Windows 8: Google Chrome, Glass Bottle
Hallo,
ich habe Probleme mit Glass Bottle - Werbungen. Immer, wenn ich in Google Chrome eine neue Seite öffne, öffnen sich direkt Glass Bottle - Ads.
Ich habe Malwarebytes Anti-Malware und AdwCleaner laufen lassen, aber das Problem tritt immer wieder auf.
Ich hoffe, ihr könnt mir helfen.
Lieber Gruß Corinna Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-05-2015
Ran by Corinna (administrator) on LENOVO-PC on 19-05-2015 22:28:47
Running from C:\Users\Corinna\Downloads
Loaded Profiles: Corinna (Available profiles: UpdatusUser & Corinna & Administrator)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\SystemAgent\SystemAgentService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Validity Sensors, Inc.) C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Validity Sensors, Inc.) C:\Program Files\Lenovo Fingerprint Reader\SwipeMonitor.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Users\Corinna\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Audible, Inc.) C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\QuickSnipService\QuickSnipService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(Lenovo) C:\Program Files\Lenovo\QuickSnipService\QuickSnipInput.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(Farbar) C:\Users\Corinna\Downloads\FRST64 (2).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [HotKeysCmds] => C:\WINDOWS\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\WINDOWS\system32\igfxpers.exe
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [TpShocks] => C:\WINDOWS\system32\TpShocks.exe [382248 2013-02-12] (Lenovo.)
HKLM\...\Run: [LnvMobHotspotClient] => C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [937976 2013-04-11] (Lenovo)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [594936 2013-04-15] (Lenovo Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3049200 2013-04-04] (Synaptics Incorporated)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-14] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2013-03-12] (Vimicro)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-20] (Intel Corporation)
HKLM-x32\...\Run: [Fastboot] => C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [738032 2013-10-25] (Lenovo)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-992426981-1486406983-2665444241-1002\...\Run: [Amazon Music] => C:\Users\Corinna\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886784 2015-04-21] ()
HKU\S-1-5-21-992426981-1486406983-2665444241-1002\...\MountPoints2: {ff01d47f-cfc5-11e4-be94-681729f7884c} - "E:\LaunchU3.exe" -a
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [184048 2013-12-26] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [156256 2013-12-26] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk [2015-04-16]
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
Startup: C:\Users\Corinna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-02-13]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-992426981-1486406983-2665444241-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-992426981-1486406983-2665444241-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-992426981-1486406983-2665444241-1002 -> {85290357-B7D7-4472-BEA9-3861C5698661} URL =
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-03] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-03] (Oracle Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-03] (Oracle Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-18] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2013-03-25] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-992426981-1486406983-2665444241-1002: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll [2013-03-25] (Intel)
FF Plugin HKU\S-1-5-21-992426981-1486406983-2665444241-1002: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll [2013-03-25] (Intel)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.6.0.32\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.6.0.32\coFFPlgn [2015-05-19]
Chrome:
=======
CHR Profile: C:\Users\Corinna\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Corinna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-18]
CHR Extension: (Google Docs) - C:\Users\Corinna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-18]
CHR Extension: (Google Drive) - C:\Users\Corinna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-18]
CHR Extension: (YouTube) - C:\Users\Corinna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-18]
CHR Extension: (Google Search) - C:\Users\Corinna\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-18]
CHR Extension: (Google Sheets) - C:\Users\Corinna\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-18]
CHR Extension: (Bookmark Manager) - C:\Users\Corinna\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-30]
CHR Extension: (Norton Identity Safe) - C:\Users\Corinna\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-01-19]
CHR Extension: (Adblock Super) - C:\Users\Corinna\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-05-19]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Corinna\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Google Wallet) - C:\Users\Corinna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-18]
CHR Extension: (Gmail) - C:\Users\Corinna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-18]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-20]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-20]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [148472 2013-04-15] (Lenovo Corporation)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107944 2013-01-08] (Condusiv Technologies)
R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [140016 2013-10-25] (Lenovo)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-20] (Intel Corporation)
S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [48832 2013-04-10] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-20] (Intel Corporation)
R2 Lenovo QuickSnip Service; C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe [220488 2013-05-13] (LENOVO INCORPORATED.)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [1628664 2013-02-06] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [562504 2013-05-13] (LENOVO INCORPORATED.)
