| |
| |||||||
Log-Analyse und Auswertung: Windows 8.1: yahoo community smartbar engine lies sich nicht deinstallierenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
18.09.2014, 18:56
| #1 |
 |  Windows 8.1: yahoo community smartbar engine lies sich nicht deinstallieren Hallo, erneut habe ich es geschafft und mir etwas runtergeladen, was ich definitiv nicht auf dem Laptop haben möchte: Die Yahoo Community Smartbar Engine. Im Vorfeld habe ich bereits mit dem GeekUninstaller versucht dieses Programm (?) zu deinstallieren, was auch funktioniert hat, irgendwie. Doch mein Norton zeigt immer noch an das etwas gefunden wurde. Jetzt bin ich mir nicht sicher ob der PC tatsächlich "sauber" ist, oder noch irgendwo ein verirrter Virus oder Trojaner herumschwirrt und lustige Dinge mit meinem Laptop anstellt. Aufgefallen ist mir das Ganze, weil jedensmal wenn ich einen Tab öffne immer noch die Yahoo suche kommt. Vielleicht muss man das aber auch nur in den Einstellungen umändern das da wieder Google aufgeht, das weiß ich nicht. Hier die verschiedenen Logs: Defogger: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:30 on 18/09/2014 (Marion)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Marion at 2014-09-18 19:36:26
Running from C:\Users\Marion\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 (Disabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.178 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Amazon Music (HKCU\...\Amazon Amazon Music) (Version: 3.4.0.628 - Amazon Services LLC)
Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 3.0.0 - Amazon Services LLC)
Amazon Music Importer (x32 Version: 3.0.0 - Amazon Services LLC) Hidden
AMD Accelerated Video Transcoding (Version: 13.15.100.30819 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0819.1344.22803 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{2A437217-D315-C5A8-CE9D-35A733C37B1D}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Any Video Converter 5.6.4 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber)
Benutzerhandbuch (x32 Version: 1.0.0.17 - Lenovo) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MX870 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.21.50 - Conexant)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
CyberLink PhotoDirector 3 (x32 Version: 3.0.1.4107 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
Die Sims™ 3 Inselparadies (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
Die Sims™ 3 Wildes Studentenleben (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.677.20 - Electronic Arts Inc.)
Die Sims™ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.237.100 - Electronic Arts Inc.)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.14 - Lenovo)
Energy Management (x32 Version: 8.0.2.14 - Lenovo) Hidden
Express Zip (HKLM-x32\...\ExpressZip) (Version: 2.18 - NCH Software)
Gardenscapes – Gestalte dein Haus (HKLM-x32\...\Gardenscapes – Gestalte dein Haus_is1) (Version: - Playrix Entertainment)
Gardenscapes (HKLM-x32\...\Gardenscapes_is1) (Version: - Playrix Entertainment)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.7850 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10240 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.4.0 - Lenovo)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5108.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5108.52 - CyberLink Corp.) Hidden
Lenovo Solution Center (HKLM\...\{2F45A217-E9C7-4984-B0AC-5BE31FF4712B}) (Version: 2.4.003.00 - Lenovo Group Limited)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.223.143 - Lenovo)
LPT System Updater Service (x32 Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4641.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 de)) (Version: 32.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Mp3tag v2.63 (HKLM-x32\...\Mp3tag) (Version: v2.63 - Florian Heidenreich)
Norton 360 (HKLM-x32\...\N360) (Version: 21.5.0.19 - Symantec Corporation)
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Ihr Firmenname)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.)
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)
Switch Audiodatei-Konverter (HKLM-x32\...\Switch) (Version: 4.53 - NCH Software)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.0 - Synaptics Incorporated)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.17 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VR-NetWorld (HKLM-x32\...\{8815F011-43AF-4F50-BBD8-D78ED3D6F5B9}) (Version: - )
Windows-Treiberpaket - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1723613562-3815979346-2504557632-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Marion\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1723613562-3815979346-2504557632-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll No File
CustomCLSID: HKU\S-1-5-21-1723613562-3815979346-2504557632-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll No File
CustomCLSID: HKU\S-1-5-21-1723613562-3815979346-2504557632-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marion\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1723613562-3815979346-2504557632-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marion\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1723613562-3815979346-2504557632-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marion\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1723613562-3815979346-2504557632-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marion\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1723613562-3815979346-2504557632-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marion\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1723613562-3815979346-2504557632-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marion\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1723613562-3815979346-2504557632-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marion\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1723613562-3815979346-2504557632-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marion\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
03-09-2014 16:48:56 Geplanter Prüfpunkt
10-09-2014 15:50:05 Installiert VR-NetWorld
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0882DD71-2AEF-4E25-90FD-C6C5A38719BC} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2014-05-06] (Lenovo)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {109B9159-574C-494E-9D7A-91C9E703B421} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {1784A9CA-9D7E-4033-8D7E-A9EA02401C12} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2013-06-03] (Lenovo)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {286926E5-7E34-40BA-B275-1107BBAA3C78} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-05-06] (Lenovo)
Task: {2B9C6968-56E6-4330-B36E-9D0FAB4B921B} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4A48664D-5536-4ECF-939A-3AE8E8FB9495} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {585DFF5A-BB07-4249-AB69-6426AEEA9989} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-30] (Microsoft Corporation)
Task: {59EF75A4-9605-485A-93FE-83895421CA66} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-05-06] ()
Task: {5B09570E-95EA-4BCA-AA72-4675CCEB5E5B} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-09] (CyberLink Corp.)
Task: {5EDD8B4E-4ABF-4F0A-A99C-6054DCAF103E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5FA657EB-BDDB-451D-8637-E09E46438088} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-01] (Microsoft Corporation)
Task: {632AD7EF-3192-425E-AF1E-C780C791B9E2} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {637005D7-BBCB-4608-B378-F4F312CA5FF6} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: {68047D50-3B96-462D-998B-8A177BC6229A} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2014-05-06] (Lenovo)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6BC1503D-9772-41B8-9BB6-473680251B1E} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\WSCStub.exe [2014-07-31] (Symantec Corporation)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7AF4A367-53E6-4D9B-BCA7-CCA64E67EC1D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-30] (Microsoft Corporation)
Task: {7DF593ED-21C9-42FF-B5D9-DF065C776197} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9590EE65-974A-48C5-B64C-772625234B5A} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {9D93FFD9-3C5A-4F94-B063-21BDD2C8FDF3} - System32\Tasks\NCH Software\ExpressZipDowngrade => C:\Program Files (x86)\NCH Software\ExpressZip\expresszip.exe [2013-08-10] (NCH Software)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A2F500F0-643E-4360-8959-1C9219DECB90} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {C849ED12-6FBD-408D-B1EB-AD2E19866471} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D4EF52CF-9136-4B19-9C63-0623AE7E8800} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DAC63B95-DB5F-4A68-9486-7FACBAC04E40} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-05-06] (Lenovo)
Task: {DEC8D199-63AC-482D-901E-DC30E3A8981D} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F82A86EF-F6D1-4507-B534-7173BD2D89B1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-08-21] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-09-05 06:13 - 2013-09-05 06:13 - 00049368 _____ () C:\Program Files\Lenovo\Bluetooth Software\btwleapi.dll
2014-06-27 19:56 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-01-24 04:25 - 2012-04-24 12:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-01-24 04:28 - 2014-01-24 04:28 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2014-01-24 04:28 - 2014-01-24 04:28 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2014-08-27 21:28 - 2014-08-27 21:28 - 00088576 _____ () C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll
2013-10-09 03:08 - 2013-09-19 23:21 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-08-11 23:15 - 2014-09-06 02:54 - 06281536 _____ () C:\Users\Marion\AppData\Local\Amazon Music\Amazon Music Helper.exe
2014-08-27 16:24 - 2014-08-27 16:24 - 00034304 _____ () C:\Program Files (x86)\LPT\srpts.exe
2014-08-27 16:24 - 2014-08-27 16:29 - 00036352 _____ () C:\Program Files (x86)\LPT\srptsl.exe
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-18 18:33 - 2014-09-18 18:33 - 00043008 _____ () c:\users\marion\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptsvm4w.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Marion\AppData\Roaming\Dropbox\bin\libcef.dll
2014-01-24 04:04 - 2013-08-08 23:23 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-08-27 16:24 - 2014-08-27 16:29 - 00044032 _____ () C:\Program Files (x86)\LPT\srptc.dll
2014-08-27 16:23 - 2014-08-27 16:28 - 00018944 _____ () C:\Program Files (x86)\LPT\Smartbar.Common.dll
2014-08-27 16:24 - 2014-08-27 16:29 - 00071680 _____ () C:\Program Files (x86)\LPT\srut.dll
2014-09-13 15:54 - 2014-09-13 15:54 - 03716720 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-08-27 16:29 - 2014-08-27 16:29 - 00024576 _____ () C:\Users\Marion\AppData\Local\LPT\srptm.exe
2014-08-27 16:29 - 2014-08-27 16:29 - 00083968 _____ () C:\Users\Marion\AppData\Local\LPT\srpt.dll
2014-08-27 16:29 - 2014-08-27 16:29 - 00044032 _____ () C:\Users\Marion\AppData\Local\LPT\srptc.dll
2014-08-27 16:28 - 2014-08-27 16:28 - 00018944 _____ () C:\Users\Marion\AppData\Local\LPT\Smartbar.Common.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/18/2014 07:16:39 PM) (Source: MsiInstaller) (EventID: 11723) (User: Lenovo-PC)
Description: Product: Yahoo Community Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationFailed, entry: InstallationFailed, library: C:\WINDOWS\Installer\MSI63A.tmp
Error: (09/18/2014 07:16:38 PM) (Source: MsiInstaller) (EventID: 11723) (User: Lenovo-PC)
Description: Product: Yahoo Community Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationStartUninstall, entry: InstallationStartUninstall, library: C:\WINDOWS\Installer\MSI222.tmp
Error: (09/18/2014 07:16:09 PM) (Source: MsiInstaller) (EventID: 11723) (User: Lenovo-PC)
Description: Product: Yahoo Community Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationFailed, entry: InstallationFailed, library: C:\WINDOWS\Installer\MSI9369.tmp
Error: (09/18/2014 07:16:08 PM) (Source: MsiInstaller) (EventID: 11723) (User: Lenovo-PC)
Description: Product: Yahoo Community Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationStartUninstall, entry: InstallationStartUninstall, library: C:\WINDOWS\Installer\MSI8EB5.tmp
Error: (09/18/2014 06:58:03 PM) (Source: MsiInstaller) (EventID: 11723) (User: Lenovo-PC)
Description: Product: Yahoo Community Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationFailed, entry: InstallationFailed, library: C:\WINDOWS\Installer\MSIEE05.tmp
Error: (09/18/2014 06:57:57 PM) (Source: MsiInstaller) (EventID: 11723) (User: Lenovo-PC)
Description: Product: Yahoo Community Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationStartUninstall, entry: InstallationStartUninstall, library: C:\WINDOWS\Installer\MSID665.tmp
Error: (09/18/2014 06:55:13 PM) (Source: MsiInstaller) (EventID: 11723) (User: Lenovo-PC)
Description: Product: Yahoo Community Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationFailed, entry: InstallationFailed, library: C:\WINDOWS\Installer\MSI6B8E.tmp
Error: (09/18/2014 06:55:13 PM) (Source: MsiInstaller) (EventID: 11723) (User: Lenovo-PC)
Description: Product: Yahoo Community Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationStartUninstall, entry: InstallationStartUninstall, library: C:\WINDOWS\Installer\MSI6A45.tmp
Error: (09/18/2014 06:54:47 PM) (Source: MsiInstaller) (EventID: 11723) (User: Lenovo-PC)
Description: Product: Yahoo Community Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationFailed, entry: InstallationFailed, library: C:\WINDOWS\Installer\MSI6A8.tmp
Error: (09/18/2014 06:54:47 PM) (Source: MsiInstaller) (EventID: 11723) (User: Lenovo-PC)
Description: Product: Yahoo Community Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationStartUninstall, entry: InstallationStartUninstall, library: C:\WINDOWS\Installer\MSI5BC.tmp
System errors:
=============
Error: (09/18/2014 06:50:05 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "BUP Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (09/18/2014 06:33:21 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\WINDOWS\System32\bcmihvsrv64.dll
Fehlercode: 126
Error: (09/17/2014 04:53:53 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (09/17/2014 04:53:22 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (09/17/2014 04:36:30 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (09/17/2014 04:36:00 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (09/17/2014 02:20:59 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\WINDOWS\System32\bcmihvsrv64.dll
Fehlercode: 126
Error: (09/17/2014 07:25:51 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\WINDOWS\System32\bcmihvsrv64.dll
Fehlercode: 126
Error: (09/16/2014 05:58:11 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (09/16/2014 05:44:01 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\WINDOWS\System32\bcmihvsrv64.dll
Fehlercode: 126
Microsoft Office Sessions:
=========================
Error: (09/18/2014 07:16:39 PM) (Source: MsiInstaller) (EventID: 11723) (User: Lenovo-PC)
Description: Product: Yahoo Community Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationFailed, entry: InstallationFailed, library: C:\WINDOWS\Installer\MSI63A.tmp (NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/18/2014 07:16:38 PM) (Source: MsiInstaller) (EventID: 11723) (User: Lenovo-PC)
Description: Product: Yahoo Community Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationStartUninstall, entry: InstallationStartUninstall, library: C:\WINDOWS\Installer\MSI222.tmp (NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/18/2014 07:16:09 PM) (Source: MsiInstaller) (EventID: 11723) (User: Lenovo-PC)
Description: Product: Yahoo Community Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationFailed, entry: InstallationFailed, library: C:\WINDOWS\Installer\MSI9369.tmp (NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/18/2014 07:16:08 PM) (Source: MsiInstaller) (EventID: 11723) (User: Lenovo-PC)
Description: Product: Yahoo Community Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationStartUninstall, entry: InstallationStartUninstall, library: C:\WINDOWS\Installer\MSI8EB5.tmp (NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/18/2014 06:58:03 PM) (Source: MsiInstaller) (EventID: 11723) (User: Lenovo-PC)
Description: Product: Yahoo Community Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationFailed, entry: InstallationFailed, library: C:\WINDOWS\Installer\MSIEE05.tmp (NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/18/2014 06:57:57 PM) (Source: MsiInstaller) (EventID: 11723) (User: Lenovo-PC)
Description: Product: Yahoo Community Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationStartUninstall, entry: InstallationStartUninstall, library: C:\WINDOWS\Installer\MSID665.tmp (NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/18/2014 06:55:13 PM) (Source: MsiInstaller) (EventID: 11723) (User: Lenovo-PC)
Description: Product: Yahoo Community Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationFailed, entry: InstallationFailed, library: C:\WINDOWS\Installer\MSI6B8E.tmp (NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/18/2014 06:55:13 PM) (Source: MsiInstaller) (EventID: 11723) (User: Lenovo-PC)
Description: Product: Yahoo Community Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationStartUninstall, entry: InstallationStartUninstall, library: C:\WINDOWS\Installer\MSI6A45.tmp (NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/18/2014 06:54:47 PM) (Source: MsiInstaller) (EventID: 11723) (User: Lenovo-PC)
Description: Product: Yahoo Community Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationFailed, entry: InstallationFailed, library: C:\WINDOWS\Installer\MSI6A8.tmp (NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/18/2014 06:54:47 PM) (Source: MsiInstaller) (EventID: 11723) (User: Lenovo-PC)
Description: Product: Yahoo Community Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationStartUninstall, entry: InstallationStartUninstall, library: C:\WINDOWS\Installer\MSI5BC.tmp (NULL)(NULL)(NULL)(NULL)(NULL)
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 29%
Total physical RAM: 8089.77 MB
Available physical RAM: 5701.34 MB
Total Pagefile: 9369.77 MB
Available Pagefile: 6836.23 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:892.29 GB) (Free:737.99 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.01 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: C65FDADF)
Partition: GPT Partition Type.
