| |
| |||||||
Log-Analyse und Auswertung: Windows 8: regelmäßig bluescreens / Defender-Echtzeitschutz nicht aktivierbarWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
26.10.2013, 09:46
| #1 |
 |  Windows 8: regelmäßig bluescreens / Defender-Echtzeitschutz nicht aktivierbar Liebes Forum, ich benötige mal wieder Hilfe. Sehr häufig startet mein Windows8-PC nach einem Bluescreen neu. Als Fehlermeldgung erscheint meistens KERNEL_DATA_INPUT_ERROR, manchmal aber auch was anderes, was ich mir nicht merken konnte. Seit heute ist auch der Echtzeitschutz des Windows Defender nicht mehr aktiviert und ich kann ihn auch nicht einschalten. Malwarebytes hat nichts gefunden. Bei GMER gab es mehrfach die Fehlermeldung, daß er nicht auf C:\WINDOWS\system32\config\system und einmal auch C:\Users\Admin\ntuser.dat zugreifen kann. Der Scan wurde auch mehrfach abgebrochen, aber schließlich hat es funktioniert. Hier die Logs. Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 10:03 on 26/10/2013 (Admin)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-10-2013
Ran by Christina (ATTENTION: The logged in user is not administrator) on LENOVO-PC on 26-10-2013 10:40:43
Running from C:\Users\Christina\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\TouchControl.exe
(Lenovo Group Limited) C:\PROGRA~1\Lenovo\HOTKEY\MKRMSG.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\x64\avfulsvr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Dropbox, Inc.) C:\Users\Christina\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CyberLink Corp.) C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Western Digital) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dolby Laboratories Inc.) c:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
() C:\Program Files\Lenovo Fingerprint Reader\x86\IEWebSiteLogon.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-14] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] - C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [TpShocks] - C:\WINDOWS\system32\TpShocks.exe [222720 2012-08-24] (Lenovo.)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [LnvMobHotspotClient] - C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [937976 2013-06-25] (Lenovo)
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [593408 2013-07-04] (Lenovo Corporation)
HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [LenovoOptMouseUpdate] - C:\Program Files\Lenovo\HOTKEY\extapsup.exe [255480 2013-06-20] (Lenovo Group Limited)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-04-24] (Synaptics Incorporated)
HKLM\...\RunOnce: [*WerKernelReporting] - %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [439488 2013-07-09] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
MountPoints2: {03349f90-fa08-11e2-be9f-6036dd7e786c} - "E:\autorun.exe"
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)
HKLM-x32\...\Run: [RotateImage] - C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [64000 2012-08-10] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [IntelSBA] - C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe [4267784 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IndexSearch] - C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] - C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] - C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini [333 2013-04-06] ()
HKLM-x32\...\Run: [PDFHook] - C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] - C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] - C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [WD Drive Unlocker] - C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-06-13] (Western Digital)
HKLM-x32\...\Run: [WD Quick View] - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5537136 2013-08-14] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [PWMTRV] - C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL [6618920 2013-08-01] (Lenovo Group Limited)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Startup: C:\Users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Christina\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13-comm.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM - DefaultScope {63A968EE-78D4-48FA-97B8-EEC590270981} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM - {63A968EE-78D4-48FA-97B8-EEC590270981} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM-x32 - DefaultScope {63A968EE-78D4-48FA-97B8-EEC590270981} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM-x32 - {63A968EE-78D4-48FA-97B8-EEC590270981} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKCU - DefaultScope {63A968EE-78D4-48FA-97B8-EEC590270981} URL =
SearchScopes: HKCU - {63A968EE-78D4-48FA-97B8-EEC590270981} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: TrueSuite Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\Lenovo Fingerprint Reader\IEBHO.DLL (AuthenTec Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: SwissAcademic.Citavi.Picker.IEPicker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\Lenovo Fingerprint Reader\x86\IEBHO.dll (AuthenTec Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default
FF Homepage: about:home
FF Keyword.URL: https://www.startpage.com/do/search?language=deutsch&cat=web&query=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @authentec.com/ffwloplugin - C:\Program Files\Lenovo Fingerprint Reader\npffwloplugin.dll (AuthenTec, Inc)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\searchplugins\leo-eng-deu-v20.xml
FF SearchPlugin: C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\searchplugins\startpage-https---deutsch.xml
FF SearchPlugin: C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\searchplugins\youtube-videosuche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: HTTPS-Everywhere - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\Extensions\https-everywhere@eff.org
FF Extension: Password Hasher - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\Extensions\passhash@mozilla.wijjo.com
FF Extension: WOT - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: 2.0 - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\Extensions\2.0@disconnect.me.xpi
FF Extension: contextMenuExtension - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\Extensions\contextMenuExtension@leo.org.xpi
FF Extension: firefox - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\Extensions\firefox@ghostery.com.xpi
FF Extension: defaults - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\Extensions\{6bdc61ae-7b80-44a3-9476-e1d121ec2238}.xpi
FF Extension: Adblock Plus - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: dta - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
Chrome:
=======
CHR Extension: (Docs) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Website Logon) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\iokmdlapebooifaijckgcmncjdpojmjl\6.0.200_0
CHR Extension: (Gmail) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [iokmdlapebooifaijckgcmncjdpojmjl] - C:\Program Files\Lenovo Fingerprint Reader\x86\tschrome.crx
==================== Services (Whitelisted) =================
S3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [565760 2013-07-04] (Lenovo Corporation)
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2012-12-29] (IvoSoft)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [218112 2013-05-28] ()
R2 FPLService; C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe [2139496 2012-08-31] (AuthenTec, Inc)
R2 HiSuiteOuc64.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe [137024 2013-07-11] ()
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [197632 2013-05-02] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 intelsba; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [47368 2012-07-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-05] (Intel Corporation)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2044408 2013-07-17] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [579400 2013-02-08] (LENOVO INCORPORATED.)