S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [681464 2013-04-15] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
R2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [465912 2013-04-11] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [463352 2013-04-19] ()
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272440 2015-03-09] (Lenovo)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-02-08] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe [276336 2015-03-07] (Symantec Corporation)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-03-25] (Nitro PDF Software)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-09-16] ()
R2 ValBioService; C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe [23600 2013-03-19] (Validity Sensors, Inc.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [49040 2014-07-21] (Synaptics Incorporated)
R2 valWbioSyncSvc; C:\Windows\system32\valWbioSyncSvc.exe [32256 2014-07-21] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3386608 2013-02-08] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\BASHDefs\20150501.001\BHDrvx64.sys [1639128 2015-05-01] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1342848 2012-12-03] (Motorola Solutions, Inc.)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1507000.00B\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2015-01-17] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2015-01-17] (Symantec Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [26024 2013-01-08] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [112552 2013-01-08] (Condusiv Technologies)
S3 Fastboot; C:\Windows\System32\DRIVERS\fastboot.sys [66288 2013-10-25] (Windows (R) Win 7 DDK provider)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\IPSDefs\20150518.001\IDSvia64.sys [671448 2015-03-27] (Symantec Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\VirusDefs\20150519.005\ENG64.SYS [129752 2015-04-29] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\VirusDefs\20150519.005\EX64.SYS [2137304 2015-04-29] (Symantec Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288992 2013-01-09] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-04-04] (Synaptics Incorporated)
R1 SMIDriver; C:\Windows\System32\drivers\smi.sys [19760 2014-07-21] (Windows (R) Win 7 DDK provider)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMDS64.SYS [493656 2014-08-26] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1507000.00B\SymELAM.sys [23568 2014-08-26] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2015-02-02] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1507000.00B\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-11-29] (Windows (R) Win 7 DDK provider)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1045248 2013-03-02] (Vimicro Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-11-29] (Windows (R) Win 7 DDK provider)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-19 22:28 - 2015-05-19 22:28 - 00046274 _____ () C:\Users\Corinna\Desktop\FRST.txt
2015-05-19 22:26 - 2015-05-19 22:26 - 02107904 _____ (Farbar) C:\Users\Corinna\Downloads\FRST64 (2).exe
2015-05-19 22:25 - 2015-05-19 22:26 - 00000476 _____ () C:\Users\Corinna\Downloads\defogger_disable.log
2015-05-19 22:25 - 2015-05-19 22:25 - 00000000 _____ () C:\Users\Corinna\defogger_reenable
2015-05-19 22:24 - 2015-05-19 22:24 - 00050477 _____ () C:\Users\Corinna\Downloads\Defogger.exe
2015-05-19 22:15 - 2015-05-19 22:28 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-992426981-1486406983-2665444241-1002
2015-05-19 22:13 - 2015-05-19 22:14 - 00002886 _____ () C:\Users\Corinna\Downloads\SystemLook.txt
2015-05-19 22:12 - 2015-05-19 22:12 - 00165376 _____ () C:\Users\Corinna\Downloads\SystemLook_x64.exe
2015-05-19 22:09 - 2015-05-19 22:07 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2015-05-19 22:08 - 2015-05-19 22:10 - 00011208 _____ () C:\zoek-results.log
2015-05-19 22:07 - 2015-05-19 22:07 - 01308672 _____ () C:\Users\Corinna\Downloads\zoek.exe
2015-05-19 22:07 - 2015-05-19 22:07 - 00000000 ____D () C:\zoek_backup
2015-05-19 21:53 - 2015-05-19 21:53 - 02720196 _____ (Thisisu) C:\Users\Corinna\Downloads\JRT (2).exe
2015-05-19 21:23 - 2015-05-19 21:23 - 00000000 ____D () C:\AdwCleaner
2015-05-19 21:22 - 2015-05-19 21:22 - 02209792 _____ () C:\Users\Corinna\Downloads\AdwCleaner_4.204.exe
2015-05-19 21:21 - 2015-05-19 21:58 - 00038897 _____ () C:\Users\Corinna\Downloads\Addition.txt
2015-05-19 21:20 - 2015-05-19 22:28 - 00025075 _____ () C:\Users\Corinna\Downloads\FRST.txt
2015-05-19 21:20 - 2015-05-19 22:28 - 00000000 ____D () C:\FRST
2015-05-19 21:19 - 2015-05-19 21:19 - 00000000 _____ () C:\Users\Corinna\Downloads\FRST64 (1).exe
2015-05-19 21:18 - 2015-05-19 21:19 - 02107904 _____ (Farbar) C:\Users\Corinna\Downloads\FRST64.exe
2015-05-19 20:42 - 2015-05-19 20:43 - 02720196 _____ (Thisisu) C:\Users\Corinna\Downloads\JRT (1).exe
2015-05-19 20:42 - 2015-05-19 20:42 - 02720196 _____ (Thisisu) C:\Users\Corinna\Downloads\JRT.exe
2015-05-19 20:10 - 2015-05-19 20:10 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Corinna\Downloads\mbam-setup-2.1.6.1022 (1).exe
2015-05-19 18:36 - 2015-05-19 18:36 - 02347384 _____ (ESET) C:\Users\Corinna\Downloads\esetsmartinstaller_deu.exe
2015-05-19 17:30 - 2015-05-19 17:30 - 00000939 _____ () C:\WINDOWS\system32\InstallUtil.InstallLog
2015-05-13 10:51 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 10:51 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 10:23 - 2015-05-13 10:23 - 00014780 _____ () C:\Users\Corinna\Downloads\L09_LineareProgrammierung_B_Excelblatt.xlsx
2015-05-13 10:21 - 2015-05-13 10:22 - 00013867 _____ () C:\Users\Corinna\Downloads\DS05LPAufgabe.xlsx
2015-05-13 10:15 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-13 10:15 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-13 10:15 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-13 10:15 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-13 10:15 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-13 10:15 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-13 10:15 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-05-13 10:15 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-13 10:15 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-13 10:15 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-13 10:15 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-13 10:15 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-13 10:15 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-13 10:15 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-13 10:15 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-13 10:15 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-13 10:15 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-13 10:15 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-13 10:15 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-13 