==================== End Of Log ============================
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Marion (administrator) on LENOVO-PC on 18-09-2014 19:35:44
Running from C:\Users\Marion\Desktop
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\n360.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Users\Marion\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\Marion\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\n360.exe
() C:\Program Files (x86)\LPT\srpts.exe
() C:\Program Files (x86)\LPT\srptsl.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\Marion\Desktop\Defogger.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-08] (Intel Corporation)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2013-07-19] (Realtek semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2780400 2013-09-13] (Synaptics Incorporated)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111056 2014-01-24] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2014-01-24] (Lenovo(beijing) Limited)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [903384 2013-07-24] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1723613562-3815979346-2504557632-1001\...\Run: [Amazon Music] => C:\Users\Marion\AppData\Local\Amazon Music\Amazon Music Helper.exe [6281536 2014-09-06] ()
HKU\S-1-5-21-1723613562-3815979346-2504557632-1001\...\Run: [Browser Infrastructure Helper] => C:\Users\Marion\AppData\Local\Smartbar\Application\Smartbar.exe [29696 2014-08-27] (Smartbar)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VR-NetWorld Auftragsprüfung.lnk
ShortcutTarget: VR-NetWorld Auftragsprüfung.lnk -> C:\Program Files (x86)\VR-NetWorld\VRToolCheckOrder.exe (VR-NetWorld Software)
Startup: C:\Users\Marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Marion\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: ShareOverlay -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: ShareOverlay -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjFkWpcgPNAkNiHMhcZz6_i7rdh93Z7tkVqlsS4UdyYk28zPW6gE9c_qkGeS6JkqXYn_pTfwGt8jCfma4Nw4PZWxVE6b5EltN0WK93tNy31TWBBqZnjTl3Dfbbn7XDLSVQxdWz2zH8QRiuCabcvWXVXwmURVM8W3pVZNw,,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjFkWpcgPNAkNiHMhcZz6_i7rdh93Z7tkVqlsS4UdyYk28zPW6gE9c_qkGeS6JkqXYr7hj3P95vsi2H_C8hQSa3P7sF-EcJ-97xzq4W9d3n9I4R74PLKRMt8FA0pu2jfn2nK_rfgc22VozorMzQAFpPvdlqDTpG0AROjQ,,
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjFkWpcgPNAkNiHMhcZz6_i7rdh93Z7tkVqlsS4UdyYk28zPW6gE9c_qkGeS6JkqXYn_pTfwGt8jCfma4Nw4PZWxVE6b5EltN0WK93tNy31TWBBqZnjTl3Dfbbn7XDLSVQxdWz2zH8QRiuCabcvWXVXwmURVM8W3pVZNw,,&q={searchTerms}
SearchScopes: HKLM - DefaultScope {F64CB580-68FB-4612-8274-14AD608AF674} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {F64CB580-68FB-4612-8274-14AD608AF674} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjFkWpcgPNAkNiHMhcZz6_i7rdh93Z7tkVqlsS4UdyYk28zPW6gE9c_qkGeS6JkqXYn_pTfwGt8jCfma4Nw4PZWxVE6b5EltN0WK93tNy31TWBBqZnjTl3Dfbbn7XDLSVQxdWz2zH8QRiuCabcvWXVXwmURVM8W3pVZNw,,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjFkWpcgPNAkNiHMhcZz6_i7rdh93Z7tkVqlsS4UdyYk28zPW6gE9c_qkGeS6JkqXYn_pTfwGt8jCfma4Nw4PZWxVE6b5EltN0WK93tNy31TWBBqZnjTl3Dfbbn7XDLSVQxdWz2zH8QRiuCabcvWXVXwmURVM8W3pVZNw,,&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=protegere
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=protegere
BHO: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 195.234.128.7 195.234.128.16 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Marion\AppData\Roaming\Mozilla\Firefox\Profiles\xw1zhgji.default
FF NewTab: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjFkWpcgPNAkNiHMhcZz6_i7rdh93Z7tkVqlsS4UdyYk28zPW6gE9c_qkGeS6JkqXYtUYTooVp41SDaxjr0XgEK24FGphRHxPc5_uxlf_JW2wDKi2PRFu_8r1OHp9gVxRPQH5qBt4eNOTcl0UuE_3JB93DQgL0VaEQh6A,,
FF DefaultSearchEngine: Web Search
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Web Search
FF Homepage: www.youtube.de
FF Keyword.URL: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjFkWpcgPNAkNiHMhcZz6_i7rdh93Z7tkVqlsS4UdyYk28zPW6gE9c_qkGeS6JkqXYn_pTfwGt8jCfma4Nw4PZWxVE6b5EltN0WK93tNy31TWBBqZnjTl3Dfbbn7XDLSVQxdWz2zH8QRiuCabcvWXVXwmURVM8W3pVZNw,,&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: intel.com/AppUpx64 -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll No File
FF user.js: detected! => C:\Users\Marion\AppData\Roaming\Mozilla\Firefox\Profiles\xw1zhgji.default\user.js
FF SearchPlugin: C:\Users\Marion\AppData\Roaming\Mozilla\Firefox\Profiles\xw1zhgji.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Marion\AppData\Roaming\Mozilla\Firefox\Profiles\xw1zhgji.default\searchplugins\google-maps.xml
FF SearchPlugin: C:\Users\Marion\AppData\Roaming\Mozilla\Firefox\Profiles\xw1zhgji.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Yahoo Community Smartbar - C:\Users\Marion\AppData\Roaming\Mozilla\Firefox\Profiles\xw1zhgji.default\Extensions\{125f00d5-18a3-b508-b12e-ef2d8952862c} [2014-09-18]
FF Extension: Ghostery - C:\Users\Marion\AppData\Roaming\Mozilla\Firefox\Profiles\xw1zhgji.default\Extensions\firefox@ghostery.com.xpi [2014-07-09]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-09-13]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.2.0.38\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.2.0.38\coFFPlgn [2014-09-18]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\Exts\Chrome.crx [2014-08-10]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-08-07] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [976600 2013-09-05] (Broadcom Corporation.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2369720 2014-08-01] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-08] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [34304 2014-08-27] ()
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1663880 2014-05-06] ()
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\N360.exe [265040 2014-07-31] (Symantec Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-01-24] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-08-07] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7474864 2013-08-07] (Broadcom Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\BASHDefs\20140912.003\BHDrvx64.sys [1586904 2014-09-13] (Symantec Corporation)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1505000.013\ccSetx64.sys [162392 2014-02-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\IPSDefs\20140917.001\IDSvia64.sys [633560 2014-08-29] (Symantec Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\VirusDefs\20140917.038\ENG64.SYS [129752 2014-08-21] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\VirusDefs\20140917.038\EX64.SYS [2137304 2014-08-21] (Symantec Corporation)
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation )
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8247640 2013-07-19] (Realtek Semiconductor Corp.)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-13] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1505000.013\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1505000.013\SRTSPX64.SYS [36952 2013-10-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1505000.013\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1505000.013\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1505000.013\SymELAM.sys [23568 2013-10-30] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-06-27] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1505000.013\Ironx64.SYS [264280 2013-10-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1505000.013\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-18 19:35 - 2014-09-18 19:36 - 00026574 _____ () C:\Users\Marion\Desktop\FRST.txt
2014-09-18 19:35 - 2014-09-18 19:35 - 00000000 ____D () C:\FRST
2014-09-18 19:34 - 2014-09-18 19:35 - 02105856 _____ (Farbar) C:\Users\Marion\Desktop\FRST64.exe
2014-09-18 19:31 - 2014-09-18 19:31 - 00000034 _____ () C:\WINDOWS\cdplayer.ini
2014-09-18 19:30 - 2014-09-18 19:30 - 00000474 _____ () C:\Users\Marion\Desktop\defogger_disable.log
2014-09-18 19:30 - 2014-09-18 19:30 - 00000000 _____ () C:\Users\Marion\defogger_reenable
2014-09-18 19:28 - 2014-09-18 19:28 - 00050477 _____ () C:\Users\Marion\Desktop\Defogger.exe
2014-09-18 19:13 - 2014-09-18 19:13 - 02489752 _____ () C:\Users\Marion\Downloads\geek_1.3.1.38.zip
2014-09-18 19:12 - 2014-09-18 19:12 - 01101648 _____ () C:\Users\Marion\Downloads\GeekUninstaller - CHIP-Installer.exe
2014-09-18 18:52 - 2014-09-18 18:52 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\dlg
2014-09-18 18:51 - 2014-09-18 18:51 - 00001150 _____ () C:\Users\Public\Desktop\Audiograbber.lnk
2014-09-18 18:51 - 2014-09-18 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audiograbber
2014-09-18 18:50 - 2014-09-18 19:17 - 00000000 ____D () C:\Program Files (x86)\Security Guard
2014-09-18 18:50 - 2014-09-18 18:50 - 00472096 _____ () C:\Users\Marion\Downloads\download_audiograbber.exe
2014-09-18 18:49 - 2014-09-18 19:21 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-09-18 18:49 - 2014-09-18 18:49 - 00002515 _____ () C:\Users\Marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-18 18:48 - 2014-09-18 18:48 - 00000000 ____D () C:\Users\Marion\AppData\Local\Smartbar
2014-09-18 18:48 - 2014-09-18 18:48 - 00000000 ____D () C:\Users\Marion\AppData\Local\LPT
2014-09-18 18:47 - 2014-09-18 18:53 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-09-18 18:47 - 2014-09-18 18:47 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Abelssoft
2014-09-18 18:47 - 2014-09-18 18:47 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\Abelssoft
2014-09-18 18:47 - 2014-09-18 18:47 - 00000000 ____D () C:\Users\Marion\AppData\Local\Abelssoft
2014-09-18 18:47 - 2014-09-18 18:47 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-09-18 18:47 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\WINDOWS\SysWOW64\dhRichClient3.dll
2014-09-18 18:47 - 2011-03-25 20:42 - 00338432 _____ () C:\WINDOWS\SysWOW64\sqlite36_engine.dll
2014-09-18 18:46 - 2014-09-18 18:46 - 01101648 _____ () C:\Users\Marion\Downloads\Audiograbber - CHIP-Installer.exe
2014-09-18 18:44 - 2014-09-18 19:18 - 00000000 ____D () C:\Program Files (x86)\Audiograbber
2014-09-18 18:44 - 2014-09-18 18:44 - 00400569 _____ () C:\Users\Marion\Downloads\agmp3plugin.exe
2014-09-13 15:54 - 2014-09-13 15:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-12 19:01 - 2014-09-12 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-12 19:01 - 2014-09-12 19:01 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-12 19:01 - 2014-09-12 19:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-12 19:00 - 2014-09-12 19:00 - 13087456 _____ (Microsoft Corporation) C:\Users\Marion\Downloads\Silverlight_x64.exe
2014-09-11 18:22 - 2014-09-11 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-11 18:21 - 2014-09-15 00:39 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-11 18:21 - 2014-09-11 18:22 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-11 18:21 - 2014-09-11 18:22 - 00000000 ____D () C:\Program Files\iTunes
2014-09-11 18:21 - 2014-09-11 18:21 - 00000000 ____D () C:\Program Files\iPod
2014-09-10 17:51 - 2014-09-10 17:51 - 00003152 _____ () C:\WINDOWS\System32\Tasks\{94A15115-EB9C-4D31-AB8A-761440CE7A6A}
2014-09-10 17:48 - 2014-09-10 17:49 - 42988342 _____ (Volksbanken Raiffeisenbanken ) C:\Users\Marion\Downloads\VRNetWorldSW_51311.exe
2014-09-09 23:22 - 2014-09-09 23:25 - 06018962 _____ () C:\Users\Marion\Downloads\Elspeth_Cooper_-_Der_Schleier_der_Macht_-_Die_Lieder_der_Erde_3.rar
2014-09-09 22:29 - 2014-09-09 22:30 - 03389614 _____ () C:\Users\Marion\Downloads\Miranda J. Fox - Zuckersuesses Chaos.rar
2014-09-09 22:25 - 2014-09-09 22:26 - 06891725 _____ () C:\Users\Marion\Downloads\Norbert-Hofer---Wordpress-Crashkurs.rar
2014-09-09 22:12 - 2014-09-09 22:13 - 05133784 _____ () C:\Users\Marion\Downloads\Elspeth-Cooper---Die-wilde-Jagd---Die-Lieder-der-Erde-2.rar
2014-09-09 22:09 - 2014-09-09 22:09 - 13143533 _____ () C:\Users\Marion\Downloads\Lynsay-Sands---Sammlung--30-Ebooks-.rar
2014-09-09 22:05 - 2014-09-09 22:08 - 04209030 _____ () C:\Users\Marion\Downloads\Kami_Garcia_-_Sammlung_5_Ebooks.rar
2014-09-09 22:03 - 2014-09-09 22:04 - 03694010 _____ () C:\Users\Marion\Downloads\Erin McCarthy - Wenn ich mich verliere.rar
2014-09-08 23:34 - 2014-09-08 23:34 - 03871002 _____ () C:\Users\Marion\Downloads\Elspeth-Cooper---Die-Lieder-der-Erde.rar
2014-09-08 23:28 - 2014-09-08 23:40 - 26064294 _____ () C:\Users\Marion\Downloads\William_Shakespeare_-_Samtliche_Werke_William_Shakespeare_1.rar
2014-09-08 23:14 - 2014-09-08 23:15 - 10590527 _____ () C:\Users\Marion\Downloads\Daniela Katzenberger - Sei schlau, stell dich dumm.rar
2014-09-08 22:56 - 2014-09-08 22:56 - 04081503 _____ () C:\Users\Marion\Downloads\Sharon-Cameron---Stranwyne-Castle---Das-truegerische-Fluestern-des-Windes.rar
2014-09-08 22:56 - 2014-09-08 22:56 - 03219289 _____ () C:\Users\Marion\Downloads\Lynsay-Sands---Die-Braut-des-Schotten.rar
2014-09-08 22:54 - 2014-09-08 22:54 - 05100371 _____ () C:\Users\Marion\Downloads\Roxanne-St.-Claire---Barfuss-ins-Glueck.rar
2014-09-08 22:50 - 2014-09-08 22:51 - 03409363 _____ () C:\Users\Marion\Downloads\Julie-Kagawa---Unsterblich---Tor-der-Nacht-Band-2.rar
2014-09-08 22:44 - 2014-09-08 22:44 - 03732067 _____ () C:\Users\Marion\Downloads\Lisa-Stern---Peinliche-Liebschaften---Unglaubliche-erotische-Geschichten.rar
2014-09-08 22:26 - 2014-09-08 22:26 - 04330356 _____ () C:\Users\Marion\Downloads\Jojo-Moyes---5-Ebooks.rar
2014-09-08 22:24 - 2014-09-08 22:26 - 03301959 _____ () C:\Users\Marion\Downloads\Michael_Fuchs-Gambock_-_Linkin_Park_-_Die_inoffizielle_Biografie.rar
2014-09-08 22:23 - 2014-09-08 22:27 - 13091567 _____ () C:\Users\Marion\Downloads\Melissa Marr - Sommerlicht 1-5.rar
2014-09-08 22:20 - 2014-09-08 22:20 - 03291498 _____ () C:\Users\Marion\Downloads\Beth-Revis---Godspeed-Trilogie.rar
2014-09-08 18:15 - 2014-09-14 23:14 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\Mp3tag
2014-09-08 18:15 - 2014-09-08 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-09-08 18:15 - 2014-09-08 18:15 - 00000000 ____D () C:\Program Files (x86)\Mp3tag
2014-09-08 18:13 - 2014-09-08 18:13 - 02692496 _____ () C:\Users\Marion\Downloads\mp3tagv263setup.exe
2014-09-07 13:42 - 2014-09-07 13:42 - 07022106 _____ () C:\Users\Marion\Downloads\wordpress-4.0-de_DE.zip
2014-09-05 17:43 - 2014-09-05 17:43 - 652022255 _____ () C:\WINDOWS\MEMORY.DMP
