5, FF, 7F]
.text    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[7724] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                      00007fffd575181a 4 bytes [75, D5, FF, 7F]
.text    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[7724] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                      00007fffd5751832 4 bytes [75, D5, FF, 7F]
.text    C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[8924] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                00007fffd575169a 4 bytes [75, D5, FF, 7F]
.text    C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[8924] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                00007fffd57516a2 4 bytes [75, D5, FF, 7F]
.text    C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[8924] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                   00007fffd575181a 4 bytes [75, D5, FF, 7F]
.text    C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[8924] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                   00007fffd5751832 4 bytes [75, D5, FF, 7F]
.text    C:\Program Files\iTunes\iTunesHelper.exe[8948] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 194                                                                              00007fffcb7e1f6a 4 bytes [7E, CB, FF, 7F]
.text    C:\Program Files\iTunes\iTunesHelper.exe[8948] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 218                                                                              00007fffcb7e1f82 4 bytes [7E, CB, FF, 7F]

---- Threads - GMER 2.1 ----

Thread   C:\WINDOWS\system32\csrss.exe [2408:7820]                                                                                                                                    fffff960008f8b90
---- Processes - GMER 2.1 ----

Library  C:\ProgramData\LenovoTransition\Server\x64\Windows7.SensorAndLocation.dll (*** suspicious ***) @ C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [2188] (FILE NOT FOUND)  00000009378f0000

---- Disk sectors - GMER 2.1 ----

Disk     \Device\Harddisk0\DR0                                                                                                                                                        unknown MBR code

---- EOF - GMER 2.1 ----
Vielen Dank!

 

Themen zu DHL Link geklickt, Windows 8.1. Firefox, Zip Download weggeklickt
administrator, adobe, adware, bonjour, browser, computer, defender, device driver, explorer, feedback, firefox, flash player, monitor, mozilla, office 365, onedrive, pdf, realtek, registry, rundll, security, services.exe, software, svchost.exe, system, usb, warnung, windows, winlogon.exe


« Windows 8.1: Probleme nach Update | Windows7 erkennt mein Passwort nicht mehr und ich habe keinen Zugriff auf meinen Laptop »


Ähnliche Themen: DHL Link geklickt, Windows 8.1. Firefox, Zip Download weggeklickt


  1. Phishing Link geklickt
    Plagegeister aller Art und deren Bekämpfung - 19.09.2015 (8)
  2. Windows 7: Ich habe blöderweise auf einen Link in einer gefälschten DHL Mail geklickt und bin auf website umgeleitet worden...
    Plagegeister aller Art und deren Bekämpfung - 08.06.2015 (10)
  3. UPS Phishing Mail geöffnet uns auf Link geklickt
    Log-Analyse und Auswertung - 02.04.2015 (24)
  4. Phishing mail Link geklickt
    Log-Analyse und Auswertung - 22.03.2015 (9)
  5. DHL Link geklickt - kein ZIP Download - Win7 SP1 64Bit
    Log-Analyse und Auswertung - 12.03.2015 (7)
  6. Windows 7: DHL-Phishing-Mail geöffnet, auf den Link geklickt, .zip-File nicht heruntergeladen
    Log-Analyse und Auswertung - 10.03.2015 (13)
  7. Windows 8: .scr-Datei Download per Link über Steam
    Plagegeister aller Art und deren Bekämpfung - 08.01.2015 (11)
  8. (iPhone) Geklickt: Link geklickt
    Smartphone, Tablet & Handy Security - 15.11.2014 (2)
  9. SPAM Mail von Telekom und auf Link geklickt
    Log-Analyse und Auswertung - 17.06.2014 (3)
  10. Phishing-mail link geklickt
    Plagegeister aller Art und deren Bekämpfung - 14.04.2014 (13)
  11. Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner
    Plagegeister aller Art und deren Bekämpfung - 03.02.2014 (14)
  12. Falsche Telefonrechnung auf Download-Link geklickt.
    Plagegeister aller Art und deren Bekämpfung - 15.01.2014 (11)
  13. auf Link von gehacktem Postfach geklickt
    Log-Analyse und Auswertung - 28.06.2013 (26)
  14. Auf seltsamen Link geklickt
    Plagegeister aller Art und deren Bekämpfung - 04.06.2013 (23)
  15. Dummerweise auf MSN Link geklickt
    Plagegeister aller Art und deren Bekämpfung - 24.08.2009 (6)
  16. Auf einen Link geklickt ...
    Mülltonne - 06.07.2008 (0)
  17. In MSN auf Link geklickt und nun Schwierigkeiten
    Plagegeister aller Art und deren Bekämpfung - 30.07.2007 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema DHL Link geklickt, Windows 8.1. Firefox, Zip Download weggeklickt - Hallo, auch ich habe heute ein Paket erwartet und deshalb vorschnell auf den Link gedrückt. Dabei hat sich im Firefox Browser eine Seite geöffnet und ich sollte eine Zip Datei - DHL Link geklickt, Windows 8.1. Firefox, Zip Download weggeklickt...

Alle Zeitangaben in WEZ +1. Es ist jetzt 18:48 Uhr.

Kontakt - Trojaner-Board - Archiv - Datenschutzerklärung - Nach oben

Copyright ©2000-2025, Trojaner-Board
Archiv
Du betrachtest: DHL Link geklickt, Windows 8.1. Firefox, Zip Download weggeklickt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19