10:15 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-13 10:15 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-13 10:15 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-13 10:15 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-13 10:15 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-13 10:15 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-13 10:15 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-05-13 10:15 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-05-13 10:15 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-05-13 10:15 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-05-13 10:15 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-13 10:15 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-13 10:15 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-13 10:15 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-05-13 10:15 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-05-13 10:15 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-13 10:15 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-13 10:15 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-13 10:15 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-13 10:15 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-13 10:15 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-13 10:15 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-05-13 10:15 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-13 10:15 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-13 10:15 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-13 10:15 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-13 10:15 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-13 10:15 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-13 10:15 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-13 10:15 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-13 10:15 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-12 16:27 - 2015-05-12 16:27 - 00000000 ____D () C:\Users\Corinna\Documents\Outlook-Dateien
2015-05-12 16:26 - 2015-05-12 16:26 - 00056231 _____ () C:\Users\Corinna\Downloads\OriginalMail.eml
2015-05-11 16:53 - 2015-05-11 16:53 - 01552929 _____ () C:\Users\Corinna\Downloads\Tutorium Aufgabe 6.jpeg
2015-05-10 18:28 - 2015-05-10 18:28 - 01517631 _____ () C:\Users\Corinna\Downloads\Bonusaufgabe_5_Holscher_Corinna.zip
2015-05-03 17:30 - 2015-05-03 17:30 - 00000546 _____ () C:\Users\Corinna\Downloads\MixVideoPlayer (4).website
2015-05-03 17:30 - 2015-05-03 17:30 - 00000546 _____ () C:\Users\Corinna\Downloads\MixVideoPlayer (3).website
2015-05-03 16:53 - 2015-05-03 16:53 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-05-03 16:50 - 2015-05-03 16:52 - 28849904 _____ () C:\Users\Corinna\Downloads\vlc-2-2-1-win32.exe
2015-05-03 16:37 - 2015-05-03 16:37 - 00000546 _____ () C:\Users\Corinna\Downloads\MixVideoPlayer (2).website
2015-05-03 16:34 - 2015-05-03 16:35 - 00000000 ____D () C:\Users\Corinna\AppData\Local\Razer
2015-05-03 16:34 - 2015-05-03 16:34 - 00003260 _____ () C:\WINDOWS\System32\Tasks\Opera N Sunday
2015-05-03 16:34 - 2015-05-03 16:34 - 00003260 _____ () C:\WINDOWS\System32\Tasks\Opera N Saturday
2015-05-03 16:34 - 2015-05-03 16:34 - 00000000 ____D () C:\Users\Corinna\AppData\Roaming\Opera Software
2015-05-03 16:34 - 2015-05-03 16:34 - 00000000 ____D () C:\Users\Corinna\AppData\Local\Opera Software
2015-05-03 16:33 - 2015-05-03 16:35 - 00000000 ____D () C:\ProgramData\Razer
2015-05-03 16:33 - 2015-03-12 13:04 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2015-05-03 16:33 - 2015-03-12 13:04 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2015-05-03 16:33 - 2015-03-12 13:04 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2015-05-03 16:33 - 2015-03-12 13:04 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2015-05-03 16:32 - 2015-05-03 16:35 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-05-03 16:30 - 2015-05-03 16:30 - 00000000 ____D () C:\ProgramData\Sun
2015-05-03 16:30 - 2015-05-03 16:29 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-05-03 16:29 - 2015-05-03 16:29 - 00000000 ____D () C:\ProgramData\Oracle
2015-05-03 16:29 - 2015-05-03 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-05-03 16:29 - 2015-05-03 16:29 - 00000000 ____D () C:\Program Files\Java
2015-05-03 16:24 - 2015-05-03 16:24 - 00000546 _____ () C:\Users\Corinna\Downloads\MixVideoPlayer (1).website
2015-05-03 16:19 - 2015-05-03 16:47 - 00000000 ____D () C:\Program Files (x86)\Applian Technologies
2015-05-03 16:18 - 2015-05-03 16:18 - 23750568 _____ () C:\Users\Corinna\Downloads\FLVPlayer4211Install.exe
2015-05-03 16:12 - 2015-05-03 16:12 - 00000000 ____D () C:\Users\Corinna\AppData\Roaming\TuneUp Software
2015-05-03 16:12 - 2015-05-03 16:12 - 00000000 ____D () C:\Users\Corinna\AppData\Local\TuneUp Software
2015-05-03 16:11 - 2015-05-03 16:13 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-05-03 16:11 - 2015-05-03 16:11 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-05-03 16:08 - 2015-05-03 17:31 - 00000000 ____D () C:\Users\Corinna\AppData\Local\Deployment
2015-05-03 16:08 - 2015-05-03 16:15 - 00000000 ____D () C:\ProgramData\DivX
2015-05-03 16:08 - 2015-05-03 16:08 - 01010672 _____ (DivX, LLC) C:\Users\Corinna\Downloads\DivXInstaller.exe
2015-05-03 16:06 - 2015-05-03 16:09 - 00000546 _____ () C:\Users\Corinna\Downloads\MixVideoPlayer .website
2015-05-03 12:13 - 2015-05-03 12:13 - 00001776 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-05-03 12:13 - 2015-05-03 12:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-05-03 12:13 - 2015-05-03 12:13 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-03 12:13 - 2015-05-03 12:13 - 00000000 ____D () C:\Program Files\iTunes
2015-05-03 12:13 - 2015-05-03 12:13 - 00000000 ____D () C:\Program Files\iPod
2015-05-03 12:13 - 2015-05-03 12:13 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-05-03 11:56 - 2015-05-03 11:56 - 01587999 _____ () C:\Users\Corinna\Downloads\Tutorium Aufgabe 4.jpeg
2015-05-02 13:30 - 2015-05-02 13:30 - 00001193 _____ () C:\Users\Corinna\Desktop\Amazon Music.lnk
2015-05-02 13:29 - 2015-05-02 13:29 - 41030704 _____ (Amazon) C:\Users\Corinna\Downloads\AmazonMusicInstaller (1).exe
2015-05-02 12:58 - 2015-05-02 12:58 - 00012288 ___SH () C:\Users\Corinna\Downloads\Thumbs.db
2015-05-02 12:50 - 2015-05-02 12:50 - 00000308 _____ () C:\Users\Corinna\Downloads\BK_KIDD_000273DE_mp332_A11S3U77WXVLN3.adh
2015-05-02 12:50 - 2015-05-02 12:50 - 00000306 _____ () C:\Users\Corinna\Downloads\BK_KIDD_000774DE_mp332_A11S3U77WXVLN3.adh
2015-05-01 13:49 - 2015-05-01 13:50 - 00001108 _____ () C:\DelFix.txt
2015-05-01 13:49 - 2015-05-01 13:49 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-04-29 21:58 - 2015-04-29 21:58 - 880056012 _____ () C:\WINDOWS\MEMORY.DMP