2014-09-04 18:06 - 2014-08-23 02:42 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-09-04 18:06 - 2014-08-15 02:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-09-04 18:06 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-09-04 18:06 - 2014-08-06 02:48 - 02374816 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-09-04 18:06 - 2014-08-06 01:46 - 02088648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-09-04 18:06 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-09-04 18:06 - 2014-07-30 03:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-09-04 18:06 - 2014-07-29 07:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-09-03 17:48 - 2014-09-03 17:50 - 00001377 _____ () C:\Users\Public\Desktop\Die Sims 4.lnk
2014-09-03 17:48 - 2014-09-03 17:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4
2014-09-01 22:45 - 2014-09-01 22:47 - 03695525 _____ () C:\Users\Marion\Downloads\Stacey_Jay_-_Romeo_und_Julia_-_kompl._Band_1_u._2.rar
2014-09-01 22:42 - 2014-09-01 22:44 - 06472289 _____ () C:\Users\Marion\Downloads\Philip Pullman - Das Bernstein-Teleskop.rar
2014-09-01 22:41 - 2014-09-01 22:41 - 06364713 _____ () C:\Users\Marion\Downloads\Philip-Pullman---Der-Goldene-Kompass.rar
2014-08-30 21:50 - 2014-08-30 21:50 - 04308696 _____ () C:\Users\Marion\Downloads\Philip-Pullman---Das-Magische-Messer.rar
2014-08-30 21:47 - 2014-08-30 21:57 - 32698830 _____ () C:\Users\Marion\Downloads\JoanneKRowHarry P.Gesamtausg.19.7.14.rar
2014-08-27 21:28 - 2014-08-27 21:28 - 00001199 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Zip.lnk
2014-08-27 21:27 - 2014-08-27 21:27 - 03701908 _____ () C:\Users\Marion\Downloads\Love_01_-_Fischer.rar
2014-08-26 20:18 - 2014-09-11 22:38 - 00000000 ____D () C:\Users\Marion\AppData\Local\Adobe
2014-08-20 20:25 - 2014-08-20 20:25 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-08-20 19:37 - 2014-08-20 19:38 - 00049664 _____ () C:\Users\Marion\Downloads\FaMI 3. AJ 2014-15.xls
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-18 19:36 - 2014-09-18 19:35 - 00026574 _____ () C:\Users\Marion\Desktop\FRST.txt
2014-09-18 19:35 - 2014-09-18 19:35 - 00000000 ____D () C:\FRST
2014-09-18 19:35 - 2014-09-18 19:34 - 02105856 _____ (Farbar) C:\Users\Marion\Desktop\FRST64.exe
2014-09-18 19:31 - 2014-09-18 19:31 - 00000034 _____ () C:\WINDOWS\cdplayer.ini
2014-09-18 19:31 - 2014-06-28 17:10 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\Skype
2014-09-18 19:31 - 2014-06-25 17:38 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\ClassicShell
2014-09-18 19:30 - 2014-09-18 19:30 - 00000474 _____ () C:\Users\Marion\Desktop\defogger_disable.log
2014-09-18 19:30 - 2014-09-18 19:30 - 00000000 _____ () C:\Users\Marion\defogger_reenable
2014-09-18 19:30 - 2014-06-25 15:03 - 00000000 ____D () C:\Users\Marion
2014-09-18 19:28 - 2014-09-18 19:28 - 00050477 _____ () C:\Users\Marion\Desktop\Defogger.exe
2014-09-18 19:21 - 2014-09-18 18:49 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-09-18 19:18 - 2014-09-18 18:44 - 00000000 ____D () C:\Program Files (x86)\Audiograbber
2014-09-18 19:17 - 2014-09-18 18:50 - 00000000 ____D () C:\Program Files (x86)\Security Guard
2014-09-18 19:14 - 2014-07-26 20:42 - 00000000 ____D () C:\WINDOWS\System32\Tasks\NCH Software
2014-09-18 19:13 - 2014-09-18 19:13 - 02489752 _____ () C:\Users\Marion\Downloads\geek_1.3.1.38.zip
2014-09-18 19:12 - 2014-09-18 19:12 - 01101648 _____ () C:\Users\Marion\Downloads\GeekUninstaller - CHIP-Installer.exe
2014-09-18 19:04 - 2014-01-24 04:38 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2014-09-18 19:04 - 2014-01-24 04:38 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2014-09-18 19:04 - 2013-08-28 10:36 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-09-18 19:02 - 2014-06-28 16:45 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-09-18 19:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-09-18 18:56 - 2014-06-25 15:09 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1723613562-3815979346-2504557632-1001
2014-09-18 18:55 - 2014-01-24 04:02 - 01154586 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-18 18:53 - 2014-09-18 18:47 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-09-18 18:52 - 2014-09-18 18:52 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\dlg
2014-09-18 18:51 - 2014-09-18 18:51 - 00001150 _____ () C:\Users\Public\Desktop\Audiograbber.lnk
2014-09-18 18:51 - 2014-09-18 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audiograbber
2014-09-18 18:51 - 2014-08-17 16:33 - 00000000 ____D () C:\Users\Marion\AppData\Local\CrashDumps
2014-09-18 18:50 - 2014-09-18 18:50 - 00472096 _____ () C:\Users\Marion\Downloads\download_audiograbber.exe
2014-09-18 18:49 - 2014-09-18 18:49 - 00002515 _____ () C:\Users\Marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-18 18:48 - 2014-09-18 18:48 - 00000000 ____D () C:\Users\Marion\AppData\Local\Smartbar
2014-09-18 18:48 - 2014-09-18 18:48 - 00000000 ____D () C:\Users\Marion\AppData\Local\LPT
2014-09-18 18:48 - 2014-07-12 12:54 - 00000000 ____D () C:\ProgramData\Origin
2014-09-18 18:47 - 2014-09-18 18:47 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Abelssoft
2014-09-18 18:47 - 2014-09-18 18:47 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\Abelssoft
2014-09-18 18:47 - 2014-09-18 18:47 - 00000000 ____D () C:\Users\Marion\AppData\Local\Abelssoft
2014-09-18 18:47 - 2014-09-18 18:47 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-09-18 18:46 - 2014-09-18 18:46 - 01101648 _____ () C:\Users\Marion\Downloads\Audiograbber - CHIP-Installer.exe
2014-09-18 18:44 - 2014-09-18 18:44 - 00400569 _____ () C:\Users\Marion\Downloads\agmp3plugin.exe
2014-09-18 18:43 - 2014-07-12 12:54 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-18 18:43 - 2014-01-24 03:44 - 00036265 _____ () C:\WINDOWS\setupact.log
2014-09-18 18:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-09-18 18:34 - 2014-07-23 21:54 - 00000000 ___RD () C:\Users\Marion\Dropbox
2014-09-18 18:34 - 2014-07-23 21:51 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\Dropbox
2014-09-18 18:33 - 2013-08-28 10:34 - 00062464 _____ () C:\WINDOWS\PFRO.log
2014-09-18 18:33 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-17 17:49 - 2014-06-25 18:11 - 02276712 _____ () C:\Users\Public\CAFADEBUG.log
2014-09-17 17:49 - 2014-01-24 04:28 - 00004608 _____ () C:\WINDOWS\system32\VfService.trf
2014-09-17 17:48 - 2014-07-10 19:31 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\Spotify
2014-09-17 17:09 - 2014-07-10 19:33 - 00000000 ____D () C:\Users\Marion\AppData\Local\Spotify
2014-09-17 07:30 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-09-17 07:29 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-09-15 00:39 - 2014-09-11 18:21 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-14 23:14 - 2014-09-08 18:15 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\Mp3tag
2014-09-14 21:04 - 2014-08-11 23:15 - 00001152 _____ () C:\Users\Marion\Desktop\Amazon Music.lnk
2014-09-14 17:23 - 2014-06-27 19:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-13 15:54 - 2014-09-13 15:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-12 20:25 - 2014-06-25 15:04 - 00000000 ____D () C:\Users\Marion\AppData\Local\Packages
2014-09-12 19:01 - 2014-09-12 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-12 19:01 - 2014-09-12 19:01 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-12 19:01 - 2014-09-12 19:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-12 19:00 - 2014-09-12 19:00 - 13087456 _____ (Microsoft Corporation) C:\Users\Marion\Downloads\Silverlight_x64.exe
2014-09-11 22:38 - 2014-08-26 20:18 - 00000000 ____D () C:\Users\Marion\AppData\Local\Adobe
2014-09-11 21:41 - 2014-07-02 21:29 - 00000000 ____D () C:\Users\Marion\Documents\My Digital Editions
2014-09-11 18:22 - 2014-09-11 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-11 18:22 - 2014-09-11 18:21 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-11 18:22 - 2014-09-11 18:21 - 00000000 ____D () C:\Program Files\iTunes
2014-09-11 18:21 - 2014-09-11 18:21 - 00000000 ____D () C:\Program Files\iPod
2014-09-10 17:51 - 2014-09-10 17:51 - 00003152 _____ () C:\WINDOWS\System32\Tasks\{94A15115-EB9C-4D31-AB8A-761440CE7A6A}
2014-09-10 17:51 - 2014-06-28 16:44 - 00000000 ____D () C:\Program Files (x86)\VR-NetWorld
2014-09-10 17:49 - 2014-09-10 17:48 - 42988342 _____ (Volksbanken Raiffeisenbanken ) C:\Users\Marion\Downloads\VRNetWorldSW_51311.exe
2014-09-09 23:25 - 2014-09-09 23:22 - 06018962 _____ () C:\Users\Marion\Downloads\Elspeth_Cooper_-_Der_Schleier_der_Macht_-_Die_Lieder_der_Erde_3.rar
2014-09-09 22:30 - 2014-09-09 22:29 - 03389614 _____ () C:\Users\Marion\Downloads\Miranda J. Fox - Zuckersuesses Chaos.rar
2014-09-09 22:26 - 2014-09-09 22:25 - 06891725 _____ () C:\Users\Marion\Downloads\Norbert-Hofer---Wordpress-Crashkurs.rar
2014-09-09 22:13 - 2014-09-09 22:12 - 05133784 _____ () C:\Users\Marion\Downloads\Elspeth-Cooper---Die-wilde-Jagd---Die-Lieder-der-Erde-2.rar
2014-09-09 22:09 - 2014-09-09 22:09 - 13143533 _____ () C:\Users\Marion\Downloads\Lynsay-Sands---Sammlung--30-Ebooks-.rar
2014-09-09 22:08 - 2014-09-09 22:05 - 04209030 _____ () C:\Users\Marion\Downloads\Kami_Garcia_-_Sammlung_5_Ebooks.rar
2014-09-09 22:04 - 2014-09-09 22:03 - 03694010 _____ () C:\Users\Marion\Downloads\Erin McCarthy - Wenn ich mich verliere.rar
2014-09-09 22:02 - 2014-07-08 19:02 - 10036224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2014-09-09 22:02 - 2014-06-28 16:45 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-09-08 23:40 - 2014-09-08 23:28 - 26064294 _____ () C:\Users\Marion\Downloads\William_Shakespeare_-_Samtliche_Werke_William_Shakespeare_1.rar
2014-09-08 23:34 - 2014-09-08 23:34 - 03871002 _____ () C:\Users\Marion\Downloads\Elspeth-Cooper---Die-Lieder-der-Erde.rar
2014-09-08 23:15 - 2014-09-08 23:14 - 10590527 _____ () C:\Users\Marion\Downloads\Daniela Katzenberger - Sei schlau, stell dich dumm.rar
2014-09-08 22:56 - 2014-09-08 22:56 - 04081503 _____ () C:\Users\Marion\Downloads\Sharon-Cameron---Stranwyne-Castle---Das-truegerische-Fluestern-des-Windes.rar
2014-09-08 22:56 - 2014-09-08 22:56 - 03219289 _____ () C:\Users\Marion\Downloads\Lynsay-Sands---Die-Braut-des-Schotten.rar
2014-09-08 22:54 - 2014-09-08 22:54 - 05100371 _____ () C:\Users\Marion\Downloads\Roxanne-St.-Claire---Barfuss-ins-Glueck.rar
2014-09-08 22:51 - 2014-09-08 22:50 - 03409363 _____ () C:\Users\Marion\Downloads\Julie-Kagawa---Unsterblich---Tor-der-Nacht-Band-2.rar
2014-09-08 22:44 - 2014-09-08 22:44 - 03732067 _____ () C:\Users\Marion\Downloads\Lisa-Stern---Peinliche-Liebschaften---Unglaubliche-erotische-Geschichten.rar
2014-09-08 22:27 - 2014-09-08 22:23 - 13091567 _____ () C:\Users\Marion\Downloads\Melissa Marr - Sommerlicht 1-5.rar
2014-09-08 22:26 - 2014-09-08 22:26 - 04330356 _____ () C:\Users\Marion\Downloads\Jojo-Moyes---5-Ebooks.rar
2014-09-08 22:26 - 2014-09-08 22:24 - 03301959 _____ () C:\Users\Marion\Downloads\Michael_Fuchs-Gambock_-_Linkin_Park_-_Die_inoffizielle_Biografie.rar
2014-09-08 22:20 - 2014-09-08 22:20 - 03291498 _____ () C:\Users\Marion\Downloads\Beth-Revis---Godspeed-Trilogie.rar
2014-09-08 18:19 - 2014-07-26 20:42 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\NCH Software
2014-09-08 18:15 - 2014-09-08 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-09-08 18:15 - 2014-09-08 18:15 - 00000000 ____D () C:\Program Files (x86)\Mp3tag
2014-09-08 18:13 - 2014-09-08 18:13 - 02692496 _____ () C:\Users\Marion\Downloads\mp3tagv263setup.exe
2014-09-07 23:25 - 2014-06-26 14:46 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\vlc
2014-09-07 13:42 - 2014-09-07 13:42 - 07022106 _____ () C:\Users\Marion\Downloads\wordpress-4.0-de_DE.zip
2014-09-05 17:43 - 2014-09-05 17:43 - 652022255 _____ () C:\WINDOWS\MEMORY.DMP
2014-09-04 18:11 - 2013-08-22 16:44 - 00491720 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-04 18:06 - 2013-08-22 17:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-04 00:00 - 2014-07-12 17:44 - 00000000 ____D () C:\Users\Marion\Documents\Electronic Arts
2014-09-03 21:10 - 2014-07-02 20:22 - 00000000 ____D () C:\Users\Marion\Documents\Marion
2014-09-03 17:50 - 2014-09-03 17:48 - 00001377 _____ () C:\Users\Public\Desktop\Die Sims 4.lnk
2014-09-03 17:48 - 2014-09-03 17:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4
2014-09-03 17:27 - 2014-07-12 12:57 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-02 19:45 - 2014-06-28 17:09 - 00000000 ____D () C:\ProgramData\Skype
2014-09-01 22:47 - 2014-09-01 22:45 - 03695525 _____ () C:\Users\Marion\Downloads\Stacey_Jay_-_Romeo_und_Julia_-_kompl._Band_1_u._2.rar
2014-09-01 22:44 - 2014-09-01 22:42 - 06472289 _____ () C:\Users\Marion\Downloads\Philip Pullman - Das Bernstein-Teleskop.rar
2014-09-01 22:41 - 2014-09-01 22:41 - 06364713 _____ () C:\Users\Marion\Downloads\Philip-Pullman---Der-Goldene-Kompass.rar
2014-08-31 19:01 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-31 18:56 - 2013-08-22 17:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-08-30 21:57 - 2014-08-30 21:47 - 32698830 _____ () C:\Users\Marion\Downloads\JoanneKRowHarry P.Gesamtausg.19.7.14.rar
2014-08-30 21:50 - 2014-08-30 21:50 - 04308696 _____ () C:\Users\Marion\Downloads\Philip-Pullman---Das-Magische-Messer.rar
2014-08-30 19:55 - 2014-06-27 19:56 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-27 21:28 - 2014-08-27 21:28 - 00001199 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Zip.lnk
2014-08-27 21:28 - 2014-07-26 20:42 - 00000000 ____D () C:\ProgramData\NCH Software
2014-08-27 21:28 - 2014-07-26 20:42 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-08-27 21:27 - 2014-08-27 21:27 - 03701908 _____ () C:\Users\Marion\Downloads\Love_01_-_Fischer.rar
2014-08-24 14:57 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-08-23 02:42 - 2014-09-04 18:06 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-21 19:04 - 2014-06-25 17:57 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-21 19:01 - 2014-06-25 17:57 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-20 20:25 - 2014-08-20 20:25 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-08-20 20:25 - 2014-06-28 17:16 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\Apple Computer
2014-08-20 19:38 - 2014-08-20 19:37 - 00049664 _____ () C:\Users\Marion\Downloads\FaMI 3. AJ 2014-15.xls
Some content of TEMP:
====================
C:\Users\Marion\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptsvm4w.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-14 23:48
==================== End Of Log ============================
Gmer.txt Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-09-18 19:41:04
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000001c ST1000LM024_HN-M101MBB rev.2AR20002 931,51GB
Running: y6xww3w3.exe; Driver: C:\Users\Marion\AppData\Local\Temp\fxryrpog.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable fffff960000be700 15 bytes [40, B5, F7, 01, 80, 39, 70, ...]