S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [687104 2013-07-04] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
R2 lmhosts; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [468984 2013-06-25] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [465912 2013-06-21] ()
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1674720 2013-09-25] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-07-31] (Nitro PDF Software)
R2 NlaSvc; C:\Windows\System32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22888 2013-09-17] ()
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2013-08-14] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270704 2013-08-14] (Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [121728 2012-08-27] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
S3 pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [19032 2013-03-07] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [9584 2013-03-07] ()
R3 RCUVCAVS; C:\Windows\system32\DRIVERS\RCUVCAVS.sys [149632 2012-10-22] (Ricoh co.,Ltd.)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288480 2012-12-13] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-03-18] (Synaptics Incorporated)
S3 SWIX64; C:\Program Files (x86)\Lenovo\System Update\tvsuhd64.sys [33856 2012-09-12] (Lenovo Group Limited)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
U3 fxryrpog; \??\C:\Users\Admin\AppData\Local\Temp\fxryrpog.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-26 10:40 - 2013-10-26 10:40 - 01956086 _____ (Farbar) C:\Users\Christina\Desktop\FRST64.exe
2013-10-26 10:34 - 2013-10-26 10:34 - 00013941 _____ C:\Users\Christina\Desktop\gmer.log
2013-10-26 10:30 - 2013-10-26 10:34 - 00000160 _____ C:\Users\Christina\Desktop\prob.txt
2013-10-26 10:24 - 2013-10-26 10:28 - 00000022 _____ C:\WINDOWS\S.dirmngr
2013-10-25 18:46 - 2013-10-25 18:46 - 00000016 ____H C:\Users\Christina\SyncToy_fa86564d-a98c-4d6f-bda2-df058a0b7606.dat
2013-10-24 20:38 - 2013-10-24 20:40 - 58929152 _____ C:\Users\Christina\Downloads\calibre-64bit-1.7.0.msi
2013-10-24 19:07 - 2013-10-24 19:07 - 00000000 ____D C:\ProgramData\Intel.sav
2013-10-24 19:07 - 2013-10-24 19:07 - 00000000 ____D C:\Program Files (x86)\Cisco
2013-10-16 22:50 - 2013-10-16 22:50 - 00312744 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-10-16 22:50 - 2013-10-16 22:50 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-10-16 22:50 - 2013-10-16 22:50 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-10-16 22:50 - 2013-10-16 22:50 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2013-10-16 22:50 - 2013-10-16 22:50 - 00000000 ____D C:\Program Files\Java
2013-10-16 22:49 - 2013-10-16 22:49 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2013-10-16 22:49 - 2013-10-16 22:49 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2013-10-16 22:49 - 2013-10-16 22:49 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2013-10-16 22:49 - 2013-10-16 22:49 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2013-10-16 22:49 - 2013-10-16 22:49 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-13 21:57 - 2013-10-13 21:57 - 00001273 _____ C:\Users\Christina\Desktop\MediathekView - Verknüpfung.lnk
2013-10-11 23:26 - 2013-10-11 23:26 - 00000959 _____ C:\Users\Christina\Desktop\calibre.lnk
2013-10-11 23:24 - 2013-10-11 23:24 - 00000030 _____ C:\WINDOWS\success64.log
2013-10-11 23:21 - 2013-10-11 23:24 - 00000000 ____D C:\Program Files\Common Files\Lenovo
2013-10-11 23:19 - 2013-03-18 15:18 - 00171248 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo17.dll
2013-10-11 23:19 - 2013-03-18 15:18 - 00033008 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2013-10-11 23:19 - 2009-08-07 09:49 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2013-10-11 23:06 - 2013-10-11 23:07 - 00711376 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-11 22:52 - 2013-10-11 22:52 - 00000000 ____D C:\Users\Default\AppData\Local\Tvsukernel
2013-10-11 22:52 - 2013-10-11 22:52 - 00000000 ____D C:\Users\Default User\AppData\Local\Tvsukernel
2013-10-11 22:37 - 2012-12-27 17:01 - 00760032 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2013-10-11 22:37 - 2012-12-27 17:01 - 00074344 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2013-10-11 22:24 - 2013-10-26 10:19 - 00000000 ____D C:\Users\Christina\AppData\Roaming\vlc
2013-10-11 22:16 - 2013-07-16 16:38 - 00002149 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DesktopToastsForCriticalUpdates.lnk
2013-10-11 22:16 - 2013-07-16 16:38 - 00002149 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DesktopToastsForCriticalUpdates.lnk
2013-10-11 21:51 - 2013-10-11 21:51 - 00000000 ____D C:\FRST
2013-10-11 21:50 - 2013-10-26 10:03 - 00000472 _____ C:\Users\Christina\Desktop\defogger_disable.log
2013-10-11 21:50 - 2013-10-11 21:50 - 00000000 _____ C:\Users\Admin\defogger_reenable
2013-10-11 21:40 - 2013-10-11 21:41 - 00050477 _____ C:\Users\Christina\Desktop\Defogger.exe
2013-10-11 21:40 - 2013-10-11 21:40 - 00377856 _____ C:\Users\Christina\Desktop\gmer_2.1.19163.exe
2013-10-11 21:37 - 2013-09-14 03:15 - 00059416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2013-10-11 21:37 - 2013-09-14 00:36 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2013-10-11 21:37 - 2013-09-14 00:36 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ubpm.dll
2013-10-11 21:37 - 2013-09-14 00:36 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2013-10-11 21:37 - 2013-09-14 00:36 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2013-10-11 21:37 - 2013-09-14 00:36 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2013-10-11 21:37 - 2013-09-14 00:34 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2013-10-11 21:37 - 2013-09-14 00:33 - 03279360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2013-10-11 21:37 - 2013-09-14 00:33 - 01622016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2013-10-11 21:37 - 2013-09-14 00:33 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2013-10-11 21:37 - 2013-09-14 00:33 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2013-10-11 21:37 - 2013-09-14 00:33 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2013-10-11 21:37 - 2013-09-14 00:33 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2013-10-11 21:37 - 2013-09-14 00:33 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2013-10-11 21:37 - 2013-09-14 00:33 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2013-10-11 21:37 - 2013-08-30 07:43 - 00061784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2013-10-11 21:37 - 2013-08-30 07:20 - 01173504 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2013-10-11 21:37 - 2013-08-30 01:48 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2013-10-11 21:37 - 2013-08-21 08:39 - 00465240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2013-10-11 21:37 - 2013-08-10 08:30 - 00151896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2013-10-11 21:37 - 2013-08-10 07:21 - 00817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2013-10-11 21:37 - 2013-08-10 05:58 - 00656896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2013-10-11 21:37 - 2013-07-25 01:10 - 10799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2013-10-11 21:37 - 2013-07-25 01:07 - 13661696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2013-10-11 21:37 - 2013-07-12 03:38 - 00599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2013-10-11 21:37 - 2013-07-12 03:30 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2013-10-11 21:35 - 2013-10-11 21:35 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Malwarebytes