2015-04-29 21:58 - 2015-04-29 21:58 - 00301816 _____ () C:\WINDOWS\Minidump\042915-24468-01.dmp
2015-04-29 21:58 - 2015-04-29 21:58 - 00000000 ____D () C:\WINDOWS\Minidump
2015-04-29 17:39 - 2015-04-29 17:39 - 00000207 _____ () C:\WINDOWS\tweaking.com-regbackup-LENOVO-PC-Windows-8.1-Pro-(64-bit).dat
2015-04-29 17:39 - 2015-04-29 17:39 - 00000000 ____D () C:\RegBackup
2015-04-29 17:06 - 2015-04-29 17:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-29 17:05 - 2015-04-29 17:05 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Corinna\Downloads\mbam-setup-2.1.6.1022.exe
2015-04-29 11:31 - 2015-04-29 11:31 - 00000000 _____ () C:\autoexec.bat
2015-04-26 19:50 - 2015-04-26 19:51 - 00000306 _____ () C:\Users\Corinna\Downloads\BK_KIDD_000784DE_mp332_A11S3U77WXVLN3.adh
2015-04-26 19:50 - 2015-04-26 19:50 - 00000311 _____ () C:\Users\Corinna\Downloads\BK_KIDD_000281DE_mp332_A11S3U77WXVLN3.adh
2015-04-26 19:09 - 2015-04-26 19:09 - 03060916 _____ () C:\Users\Corinna\Downloads\Bonusaufgabe_3_Holscher_Corinna.zip
2015-04-26 14:34 - 2015-04-26 14:34 - 00519680 _____ () C:\Users\Corinna\Downloads\BWL Formelsammlung neu_e.ppt
2015-04-22 10:13 - 2015-04-22 10:13 - 00960200 _____ () C:\Users\Corinna\Downloads\Unterschrift Kreditkarte.jpeg
2015-04-22 10:12 - 2015-04-22 10:11 - 00960200 _____ () C:\Users\Corinna\Desktop\Unterschrift Kreditkarte.jpeg
2015-04-21 20:02 - 2015-04-21 20:02 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2015-04-21 20:00 - 2015-04-29 10:13 - 00000000 ____D () C:\NPE
2015-04-21 18:57 - 2015-04-29 10:16 - 00000000 ____D () C:\Users\Corinna\AppData\Local\NPE
2015-04-21 16:11 - 2015-05-19 22:05 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2015-04-21 16:07 - 2015-04-21 16:07 - 00007863 _____ () C:\Users\Corinna\Downloads\noname
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-19 22:28 - 2015-01-18 22:18 - 00001138 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-19 22:25 - 2015-01-19 01:57 - 00000000 ____D () C:\Users\Corinna
2015-05-19 22:20 - 2015-01-19 01:47 - 01382101 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-19 22:20 - 2013-08-22 16:46 - 00447629 _____ () C:\WINDOWS\setupact.log
2015-05-19 22:10 - 2015-01-19 08:22 - 00000000 ____D () C:\Users\Corinna\OneDrive
2015-05-19 22:10 - 2015-01-18 22:18 - 00001134 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-19 22:10 - 2015-01-18 13:17 - 00000193 _____ () C:\Users\Corinna\AppData\Local\RegisteredPackageInformation.xml
2015-05-19 22:10 - 2014-11-20 20:24 - 00136208 _____ () C:\WINDOWS\PFRO.log
2015-05-19 22:10 - 2013-10-25 00:08 - 00000000 ____D () C:\ProgramData\Validity
2015-05-19 22:10 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-19 22:09 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-19 22:05 - 2015-02-14 18:43 - 00081408 ___SH () C:\Users\Corinna\Desktop\Thumbs.db
2015-05-19 22:04 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\GroupPolicy
2015-05-19 22:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-19 21:52 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-05-19 20:39 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PLA
2015-05-19 19:42 - 2015-01-18 13:36 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-05-19 19:23 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-19 08:13 - 2015-01-19 08:39 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-19 08:05 - 2013-08-22 16:44 - 00491720 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-19 08:05 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-05-13 13:40 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers
2015-05-13 10:47 - 2014-11-21 05:13 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 10:30 - 2014-02-12 17:39 - 00000000 ____D () C:\Users\Corinna\Desktop\Uni
2015-05-13 10:23 - 2015-01-18 13:16 - 00000000 ____D () C:\Users\Corinna\AppData\Local\Packages
2015-05-13 10:04 - 2014-11-21 05:35 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-13 10:04 - 2014-11-21 04:45 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-05-13 10:04 - 2014-11-21 04:45 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-05-11 20:24 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2015-05-05 19:59 - 2014-11-21 13:15 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2014-11-21 13:15 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-03 12:13 - 2015-03-22 10:42 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-04-30 18:32 - 2015-01-18 22:19 - 00002206 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-29 17:33 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Help
2015-04-21 18:57 - 2013-10-25 00:16 - 00000000 ____D () C:\ProgramData\Norton
2015-04-21 16:10 - 2015-03-22 10:46 - 00000000 ____D () C:\Users\Corinna\AppData\Roaming\Apple Computer
2015-04-19 18:11 - 2013-10-25 00:07 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2015-04-19 18:11 - 2013-10-24 23:52 - 00000000 ____D () C:\Program Files\Lenovo
==================== Files in the root of some directories =======
2015-01-18 13:18 - 2015-01-21 19:53 - 0001492 _____ () C:\Users\Corinna\AppData\Roaming\AbsoluteReminder.xml
2015-01-18 13:17 - 2015-05-19 22:10 - 0000193 _____ () C:\Users\Corinna\AppData\Local\RegisteredPackageInformation.xml
2015-02-16 08:10 - 2015-02-16 08:10 - 0000017 _____ () C:\Users\Corinna\AppData\Local\resmon.resmoncfg
2013-10-24 23:56 - 2013-10-24 23:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-10-25 00:12 - 2013-10-25 00:12 - 0000107 _____ () C:\ProgramData\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}.log
2013-10-25 00:09 - 2013-10-25 00:10 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2013-10-25 00:10 - 2013-10-25 00:11 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2013-10-25 00:11 - 2013-10-25 00:12 - 0000115 _____ () C:\ProgramData\{D6E853EC-8960-4D44-AF03-7361BB93227C}.log
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-10 19:46
==================== End Of Log ============================
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05-2015
Ran by Corinna at 2015-05-19 22:29:12
Running from C:\Users\Corinna\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-992426981-1486406983-2665444241-500 - Administrator - Disabled) => C:\Users\Administrator
Corinna (S-1-5-21-992426981-1486406983-2665444241-1002 - Administrator - Enabled) => C:\Users\Corinna
Gast (S-1-5-21-992426981-1486406983-2665444241-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-992426981-1486406983-2665444241-1006 - Limited - Enabled)
UpdatusUser (S-1-5-21-992426981-1486406983-2665444241-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Internet Security (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-992426981-1486406983-2665444241-1002\...\Amazon Amazon Music) (Version: 3.9.3.797 - Amazon Services LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.48.0 - Conexant)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5119.52 - CyberLink Corp.)