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 16 fffff960000be710 11 bytes [00, 15, FC, FF, 00, 27, C3, ...]
---- User code sections - GMER 2.1 ----
.text C:\WINDOWS\system32\atiesrxx.exe[880] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffc3416169a 4 bytes [16, 34, FC, 7F]
.text C:\WINDOWS\system32\atiesrxx.exe[880] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffc341616a2 4 bytes [16, 34, FC, 7F]
.text C:\WINDOWS\system32\atiesrxx.exe[880] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffc3416181a 4 bytes [16, 34, FC, 7F]
.text C:\WINDOWS\system32\atiesrxx.exe[880] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffc34161832 4 bytes [16, 34, FC, 7F]
.text C:\WINDOWS\system32\atieclxx.exe[468] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffc3416169a 4 bytes [16, 34, FC, 7F]
.text C:\WINDOWS\system32\atieclxx.exe[468] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffc341616a2 4 bytes [16, 34, FC, 7F]
.text C:\WINDOWS\system32\atieclxx.exe[468] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffc3416181a 4 bytes [16, 34, FC, 7F]
.text C:\WINDOWS\system32\atieclxx.exe[468] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffc34161832 4 bytes [16, 34, FC, 7F]
.text C:\WINDOWS\System32\spoolsv.exe[1284] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffc3416169a 4 bytes [16, 34, FC, 7F]
.text C:\WINDOWS\System32\spoolsv.exe[1284] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffc341616a2 4 bytes [16, 34, FC, 7F]
.text C:\WINDOWS\System32\spoolsv.exe[1284] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffc3416181a 4 bytes [16, 34, FC, 7F]
.text C:\WINDOWS\System32\spoolsv.exe[1284] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffc34161832 4 bytes [16, 34, FC, 7F]
.text C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe[1668] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffc3416169a 4 bytes [16, 34, FC, 7F]
.text C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe[1668] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffc341616a2 4 bytes [16, 34, FC, 7F]
.text C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe[1668] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffc3416181a 4 bytes [16, 34, FC, 7F]
.text C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe[1668] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffc34161832 4 bytes [16, 34, FC, 7F]
.text C:\WINDOWS\Explorer.EXE[2964] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffc3416169a 4 bytes [16, 34, FC, 7F]
.text C:\WINDOWS\Explorer.EXE[2964] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffc341616a2 4 bytes [16, 34, FC, 7F]
.text C:\WINDOWS\Explorer.EXE[2964] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffc3416181a 4 bytes [16, 34, FC, 7F]
.text C:\WINDOWS\Explorer.EXE[2964] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffc34161832 4 bytes [16, 34, FC, 7F]
.text C:\WINDOWS\Explorer.EXE[2964] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 194 00007ffc289d1f6a 4 bytes [9D, 28, FC, 7F]
.text C:\WINDOWS\Explorer.EXE[2964] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 218 00007ffc289d1f82 4 bytes [9D, 28, FC, 7F]
.text C:\Windows\System32\igfxpers.exe[3652] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffc3416169a 4 bytes [16, 34, FC, 7F]
.text C:\Windows\System32\igfxpers.exe[3652] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffc341616a2 4 bytes [16, 34, FC, 7F]
.text C:\Windows\System32\igfxpers.exe[3652] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffc3416181a 4 bytes [16, 34, FC, 7F]
.text C:\Windows\System32\igfxpers.exe[3652] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffc34161832 4 bytes [16, 34, FC, 7F]
.text C:\Windows\RTFTrack.exe[3712] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffc3416169a 4 bytes [16, 34, FC, 7F]
.text C:\Windows\RTFTrack.exe[3712] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffc341616a2 4 bytes [16, 34, FC, 7F]
.text C:\Windows\RTFTrack.exe[3712] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffc3416181a 4 bytes [16, 34, FC, 7F]
.text C:\Windows\RTFTrack.exe[3712] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffc34161832 4 bytes [16, 34, FC, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3736] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffc3416169a 4 bytes [16, 34, FC, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3736] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffc341616a2 4 bytes [16, 34, FC, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3736] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffc3416181a 4 bytes [16, 34, FC, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3736] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffc34161832 4 bytes [16, 34, FC, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[3880] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffc3416169a 4 bytes [16, 34, FC, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[3880] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffc341616a2 4 bytes [16, 34, FC, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[3880] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffc3416181a 4 bytes [16, 34, FC, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[3880] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffc34161832 4 bytes [16, 34, FC, 7F]
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3124] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffc3416169a 4 bytes [16, 34, FC, 7F]
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3124] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffc341616a2 4 bytes [16, 34, FC, 7F]
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3124] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffc3416181a 4 bytes [16, 34, FC, 7F]
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3124] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffc34161832 4 bytes [16, 34, FC, 7F]
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3124] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 194 00007ffc289d1f6a 4 bytes [9D, 28, FC, 7F]
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[3124] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 218 00007ffc289d1f82 4 bytes [9D, 28, FC, 7F]
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\csrss.exe [588:612] fffff960008bfb90
---- Processes - GMER 2.1 ----
Process C:\Users\Marion\AppData\Roaming\Dropbox\bin\Dropbox.exe (*** suspicious ***) @ C:\Users\Marion\AppData\Roaming\Dropbox\bin\Dropbox.exe [2900] (FILE NOT FOUND) 0000000000400000
Library C:\Users\Marion\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll (*** suspicious ***) @ C:\Users\Marion\AppData\Roaming\Dropbox\bin\Dropbox.exe [2900](2014-08-15 18:46:08) 0000000003dd0000
Library c:\users\marion\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptsvm4w.dll (*** suspicious ***) @ C:\Users\Marion\AppData\Roaming\Dropbox\bin\Dropbox.exe [2900](2014-09-18 16:33:55) 00000000043c0000
Library C:\Users\Marion\AppData\Roaming\Dropbox\bin\libcef.dll (*** suspicious ***) @ C:\Users\Marion\AppData\Roaming\Dropbox\bin\Dropbox.exe [2900](2013-08-23 19:01:44) 000000006d4d0000
Library C:\Users\Marion\AppData\Roaming\Dropbox\bin\icudt.dll (*** suspicious ***) @ C:\Users\Marion\AppData\Roaming\Dropbox\bin\Dropbox.exe [2900] (ICU Data DLL/The ICU Project)(2013-08-23 19:01:42) 000000006f180000
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Viele Grüße, Valarauco |
|
18.09.2014, 19:05
| #2 |
| /// the machine /// TB-Ausbilder    |  Windows 8.1: yahoo community smartbar engine lies sich nicht deinstallieren hi,
__________________Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ |
|
18.09.2014, 20:19
| #3 |
| | Windows 8.1: yahoo community smartbar engine lies sich nicht deinstallieren Hier die verschiedenen Dateien. Vielen Dank für die schnelle Hilfe.
__________________mbam.txt Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Update, 18.09.2014 20:24:55, SYSTEM, LENOVO-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.9.18.1, Update, 18.09.2014 20:25:08, SYSTEM, LENOVO-PC, Manual, Malware Database, 2014.3.4.9, 2014.9.18.6, (end) Code:
ATTFilter # AdwCleaner v3.310 - Bericht erstellt am 18/09/2014 um 21:02:56
# Aktualisiert 12/09/2014 von Xplode
# Betriebssystem : Windows 8.1 (64 bits)
# Benutzername : Marion - LENOVO-PC
# Gestartet von : C:\Users\Marion\Downloads\AdwCleaner_3.310.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\NCH Software
Ordner Gelöscht : C:\Program Files (x86)\LPT
Ordner Gelöscht : C:\Program Files (x86)\NCH Software
Ordner Gelöscht : C:\Users\Marion\AppData\Local\Temp\Smartbar
Ordner Gelöscht : C:\Users\Marion\AppData\Roaming\NCH Software
Ordner Gelöscht : C:\Users\Public\Pokki
Datei Gelöscht : C:\Users\Marion\AppData\Roaming\Mozilla\Firefox\Profiles\xw1zhgji.default\user.js
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\Users\Marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Schlüssel Gelöscht : HKCU\Software\Classes\pokki
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17239
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
-\\ Mozilla Firefox v32.0.1 (x86 de)
[ Datei : C:\Users\Marion\AppData\Roaming\Mozilla\Firefox\Profiles\xw1zhgji.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [5260 octets] - [18/09/2014 21:00:47]
AdwCleaner[S0].txt - [4630 octets] - [18/09/2014 21:02:56]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4690 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.6 (09.18.2014:1)
OS: Windows 8.1 x64
Ran by Marion on 18.09.2014 at 21:09:04,21
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Marion\AppData\Roaming\mozilla\firefox\profiles\xw1zhgji.default\minidumps [6 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.09.2014 at 21:12:35,79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Marion (administrator) on LENOVO-PC on 18-09-2014 21:13:08
Running from C:\Users\Marion\Desktop
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\n360.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\n360.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Users\Marion\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dropbox, Inc.) C:\Users\Marion\AppData\Roaming\Dropbox\bin\Dropbox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-08] (Intel Corporation)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2013-07-19] (Realtek semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2780400 2013-09-13] (Synaptics Incorporated)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111056 2014-01-24] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2014-01-24] (Lenovo(beijing) Limited)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [903384 2013-07-24] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1723613562-3815979346-2504557632-1001\...\Run: [Amazon Music] => C:\Users\Marion\AppData\Local\Amazon Music\Amazon Music Helper.exe [6281536 2014-09-06] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VR-NetWorld Auftragsprüfung.lnk
ShortcutTarget: VR-NetWorld Auftragsprüfung.lnk -> C:\Program Files (x86)\VR-NetWorld\VRToolCheckOrder.exe (VR-NetWorld Software)
Startup: C:\Users\Marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Marion\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: ShareOverlay -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: ShareOverlay -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.de/
SearchScopes: HKLM - {F64CB580-68FB-4612-8274-14AD608AF674} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 195.234.128.7 195.234.128.16 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Marion\AppData\Roaming\Mozilla\Firefox\Profiles\xw1zhgji.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: intel.com/AppUpx64 -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll No File
FF SearchPlugin: C:\Users\Marion\AppData\Roaming\Mozilla\Firefox\Profiles\xw1zhgji.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Marion\AppData\Roaming\Mozilla\Firefox\Profiles\xw1zhgji.default\searchplugins\google-maps.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Yahoo Community Smartbar - C:\Users\Marion\AppData\Roaming\Mozilla\Firefox\Profiles\xw1zhgji.default\Extensions\{125f00d5-18a3-b508-b12e-ef2d8952862c} [2014-09-18]
FF Extension: Ghostery - C:\Users\Marion\AppData\Roaming\Mozilla\Firefox\Profiles\xw1zhgji.default\Extensions\firefox@ghostery.com.xpi [2014-07-09]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-09-13]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.2.0.38\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.2.0.38\coFFPlgn [2014-09-18]
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-08-07] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [976600 2013-09-05] (Broadcom Corporation.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2369720 2014-08-01] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-08] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1663880 2014-05-06] ()
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\N360.exe [265040 2014-07-31] (Symantec Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-01-24] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-08-07] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7474864 2013-08-07] (Broadcom Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\BASHDefs\20140912.003\BHDrvx64.sys [1586904 2014-09-13] (Symantec Corporation)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1505000.013\ccSetx64.sys [162392 2014-02-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\IPSDefs\20140917.001\IDSvia64.sys [633560 2014-08-29] (Symantec Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\VirusDefs\20140917.038\ENG64.SYS [129752 2014-08-21] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\VirusDefs\20140917.038\EX64.SYS [2137304 2014-08-21] (Symantec Corporation)
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation )
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8247640 2013-07-19] (Realtek Semiconductor Corp.)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-13] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1505000.013\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1505000.013\SRTSPX64.SYS [36952 2013-10-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1505000.013\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1505000.013\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1505000.013\SymELAM.sys [23568 2013-10-30] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-06-27] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1505000.013\Ironx64.SYS [264280 2013-10-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1505000.013\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-18 21:12 - 2014-09-18 21:12 - 00000747 _____ () C:\Users\Marion\Desktop\JRT.txt
2014-09-18 21:09 - 2014-09-18 21:09 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-09-18 21:07 - 2014-09-18 21:08 - 01016830 _____ (Thisisu) C:\Users\Marion\Desktop\JRT.exe
2014-09-18 21:02 - 2014-09-18 21:02 - 00004818 _____ () C:\Users\Marion\Desktop\AdwCleaner[S0].txt