2013-10-11 21:29 - 2013-10-11 22:20 - 00000000 ____D C:\Program Files\VideoLAN
2013-10-10 19:34 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-10-10 19:34 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-10-10 19:34 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-10-10 19:34 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-10-10 19:34 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-10-10 19:34 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-10-10 19:34 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2013-10-10 19:34 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2013-10-10 19:34 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-10-10 19:34 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-10-10 19:34 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-10-10 19:34 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-10-10 19:34 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-10-10 19:34 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-10-10 19:34 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-10-10 19:34 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2013-10-10 19:34 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2013-10-10 19:34 - 2013-07-06 02:15 - 00652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2013-10-10 19:34 - 2013-07-04 04:13 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2013-10-10 19:34 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2013-10-10 19:34 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2013-10-10 19:34 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2013-10-10 19:34 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2013-10-10 19:34 - 2013-04-29 00:28 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2013-10-10 19:34 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2013-10-10 19:34 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2013-10-10 19:34 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2013-10-10 19:34 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2013-10-10 19:34 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2013-10-10 19:34 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2013-10-10 19:34 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2013-10-10 19:34 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2013-10-10 19:34 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2013-10-10 19:33 - 2013-08-23 07:11 - 04040192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-10-10 19:33 - 2013-07-20 00:13 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 19:33 - 2013-07-20 00:13 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 19:33 - 2013-07-06 00:02 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbcir.sys
2013-10-10 19:33 - 2013-07-06 00:01 - 00210560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2013-10-10 19:33 - 2013-07-02 03:41 - 00447320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2013-10-10 19:33 - 2013-07-02 03:41 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-10-10 19:33 - 2013-07-02 03:41 - 00213336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2013-10-10 19:33 - 2013-07-02 00:14 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbprint.sys
2013-10-10 19:33 - 2013-07-01 03:42 - 00623448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2013-10-10 19:33 - 2013-07-01 03:42 - 00498008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2013-10-10 19:33 - 2013-07-01 03:42 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2013-10-10 19:33 - 2013-07-01 03:42 - 00021848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2013-10-10 19:33 - 2013-06-29 05:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2013-10-10 19:33 - 2013-06-29 05:07 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2013-10-10 19:33 - 2013-06-29 05:07 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2013-10-10 19:33 - 2013-06-29 05:06 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2013-10-10 19:33 - 2013-06-22 07:45 - 00785624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2013-10-10 19:33 - 2013-06-22 07:45 - 00054488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2013-10-10 19:33 - 2013-05-27 01:17 - 00035328 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2013-10-10 19:33 - 2013-05-27 00:59 - 00046080 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2013-10-10 19:33 - 2013-05-25 05:15 - 00362496 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2013-10-10 19:33 - 2013-05-25 04:32 - 00300032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2013-10-09 22:42 - 2013-10-09 22:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-09 22:42 - 2013-10-09 22:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-09 22:42 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-10-08 22:12 - 2013-10-08 22:12 - 06199000 _____ C:\WINDOWS\system32\Drivers\Netwfw00.dat
2013-10-08 22:12 - 2013-10-08 22:12 - 03345376 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\NETwew00.sys
2013-10-08 22:12 - 2013-10-08 22:12 - 02193136 _____ (Intel Corporation) C:\WINDOWS\system32\Netwuw01.dll
2013-10-01 20:52 - 2013-10-26 10:37 - 00000000 ___RD C:\Users\Christina\Dropbox
2013-10-01 20:52 - 2013-10-14 20:46 - 00001042 _____ C:\Users\Christina\Desktop\Dropbox.lnk
2013-10-01 20:50 - 2013-10-14 20:46 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-10-01 20:48 - 2013-10-26 10:37 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Dropbox
2013-09-29 00:03 - 2013-08-10 07:21 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2013-09-29 00:03 - 2013-08-10 07:21 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncInfo.dll
2013-09-29 00:03 - 2013-08-10 05:58 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2013-09-29 00:03 - 2013-08-03 08:40 - 01374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2013-09-29 00:03 - 2013-08-03 08:40 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2013-09-29 00:03 - 2013-08-03 08:40 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx
2013-09-29 00:03 - 2013-08-03 07:14 - 00399360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2013-09-29 00:03 - 2013-08-03 07:13 - 01245696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2013-09-29 00:03 - 2013-08-03 07:13 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2013-09-29 00:03 - 2013-08-02 08:28 - 19758080 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2013-09-29 00:03 - 2013-08-02 08:28 - 10116608 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-09-29 00:03 - 2013-08-02 08:28 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2013-09-29 00:03 - 2013-08-02 08:26 - 02304512 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2013-09-29 00:03 - 2013-08-02 07:08 - 17561088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2013-09-29 00:03 - 2013-08-02 07:08 - 08858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-09-29 00:03 - 2013-08-02 07:08 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2013-09-29 00:03 - 2013-08-02 07:06 - 02035712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2013-09-29 00:03 - 2013-08-01 12:41 - 02233688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2013-09-29 00:03 - 2013-07-31 01:30 - 00386923 _____ C:\WINDOWS\system32\ApnDatabase.xml
2013-09-29 00:03 - 2013-07-25 01:10 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2013-09-29 00:03 - 2013-07-25 01:06 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2013-09-29 00:03 - 2013-04-10 01:17 - 01125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2013-09-29 00:03 - 2013-04-10 00:29 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2013-09-27 23:35 - 2013-09-27 23:35 - 00000000 ____D C:\Users\Christina\Downloads\tools_v6.0.7