ExpressCache (HKLM\...\{C123584F-9C84-45E8-AE5F-522328BB79A0}) (Version: 1.0.100.0 - Condusiv Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41900) (Version: 3.8.0.41900.72 - Intel)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{DA2600C1-6BDF-4FD1-1212-148929CC1385}) (Version: 2.6.1212.0302 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.0.0.36888 - Intel Corporation) Hidden
Intel(R) WiDi (HKLM\...\{23D486D4-FBE0-40F3-A245-E4D56D094764}) (Version: 3.5.41.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{fad118b4-798f-4755-9e67-a622eec95b62}) (Version: 15.6.1 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.01 - )
Lenovo Dependency Package (HKLM-x32\...\Lenovo Dependency Package_is1) (Version: 1.5.35.0 - Lenovo Group Limited)
Lenovo Fingerprint Manager (HKLM\...\{709AB4C0-9DFF-4293-954F-FBCC7FC005DA}) (Version: 4.5.122.0 - Validity Sensors, Inc.)
Lenovo Patch Utility (HKLM-x32\...\{AD32F5E9-6BDD-480A-8B7B-95571D04691C}) (Version: 1.3.1.1 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (HKLM\...\{ABE4638D-D208-4061-9F26-E3E11E3A1E0C}) (Version: 1.3.1.1 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.66.00.22 - )
Lenovo Settings - Camera Audio (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 4.0.97.0 - Lenovo Corporation)
Lenovo Settings Dependency Package (HKLM\...\{3694BA2E-BE31-4B7E-886B-A0B559E69D4D}_is1) (Version: 1.1.1.11 - Lenovo Group Limited)
Lenovo Settings Mobile Hotspot (HKLM\...\{42603F7D-B08D-436B-B0D8-3E2DEF1AFD41}_is1) (Version: 1.1.0.57 - Lenovo)
Lenovo Solution Center (HKLM\...\{1CA74803-5CB2-4C03-BDBE-061EDC81CC7F}) (Version: 2.8.004.00 - Lenovo Group Limited)
Lenovo Solutions for Small Business (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: 2.0.32.7350 - Intel(R) Corporation)
Lenovo Solutions for Small Business Customizations (HKLM-x32\...\{AFD7B869-3B70-40C7-8983-769256BA3BD2}) (Version: 2.0.0004.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0020 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0012.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-992426981-1486406983-2665444241-1002\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Nitro Pro 8 (HKLM\...\{35E1FF5F-E8E1-4DE2-B3EC-BBE296B27336}) (Version: 8.5.2.10 - Nitro)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.7.0.11 - Symantec Corporation)
NVIDIA Grafiktreiber 327.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.62 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
RapidBoot HDD Accelerator (HKLM-x32\...\Fastboot) (Version: 2.1.1.0 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.29052 - Realtek Semiconductor Corp.)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.80.99066 - SugarSync, Inc.)
Synaptics WBF DDK 5011 (HKLM\...\{40CD122C-E6DF-45B1-BA54-4DB9416EFF9B}) (Version: 4.5.266.0 - Synaptics)
Synaptics WBF DDK 5011 (HKLM\...\{4D70781C-36A9-4335-9568-565C6F61B5EB}) (Version: 4.5.266.0 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.5.0.6 - )
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.77.0.11 - Lenovo)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Windows-Treiberpaket - Intel Corporation (iaStorA) HDC (09/01/2012 11.6.0.1030) (HKLM\...\C5447D3383070620C3892FF393F522D6225CBA13) (Version: 09/01/2012 11.6.0.1030 - Intel Corporation)
Windows-Treiberpaket - Lenovo 1.66.00.22 (11/30/2012 1.66.00.22) (HKLM\...\16E722986C4293F5D6BF43595DFFD631398D5F21) (Version: 11/30/2012 1.66.00.22 - Lenovo)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-992426981-1486406983-2665444241-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-992426981-1486406983-2665444241-1002_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-992426981-1486406983-2665444241-1002_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-992426981-1486406983-2665444241-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Corinna\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-992426981-1486406983-2665444241-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Corinna\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-992426981-1486406983-2665444241-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Corinna\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-992426981-1486406983-2665444241-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Corinna\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
03-05-2015 16:15:53 TuneUp Utilities 2014 wird entfernt
10-05-2015 21:10:57 Geplanter Prüfpunkt
19-05-2015 22:08:42 zoek.exe restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0BE55180-8BBF-4C2D-A206-146E5163AFE3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {0E82D5D0-1492-444F-A074-051807304911} - System32\Tasks\Intel\Intel Service Manager => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [2013-03-25] (Intel Corporation)
Task: {114021C2-E436-4E4C-B586-0C9A2726028D} - System32\Tasks\Lenovo\LenovoMachineInformation => C:\Program Files\lenovo\SystemAgent\MachineInformation.exe [2013-05-13] ()
Task: {19253090-6B89-4AC2-B898-B74FF667CFFF} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {1E8F69AC-750C-4619-9D06-B4D18476175C} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: {283B378C-7074-4489-9310-A5E388A225B9} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {30747670-0677-4BED-AD5A-1B334C1F192B} - System32\Tasks\StartPowerDVDService => C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe [2013-03-19] (CyberLink Corp.)