2014-09-18 21:00 - 2014-09-18 21:05 - 00000000 ____D () C:\AdwCleaner
2014-09-18 20:59 - 2014-09-18 20:59 - 01373475 _____ () C:\Users\Marion\Downloads\AdwCleaner_3.310.exe
2014-09-18 20:58 - 2014-09-18 20:58 - 00000263 _____ () C:\Users\Marion\Desktop\mbam.txt
2014-09-18 20:49 - 2014-09-18 20:49 - 00471640 _____ () C:\WINDOWS\Minidump\091814-46968-01.dmp
2014-09-18 20:49 - 2014-09-18 20:49 - 00000000 ____D () C:\WINDOWS\Minidump
2014-09-18 20:24 - 2014-09-18 20:56 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-18 20:24 - 2014-09-18 20:24 - 00001129 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-18 20:24 - 2014-09-18 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-09-18 20:24 - 2014-09-18 20:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-18 20:24 - 2014-09-18 20:24 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-09-18 20:24 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-09-18 20:24 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-09-18 20:24 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-09-18 20:20 - 2014-09-18 20:23 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Marion\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-18 19:41 - 2014-09-18 19:41 - 00014503 _____ () C:\Users\Marion\Desktop\Gmer.txt
2014-09-18 19:37 - 2014-09-18 19:37 - 00380416 _____ () C:\Users\Marion\Desktop\y6xww3w3.exe
2014-09-18 19:36 - 2014-09-18 19:36 - 00041113 _____ () C:\Users\Marion\Desktop\Addition.txt
2014-09-18 19:35 - 2014-09-18 21:13 - 00022120 _____ () C:\Users\Marion\Desktop\FRST.txt
2014-09-18 19:35 - 2014-09-18 21:13 - 00000000 ____D () C:\FRST
2014-09-18 19:34 - 2014-09-18 19:35 - 02105856 _____ (Farbar) C:\Users\Marion\Desktop\FRST64.exe
2014-09-18 19:31 - 2014-09-18 19:31 - 00000034 _____ () C:\WINDOWS\cdplayer.ini
2014-09-18 19:30 - 2014-09-18 19:30 - 00000474 _____ () C:\Users\Marion\Desktop\defogger_disable.log
2014-09-18 19:30 - 2014-09-18 19:30 - 00000000 _____ () C:\Users\Marion\defogger_reenable
2014-09-18 19:28 - 2014-09-18 19:28 - 00050477 _____ () C:\Users\Marion\Desktop\Defogger.exe
2014-09-18 19:13 - 2014-09-18 19:13 - 02489752 _____ () C:\Users\Marion\Downloads\geek_1.3.1.38.zip
2014-09-18 19:12 - 2014-09-18 19:12 - 01101648 _____ () C:\Users\Marion\Downloads\GeekUninstaller - CHIP-Installer.exe
2014-09-18 18:52 - 2014-09-18 18:52 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\dlg
2014-09-18 18:51 - 2014-09-18 18:51 - 00001150 _____ () C:\Users\Public\Desktop\Audiograbber.lnk
2014-09-18 18:51 - 2014-09-18 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audiograbber
2014-09-18 18:49 - 2014-09-18 21:02 - 00001106 _____ () C:\Users\Marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-18 18:47 - 2014-09-18 18:53 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-09-18 18:47 - 2014-09-18 18:47 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Abelssoft
2014-09-18 18:47 - 2014-09-18 18:47 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\Abelssoft
2014-09-18 18:47 - 2014-09-18 18:47 - 00000000 ____D () C:\Users\Marion\AppData\Local\Abelssoft
2014-09-18 18:47 - 2014-09-18 18:47 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-09-18 18:47 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\WINDOWS\SysWOW64\dhRichClient3.dll
2014-09-18 18:47 - 2011-03-25 20:42 - 00338432 _____ () C:\WINDOWS\SysWOW64\sqlite36_engine.dll
2014-09-18 18:46 - 2014-09-18 18:46 - 01101648 _____ () C:\Users\Marion\Downloads\Audiograbber - CHIP-Installer.exe
2014-09-18 18:44 - 2014-09-18 19:18 - 00000000 ____D () C:\Program Files (x86)\Audiograbber
2014-09-18 18:44 - 2014-09-18 18:44 - 00400569 _____ () C:\Users\Marion\Downloads\agmp3plugin.exe
2014-09-13 15:54 - 2014-09-13 15:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-12 19:01 - 2014-09-12 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-12 19:01 - 2014-09-12 19:01 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-12 19:01 - 2014-09-12 19:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-12 19:00 - 2014-09-12 19:00 - 13087456 _____ (Microsoft Corporation) C:\Users\Marion\Downloads\Silverlight_x64.exe
2014-09-11 18:22 - 2014-09-11 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-11 18:21 - 2014-09-15 00:39 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-11 18:21 - 2014-09-11 18:22 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-11 18:21 - 2014-09-11 18:22 - 00000000 ____D () C:\Program Files\iTunes
2014-09-11 18:21 - 2014-09-11 18:21 - 00000000 ____D () C:\Program Files\iPod
2014-09-10 17:51 - 2014-09-10 17:51 - 00003152 _____ () C:\WINDOWS\System32\Tasks\{94A15115-EB9C-4D31-AB8A-761440CE7A6A}
2014-09-10 17:48 - 2014-09-10 17:49 - 42988342 _____ (Volksbanken Raiffeisenbanken ) C:\Users\Marion\Downloads\VRNetWorldSW_51311.exe
2014-09-09 23:22 - 2014-09-09 23:25 - 06018962 _____ () C:\Users\Marion\Downloads\Elspeth_Cooper_-_Der_Schleier_der_Macht_-_Die_Lieder_der_Erde_3.rar
2014-09-09 22:29 - 2014-09-09 22:30 - 03389614 _____ () C:\Users\Marion\Downloads\Miranda J. Fox - Zuckersuesses Chaos.rar
2014-09-09 22:25 - 2014-09-09 22:26 - 06891725 _____ () C:\Users\Marion\Downloads\Norbert-Hofer---Wordpress-Crashkurs.rar
2014-09-09 22:12 - 2014-09-09 22:13 - 05133784 _____ () C:\Users\Marion\Downloads\Elspeth-Cooper---Die-wilde-Jagd---Die-Lieder-der-Erde-2.rar
2014-09-09 22:09 - 2014-09-09 22:09 - 13143533 _____ () C:\Users\Marion\Downloads\Lynsay-Sands---Sammlung--30-Ebooks-.rar
2014-09-09 22:05 - 2014-09-09 22:08 - 04209030 _____ () C:\Users\Marion\Downloads\Kami_Garcia_-_Sammlung_5_Ebooks.rar
2014-09-09 22:03 - 2014-09-09 22:04 - 03694010 _____ () C:\Users\Marion\Downloads\Erin McCarthy - Wenn ich mich verliere.rar
2014-09-08 23:34 - 2014-09-08 23:34 - 03871002 _____ () C:\Users\Marion\Downloads\Elspeth-Cooper---Die-Lieder-der-Erde.rar
2014-09-08 23:28 - 2014-09-08 23:40 - 26064294 _____ () C:\Users\Marion\Downloads\William_Shakespeare_-_Samtliche_Werke_William_Shakespeare_1.rar
2014-09-08 23:14 - 2014-09-08 23:15 - 10590527 _____ () C:\Users\Marion\Downloads\Daniela Katzenberger - Sei schlau, stell dich dumm.rar
2014-09-08 22:56 - 2014-09-08 22:56 - 04081503 _____ () C:\Users\Marion\Downloads\Sharon-Cameron---Stranwyne-Castle---Das-truegerische-Fluestern-des-Windes.rar
2014-09-08 22:56 - 2014-09-08 22:56 - 03219289 _____ () C:\Users\Marion\Downloads\Lynsay-Sands---Die-Braut-des-Schotten.rar
2014-09-08 22:54 - 2014-09-08 22:54 - 05100371 _____ () C:\Users\Marion\Downloads\Roxanne-St.-Claire---Barfuss-ins-Glueck.rar
2014-09-08 22:50 - 2014-09-08 22:51 - 03409363 _____ () C:\Users\Marion\Downloads\Julie-Kagawa---Unsterblich---Tor-der-Nacht-Band-2.rar
2014-09-08 22:44 - 2014-09-08 22:44 - 03732067 _____ () C:\Users\Marion\Downloads\Lisa-Stern---Peinliche-Liebschaften---Unglaubliche-erotische-Geschichten.rar
2014-09-08 22:26 - 2014-09-08 22:26 - 04330356 _____ () C:\Users\Marion\Downloads\Jojo-Moyes---5-Ebooks.rar
2014-09-08 22:24 - 2014-09-08 22:26 - 03301959 _____ () C:\Users\Marion\Downloads\Michael_Fuchs-Gambock_-_Linkin_Park_-_Die_inoffizielle_Biografie.rar
2014-09-08 22:23 - 2014-09-08 22:27 - 13091567 _____ () C:\Users\Marion\Downloads\Melissa Marr - Sommerlicht 1-5.rar
2014-09-08 22:20 - 2014-09-08 22:20 - 03291498 _____ () C:\Users\Marion\Downloads\Beth-Revis---Godspeed-Trilogie.rar
2014-09-08 18:15 - 2014-09-14 23:14 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\Mp3tag
2014-09-08 18:15 - 2014-09-08 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-09-08 18:15 - 2014-09-08 18:15 - 00000000 ____D () C:\Program Files (x86)\Mp3tag
2014-09-08 18:13 - 2014-09-08 18:13 - 02692496 _____ () C:\Users\Marion\Downloads\mp3tagv263setup.exe
2014-09-07 13:42 - 2014-09-07 13:42 - 07022106 _____ () C:\Users\Marion\Downloads\wordpress-4.0-de_DE.zip
2014-09-05 17:43 - 2014-09-18 20:48 - 826175927 _____ () C:\WINDOWS\MEMORY.DMP
2014-09-04 18:06 - 2014-08-23 02:42 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-09-04 18:06 - 2014-08-15 02:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-09-04 18:06 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-09-04 18:06 - 2014-08-06 02:48 - 02374816 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-09-04 18:06 - 2014-08-06 01:46 - 02088648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-09-04 18:06 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-09-04 18:06 - 2014-07-30 03:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-09-04 18:06 - 2014-07-29 07:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-09-03 17:48 - 2014-09-03 17:50 - 00001377 _____ () C:\Users\Public\Desktop\Die Sims 4.lnk
2014-09-03 17:48 - 2014-09-03 17:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4
2014-09-01 22:45 - 2014-09-01 22:47 - 03695525 _____ () C:\Users\Marion\Downloads\Stacey_Jay_-_Romeo_und_Julia_-_kompl._Band_1_u._2.rar
2014-09-01 22:42 - 2014-09-01 22:44 - 06472289 _____ () C:\Users\Marion\Downloads\Philip Pullman - Das Bernstein-Teleskop.rar
2014-09-01 22:41 - 2014-09-01 22:41 - 06364713 _____ () C:\Users\Marion\Downloads\Philip-Pullman---Der-Goldene-Kompass.rar
2014-08-30 21:50 - 2014-08-30 21:50 - 04308696 _____ () C:\Users\Marion\Downloads\Philip-Pullman---Das-Magische-Messer.rar
2014-08-30 21:47 - 2014-08-30 21:57 - 32698830 _____ () C:\Users\Marion\Downloads\JoanneKRowHarry P.Gesamtausg.19.7.14.rar
2014-08-27 21:28 - 2014-08-27 21:28 - 00001199 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Zip.lnk
2014-08-27 21:27 - 2014-08-27 21:27 - 03701908 _____ () C:\Users\Marion\Downloads\Love_01_-_Fischer.rar
2014-08-26 20:18 - 2014-09-11 22:38 - 00000000 ____D () C:\Users\Marion\AppData\Local\Adobe
2014-08-20 20:25 - 2014-08-20 20:25 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-08-20 19:37 - 2014-08-20 19:38 - 00049664 _____ () C:\Users\Marion\Downloads\FaMI 3. AJ 2014-15.xls
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-18 21:13 - 2014-09-18 19:35 - 00022120 _____ () C:\Users\Marion\Desktop\FRST.txt
2014-09-18 21:13 - 2014-09-18 19:35 - 00000000 ____D () C:\FRST
2014-09-18 21:12 - 2014-09-18 21:12 - 00000747 _____ () C:\Users\Marion\Desktop\JRT.txt
2014-09-18 21:09 - 2014-09-18 21:09 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-09-18 21:09 - 2014-06-25 15:09 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1723613562-3815979346-2504557632-1001
2014-09-18 21:08 - 2014-09-18 21:07 - 01016830 _____ (Thisisu) C:\Users\Marion\Desktop\JRT.exe
2014-09-18 21:07 - 2014-07-23 21:54 - 00000000 ___RD () C:\Users\Marion\Dropbox
2014-09-18 21:07 - 2014-07-23 21:51 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\Dropbox
2014-09-18 21:06 - 2014-07-23 21:53 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-18 21:05 - 2014-09-18 21:00 - 00000000 ____D () C:\AdwCleaner
2014-09-18 21:05 - 2014-06-25 17:38 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\ClassicShell
2014-09-18 21:03 - 2014-01-24 04:28 - 00004608 _____ () C:\WINDOWS\system32\VfService.trf
2014-09-18 21:03 - 2013-08-28 10:34 - 00063824 _____ () C:\WINDOWS\PFRO.log
2014-09-18 21:03 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-18 21:02 - 2014-09-18 21:02 - 00004818 _____ () C:\Users\Marion\Desktop\AdwCleaner[S0].txt
2014-09-18 21:02 - 2014-09-18 18:49 - 00001106 _____ () C:\Users\Marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-18 21:02 - 2014-06-28 16:45 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-09-18 21:02 - 2014-06-25 18:11 - 02297928 _____ () C:\Users\Public\CAFADEBUG.log
2014-09-18 21:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-09-18 20:59 - 2014-09-18 20:59 - 01373475 _____ () C:\Users\Marion\Downloads\AdwCleaner_3.310.exe
2014-09-18 20:59 - 2014-01-24 03:44 - 00036414 _____ () C:\WINDOWS\setupact.log
2014-09-18 20:58 - 2014-09-18 20:58 - 00000263 _____ () C:\Users\Marion\Desktop\mbam.txt
2014-09-18 20:56 - 2014-09-18 20:24 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-18 20:49 - 2014-09-18 20:49 - 00471640 _____ () C:\WINDOWS\Minidump\091814-46968-01.dmp
2014-09-18 20:49 - 2014-09-18 20:49 - 00000000 ____D () C:\WINDOWS\Minidump
2014-09-18 20:49 - 2013-08-22 16:44 - 00496584 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-18 20:48 - 2014-09-05 17:43 - 826175927 _____ () C:\WINDOWS\MEMORY.DMP
2014-09-18 20:24 - 2014-09-18 20:24 - 00001129 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-18 20:24 - 2014-09-18 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-09-18 20:24 - 2014-09-18 20:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-18 20:24 - 2014-09-18 20:24 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-09-18 20:24 - 2014-06-26 14:46 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\vlc
2014-09-18 20:24 - 2014-01-24 04:02 - 01232806 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-18 20:23 - 2014-09-18 20:20 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Marion\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-18 20:11 - 2014-07-12 12:54 - 00000000 ____D () C:\ProgramData\Origin
2014-09-18 19:53 - 2014-07-12 12:54 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-18 19:41 - 2014-09-18 19:41 - 00014503 _____ () C:\Users\Marion\Desktop\Gmer.txt
2014-09-18 19:37 - 2014-09-18 19:37 - 00380416 _____ () C:\Users\Marion\Desktop\y6xww3w3.exe
2014-09-18 19:36 - 2014-09-18 19:36 - 00041113 _____ () C:\Users\Marion\Desktop\Addition.txt
2014-09-18 19:35 - 2014-09-18 19:34 - 02105856 _____ (Farbar) C:\Users\Marion\Desktop\FRST64.exe
2014-09-18 19:31 - 2014-09-18 19:31 - 00000034 _____ () C:\WINDOWS\cdplayer.ini
2014-09-18 19:31 - 2014-06-28 17:10 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\Skype
2014-09-18 19:30 - 2014-09-18 19:30 - 00000474 _____ () C:\Users\Marion\Desktop\defogger_disable.log
2014-09-18 19:30 - 2014-09-18 19:30 - 00000000 _____ () C:\Users\Marion\defogger_reenable
2014-09-18 19:30 - 2014-06-25 15:03 - 00000000 ____D () C:\Users\Marion
2014-09-18 19:28 - 2014-09-18 19:28 - 00050477 _____ () C:\Users\Marion\Desktop\Defogger.exe
2014-09-18 19:18 - 2014-09-18 18:44 - 00000000 ____D () C:\Program Files (x86)\Audiograbber
2014-09-18 19:14 - 2014-07-26 20:42 - 00000000 ____D () C:\WINDOWS\System32\Tasks\NCH Software
2014-09-18 19:13 - 2014-09-18 19:13 - 02489752 _____ () C:\Users\Marion\Downloads\geek_1.3.1.38.zip
2014-09-18 19:12 - 2014-09-18 19:12 - 01101648 _____ () C:\Users\Marion\Downloads\GeekUninstaller - CHIP-Installer.exe
2014-09-18 19:04 - 2014-01-24 04:38 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2014-09-18 19:04 - 2014-01-24 04:38 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2014-09-18 19:04 - 2013-08-28 10:36 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-09-18 18:53 - 2014-09-18 18:47 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-09-18 18:52 - 2014-09-18 18:52 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\dlg
2014-09-18 18:51 - 2014-09-18 18:51 - 00001150 _____ () C:\Users\Public\Desktop\Audiograbber.lnk
2014-09-18 18:51 - 2014-09-18 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audiograbber