==================== One Month Modified Files and Folders =======
2013-10-26 10:40 - 2013-10-26 10:40 - 01956086 _____ (Farbar) C:\Users\Christina\Desktop\FRST64.exe
2013-10-26 10:37 - 2013-10-01 20:52 - 00000000 ___RD C:\Users\Christina\Dropbox
2013-10-26 10:37 - 2013-10-01 20:48 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Dropbox
2013-10-26 10:37 - 2013-04-06 19:09 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-10-26 10:34 - 2013-10-26 10:34 - 00013941 _____ C:\Users\Christina\Desktop\gmer.log
2013-10-26 10:34 - 2013-10-26 10:30 - 00000160 _____ C:\Users\Christina\Desktop\prob.txt
2013-10-26 10:31 - 2013-04-06 13:22 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Nitro PDF
2013-10-26 10:29 - 2013-06-11 11:39 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-26 10:28 - 2013-10-26 10:24 - 00000022 _____ C:\WINDOWS\S.dirmngr
2013-10-26 10:28 - 2013-04-27 14:15 - 00008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2013-10-26 10:28 - 2013-04-15 08:45 - 609023378 _____ C:\WINDOWS\MEMORY.DMP
2013-10-26 10:28 - 2013-04-15 08:45 - 00000000 ____D C:\WINDOWS\Minidump
2013-10-26 10:28 - 2012-07-26 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-10-26 10:25 - 2013-04-08 17:22 - 00000192 _____ C:\Users\Christina\AppData\Local\RegisteredPackageInformation.xml
2013-10-26 10:19 - 2013-10-11 22:24 - 00000000 ____D C:\Users\Christina\AppData\Roaming\vlc
2013-10-26 10:16 - 2013-04-27 12:54 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Mp3tag
2013-10-26 10:05 - 2013-06-11 11:39 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-26 10:03 - 2013-10-11 21:50 - 00000472 _____ C:\Users\Christina\Desktop\defogger_disable.log
2013-10-26 10:00 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\sru
2013-10-26 09:59 - 2012-12-15 08:48 - 02045193 _____ C:\WINDOWS\WindowsUpdate.log
2013-10-26 09:47 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-10-26 09:39 - 2013-04-06 13:18 - 00000000 ____D C:\Users\Christina
2013-10-26 09:28 - 2012-12-15 17:27 - 00753134 _____ C:\WINDOWS\system32\perfh007.dat
2013-10-26 09:28 - 2012-12-15 17:27 - 00155826 _____ C:\WINDOWS\system32\perfc007.dat
2013-10-26 09:28 - 2012-07-26 09:28 - 01745416 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-10-25 18:46 - 2013-10-25 18:46 - 00000016 ____H C:\Users\Christina\SyncToy_fa86564d-a98c-4d6f-bda2-df058a0b7606.dat
2013-10-25 17:32 - 2013-04-06 18:16 - 00000000 ____D C:\Users\Admin
2013-10-24 22:16 - 2012-12-15 08:35 - 00000000 ____D C:\Intel
2013-10-24 20:42 - 2013-04-11 12:35 - 00000000 ____D C:\Users\Christina\Documents\Calibre Bibliothek
2013-10-24 20:41 - 2013-09-25 23:56 - 00000000 ____D C:\Program Files\Calibre2
2013-10-24 20:40 - 2013-10-24 20:38 - 58929152 _____ C:\Users\Christina\Downloads\calibre-64bit-1.7.0.msi
2013-10-24 19:09 - 2013-04-27 14:11 - 00000000 ____D C:\ProgramData\Package Cache
2013-10-24 19:09 - 2012-12-15 08:35 - 00000000 ____D C:\Program Files\Intel
2013-10-24 19:08 - 2012-12-15 08:35 - 00000000 ____D C:\ProgramData\Intel
2013-10-24 19:07 - 2013-10-24 19:07 - 00000000 ____D C:\ProgramData\Intel.sav
2013-10-24 19:07 - 2013-10-24 19:07 - 00000000 ____D C:\Program Files (x86)\Cisco
2013-10-24 19:07 - 2012-12-15 08:36 - 00000000 ____D C:\Program Files\Common Files\Intel
2013-10-24 19:07 - 2012-12-15 08:35 - 00000000 ____D C:\Program Files (x86)\Intel
2013-10-24 18:56 - 2013-04-06 14:40 - 00000000 ____D C:\Users\Christina\AppData\Local\Lenovo
2013-10-17 22:01 - 2013-04-06 13:40 - 00000000 ____D C:\Users\Christina\Documents\Referendariat
2013-10-17 21:44 - 2013-04-11 15:28 - 00000000 ____D C:\Users\Christina\AppData\Local\CrashDumps
2013-10-16 22:50 - 2013-10-16 22:50 - 00312744 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-10-16 22:50 - 2013-10-16 22:50 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-10-16 22:50 - 2013-10-16 22:50 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-10-16 22:50 - 2013-10-16 22:50 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2013-10-16 22:50 - 2013-10-16 22:50 - 00000000 ____D C:\Program Files\Java
2013-10-16 22:50 - 2013-09-24 07:31 - 00000000 ____D C:\ProgramData\Oracle
2013-10-16 22:49 - 2013-10-16 22:49 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2013-10-16 22:49 - 2013-10-16 22:49 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2013-10-16 22:49 - 2013-10-16 22:49 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2013-10-16 22:49 - 2013-10-16 22:49 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2013-10-16 22:49 - 2013-10-16 22:49 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-15 18:31 - 2013-04-06 18:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-14 22:14 - 2012-07-26 09:21 - 00048764 _____ C:\WINDOWS\setupact.log
2013-10-14 20:47 - 2013-04-06 13:19 - 00000000 ___RD C:\Users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-14 20:46 - 2013-10-01 20:52 - 00001042 _____ C:\Users\Christina\Desktop\Dropbox.lnk
2013-10-14 20:46 - 2013-10-01 20:50 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-10-13 22:19 - 2013-08-07 18:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-13 22:19 - 2013-04-06 18:42 - 00002101 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2013-10-13 21:57 - 2013-10-13 21:57 - 00001273 _____ C:\Users\Christina\Desktop\MediathekView - Verknüpfung.lnk
2013-10-12 20:38 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\rescache
2013-10-11 23:51 - 2013-04-27 13:55 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2013-10-11 23:26 - 2013-10-11 23:26 - 00000959 _____ C:\Users\Christina\Desktop\calibre.lnk
2013-10-11 23:24 - 2013-10-11 23:24 - 00000030 _____ C:\WINDOWS\success64.log
2013-10-11 23:24 - 2013-10-11 23:21 - 00000000 ____D C:\Program Files\Common Files\Lenovo
2013-10-11 23:20 - 2012-12-15 08:59 - 00001422 _____ C:\WINDOWS\Synaptics.log
2013-10-11 23:20 - 2012-12-15 08:33 - 00099908 _____ C:\WINDOWS\DPINST.LOG
2013-10-11 23:07 - 2013-10-11 23:06 - 00711376 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-11 23:06 - 2012-10-10 01:08 - 00722772 _____ C:\WINDOWS\PFRO.log
2013-10-11 22:52 - 2013-10-11 22:52 - 00000000 ____D C:\Users\Default\AppData\Local\Tvsukernel
2013-10-11 22:52 - 2013-10-11 22:52 - 00000000 ____D C:\Users\Default User\AppData\Local\Tvsukernel
2013-10-11 22:43 - 2012-12-15 08:47 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2013-10-11 22:41 - 2012-07-26 10:12 - 00000000 __RSD C:\WINDOWS\Media
2013-10-11 22:38 - 2013-07-24 22:06 - 00000000 ____D C:\Users\Christina\AppData\Roaming\LSC
2013-10-11 22:37 - 2012-12-15 08:36 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-10-11 22:34 - 2013-05-06 15:24 - 00000000 ____D C:\ldiag
2013-10-11 22:33 - 2012-12-15 08:36 - 00000000 ____D C:\Program Files\Lenovo
2013-10-11 22:20 - 2013-10-11 21:29 - 00000000 ____D C:\Program Files\VideoLAN
2013-10-11 22:18 - 2012-12-15 01:06 - 00000000 ____D C:\ProgramData\Lenovo
2013-10-11 22:15 - 2012-12-15 08:36 - 00000000 ____D C:\Program Files (x86)\Lenovo
2013-10-11 22:03 - 2013-04-06 12:22 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-10-11 21:51 - 2013-10-11 21:51 - 00000000 ____D C:\FRST
2013-10-11 21:50 - 2013-10-11 21:50 - 00000000 _____ C:\Users\Admin\defogger_reenable
2013-10-11 21:43 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\WinStore
2013-10-11 21:41 - 2013-10-11 21:40 - 00050477 _____ C:\Users\Christina\Desktop\Defogger.exe