Task: {3365773D-8D43-4AF2-9D76-965D1FE683D6} - System32\Tasks\Opera N Saturday => C:\Program Files (x86)\Opera\launcher.exe
Task: {389DD435-260B-4137-B580-DDC7FDC64025} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {39916E46-DD15-4312-80F8-B98A30EC539E} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {4360629B-09DD-48CF-A3AA-F76DC0CB905D} - System32\Tasks\Opera N Sunday => C:\Program Files (x86)\Opera\launcher.exe
Task: {4775CB3A-407C-446E-A2FD-BFADF942CD69} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {4C0681F8-8FB8-4341-B176-E05A448BC94A} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-03-09] (Lenovo)
Task: {52813A4D-20C7-4459-8A77-DD01F2DA64ED} - System32\Tasks\Lenovo\LenovoWarrantyChinaTask => C:\Program Files\lenovo\SystemAgent\ChinaWarrantyService.exe [2013-05-13] ()
Task: {5CB3E31E-EE48-45FF-84A8-8AB1B5161B3F} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {7972FDE8-6788-4974-9827-4C22DFBACB98} - System32\Tasks\Lenovo\LenovoUserguidesCopy => C:\Program Files\lenovo\SystemAgent\UserguidesCopy.exe [2013-05-13] ()
Task: {822C7D8A-5098-44EC-9586-F7B2F8547E89} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {825B3E3B-DE65-4BAB-AEC5-AE45103211D4} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-05-19] (Microsoft Corporation)
Task: {8928AEDF-2477-4CDD-9A0E-179DF9710949} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-18] (Google Inc.)
Task: {907D3A66-5F05-47CC-A3A3-14BD55E22EAA} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2015-03-09] (Lenovo)
Task: {93116B98-9D2B-453D-8E52-70C056CB00E4} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {AD910BB8-F2F4-4BCA-8820-86DAE71BB731} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2014-09-16] ()
Task: {AE5FEFC9-2378-4C95-9207-AC690FA3C441} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-18] (Google Inc.)
Task: {AF739979-0CD5-44C1-8132-9898FE5F7AAD} - System32\Tasks\Lenovo\LenovoDependencyVersionTask => C:\Program Files\lenovo\SystemAgent\DependencyVersion.exe [2013-05-13] ()
Task: {B38CB698-93C0-4F81-BF45-836C0CCFDF9E} - System32\Tasks\Intel(R) Small Business Advantage\Notifier => C:\Program Files\Intel\Intel(R) Small Business Advantage\UI\SBA_Notifier.exe [2013-04-10] (Intel Corporation)
Task: {CD39BFE7-E94F-4305-AD75-22EC6C3D051E} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2015-03-09] (Lenovo)
Task: {D9F6556E-E1E6-4CB9-8431-873199C2DE26} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {DDB56D63-E450-459D-9B85-34761E0CF6CD} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {EBA15478-A50A-4076-BCAF-DA720EA04BEC} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-03-09] (Lenovo)
Task: {F5017589-94F9-4B9B-A0EE-F9C6BADFCE57} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\WSCStub.exe [2015-03-07] (Symantec Corporation)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Loaded Modules (Whitelisted) ==============
2013-12-26 20:42 - 2013-12-26 20:42 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-10-25 00:17 - 2013-04-18 07:32 - 00115712 _____ () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-18 22:28 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-01-20 14:07 - 2010-10-26 13:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2015-05-02 13:30 - 2015-04-21 01:37 - 05886784 _____ () C:\Users\Corinna\AppData\Local\Amazon Music\Amazon Music Helper.exe
2013-04-19 11:50 - 2013-04-19 11:50 - 00463352 _____ () C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
2013-04-19 11:50 - 2013-04-19 11:50 - 00014328 _____ () C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
2015-01-18 22:28 - 2015-01-18 22:28 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2015-04-21 07:51 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\Corinna\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2015-04-21 07:51 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\Corinna\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2015-04-30 18:32 - 2015-04-28 04:07 - 14980424 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll
2013-10-24 23:49 - 2012-07-19 12:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade
AlternateDataStreams: C:\Users\Corinna\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Corinna\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Corinna\Desktop\Unterschrift Kreditkarte.jpeg:�3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Corinna\Desktop\Unterschrift Kreditkarte.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Corinna\Downloads\OriginalMail.eml:OECustomProperty
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-992426981-1486406983-2665444241-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Corinna\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\brooklynbridge.jpg
DNS Servers: 192.168.0.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "Fastboot"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{5D1B57F2-3ADD-452F-8070-680EEC33D2CC}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{8BBA1829-63E5-417E-A662-97FD01775A4E}] => (Allow) C:\Users\Corinna\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{7D880180-A1B8-411D-8539-E61FF21CF4F4}] => (Allow) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
FirewallRules: [{91D79C53-6A49-4766-BB74-776550BF52C6}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{608D31B5-A14C-488C-A0A2-DEAC70EE06F7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{26B09C8D-9374-46C1-ACF6-F478BB4561BC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{CFF05750-0FAB-480D-AD45-7111BB6D62BD}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{821378E9-C81B-4056-B19E-5142B68D03D9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{1C3B7B97-798B-497D-A091-B2368CD518B6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{55A8D186-2D97-4FFD-80C9-FA2F1FE902D5}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{E68C395B-E0CF-46F4-AC44-B6826F8C985F}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{3DD65EF9-F4D7-4996-AB82-9B43B7B45C1E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DE44099E-0D10-46F8-9F19-712C8ECBE065}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9F425FCC-374C-4C3A-A501-227B2586A5AC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EADDCCE1-9EDD-41F0-9B7F-7740753BE40E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{398A8774-3595-4817-ADD6-0342EE41CD9D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{2FBFC439-8C4C-4726-AE67-357888909D91}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/19/2015 08:49:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.