2014-09-18 18:51 - 2014-08-17 16:33 - 00000000 ____D () C:\Users\Marion\AppData\Local\CrashDumps
2014-09-18 18:47 - 2014-09-18 18:47 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Abelssoft
2014-09-18 18:47 - 2014-09-18 18:47 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\Abelssoft
2014-09-18 18:47 - 2014-09-18 18:47 - 00000000 ____D () C:\Users\Marion\AppData\Local\Abelssoft
2014-09-18 18:47 - 2014-09-18 18:47 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-09-18 18:46 - 2014-09-18 18:46 - 01101648 _____ () C:\Users\Marion\Downloads\Audiograbber - CHIP-Installer.exe
2014-09-18 18:44 - 2014-09-18 18:44 - 00400569 _____ () C:\Users\Marion\Downloads\agmp3plugin.exe
2014-09-18 18:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-09-17 17:48 - 2014-07-10 19:31 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\Spotify
2014-09-17 17:09 - 2014-07-10 19:33 - 00000000 ____D () C:\Users\Marion\AppData\Local\Spotify
2014-09-17 07:30 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-09-17 07:29 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-09-15 00:39 - 2014-09-11 18:21 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-14 23:14 - 2014-09-08 18:15 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\Mp3tag
2014-09-14 21:04 - 2014-08-11 23:15 - 00001152 _____ () C:\Users\Marion\Desktop\Amazon Music.lnk
2014-09-14 17:23 - 2014-06-27 19:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-13 15:54 - 2014-09-13 15:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-12 20:25 - 2014-06-25 15:04 - 00000000 ____D () C:\Users\Marion\AppData\Local\Packages
2014-09-12 19:01 - 2014-09-12 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-12 19:01 - 2014-09-12 19:01 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-12 19:01 - 2014-09-12 19:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-12 19:00 - 2014-09-12 19:00 - 13087456 _____ (Microsoft Corporation) C:\Users\Marion\Downloads\Silverlight_x64.exe
2014-09-11 22:38 - 2014-08-26 20:18 - 00000000 ____D () C:\Users\Marion\AppData\Local\Adobe
2014-09-11 21:41 - 2014-07-02 21:29 - 00000000 ____D () C:\Users\Marion\Documents\My Digital Editions
2014-09-11 18:22 - 2014-09-11 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-11 18:22 - 2014-09-11 18:21 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-11 18:22 - 2014-09-11 18:21 - 00000000 ____D () C:\Program Files\iTunes
2014-09-11 18:21 - 2014-09-11 18:21 - 00000000 ____D () C:\Program Files\iPod
2014-09-10 17:51 - 2014-09-10 17:51 - 00003152 _____ () C:\WINDOWS\System32\Tasks\{94A15115-EB9C-4D31-AB8A-761440CE7A6A}
2014-09-10 17:51 - 2014-06-28 16:44 - 00000000 ____D () C:\Program Files (x86)\VR-NetWorld
2014-09-10 17:49 - 2014-09-10 17:48 - 42988342 _____ (Volksbanken Raiffeisenbanken ) C:\Users\Marion\Downloads\VRNetWorldSW_51311.exe
2014-09-09 23:25 - 2014-09-09 23:22 - 06018962 _____ () C:\Users\Marion\Downloads\Elspeth_Cooper_-_Der_Schleier_der_Macht_-_Die_Lieder_der_Erde_3.rar
2014-09-09 22:30 - 2014-09-09 22:29 - 03389614 _____ () C:\Users\Marion\Downloads\Miranda J. Fox - Zuckersuesses Chaos.rar
2014-09-09 22:26 - 2014-09-09 22:25 - 06891725 _____ () C:\Users\Marion\Downloads\Norbert-Hofer---Wordpress-Crashkurs.rar
2014-09-09 22:13 - 2014-09-09 22:12 - 05133784 _____ () C:\Users\Marion\Downloads\Elspeth-Cooper---Die-wilde-Jagd---Die-Lieder-der-Erde-2.rar
2014-09-09 22:09 - 2014-09-09 22:09 - 13143533 _____ () C:\Users\Marion\Downloads\Lynsay-Sands---Sammlung--30-Ebooks-.rar
2014-09-09 22:08 - 2014-09-09 22:05 - 04209030 _____ () C:\Users\Marion\Downloads\Kami_Garcia_-_Sammlung_5_Ebooks.rar
2014-09-09 22:04 - 2014-09-09 22:03 - 03694010 _____ () C:\Users\Marion\Downloads\Erin McCarthy - Wenn ich mich verliere.rar
2014-09-09 22:02 - 2014-07-08 19:02 - 10036224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2014-09-09 22:02 - 2014-06-28 16:45 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-09-08 23:40 - 2014-09-08 23:28 - 26064294 _____ () C:\Users\Marion\Downloads\William_Shakespeare_-_Samtliche_Werke_William_Shakespeare_1.rar
2014-09-08 23:34 - 2014-09-08 23:34 - 03871002 _____ () C:\Users\Marion\Downloads\Elspeth-Cooper---Die-Lieder-der-Erde.rar
2014-09-08 23:15 - 2014-09-08 23:14 - 10590527 _____ () C:\Users\Marion\Downloads\Daniela Katzenberger - Sei schlau, stell dich dumm.rar
2014-09-08 22:56 - 2014-09-08 22:56 - 04081503 _____ () C:\Users\Marion\Downloads\Sharon-Cameron---Stranwyne-Castle---Das-truegerische-Fluestern-des-Windes.rar
2014-09-08 22:56 - 2014-09-08 22:56 - 03219289 _____ () C:\Users\Marion\Downloads\Lynsay-Sands---Die-Braut-des-Schotten.rar
2014-09-08 22:54 - 2014-09-08 22:54 - 05100371 _____ () C:\Users\Marion\Downloads\Roxanne-St.-Claire---Barfuss-ins-Glueck.rar
2014-09-08 22:51 - 2014-09-08 22:50 - 03409363 _____ () C:\Users\Marion\Downloads\Julie-Kagawa---Unsterblich---Tor-der-Nacht-Band-2.rar
2014-09-08 22:44 - 2014-09-08 22:44 - 03732067 _____ () C:\Users\Marion\Downloads\Lisa-Stern---Peinliche-Liebschaften---Unglaubliche-erotische-Geschichten.rar
2014-09-08 22:27 - 2014-09-08 22:23 - 13091567 _____ () C:\Users\Marion\Downloads\Melissa Marr - Sommerlicht 1-5.rar
2014-09-08 22:26 - 2014-09-08 22:26 - 04330356 _____ () C:\Users\Marion\Downloads\Jojo-Moyes---5-Ebooks.rar
2014-09-08 22:26 - 2014-09-08 22:24 - 03301959 _____ () C:\Users\Marion\Downloads\Michael_Fuchs-Gambock_-_Linkin_Park_-_Die_inoffizielle_Biografie.rar
2014-09-08 22:20 - 2014-09-08 22:20 - 03291498 _____ () C:\Users\Marion\Downloads\Beth-Revis---Godspeed-Trilogie.rar
2014-09-08 18:15 - 2014-09-08 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-09-08 18:15 - 2014-09-08 18:15 - 00000000 ____D () C:\Program Files (x86)\Mp3tag
2014-09-08 18:13 - 2014-09-08 18:13 - 02692496 _____ () C:\Users\Marion\Downloads\mp3tagv263setup.exe
2014-09-07 13:42 - 2014-09-07 13:42 - 07022106 _____ () C:\Users\Marion\Downloads\wordpress-4.0-de_DE.zip
2014-09-04 18:06 - 2013-08-22 17:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-04 00:00 - 2014-07-12 17:44 - 00000000 ____D () C:\Users\Marion\Documents\Electronic Arts
2014-09-03 21:10 - 2014-07-02 20:22 - 00000000 ____D () C:\Users\Marion\Documents\Marion
2014-09-03 17:50 - 2014-09-03 17:48 - 00001377 _____ () C:\Users\Public\Desktop\Die Sims 4.lnk
2014-09-03 17:48 - 2014-09-03 17:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4
2014-09-03 17:27 - 2014-07-12 12:57 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-02 19:45 - 2014-06-28 17:09 - 00000000 ____D () C:\ProgramData\Skype
2014-09-01 22:47 - 2014-09-01 22:45 - 03695525 _____ () C:\Users\Marion\Downloads\Stacey_Jay_-_Romeo_und_Julia_-_kompl._Band_1_u._2.rar
2014-09-01 22:44 - 2014-09-01 22:42 - 06472289 _____ () C:\Users\Marion\Downloads\Philip Pullman - Das Bernstein-Teleskop.rar
2014-09-01 22:41 - 2014-09-01 22:41 - 06364713 _____ () C:\Users\Marion\Downloads\Philip-Pullman---Der-Goldene-Kompass.rar
2014-08-31 19:01 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-31 18:56 - 2013-08-22 17:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-08-30 21:57 - 2014-08-30 21:47 - 32698830 _____ () C:\Users\Marion\Downloads\JoanneKRowHarry P.Gesamtausg.19.7.14.rar
2014-08-30 21:50 - 2014-08-30 21:50 - 04308696 _____ () C:\Users\Marion\Downloads\Philip-Pullman---Das-Magische-Messer.rar
2014-08-30 19:55 - 2014-06-27 19:56 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-27 21:28 - 2014-08-27 21:28 - 00001199 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Zip.lnk
2014-08-27 21:27 - 2014-08-27 21:27 - 03701908 _____ () C:\Users\Marion\Downloads\Love_01_-_Fischer.rar
2014-08-24 14:57 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-08-23 02:42 - 2014-09-04 18:06 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-21 19:04 - 2014-06-25 17:57 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-21 19:01 - 2014-06-25 17:57 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-20 20:25 - 2014-08-20 20:25 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-08-20 20:25 - 2014-06-28 17:16 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\Apple Computer
2014-08-20 19:38 - 2014-08-20 19:37 - 00049664 _____ () C:\Users\Marion\Downloads\FaMI 3. AJ 2014-15.xls
Some content of TEMP:
====================
C:\Users\Marion\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmk4czi.dll
C:\Users\Marion\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-14 23:48
==================== End Of Log ============================
|
|
19.09.2014, 09:58
| #4 |
| /// the machine /// TB-Ausbilder | Windows 8.1: yahoo community smartbar engine lies sich nicht deinstallierenESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
19.09.2014, 21:39
| #5 |
| | Windows 8.1: yahoo community smartbar engine lies sich nicht deinstallieren Nach den Logs habe ich keine Probleme mehr fest gestellt. ESET Log Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=512809142082224bb77ffca22ea34517
# engine=20232
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-09-19 01:52:34
# local_time=2014-09-19 03:52:34 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Norton 360'
# compatibility_mode=3598 16777213 100 100 331203 161797249 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 7255643 15518274 0 0
# scanned=256958
# found=16
# cleaned=0
# scan_time=4456
sh=BC4AF78CFE083FC375445D079DF0AB5171A85EDD ft=1 fh=747cb20379d7e303 vn="Variante von Win32/Bundled.Toolbar.Google.C potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\ExpressZip\expresszip.exe.vir"
sh=CAFC5F8E028371A142AAE51D35B75E8A04F647C7 ft=1 fh=94fcdce65e5dedde vn="Variante von Win32/Bundled.Toolbar.Google.C potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\ExpressZip\expresszipsetup_v2.18.exe.vir"
sh=F630B8D640E0C63D799247231AC7A7391124E102 ft=1 fh=64ba7250e07c6511 vn="Variante von Win32/Bundled.Toolbar.Google.C potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\Switch\switch.exe.vir"
sh=57DAEFF5BAFAFD2F58B9ECBD040B127AA959D80D ft=1 fh=97deb929c6156460 vn="Variante von Win32/Bundled.Toolbar.Google.C potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\Switch\switchsetup_v4.53.exe.vir"
sh=0E2466CFBF2A6BF3CB2E39B5B3340054EC872E56 ft=1 fh=b85d834eb1ab0668 vn="Variante von Win32/DownloadGuide.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marion\AppData\Local\Temp\DMR\Downloads\fc14996dfa99adfc7baae624196888c5\76334be22960e48fc136e160ca1d3cf4\agsetup183se_v3.0.0.67.exe"
sh=00E358003E82516A33E3D834CDA66362E1CE113D ft=1 fh=bed6c6187d6e6527 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marion\AppData\Roaming\Mozilla\Firefox\Profiles\xw1zhgji.default\extensions\{125f00d5-18a3-b508-b12e-ef2d8952862c}\components\SmartbarFireFoxRemotePlugin_26.dll"
sh=3A3E33010480F28C82F13F9B82A8A8250A4E24C9 ft=1 fh=dac6c464e5f8caf3 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marion\AppData\Roaming\Mozilla\Firefox\Profiles\xw1zhgji.default\extensions\{125f00d5-18a3-b508-b12e-ef2d8952862c}\components\SmartbarFireFoxRemotePlugin_27.dll"
sh=E924ACC7D0ADA5E9DCD9BF470F43C111DA7DCAC0 ft=1 fh=f7ce5c0d4777c675 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marion\AppData\Roaming\Mozilla\Firefox\Profiles\xw1zhgji.default\extensions\{125f00d5-18a3-b508-b12e-ef2d8952862c}\components\SmartbarFireFoxRemotePlugin_28.dll"
sh=3104A4AF7EE939C3A72311EEFC655D9E90C84E6D ft=1 fh=20179e17001b2b68 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marion\AppData\Roaming\Mozilla\Firefox\Profiles\xw1zhgji.default\extensions\{125f00d5-18a3-b508-b12e-ef2d8952862c}\components\SmartbarFireFoxRemotePlugin_29.dll"
sh=4BEC847ED8A9161B730C7FC3CE8BF88B459AFC26 ft=1 fh=64a2134b5fbfb573 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marion\AppData\Roaming\Mozilla\Firefox\Profiles\xw1zhgji.default\extensions\{125f00d5-18a3-b508-b12e-ef2d8952862c}\components\SmartbarFireFoxRemotePlugin_30.dll"
sh=188BCFB0653F0BBCE88A1E22BC3CC8FD0C433134 ft=1 fh=96d9225e06f9ddbf vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marion\AppData\Roaming\Mozilla\Firefox\Profiles\xw1zhgji.default\extensions\{125f00d5-18a3-b508-b12e-ef2d8952862c}\components\SmartbarFireFoxRemotePlugin_31.dll"
sh=BF51F05D5EE34C3DE7CB98D04D124C83F5333EBB ft=1 fh=bed5c3c335aae4ae vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Marion\Downloads\avc-free_5.6.4.exe"
sh=D2877BAFF5D5255B99A36553EB3DCFE33AF84B64 ft=1 fh=89a52a9237a3cf0b vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung" ac=I fn="C:\Users\Marion\Downloads\FreeAudioConverter-5.0.45.716.exe"
sh=57DAEFF5BAFAFD2F58B9ECBD040B127AA959D80D ft=1 fh=97deb929c6156460 vn="Variante von Win32/Bundled.Toolbar.Google.C potenziell unsichere Anwendung" ac=I fn="C:\Users\Marion\Downloads\switchsetupDE.exe"
sh=DD8D791EF618CF7E811163BD85712B508835F16B ft=0 fh=0000000000000000 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\e10be.msi"
sh=DBA4D7540C69C6492D48E688A00B51387685F8A6 ft=1 fh=fb092140bceb8039 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="F:\Marion Großmann\ApnStub.exe"
Code:
ATTFilter Results of screen317's Security Check version 0.99.87
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Windows Defender
Norton 360
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 67
Adobe Flash Player 15.0.0.152
Adobe Reader XI
Mozilla Firefox (32.0.1)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Marion (administrator) on LENOVO-PC on 19-09-2014 22:32:59
Running from C:\Users\Marion\Desktop
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\n360.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\n360.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Users\Marion\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Dropbox, Inc.) C:\Users\Marion\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Users\Marion\Desktop\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17200_none_fa7026dd9b04586e\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\consent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-08] (Intel Corporation)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2013-07-19] (Realtek semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2780400 2013-09-13] (Synaptics Incorporated)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111056 2014-01-24] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2014-01-24] (Lenovo(beijing) Limited)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [903384 2013-07-24] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1723613562-3815979346-2504557632-1001\...\Run: [Amazon Music] => C:\Users\Marion\AppData\Local\Amazon Music\Amazon Music Helper.exe [6281536 2014-09-06] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VR-NetWorld Auftragsprüfung.lnk
ShortcutTarget: VR-NetWorld Auftragsprüfung.lnk -> C:\Program Files (x86)\VR-NetWorld\VRToolCheckOrder.exe (VR-NetWorld Software)
Startup: C:\Users\Marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Marion\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: ShareOverlay -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: ShareOverlay -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.de/