2013-10-11 21:40 - 2013-10-11 21:40 - 00377856 _____ C:\Users\Christina\Desktop\gmer_2.1.19163.exe
2013-10-11 21:35 - 2013-10-11 21:35 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Malwarebytes
2013-10-11 19:02 - 2013-04-06 23:25 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-11 19:01 - 2013-04-06 23:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-10 22:18 - 2013-05-05 14:29 - 00000000 ____D C:\Users\Christina\Downloads\Cut
2013-10-10 22:17 - 2013-05-05 15:11 - 00000000 ____D C:\Users\Christina\Downloads\CutOriginale
2013-10-10 22:17 - 2013-05-05 14:18 - 00000000 ____D C:\Users\Christina\AppData\Local\ColdCut
2013-10-10 22:16 - 2013-05-05 14:23 - 00025088 _____ C:\Users\Christina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-10 21:25 - 2013-04-06 16:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-10 21:24 - 2013-07-15 16:52 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-10-10 21:21 - 2013-04-06 19:10 - 80541720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-10-09 23:18 - 2013-04-06 12:24 - 00000000 ____D C:\Program Files (x86)\Mp3tag
2013-10-09 22:42 - 2013-10-09 22:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-09 22:42 - 2013-10-09 22:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-08 22:12 - 2013-10-08 22:12 - 06199000 _____ C:\WINDOWS\system32\Drivers\Netwfw00.dat
2013-10-08 22:12 - 2013-10-08 22:12 - 03345376 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\NETwew00.sys
2013-10-08 22:12 - 2013-10-08 22:12 - 02193136 _____ (Intel Corporation) C:\WINDOWS\system32\Netwuw01.dll
2013-10-02 03:38 - 2012-07-26 10:14 - 00694232 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-10-02 03:38 - 2012-07-26 10:14 - 00078296 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-30 22:21 - 2013-04-07 12:55 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Skype
2013-09-29 12:55 - 2013-04-11 12:34 - 00000000 ____D C:\Users\Christina\AppData\Roaming\calibre
2013-09-29 00:09 - 2013-04-06 13:19 - 00000000 ___RD C:\Users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-29 00:08 - 2012-07-26 10:12 - 00000000 ___RD C:\WINDOWS\ToastData
2013-09-28 00:33 - 2013-04-27 16:55 - 00000000 ____D C:\Users\Christina\Documents\My Digital Editions
2013-09-27 23:35 - 2013-09-27 23:35 - 00000000 ____D C:\Users\Christina\Downloads\tools_v6.0.7
2013-09-27 22:18 - 2013-04-06 13:33 - 00000000 ____D C:\Users\Christina\Documents\Citavi 3
2013-09-27 20:26 - 2013-05-05 15:09 - 00000000 ____D C:\ProgramData\DivX
2013-09-27 20:26 - 2013-05-05 15:09 - 00000000 ____D C:\Program Files (x86)\DivX
2013-09-27 20:24 - 2013-05-11 20:05 - 00000000 _____ C:\END
2013-09-26 22:24 - 2013-04-06 13:40 - 00000000 ____D C:\Users\Christina\Documents\Offiziell
Files to move or delete:
====================
C:\Users\Christina\SyncToy_a645ea82-1fcf-4d3a-aed1-3aaa61c38cbc.dat
C:\Users\Christina\SyncToy_fa86564d-a98c-4d6f-bda2-df058a0b7606.dat
Some content of TEMP:
====================
C:\Users\Christina\AppData\Local\Temp\DivXSetup.exe
C:\Users\Christina\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Christina\AppData\Local\Temp\vlc-2.0.7-win32.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-10-26 10:34:54
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000003e HITACHI_HTS727550A9E364 rev.JF3ZD0H0 465,76GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Admin\AppData\Local\Temp\fxryrpog.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe[844] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007ff49e81532 4 bytes [E8, 49, FF, 07]
.text C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe[844] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007ff49e8153a 4 bytes [E8, 49, FF, 07]
.text C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe[844] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007ff49e8165a 4 bytes [E8, 49, FF, 07]
.text C:\Windows\System32\WUDFHost.exe[1332] C:\Windows\System32\MSIMG32.dll!GradientFill + 690 000007ff49e81532 4 bytes [E8, 49, FF, 07]
.text C:\Windows\System32\WUDFHost.exe[1332] C:\Windows\System32\MSIMG32.dll!GradientFill + 698 000007ff49e8153a 4 bytes [E8, 49, FF, 07]
.text C:\Windows\System32\WUDFHost.exe[1332] C:\Windows\System32\MSIMG32.dll!TransparentBlt + 246 000007ff49e8165a 4 bytes [E8, 49, FF, 07]
.text C:\WINDOWS\system32\WLANExt.exe[1480] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007ff4bcd177a 4 bytes [CD, 4B, FF, 07]
.text C:\WINDOWS\system32\WLANExt.exe[1480] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007ff4bcd1782 4 bytes [CD, 4B, FF, 07]
.text C:\WINDOWS\system32\WLANExt.exe[1480] C:\WINDOWS\system32\MSIMG32.dll!GradientFill + 690 000007ff49e81532 4 bytes [E8, 49, FF, 07]
.text C:\WINDOWS\system32\WLANExt.exe[1480] C:\WINDOWS\system32\MSIMG32.dll!GradientFill + 698 000007ff49e8153a 4 bytes [E8, 49, FF, 07]
.text C:\WINDOWS\system32\WLANExt.exe[1480] C:\WINDOWS\system32\MSIMG32.dll!TransparentBlt + 246 000007ff49e8165a 4 bytes [E8, 49, FF, 07]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1992] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007ff49e81532 4 bytes [E8, 49, FF, 07]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1992] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007ff49e8153a 4 bytes [E8, 49, FF, 07]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1992] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007ff49e8165a 4 bytes [E8, 49, FF, 07]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1992] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007ff4bcd177a 4 bytes [CD, 4B, FF, 07]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1992] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007ff4bcd1782 4 bytes [CD, 4B, FF, 07]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1992] C:\WINDOWS\SYSTEM32\WSOCK32.dll!recvfrom + 742 000007ff43cd1b32 4 bytes [CD, 43, FF, 07]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1992] C:\WINDOWS\SYSTEM32\WSOCK32.dll!recvfrom + 750 000007ff43cd1b3a 4 bytes [CD, 43, FF, 07]
.text C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe[2084] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007ff49e81532 4 bytes [E8, 49, FF, 07]
.text C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe[2084] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007ff49e8153a 4 bytes [E8, 49, FF, 07]
.text C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe[2084] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007ff49e8165a 4 bytes [E8, 49, FF, 07]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2376] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007ff4bcd177a 4 bytes [CD, 4B, FF, 07]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2376] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007ff4bcd1782 4 bytes [CD, 4B, FF, 07]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2376] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007ff49e81532 4 bytes [E8, 49, FF, 07]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2376] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007ff49e8153a 4 bytes [E8, 49, FF, 07]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2376] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007ff49e8165a 4 bytes [E8, 49, FF, 07]
.text C:\WINDOWS\system32\svchost.exe[2452] C:\WINDOWS\system32\WSOCK32.dll!recvfrom + 742 000007ff43cd1b32 4 bytes [CD, 43, FF, 07]
.text C:\WINDOWS\system32\svchost.exe[2452] C:\WINDOWS\system32\WSOCK32.dll!recvfrom + 750 000007ff43cd1b3a 4 bytes [CD, 43, FF, 07]