Error: (05/19/2015 08:49:17 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.
Error: (05/19/2015 08:38:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LnvHotSpotSvc.exe, Version: 1.1.0.57, Zeitstempel: 0x516643c9
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54505737
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000000000008b9c
ID des fehlerhaften Prozesses: 0x1970
Startzeit der fehlerhaften Anwendung: 0xLnvHotSpotSvc.exe0
Pfad der fehlerhaften Anwendung: LnvHotSpotSvc.exe1
Pfad des fehlerhaften Moduls: LnvHotSpotSvc.exe2
Berichtskennung: LnvHotSpotSvc.exe3
Vollständiger Name des fehlerhaften Pakets: LnvHotSpotSvc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LnvHotSpotSvc.exe5
Error: (05/19/2015 08:38:43 PM) (Source: BiometricSensorDataSynchronization) (EventID: 0) (User: )
Description: BiometricSensorDataSynchronizationEvtOpenChannelConfig failed with 00000139f
Error: (05/19/2015 08:38:43 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: LnvHotSpotSvc.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Management.ManagementException
Stapel:
bei System.Management.ManagementException.ThrowWithExtendedInfo(System.Management.ManagementStatus)
bei System.Management.SinkForEventQuery.Cancel()
bei System.Management.ManagementEventWatcher.Stop()
bei System.Management.ManagementEventWatcher.Finalize()
Error: (05/19/2015 08:05:01 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: LnvHotSpotSvc.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Management.ManagementException
Stapel:
bei System.Management.ManagementException.ThrowWithExtendedInfo(System.Management.ManagementStatus)
bei System.Management.SinkForEventQuery.Cancel()
bei System.Management.ManagementEventWatcher.Stop()
bei System.Management.ManagementEventWatcher.Finalize()
Error: (05/19/2015 08:04:59 PM) (Source: BiometricSensorDataSynchronization) (EventID: 0) (User: )
Description: BiometricSensorDataSynchronizationEvtOpenChannelConfig failed with 00000139f
Error: (05/19/2015 07:37:52 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.
Error: (05/19/2015 07:37:50 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.
Error: (05/19/2015 07:36:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.
System errors:
=============
Error: (05/19/2015 10:12:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (05/19/2015 10:12:43 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1326
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (05/19/2015 10:08:42 PM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "Windows8_OS" wurde eine Beschädigung erkannt.
Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x3000000000026. Der Name der Datei ist "<Dateiname kann nicht bestimmt werden>".
Error: (05/19/2015 10:07:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (05/19/2015 10:07:22 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1326
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (05/19/2015 10:04:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (05/19/2015 10:04:33 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%50
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (05/19/2015 10:04:33 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "Windows Search" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1069
Error: (05/19/2015 10:04:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (05/19/2015 10:04:33 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%50
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Microsoft Office Sessions:
=========================
Error: (05/19/2015 08:49:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\Corinna\Downloads\esetsmartinstaller_deu.exe
Error: (05/19/2015 08:49:17 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\Corinna\Downloads\esetsmartinstaller_deu.exe
Error: (05/19/2015 08:38:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LnvHotSpotSvc.exe1.1.0.57516643c9KERNELBASE.dll6.3.9600.1741554505737e04343520000000000008b9c197001d0925ec02c494aC:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exeC:\WINDOWS\system32\KERNELBASE.dll4656044b-fe56-11e4-beb3-681729f7884c
Error: (05/19/2015 08:38:43 PM) (Source: BiometricSensorDataSynchronization) (EventID: 0) (User: )
Description: BiometricSensorDataSynchronizationEvtOpenChannelConfig failed with 00000139f
Error: (05/19/2015 08:38:43 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: LnvHotSpotSvc.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Management.ManagementException
Stapel:
bei System.Management.ManagementException.ThrowWithExtendedInfo(System.Management.ManagementStatus)
bei System.Management.SinkForEventQuery.Cancel()
bei System.Management.ManagementEventWatcher.Stop()
bei System.Management.ManagementEventWatcher.Finalize()
Error: (05/19/2015 08:05:01 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: LnvHotSpotSvc.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Management.ManagementException
Stapel:
bei System.Management.ManagementException.ThrowWithExtendedInfo(System.Management.ManagementStatus)
bei System.Management.SinkForEventQuery.Cancel()
bei System.Management.ManagementEventWatcher.Stop()
bei System.Management.ManagementEventWatcher.Finalize()
Error: (05/19/2015 08:04:59 PM) (Source: BiometricSensorDataSynchronization) (EventID: 0) (User: )
Description: BiometricSensorDataSynchronizationEvtOpenChannelConfig failed with 00000139f
Error: (05/19/2015 07:37:52 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\Corinna\Downloads\esetsmartinstaller_deu.exe
Error: (05/19/2015 07:37:50 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\Corinna\Downloads\esetsmartinstaller_deu.exe
Error: (05/19/2015 07:36:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\Corinna\Downloads\esetsmartinstaller_deu.exe
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3632QM CPU @ 2.20GHz
Percentage of memory in use: 85%
Total physical RAM: 3913.59 MB
Available physical RAM: 558 MB
Total Pagefile: 7881.59 MB
Available Pagefile: 4302.78 MB
Total Virtual: 131072 MB
Available Virtual: 131071.82 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:916.3 GB) (Free:850.77 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 36505215)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: 365052A7)
Partition: GPT Partition Type.