SearchScopes: HKLM - {F64CB580-68FB-4612-8274-14AD608AF674} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Marion\AppData\Roaming\Mozilla\Firefox\Profiles\xw1zhgji.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: intel.com/AppUpx64 -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll No File
FF SearchPlugin: C:\Users\Marion\AppData\Roaming\Mozilla\Firefox\Profiles\xw1zhgji.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Marion\AppData\Roaming\Mozilla\Firefox\Profiles\xw1zhgji.default\searchplugins\google-maps.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Yahoo Community Smartbar - C:\Users\Marion\AppData\Roaming\Mozilla\Firefox\Profiles\xw1zhgji.default\Extensions\{125f00d5-18a3-b508-b12e-ef2d8952862c} [2014-09-18]
FF Extension: Ghostery - C:\Users\Marion\AppData\Roaming\Mozilla\Firefox\Profiles\xw1zhgji.default\Extensions\firefox@ghostery.com.xpi [2014-07-09]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-09-13]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.2.0.38\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.2.0.38\coFFPlgn [2014-09-19]
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-08-07] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [976600 2013-09-05] (Broadcom Corporation.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2369720 2014-08-01] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-08] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1663880 2014-05-06] ()
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\N360.exe [265040 2014-07-31] (Symantec Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-01-24] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-08-07] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7474864 2013-08-07] (Broadcom Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\BASHDefs\20140912.003\BHDrvx64.sys [1586904 2014-09-13] (Symantec Corporation)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1505000.013\ccSetx64.sys [162392 2014-02-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\IPSDefs\20140918.003\IDSvia64.sys [633560 2014-08-29] (Symantec Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\VirusDefs\20140918.025\ENG64.SYS [129752 2014-08-21] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\VirusDefs\20140918.025\EX64.SYS [2137304 2014-08-21] (Symantec Corporation)
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation )
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8247640 2013-07-19] (Realtek Semiconductor Corp.)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-13] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1505000.013\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1505000.013\SRTSPX64.SYS [36952 2013-10-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1505000.013\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1505000.013\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1505000.013\SymELAM.sys [23568 2013-10-30] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-06-27] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1505000.013\Ironx64.SYS [264280 2013-10-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1505000.013\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-19 22:32 - 2014-09-19 22:32 - 00000840 _____ () C:\Users\Marion\Desktop\checkup.txt
2014-09-19 22:25 - 2014-09-19 22:25 - 00854417 _____ () C:\Users\Marion\Desktop\SecurityCheck.exe
2014-09-19 14:31 - 2014-09-19 14:31 - 02347384 _____ (ESET) C:\Users\Marion\Downloads\esetsmartinstaller_deu.exe
2014-09-18 21:14 - 2014-09-18 21:14 - 00048990 _____ () C:\Users\Marion\Desktop\FRST1.txt
2014-09-18 21:12 - 2014-09-18 21:12 - 00000747 _____ () C:\Users\Marion\Desktop\JRT.txt
2014-09-18 21:09 - 2014-09-18 21:09 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-09-18 21:07 - 2014-09-18 21:08 - 01016830 _____ (Thisisu) C:\Users\Marion\Desktop\JRT.exe
2014-09-18 21:02 - 2014-09-18 21:02 - 00004818 _____ () C:\Users\Marion\Desktop\AdwCleaner[S0].txt
2014-09-18 21:00 - 2014-09-18 21:05 - 00000000 ____D () C:\AdwCleaner
2014-09-18 20:59 - 2014-09-18 20:59 - 01373475 _____ () C:\Users\Marion\Downloads\AdwCleaner_3.310.exe
2014-09-18 20:58 - 2014-09-18 20:58 - 00000263 _____ () C:\Users\Marion\Desktop\mbam.txt
2014-09-18 20:49 - 2014-09-18 20:49 - 00471640 _____ () C:\WINDOWS\Minidump\091814-46968-01.dmp
2014-09-18 20:49 - 2014-09-18 20:49 - 00000000 ____D () C:\WINDOWS\Minidump
2014-09-18 20:24 - 2014-09-18 20:56 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-18 20:24 - 2014-09-18 20:24 - 00001129 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-18 20:24 - 2014-09-18 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-09-18 20:24 - 2014-09-18 20:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-18 20:24 - 2014-09-18 20:24 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-09-18 20:24 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-09-18 20:24 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-09-18 20:24 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-09-18 20:20 - 2014-09-18 20:23 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Marion\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-18 19:41 - 2014-09-18 19:41 - 00014503 _____ () C:\Users\Marion\Desktop\Gmer.txt
2014-09-18 19:37 - 2014-09-18 19:37 - 00380416 _____ () C:\Users\Marion\Desktop\y6xww3w3.exe
2014-09-18 19:36 - 2014-09-18 19:36 - 00041113 _____ () C:\Users\Marion\Desktop\Addition.txt
2014-09-18 19:35 - 2014-09-19 22:33 - 00000000 ____D () C:\FRST
2014-09-18 19:35 - 2014-09-19 22:32 - 00022661 _____ () C:\Users\Marion\Desktop\FRST.txt
2014-09-18 19:34 - 2014-09-18 19:35 - 02105856 _____ (Farbar) C:\Users\Marion\Desktop\FRST64.exe
2014-09-18 19:31 - 2014-09-18 21:22 - 00000034 _____ () C:\WINDOWS\cdplayer.ini
2014-09-18 19:30 - 2014-09-18 19:30 - 00000474 _____ () C:\Users\Marion\Desktop\defogger_disable.log
2014-09-18 19:30 - 2014-09-18 19:30 - 00000000 _____ () C:\Users\Marion\defogger_reenable
2014-09-18 19:28 - 2014-09-18 19:28 - 00050477 _____ () C:\Users\Marion\Desktop\Defogger.exe
2014-09-18 19:13 - 2014-09-18 19:13 - 02489752 _____ () C:\Users\Marion\Downloads\geek_1.3.1.38.zip
2014-09-18 19:12 - 2014-09-18 19:12 - 01101648 _____ () C:\Users\Marion\Downloads\GeekUninstaller - CHIP-Installer.exe
2014-09-18 18:52 - 2014-09-18 18:52 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\dlg
2014-09-18 18:51 - 2014-09-18 18:51 - 00001150 _____ () C:\Users\Public\Desktop\Audiograbber.lnk
2014-09-18 18:51 - 2014-09-18 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audiograbber
2014-09-18 18:49 - 2014-09-18 21:02 - 00001106 _____ () C:\Users\Marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-18 18:47 - 2014-09-18 18:53 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-09-18 18:47 - 2014-09-18 18:47 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Abelssoft
2014-09-18 18:47 - 2014-09-18 18:47 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\Abelssoft
2014-09-18 18:47 - 2014-09-18 18:47 - 00000000 ____D () C:\Users\Marion\AppData\Local\Abelssoft
2014-09-18 18:47 - 2014-09-18 18:47 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-09-18 18:47 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\WINDOWS\SysWOW64\dhRichClient3.dll
2014-09-18 18:47 - 2011-03-25 20:42 - 00338432 _____ () C:\WINDOWS\SysWOW64\sqlite36_engine.dll
2014-09-18 18:46 - 2014-09-18 18:46 - 01101648 _____ () C:\Users\Marion\Downloads\Audiograbber - CHIP-Installer.exe
2014-09-18 18:44 - 2014-09-18 21:22 - 00000000 ____D () C:\Program Files (x86)\Audiograbber
2014-09-18 18:44 - 2014-09-18 18:44 - 00400569 _____ () C:\Users\Marion\Downloads\agmp3plugin.exe
2014-09-13 15:54 - 2014-09-13 15:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-12 19:01 - 2014-09-12 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-12 19:01 - 2014-09-12 19:01 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-12 19:01 - 2014-09-12 19:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-12 19:00 - 2014-09-12 19:00 - 13087456 _____ (Microsoft Corporation) C:\Users\Marion\Downloads\Silverlight_x64.exe
2014-09-11 18:22 - 2014-09-11 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-11 18:21 - 2014-09-15 00:39 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-11 18:21 - 2014-09-11 18:22 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-11 18:21 - 2014-09-11 18:22 - 00000000 ____D () C:\Program Files\iTunes
2014-09-11 18:21 - 2014-09-11 18:21 - 00000000 ____D () C:\Program Files\iPod
2014-09-10 17:51 - 2014-09-10 17:51 - 00003152 _____ () C:\WINDOWS\System32\Tasks\{94A15115-EB9C-4D31-AB8A-761440CE7A6A}
2014-09-10 17:48 - 2014-09-10 17:49 - 42988342 _____ (Volksbanken Raiffeisenbanken ) C:\Users\Marion\Downloads\VRNetWorldSW_51311.exe
2014-09-09 23:22 - 2014-09-09 23:25 - 06018962 _____ () C:\Users\Marion\Downloads\Elspeth_Cooper_-_Der_Schleier_der_Macht_-_Die_Lieder_der_Erde_3.rar
2014-09-09 22:29 - 2014-09-09 22:30 - 03389614 _____ () C:\Users\Marion\Downloads\Miranda J. Fox - Zuckersuesses Chaos.rar
2014-09-09 22:25 - 2014-09-09 22:26 - 06891725 _____ () C:\Users\Marion\Downloads\Norbert-Hofer---Wordpress-Crashkurs.rar
2014-09-09 22:12 - 2014-09-09 22:13 - 05133784 _____ () C:\Users\Marion\Downloads\Elspeth-Cooper---Die-wilde-Jagd---Die-Lieder-der-Erde-2.rar
2014-09-09 22:09 - 2014-09-09 22:09 - 13143533 _____ () C:\Users\Marion\Downloads\Lynsay-Sands---Sammlung--30-Ebooks-.rar
2014-09-09 22:05 - 2014-09-09 22:08 - 04209030 _____ () C:\Users\Marion\Downloads\Kami_Garcia_-_Sammlung_5_Ebooks.rar
2014-09-09 22:03 - 2014-09-09 22:04 - 03694010 _____ () C:\Users\Marion\Downloads\Erin McCarthy - Wenn ich mich verliere.rar
2014-09-08 23:34 - 2014-09-08 23:34 - 03871002 _____ () C:\Users\Marion\Downloads\Elspeth-Cooper---Die-Lieder-der-Erde.rar
2014-09-08 23:28 - 2014-09-08 23:40 - 26064294 _____ () C:\Users\Marion\Downloads\William_Shakespeare_-_Samtliche_Werke_William_Shakespeare_1.rar
2014-09-08 23:14 - 2014-09-08 23:15 - 10590527 _____ () C:\Users\Marion\Downloads\Daniela Katzenberger - Sei schlau, stell dich dumm.rar
2014-09-08 22:56 - 2014-09-08 22:56 - 04081503 _____ () C:\Users\Marion\Downloads\Sharon-Cameron---Stranwyne-Castle---Das-truegerische-Fluestern-des-Windes.rar
2014-09-08 22:56 - 2014-09-08 22:56 - 03219289 _____ () C:\Users\Marion\Downloads\Lynsay-Sands---Die-Braut-des-Schotten.rar
2014-09-08 22:54 - 2014-09-08 22:54 - 05100371 _____ () C:\Users\Marion\Downloads\Roxanne-St.-Claire---Barfuss-ins-Glueck.rar
2014-09-08 22:50 - 2014-09-08 22:51 - 03409363 _____ () C:\Users\Marion\Downloads\Julie-Kagawa---Unsterblich---Tor-der-Nacht-Band-2.rar
2014-09-08 22:44 - 2014-09-08 22:44 - 03732067 _____ () C:\Users\Marion\Downloads\Lisa-Stern---Peinliche-Liebschaften---Unglaubliche-erotische-Geschichten.rar
2014-09-08 22:26 - 2014-09-08 22:26 - 04330356 _____ () C:\Users\Marion\Downloads\Jojo-Moyes---5-Ebooks.rar
2014-09-08 22:24 - 2014-09-08 22:26 - 03301959 _____ () C:\Users\Marion\Downloads\Michael_Fuchs-Gambock_-_Linkin_Park_-_Die_inoffizielle_Biografie.rar
2014-09-08 22:23 - 2014-09-08 22:27 - 13091567 _____ () C:\Users\Marion\Downloads\Melissa Marr - Sommerlicht 1-5.rar
2014-09-08 22:20 - 2014-09-08 22:20 - 03291498 _____ () C:\Users\Marion\Downloads\Beth-Revis---Godspeed-Trilogie.rar
2014-09-08 18:15 - 2014-09-14 23:14 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\Mp3tag
2014-09-08 18:15 - 2014-09-08 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-09-08 18:15 - 2014-09-08 18:15 - 00000000 ____D () C:\Program Files (x86)\Mp3tag
2014-09-08 18:13 - 2014-09-08 18:13 - 02692496 _____ () C:\Users\Marion\Downloads\mp3tagv263setup.exe
2014-09-07 13:42 - 2014-09-07 13:42 - 07022106 _____ () C:\Users\Marion\Downloads\wordpress-4.0-de_DE.zip
2014-09-05 17:43 - 2014-09-18 20:48 - 826175927 _____ () C:\WINDOWS\MEMORY.DMP
2014-09-04 18:06 - 2014-08-23 02:42 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-09-04 18:06 - 2014-08-15 02:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-09-04 18:06 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-09-04 18:06 - 2014-08-06 02:48 - 02374816 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-09-04 18:06 - 2014-08-06 01:46 - 02088648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-09-04 18:06 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-09-04 18:06 - 2014-07-30 03:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-09-04 18:06 - 2014-07-29 07:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-09-03 17:48 - 2014-09-03 17:50 - 00001377 _____ () C:\Users\Public\Desktop\Die Sims 4.lnk
2014-09-03 17:48 - 2014-09-03 17:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4
2014-09-01 22:45 - 2014-09-01 22:47 - 03695525 _____ () C:\Users\Marion\Downloads\Stacey_Jay_-_Romeo_und_Julia_-_kompl._Band_1_u._2.rar
2014-09-01 22:42 - 2014-09-01 22:44 - 06472289 _____ () C:\Users\Marion\Downloads\Philip Pullman - Das Bernstein-Teleskop.rar
2014-09-01 22:41 - 2014-09-01 22:41 - 06364713 _____ () C:\Users\Marion\Downloads\Philip-Pullman---Der-Goldene-Kompass.rar
2014-08-30 21:50 - 2014-08-30 21:50 - 04308696 _____ () C:\Users\Marion\Downloads\Philip-Pullman---Das-Magische-Messer.rar
2014-08-30 21:47 - 2014-08-30 21:57 - 32698830 _____ () C:\Users\Marion\Downloads\JoanneKRowHarry P.Gesamtausg.19.7.14.rar
2014-08-27 21:28 - 2014-08-27 21:28 - 00001199 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Zip.lnk
2014-08-27 21:27 - 2014-08-27 21:27 - 03701908 _____ () C:\Users\Marion\Downloads\Love_01_-_Fischer.rar
2014-08-26 20:18 - 2014-09-11 22:38 - 00000000 ____D () C:\Users\Marion\AppData\Local\Adobe
2014-08-20 20:25 - 2014-08-20 20:25 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-08-20 19:37 - 2014-08-20 19:38 - 00049664 _____ () C:\Users\Marion\Downloads\FaMI 3. AJ 2014-15.xls
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-19 22:33 - 2014-09-18 19:35 - 00022661 _____ () C:\Users\Marion\Desktop\FRST.txt
2014-09-19 22:33 - 2014-09-18 19:35 - 00000000 ____D () C:\FRST
2014-09-19 22:32 - 2014-09-19 22:32 - 00000840 _____ () C:\Users\Marion\Desktop\checkup.txt
2014-09-19 22:30 - 2014-01-24 04:38 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2014-09-19 22:30 - 2014-01-24 04:38 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2014-09-19 22:30 - 2013-08-28 10:36 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-09-19 22:25 - 2014-09-19 22:25 - 00854417 _____ () C:\Users\Marion\Desktop\SecurityCheck.exe
2014-09-19 22:24 - 2014-07-23 21:54 - 00000000 ___RD () C:\Users\Marion\Dropbox
2014-09-19 22:24 - 2014-07-23 21:51 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\Dropbox
2014-09-19 22:24 - 2014-01-24 04:02 - 01612060 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-19 22:24 - 2013-08-22 17:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-19 22:23 - 2013-08-28 10:34 - 00064650 _____ () C:\WINDOWS\PFRO.log
2014-09-19 22:23 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-19 15:58 - 2014-06-25 18:11 - 02320596 _____ () C:\Users\Public\CAFADEBUG.log
2014-09-19 15:58 - 2014-01-24 04:28 - 00004608 _____ () C:\WINDOWS\system32\VfService.trf