.text C:\Program Files\Windows Defender\MsMpEng.exe[2540] C:\WINDOWS\system32\psapi.dll!GetProcessImageFileNameA + 306 000007ff4bcd177a 4 bytes [CD, 4B, FF, 07]
.text C:\Program Files\Windows Defender\MsMpEng.exe[2540] C:\WINDOWS\system32\psapi.dll!GetProcessImageFileNameA + 314 000007ff4bcd1782 4 bytes [CD, 4B, FF, 07]
.text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2640] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007ff49e81532 4 bytes [E8, 49, FF, 07]
.text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2640] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007ff49e8153a 4 bytes [E8, 49, FF, 07]
.text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2640] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007ff49e8165a 4 bytes [E8, 49, FF, 07]
.text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2640] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007ff4bcd177a 4 bytes [CD, 4B, FF, 07]
.text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2640] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007ff4bcd1782 4 bytes [CD, 4B, FF, 07]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2480] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007ff4bcd177a 4 bytes [CD, 4B, FF, 07]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2480] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007ff4bcd1782 4 bytes [CD, 4B, FF, 07]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2480] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007ff49e81532 4 bytes [E8, 49, FF, 07]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2480] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007ff49e8153a 4 bytes [E8, 49, FF, 07]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2480] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007ff49e8165a 4 bytes [E8, 49, FF, 07]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3644] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007ff4bcd177a 4 bytes [CD, 4B, FF, 07]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3644] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007ff4bcd1782 4 bytes [CD, 4B, FF, 07]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3644] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007ff49e81532 4 bytes [E8, 49, FF, 07]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3644] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007ff49e8153a 4 bytes [E8, 49, FF, 07]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3644] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007ff49e8165a 4 bytes [E8, 49, FF, 07]
.text C:\WINDOWS\Explorer.EXE[3188] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007ff49e81532 4 bytes [E8, 49, FF, 07]
.text C:\WINDOWS\Explorer.EXE[3188] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007ff49e8153a 4 bytes [E8, 49, FF, 07]
.text C:\WINDOWS\Explorer.EXE[3188] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007ff49e8165a 4 bytes [E8, 49, FF, 07]
.text C:\Program Files\Classic Shell\ClassicStartMenu.exe[2512] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007ff49e81532 4 bytes [E8, 49, FF, 07]
.text C:\Program Files\Classic Shell\ClassicStartMenu.exe[2512] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007ff49e8153a 4 bytes [E8, 49, FF, 07]
.text C:\Program Files\Classic Shell\ClassicStartMenu.exe[2512] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007ff49e8165a 4 bytes [E8, 49, FF, 07]
.text C:\Program Files\Lenovo Fingerprint Reader\TouchControl.exe[3452] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007ff49e81532 4 bytes [E8, 49, FF, 07]
.text C:\Program Files\Lenovo Fingerprint Reader\TouchControl.exe[3452] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007ff49e8153a 4 bytes [E8, 49, FF, 07]
.text C:\Program Files\Lenovo Fingerprint Reader\TouchControl.exe[3452] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007ff49e8165a 4 bytes [E8, 49, FF, 07]
.text C:\Program Files\Lenovo Fingerprint Reader\TouchControl.exe[3452] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007ff4bcd177a 4 bytes [CD, 4B, FF, 07]
.text C:\Program Files\Lenovo Fingerprint Reader\TouchControl.exe[3452] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007ff4bcd1782 4 bytes [CD, 4B, FF, 07]
.text C:\Windows\System32\igfxpers.exe[5116] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007ff4bcd177a 4 bytes [CD, 4B, FF, 07]
.text C:\Windows\System32\igfxpers.exe[5116] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007ff4bcd1782 4 bytes [CD, 4B, FF, 07]
.text C:\Windows\System32\rundll32.exe[4540] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007ff49e81532 4 bytes [E8, 49, FF, 07]
.text C:\Windows\System32\rundll32.exe[4540] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007ff49e8153a 4 bytes [E8, 49, FF, 07]
.text C:\Windows\System32\rundll32.exe[4540] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007ff49e8165a 4 bytes [E8, 49, FF, 07]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4416] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007ff4bcd177a 4 bytes [CD, 4B, FF, 07]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[4416] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007ff4bcd1782 4 bytes [CD, 4B, FF, 07]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4932] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007ff4bcd177a 4 bytes [CD, 4B, FF, 07]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4932] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007ff4bcd1782 4 bytes [CD, 4B, FF, 07]
.text C:\WINDOWS\system32\rundll32.exe[5776] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007ff49e81532 4 bytes [E8, 49, FF, 07]
.text C:\WINDOWS\system32\rundll32.exe[5776] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007ff49e8153a 4 bytes [E8, 49, FF, 07]
.text C:\WINDOWS\system32\rundll32.exe[5776] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007ff49e8165a 4 bytes [E8, 49, FF, 07]
.text C:\WINDOWS\system32\rundll32.exe[5776] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007ff4bcd177a 4 bytes [CD, 4B, FF, 07]
.text C:\WINDOWS\system32\rundll32.exe[5776] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007ff4bcd1782 4 bytes [CD, 4B, FF, 07]
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\csrss.exe [568:592] fffff9600085f5e8
Thread C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe [4404:5016] 000007ff3dfa77b0
Thread C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe [4404:5056] 000007ff3dfa77b0
Thread C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe [4404:5060] 000007ff4cc33bc4
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
|
|
26.10.2013, 11:29
| #2 | |
| /// the machine /// TB-Ausbilder    | Windows 8: regelmäßig bluescreens / Defender-Echtzeitschutz nicht aktivierbar hi,
__________________Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ |
|
26.10.2013, 17:10
| #3 |
| | Windows 8: regelmäßig bluescreens / Defender-Echtzeitschutz nicht aktivierbar Danke, daß Du Dich meiner annimmst.
__________________Hier das Combofix-Log: Code:
ATTFilter ComboFix 13-10-26.01 - Admin 26.10.2013 17:30:18.1.4 - x64
Microsoft Windows 8 6.2.9200.0.1252.49.1031.18.3942.2057 [GMT 2:00]
ausgeführt von:: c:\users\Christina\Desktop\ComboFix.exe
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\program files\Lenovo\Lenovo Solution Center\Microsoft Fix it\FixitUi\_desktop.ini
c:\programdata\Lenovo-24170.vbs
c:\programdata\Lenovo-26270.vbs
c:\programdata\Roaming
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-09-26 bis 2013-10-26 ))))))))))))))))))))))))))))))
.
.