==================== End Of Log ============================
Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-05-19 22:35:56
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000035 WDC_WD10JPVT-08A1YT2 rev.01.01A01 931,51GB
Running: Gmer-19357 (1).exe; Driver: C:\Users\Corinna\AppData\Local\Temp\fxlyrpog.sys
---- User code sections - GMER 2.1 ----
.text C:\WINDOWS\system32\dwm.exe[648] C:\WINDOWS\system32\KERNEL32.DLL!K32GetModuleInformation 00007ffabf1e3e10 7 bytes JMP 00007ffbbce602d0
.text C:\WINDOWS\system32\dwm.exe[648] C:\WINDOWS\system32\KERNEL32.DLL!RegQueryValueExW 00007ffabf1e3e20 7 bytes JMP 00007ffbbce60308
.text C:\WINDOWS\system32\dwm.exe[648] C:\WINDOWS\system32\KERNEL32.DLL!RegSetValueExW 00007ffabf2939b0 7 bytes JMP 00007ffbbce603b0
.text C:\WINDOWS\system32\dwm.exe[648] C:\WINDOWS\system32\KERNEL32.DLL!RegDeleteValueW 00007ffabf293ef0 7 bytes JMP 00007ffbbce60340
.text C:\WINDOWS\system32\dwm.exe[648] C:\WINDOWS\system32\KERNEL32.DLL!RegSetValueExA 00007ffabf293fe0 7 bytes JMP 00007ffbbce60378
.text C:\WINDOWS\system32\dwm.exe[648] C:\WINDOWS\system32\KERNEL32.DLL!K32EnumProcessModulesEx 00007ffabf2c06c0 7 bytes JMP 00007ffbbce60228
.text C:\WINDOWS\system32\dwm.exe[648] C:\WINDOWS\system32\KERNEL32.DLL!K32GetMappedFileNameW 00007ffabf2c0730 7 bytes JMP 00007ffbbce60298
.text C:\WINDOWS\system32\dwm.exe[648] C:\WINDOWS\system32\KERNEL32.DLL!K32GetModuleFileNameExW 00007ffabf2c0760 7 bytes JMP 00007ffbbce60260
.text C:\WINDOWS\system32\dwm.exe[648] C:\WINDOWS\system32\KERNELBASE.dll!FreeLibrary 00007ffabcec21d0 5 bytes JMP 00007ffbbce60180
.text C:\WINDOWS\system32\dwm.exe[648] C:\WINDOWS\system32\KERNELBASE.dll!GetModuleHandleW 00007ffabcec29d0 7 bytes JMP 00007ffbbce600d8
.text C:\WINDOWS\system32\dwm.exe[648] C:\WINDOWS\system32\KERNELBASE.dll!GetModuleHandleExW 00007ffabcec4310 5 bytes JMP 00007ffbbce60110
.text C:\WINDOWS\system32\dwm.exe[648] C:\WINDOWS\system32\KERNELBASE.dll!LoadLibraryExW 00007ffabcec8d80 5 bytes JMP 00007ffbbce60148
.text C:\WINDOWS\system32\dwm.exe[648] C:\WINDOWS\system32\USER32.dll!CreateWindowExW 00007ffabf856d90 10 bytes JMP 00007ffbbce60490
.text C:\WINDOWS\system32\dwm.exe[648] C:\WINDOWS\system32\USER32.dll!EnumDisplayDevicesW 00007ffabf8674a0 5 bytes JMP 00007ffbbce60458
.text C:\WINDOWS\system32\dwm.exe[648] C:\WINDOWS\system32\USER32.dll!DisplayConfigGetDeviceInfo 00007ffabf867560 1 byte JMP 00007ffbbce603e8
.text C:\WINDOWS\system32\dwm.exe[648] C:\WINDOWS\system32\USER32.dll!DisplayConfigGetDeviceInfo + 2 00007ffabf867562 7 bytes {JMP 0xfffffffffd5f8e88}
.text C:\WINDOWS\system32\dwm.exe[648] C:\WINDOWS\system32\USER32.dll!EnumDisplayDevicesA 00007ffabf876b10 5 bytes JMP 00007ffbbce60420
.text C:\WINDOWS\system32\dwm.exe[648] C:\WINDOWS\system32\GDI32.dll!D3DKMTGetDisplayModeList 00007ffabf321500 8 bytes JMP 00007ffbbce601b8
.text C:\WINDOWS\system32\dwm.exe[648] C:\WINDOWS\system32\GDI32.dll!D3DKMTQueryAdapterInfo 00007ffabf321750 8 bytes JMP 00007ffbbce601f0
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\csrss.exe [748:784] fffff9600080c2d0
Thread C:\Windows\System32\SettingSyncHost.exe [5224:5256] 00007ffaa3d47090
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
|
Lesestoff:
AdwCleaner auf deinen Desktop.
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