2014-09-19 15:57 - 2014-06-25 17:38 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\ClassicShell
2014-09-19 15:02 - 2014-06-28 16:45 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-09-19 15:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-09-19 14:31 - 2014-09-19 14:31 - 02347384 _____ (ESET) C:\Users\Marion\Downloads\esetsmartinstaller_deu.exe
2014-09-19 14:25 - 2014-06-25 15:09 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1723613562-3815979346-2504557632-1001
2014-09-19 14:24 - 2014-01-24 03:44 - 00036861 _____ () C:\WINDOWS\setupact.log
2014-09-18 21:22 - 2014-09-18 19:31 - 00000034 _____ () C:\WINDOWS\cdplayer.ini
2014-09-18 21:22 - 2014-09-18 18:44 - 00000000 ____D () C:\Program Files (x86)\Audiograbber
2014-09-18 21:14 - 2014-09-18 21:14 - 00048990 _____ () C:\Users\Marion\Desktop\FRST1.txt
2014-09-18 21:12 - 2014-09-18 21:12 - 00000747 _____ () C:\Users\Marion\Desktop\JRT.txt
2014-09-18 21:09 - 2014-09-18 21:09 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-09-18 21:08 - 2014-09-18 21:07 - 01016830 _____ (Thisisu) C:\Users\Marion\Desktop\JRT.exe
2014-09-18 21:06 - 2014-07-23 21:53 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-18 21:05 - 2014-09-18 21:00 - 00000000 ____D () C:\AdwCleaner
2014-09-18 21:02 - 2014-09-18 21:02 - 00004818 _____ () C:\Users\Marion\Desktop\AdwCleaner[S0].txt
2014-09-18 21:02 - 2014-09-18 18:49 - 00001106 _____ () C:\Users\Marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-18 20:59 - 2014-09-18 20:59 - 01373475 _____ () C:\Users\Marion\Downloads\AdwCleaner_3.310.exe
2014-09-18 20:58 - 2014-09-18 20:58 - 00000263 _____ () C:\Users\Marion\Desktop\mbam.txt
2014-09-18 20:56 - 2014-09-18 20:24 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-18 20:49 - 2014-09-18 20:49 - 00471640 _____ () C:\WINDOWS\Minidump\091814-46968-01.dmp
2014-09-18 20:49 - 2014-09-18 20:49 - 00000000 ____D () C:\WINDOWS\Minidump
2014-09-18 20:49 - 2013-08-22 16:44 - 00496584 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-18 20:48 - 2014-09-05 17:43 - 826175927 _____ () C:\WINDOWS\MEMORY.DMP
2014-09-18 20:24 - 2014-09-18 20:24 - 00001129 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-18 20:24 - 2014-09-18 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-09-18 20:24 - 2014-09-18 20:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-18 20:24 - 2014-09-18 20:24 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-09-18 20:24 - 2014-06-26 14:46 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\vlc
2014-09-18 20:23 - 2014-09-18 20:20 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Marion\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-18 20:11 - 2014-07-12 12:54 - 00000000 ____D () C:\ProgramData\Origin
2014-09-18 19:53 - 2014-07-12 12:54 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-18 19:41 - 2014-09-18 19:41 - 00014503 _____ () C:\Users\Marion\Desktop\Gmer.txt
2014-09-18 19:37 - 2014-09-18 19:37 - 00380416 _____ () C:\Users\Marion\Desktop\y6xww3w3.exe
2014-09-18 19:36 - 2014-09-18 19:36 - 00041113 _____ () C:\Users\Marion\Desktop\Addition.txt
2014-09-18 19:35 - 2014-09-18 19:34 - 02105856 _____ (Farbar) C:\Users\Marion\Desktop\FRST64.exe
2014-09-18 19:31 - 2014-06-28 17:10 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\Skype
2014-09-18 19:30 - 2014-09-18 19:30 - 00000474 _____ () C:\Users\Marion\Desktop\defogger_disable.log
2014-09-18 19:30 - 2014-09-18 19:30 - 00000000 _____ () C:\Users\Marion\defogger_reenable
2014-09-18 19:30 - 2014-06-25 15:03 - 00000000 ____D () C:\Users\Marion
2014-09-18 19:28 - 2014-09-18 19:28 - 00050477 _____ () C:\Users\Marion\Desktop\Defogger.exe
2014-09-18 19:14 - 2014-07-26 20:42 - 00000000 ____D () C:\WINDOWS\System32\Tasks\NCH Software
2014-09-18 19:13 - 2014-09-18 19:13 - 02489752 _____ () C:\Users\Marion\Downloads\geek_1.3.1.38.zip
2014-09-18 19:12 - 2014-09-18 19:12 - 01101648 _____ () C:\Users\Marion\Downloads\GeekUninstaller - CHIP-Installer.exe
2014-09-18 18:53 - 2014-09-18 18:47 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-09-18 18:52 - 2014-09-18 18:52 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\dlg
2014-09-18 18:51 - 2014-09-18 18:51 - 00001150 _____ () C:\Users\Public\Desktop\Audiograbber.lnk
2014-09-18 18:51 - 2014-09-18 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audiograbber
2014-09-18 18:51 - 2014-08-17 16:33 - 00000000 ____D () C:\Users\Marion\AppData\Local\CrashDumps
2014-09-18 18:47 - 2014-09-18 18:47 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Abelssoft
2014-09-18 18:47 - 2014-09-18 18:47 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\Abelssoft
2014-09-18 18:47 - 2014-09-18 18:47 - 00000000 ____D () C:\Users\Marion\AppData\Local\Abelssoft
2014-09-18 18:47 - 2014-09-18 18:47 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-09-18 18:46 - 2014-09-18 18:46 - 01101648 _____ () C:\Users\Marion\Downloads\Audiograbber - CHIP-Installer.exe
2014-09-18 18:44 - 2014-09-18 18:44 - 00400569 _____ () C:\Users\Marion\Downloads\agmp3plugin.exe
2014-09-18 18:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-09-17 17:48 - 2014-07-10 19:31 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\Spotify
2014-09-17 17:09 - 2014-07-10 19:33 - 00000000 ____D () C:\Users\Marion\AppData\Local\Spotify
2014-09-17 07:30 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-09-17 07:29 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-09-15 00:39 - 2014-09-11 18:21 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-14 23:14 - 2014-09-08 18:15 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\Mp3tag
2014-09-14 21:04 - 2014-08-11 23:15 - 00001152 _____ () C:\Users\Marion\Desktop\Amazon Music.lnk
2014-09-14 17:23 - 2014-06-27 19:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-13 15:54 - 2014-09-13 15:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-12 20:25 - 2014-06-25 15:04 - 00000000 ____D () C:\Users\Marion\AppData\Local\Packages
2014-09-12 19:01 - 2014-09-12 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-12 19:01 - 2014-09-12 19:01 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-12 19:01 - 2014-09-12 19:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-12 19:00 - 2014-09-12 19:00 - 13087456 _____ (Microsoft Corporation) C:\Users\Marion\Downloads\Silverlight_x64.exe
2014-09-11 22:38 - 2014-08-26 20:18 - 00000000 ____D () C:\Users\Marion\AppData\Local\Adobe
2014-09-11 21:41 - 2014-07-02 21:29 - 00000000 ____D () C:\Users\Marion\Documents\My Digital Editions
2014-09-11 18:22 - 2014-09-11 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-11 18:22 - 2014-09-11 18:21 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-11 18:22 - 2014-09-11 18:21 - 00000000 ____D () C:\Program Files\iTunes
2014-09-11 18:21 - 2014-09-11 18:21 - 00000000 ____D () C:\Program Files\iPod
2014-09-10 17:51 - 2014-09-10 17:51 - 00003152 _____ () C:\WINDOWS\System32\Tasks\{94A15115-EB9C-4D31-AB8A-761440CE7A6A}
2014-09-10 17:51 - 2014-06-28 16:44 - 00000000 ____D () C:\Program Files (x86)\VR-NetWorld
2014-09-10 17:49 - 2014-09-10 17:48 - 42988342 _____ (Volksbanken Raiffeisenbanken ) C:\Users\Marion\Downloads\VRNetWorldSW_51311.exe
2014-09-09 23:25 - 2014-09-09 23:22 - 06018962 _____ () C:\Users\Marion\Downloads\Elspeth_Cooper_-_Der_Schleier_der_Macht_-_Die_Lieder_der_Erde_3.rar
2014-09-09 22:30 - 2014-09-09 22:29 - 03389614 _____ () C:\Users\Marion\Downloads\Miranda J. Fox - Zuckersuesses Chaos.rar
2014-09-09 22:26 - 2014-09-09 22:25 - 06891725 _____ () C:\Users\Marion\Downloads\Norbert-Hofer---Wordpress-Crashkurs.rar
2014-09-09 22:13 - 2014-09-09 22:12 - 05133784 _____ () C:\Users\Marion\Downloads\Elspeth-Cooper---Die-wilde-Jagd---Die-Lieder-der-Erde-2.rar
2014-09-09 22:09 - 2014-09-09 22:09 - 13143533 _____ () C:\Users\Marion\Downloads\Lynsay-Sands---Sammlung--30-Ebooks-.rar
2014-09-09 22:08 - 2014-09-09 22:05 - 04209030 _____ () C:\Users\Marion\Downloads\Kami_Garcia_-_Sammlung_5_Ebooks.rar
2014-09-09 22:04 - 2014-09-09 22:03 - 03694010 _____ () C:\Users\Marion\Downloads\Erin McCarthy - Wenn ich mich verliere.rar
2014-09-09 22:02 - 2014-07-08 19:02 - 10036224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2014-09-09 22:02 - 2014-06-28 16:45 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-09-08 23:40 - 2014-09-08 23:28 - 26064294 _____ () C:\Users\Marion\Downloads\William_Shakespeare_-_Samtliche_Werke_William_Shakespeare_1.rar
2014-09-08 23:34 - 2014-09-08 23:34 - 03871002 _____ () C:\Users\Marion\Downloads\Elspeth-Cooper---Die-Lieder-der-Erde.rar
2014-09-08 23:15 - 2014-09-08 23:14 - 10590527 _____ () C:\Users\Marion\Downloads\Daniela Katzenberger - Sei schlau, stell dich dumm.rar
2014-09-08 22:56 - 2014-09-08 22:56 - 04081503 _____ () C:\Users\Marion\Downloads\Sharon-Cameron---Stranwyne-Castle---Das-truegerische-Fluestern-des-Windes.rar
2014-09-08 22:56 - 2014-09-08 22:56 - 03219289 _____ () C:\Users\Marion\Downloads\Lynsay-Sands---Die-Braut-des-Schotten.rar
2014-09-08 22:54 - 2014-09-08 22:54 - 05100371 _____ () C:\Users\Marion\Downloads\Roxanne-St.-Claire---Barfuss-ins-Glueck.rar
2014-09-08 22:51 - 2014-09-08 22:50 - 03409363 _____ () C:\Users\Marion\Downloads\Julie-Kagawa---Unsterblich---Tor-der-Nacht-Band-2.rar
2014-09-08 22:44 - 2014-09-08 22:44 - 03732067 _____ () C:\Users\Marion\Downloads\Lisa-Stern---Peinliche-Liebschaften---Unglaubliche-erotische-Geschichten.rar
2014-09-08 22:27 - 2014-09-08 22:23 - 13091567 _____ () C:\Users\Marion\Downloads\Melissa Marr - Sommerlicht 1-5.rar
2014-09-08 22:26 - 2014-09-08 22:26 - 04330356 _____ () C:\Users\Marion\Downloads\Jojo-Moyes---5-Ebooks.rar
2014-09-08 22:26 - 2014-09-08 22:24 - 03301959 _____ () C:\Users\Marion\Downloads\Michael_Fuchs-Gambock_-_Linkin_Park_-_Die_inoffizielle_Biografie.rar
2014-09-08 22:20 - 2014-09-08 22:20 - 03291498 _____ () C:\Users\Marion\Downloads\Beth-Revis---Godspeed-Trilogie.rar
2014-09-08 18:15 - 2014-09-08 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-09-08 18:15 - 2014-09-08 18:15 - 00000000 ____D () C:\Program Files (x86)\Mp3tag
2014-09-08 18:13 - 2014-09-08 18:13 - 02692496 _____ () C:\Users\Marion\Downloads\mp3tagv263setup.exe
2014-09-07 13:42 - 2014-09-07 13:42 - 07022106 _____ () C:\Users\Marion\Downloads\wordpress-4.0-de_DE.zip
2014-09-04 00:00 - 2014-07-12 17:44 - 00000000 ____D () C:\Users\Marion\Documents\Electronic Arts
2014-09-03 21:10 - 2014-07-02 20:22 - 00000000 ____D () C:\Users\Marion\Documents\Marion
2014-09-03 17:50 - 2014-09-03 17:48 - 00001377 _____ () C:\Users\Public\Desktop\Die Sims 4.lnk
2014-09-03 17:48 - 2014-09-03 17:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4
2014-09-03 17:27 - 2014-07-12 12:57 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-02 19:45 - 2014-06-28 17:09 - 00000000 ____D () C:\ProgramData\Skype
2014-09-01 22:47 - 2014-09-01 22:45 - 03695525 _____ () C:\Users\Marion\Downloads\Stacey_Jay_-_Romeo_und_Julia_-_kompl._Band_1_u._2.rar
2014-09-01 22:44 - 2014-09-01 22:42 - 06472289 _____ () C:\Users\Marion\Downloads\Philip Pullman - Das Bernstein-Teleskop.rar
2014-09-01 22:41 - 2014-09-01 22:41 - 06364713 _____ () C:\Users\Marion\Downloads\Philip-Pullman---Der-Goldene-Kompass.rar
2014-08-31 19:01 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-31 18:56 - 2013-08-22 17:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-08-30 21:57 - 2014-08-30 21:47 - 32698830 _____ () C:\Users\Marion\Downloads\JoanneKRowHarry P.Gesamtausg.19.7.14.rar
2014-08-30 21:50 - 2014-08-30 21:50 - 04308696 _____ () C:\Users\Marion\Downloads\Philip-Pullman---Das-Magische-Messer.rar
2014-08-30 19:55 - 2014-06-27 19:56 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-27 21:28 - 2014-08-27 21:28 - 00001199 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Zip.lnk
2014-08-27 21:27 - 2014-08-27 21:27 - 03701908 _____ () C:\Users\Marion\Downloads\Love_01_-_Fischer.rar
2014-08-24 14:57 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-08-23 02:42 - 2014-09-04 18:06 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-21 19:04 - 2014-06-25 17:57 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-21 19:01 - 2014-06-25 17:57 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-20 20:25 - 2014-08-20 20:25 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-08-20 20:25 - 2014-06-28 17:16 - 00000000 ____D () C:\Users\Marion\AppData\Roaming\Apple Computer
2014-08-20 19:38 - 2014-08-20 19:37 - 00049664 _____ () C:\Users\Marion\Downloads\FaMI 3. AJ 2014-15.xls
Some content of TEMP:
====================
C:\Users\Marion\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpb_kh_w.dll
C:\Users\Marion\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-14 23:48
==================== End Of Log ============================
Gestern Abend waren kurzzeitig alle meine Einstellungen bezüglich der Windows-Oberfläche weg. Doch als ich den PC heute mittag wieder gestartet habe war alls wieder normal. Ansonsten habe ich keine Probleme mehr. Vielen Dank für die Hilfe |
|
20.09.2014, 15:23
| #6 |
| /// the machine /// TB-Ausbilder | Windows 8.1: yahoo community smartbar engine lies sich nicht deinstallieren Revo Uninstaller - Download - Filepony damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren. Dann: https://support.mozilla.org/de/kb/fi...einfach-loesen Downloade dir bitte  Farbar Service Scanner
Poste bitte den Inhalt hier.
__________________ --> Windows 8.1: yahoo community smartbar engine lies sich nicht deinstallieren |
|
21.09.2014, 10:34
| #7 |
| | Windows 8.1: yahoo community smartbar engine lies sich nicht deinstallieren Hallo, hier das FSS.txt: Code:
ATTFilter Farbar Service Scanner Version: 21-07-2014
Ran by Marion (administrator) on 21-09-2014 at 11:33:25
Running from "C:\Users\Marion\Downloads"
Microsoft Windows 8.1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Action Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".
Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
**** End of log ****
|
|
22.09.2014, 07:35
| #8 |
| /// the machine /// TB-Ausbilder | Windows 8.1: yahoo community smartbar engine lies sich nicht deinstallieren Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.09.2014, 17:49
| #9 |
| | Windows 8.1: yahoo community smartbar engine lies sich nicht deinstallieren Es läuft alles wieder super Vielen, vielen Dank für deine Hilfe. Es hat mal wieder richtig schnell und super funktioniert. Liebe Grüße, Valarauco |
|
23.09.2014, 18:24
| #10 |
| /// the machine /// TB-Ausbilder | Windows 8.1: yahoo community smartbar engine lies sich nicht deinstallieren Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 8.1: yahoo community smartbar engine lies sich nicht deinstallieren |
| abelssoft, branding, converter, device driver, feedback, fehlercode 126, flash player, homepage, linkury, msil/toolbar.linkury.g, newtab, required, security, services.exe, software, super, svchost.exe, symantec, trojaner, updates, win32/bundled.toolbar.ask.g, win32/bundled.toolbar.google.c, win32/downloadguide.a, win32/opencandy.a, win32/toolbar.linkury.d, windows, yahoo community smartbar |
Linear-Darstellung