2013-10-26 15:43 . 2013-10-26 15:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-26 15:43 . 2013-10-26 15:43 -------- d-----w- c:\users\Christina\AppData\Local\temp
2013-10-26 15:43 . 2013-10-26 15:43 -------- d-----w- c:\users\Admin\AppData\Local\temp
2013-10-26 15:27 . 2013-10-14 07:12 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{43C3E9E3-0CDF-4EB2-A52D-899DB6A7A599}\mpengine.dll
2013-10-24 17:07 . 2013-10-24 17:07 -------- d-----w- c:\program files (x86)\Cisco
2013-10-24 17:07 . 2013-10-24 17:07 -------- d-----w- c:\programdata\Intel.sav
2013-10-16 20:50 . 2013-10-16 20:50 312744 ----a-w- c:\windows\system32\javaws.exe
2013-10-16 20:50 . 2013-10-16 20:50 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-10-16 20:50 . 2013-10-16 20:50 189352 ----a-w- c:\windows\system32\javaw.exe
2013-10-16 20:50 . 2013-10-16 20:50 189352 ----a-w- c:\windows\system32\java.exe
2013-10-16 20:50 . 2013-10-16 20:50 -------- d-----w- c:\program files\Java
2013-10-16 20:49 . 2013-10-16 20:49 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-16 20:49 . 2013-10-16 20:49 -------- d-----w- c:\program files (x86)\Java
2013-10-11 21:25 . 2013-10-11 21:25 -------- d-----w- c:\users\Admin\AppData\Local\Tvsukernel
2013-10-11 21:24 . 2013-10-11 21:24 59816 ----a-r- c:\users\Admin\AppData\Roaming\Microsoft\Installer\{053ACA98-6B07-4DD0-9DB3-F51E3EB1780C}\ARPPRODUCTICON.exe
2013-10-11 21:21 . 2013-10-11 21:24 -------- d-----w- c:\program files\Common Files\Lenovo
2013-10-11 21:21 . 2013-10-11 21:21 53248 ----a-r- c:\users\Admin\AppData\Roaming\Microsoft\Installer\{AD32F5E9-6BDD-480A-8B7B-95571D04691C}\ARPPRODUCTICON.exe
2013-10-11 21:19 . 2009-08-07 07:49 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2013-10-11 21:19 . 2013-03-18 13:18 171248 ----a-w- c:\windows\system32\SynTPCo17.dll
2013-10-11 21:19 . 2013-03-18 13:18 33008 ----a-w- c:\windows\system32\drivers\Smb_driver_Intel.sys
2013-10-11 20:52 . 2013-10-11 20:52 -------- d-----w- c:\users\Default\AppData\Local\Tvsukernel
2013-10-11 20:37 . 2012-12-27 15:01 760032 ----a-w- c:\windows\system32\drivers\Rt630x64.sys
2013-10-11 20:37 . 2012-12-27 15:01 74344 ----a-w- c:\windows\system32\RtNicProp64.dll
2013-10-11 20:24 . 2013-10-26 08:19 -------- d-----w- c:\users\Christina\AppData\Roaming\vlc
2013-10-11 19:51 . 2013-10-11 19:51 -------- d-----w- C:\FRST
2013-10-11 19:35 . 2013-10-11 19:35 -------- d-----w- c:\users\Christina\AppData\Roaming\Malwarebytes
2013-10-11 19:29 . 2013-10-11 20:20 -------- d-----w- c:\program files\VideoLAN
2013-10-10 17:33 . 2013-07-05 22:02 99328 ----a-w- c:\windows\system32\drivers\usbcir.sys
2013-10-09 20:43 . 2013-10-09 20:43 -------- d-----w- c:\users\Admin\AppData\Roaming\Malwarebytes
2013-10-09 20:42 . 2013-10-09 20:42 -------- d-----w- c:\programdata\Malwarebytes
2013-10-09 20:42 . 2013-10-09 20:42 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-10-09 20:42 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-10-08 20:12 . 2013-10-08 20:12 2193136 ----a-w- c:\windows\system32\Netwuw01.dll
2013-10-08 20:12 . 2013-10-08 20:12 3345376 ----a-w- c:\windows\system32\drivers\NETwew00.sys
2013-10-01 18:52 . 2013-10-26 15:21 -------- d-----r- c:\users\Christina\Dropbox
2013-10-01 18:50 . 2013-10-01 18:50 -------- d-----w- c:\users\Admin\AppData\Roaming\Dropbox
2013-10-01 18:48 . 2013-10-26 15:21 -------- d-----w- c:\users\Christina\AppData\Roaming\Dropbox
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-10 19:21 . 2013-04-06 17:10 80541720 ----a-w- c:\windows\system32\MRT.exe
2013-10-02 01:38 . 2012-07-26 08:14 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-02 01:38 . 2012-07-26 08:14 694232 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-18 20:08 . 2013-09-18 20:08 94208 ----a-w- c:\windows\SysWow64\dpl100.dll
2013-09-05 09:12 . 2013-09-05 09:12 66344 ----a-w- c:\windows\system32\ibmpmsvc.exe
2013-09-05 09:12 . 2013-09-05 09:12 60712 ----a-w- c:\windows\system32\ibmpmctl.exe
2013-09-05 09:12 . 2013-09-05 09:12 54528 ----a-w- c:\windows\system32\drivers\ibmpmdrv.sys
2013-09-05 09:12 . 2013-09-05 09:12 40232 ----a-w- c:\windows\system32\tpinspm.dll
2013-09-04 19:58 . 2013-09-23 19:24 965008 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8C6EE43B-23AB-4FDB-87FF-36FB8E6E0F35}\gapaengine.dll
2013-08-28 14:24 . 2013-08-28 14:24 4262128 ----a-w- c:\windows\system32\wlihvui.dll
2013-08-28 14:24 . 2013-08-28 14:24 2351856 ----a-w- c:\windows\system32\iwmssvc.dll
2013-08-26 09:13 . 2013-08-26 09:13 354656 ----a-w- c:\windows\SysWow64\DivXControlPanelApplet.cpl
2013-08-16 05:41 . 2013-09-24 05:29 58200 ----a-w- c:\windows\system32\drivers\dam.sys
2013-08-16 05:39 . 2013-09-24 05:29 2371728 ----a-w- c:\windows\system32\WSService.dll
2013-08-16 05:32 . 2013-09-24 05:29 209200 ----a-w- c:\windows\system32\NotificationUI.exe
2013-08-16 05:22 . 2013-09-24 05:29 4917760 ----a-w- c:\windows\system32\sppsvc.exe
2013-08-16 05:21 . 2013-09-24 05:29 49664 ----a-w- c:\windows\system32\wups.dll
2013-08-16 05:21 . 2013-09-24 05:29 49152 ----a-w- c:\windows\system32\wups2.dll
2013-08-16 05:21 . 2013-09-24 05:29 688640 ----a-w- c:\windows\system32\WSShared.dll
2013-08-16 05:21 . 2013-09-24 05:29 183808 ----a-w- c:\windows\system32\WSSync.dll
2013-08-16 05:21 . 2013-09-24 05:29 204800 ----a-w- c:\windows\system32\WSClient.dll
2013-08-16 05:21 . 2013-09-24 05:29 198656 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.dll
2013-08-16 05:21 . 2013-09-24 05:29 163840 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-08-16 05:21 . 2013-09-24 05:29 1164288 ----a-w- c:\windows\system32\sppobjs.dll
2013-08-16 05:21 . 2013-09-24 05:29 368640 ----a-w- c:\windows\system32\sppwinob.dll
2013-08-16 05:21 . 2013-09-24 05:29 81408 ----a-w- c:\windows\system32\setupcln.dll
2013-08-16 05:21 . 2013-09-24 05:29 120320 ----a-w- c:\windows\system32\sppc.dll
2013-08-16 05:20 . 2013-09-24 05:29 105984 ----a-w- c:\windows\system32\WinSetupUI.dll
2013-08-16 01:07 . 2012-12-15 06:28 160788 ----a-w- C:\DUMP5f17.tmp
2013-08-15 22:43 . 2013-09-24 05:29 20992 ----a-w- c:\windows\SysWow64\wups.dll
2013-08-15 22:43 . 2013-09-24 05:29 562688 ----a-w- c:\windows\SysWow64\WSShared.dll
2013-08-15 22:43 . 2013-09-24 05:29 159232 ----a-w- c:\windows\SysWow64\WSSync.dll
2013-08-15 22:43 . 2013-09-24 05:29 143872 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.dll
2013-08-15 22:43 . 2013-09-24 05:29 167424 ----a-w- c:\windows\SysWow64\WSClient.dll
2013-08-15 22:43 . 2013-09-24 05:29 124928 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-08-15 22:43 . 2013-09-24 05:29 83968 ----a-w- c:\windows\SysWow64\OEMLicense.dll
2013-08-15 22:42 . 2013-09-24 05:29 76800 ----a-w- c:\windows\SysWow64\setupcln.dll
2013-08-15 22:42 . 2013-09-24 05:29 91648 ----a-w- c:\windows\SysWow64\sppc.dll
2013-08-07 05:15 . 2013-09-25 21:32 144896 ----a-w- c:\windows\system32\tssdisai.dll
2013-08-01 11:59 . 2013-04-07 13:29 2775336 ----a-w- c:\windows\system32\drivers\UMDF\PMVUDDRV.dll
2013-08-01 05:42 . 2012-12-15 06:56 20736 ----a-w- c:\windows\system32\drivers\TPPWR64V.SYS
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496]
"Mobile Partner"="c:\program files (x86)\HiSuite\HiSuite.exe" [2013-07-11 583488]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2012-07-19 133440]
"RotateImage"="c:\program files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe" [2012-08-10 64000]
"IntelSBA"="c:\program files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe" [2012-07-12 55560]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"IndexSearch"="c:\program files (x86)\Nuance\PaperPort\IndexSearch.exe" [2010-03-08 46368]
"PaperPort PTD"="c:\program files (x86)\Nuance\PaperPort\pptd40nt.exe" [2010-03-08 29984]
"PPort12reminder"="c:\program files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" [2010-02-09 328992]
"PDFHook"="c:\program files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe" [2010-03-05 636192]
"PDF5 Registry Controller"="c:\program files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe" [2010-03-05 62752]
"ControlCenter4"="c:\program files (x86)\ControlCenter4\BrCcBoot.exe" [2012-09-06 143360]
"BrStsMon00"="c:\program files (x86)\Browny02\Brother\BrStMonW.exe" [2012-06-06 3076096]
"WD Drive Unlocker"="c:\program files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe" [2012-06-13 1688008]
"WD Quick View"="c:\program files (x86)\Western Digital\WD Quick View\WDDMStatus.exe" [2013-08-14 5537136]
"PWMTRV"="c:\progra~2\ThinkPad\UTILIT~1\PWMTR64V.DLL" [2013-08-01 6618920]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-08-29 1861968]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
R2 DirMngr;DirMngr;c:\program files (x86)\GNU\GnuPG\dirmngr.exe;c:\program files (x86)\GNU\GnuPG\dirmngr.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AMPPALP;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed Protokoll;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 AVControlCenter;AVControlCenter;c:\program files\Lenovo\Communications Utility\AVControlCenter32.exe;c:\program files\Lenovo\Communications Utility\AVControlCenter32.exe [x]
R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files (x86)\Browny02\BrYNSvc.exe [x]
R3 BthLEEnum;Treiber für energiearme Bluetooth-Geräte;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 LENOVO.CAMMUTE;Lenovo AVFramework Camera Privacy Controller;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [x]
R3 LENOVO.TPKNRSVC;Lenovo AVFramework Microphone Volume Controller and Dolby Interface;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [x]
R3 LENOVO.TVTVCAM;Lenovo AVFramework Virtual Camera Controller Service;c:\program files\Lenovo\Communications Utility\vcamsvc.exe;c:\program files\Lenovo\Communications Utility\vcamsvc.exe [x]
R3 LSCWinService;LSCWinService;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
R3 SWIX64;SWIX64;c:\program files (x86)\Lenovo\System Update\tvsuhd64.sys;c:\program files (x86)\Lenovo\System Update\tvsuhd64.sys [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\System32\drivers\wdcsam64.sys;c:\windows\SYSNATIVE\drivers\wdcsam64.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys;c:\windows\SYSNATIVE\DRIVERS\ApsHM64.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
S2 FPLService;TrueSuiteService;c:\program files\Lenovo Fingerprint Reader\TrueSuiteService.exe;c:\program files\Lenovo Fingerprint Reader\TrueSuiteService.exe [x]
S2 HiSuiteOuc64.exe;HiSuiteOuc64.exe;c:\programdata\HiSuiteOuc\HiSuiteOuc64.exe;c:\programdata\HiSuiteOuc\HiSuiteOuc64.exe [x]
S2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe;c:\programdata\HandSetService\HuaweiHiSuiteService64.exe;c:\programdata\HandSetService\HuaweiHiSuiteService64.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 intelsba;Intel(R) Small Business Advantage;c:\program files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe;c:\program files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 Lenovo Settings Service;Lenovo Settings Service;c:\program files\Lenovo\SettingsDependency\SettingsService.exe;c:\program files\Lenovo\SettingsDependency\SettingsService.exe [x]
S2 Lenovo System Agent Service;Lenovo System Agent Service;c:\program files\lenovo\SystemAgent\SystemAgentService.exe;c:\program files\lenovo\SystemAgent\SystemAgentService.exe [x]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [x]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [x]
S2 LnvHotSpotSvc;LnvMHService;c:\program files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe;c:\program files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [x]
S2 LocationTaskManager;Location Task Manager;c:\program files (x86)\Lenovo\LocationAware\loctaskmgr.exe;c:\program files (x86)\Lenovo\LocationAware\loctaskmgr.exe [x]
S2 NitroDriverReadSpool2;NitroPDFDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe;c:\program files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [x]
S2 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [x]
S2 SAService;Conexant SmartAudio service;c:\windows\system32\SAsrv.exe;c:\windows\SYSNATIVE\SAsrv.exe [x]
S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 WDBackup;WD Backup;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [x]
S2 WDDriveService;WD Drive Manager;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AMPPAL;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed - Virtueller Adapter;c:\windows\System32\drivers\AMPPAL.sys;c:\windows\SYSNATIVE\drivers\AMPPAL.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\System32\drivers\iwdbus.sys;c:\windows\SYSNATIVE\drivers\iwdbus.sys [x]
S3 NETwNe64;Intel(R) Wireless WiFi Link der Serie 5000 Adaptertreiber für Windows 8 64-Bit;c:\windows\system32\DRIVERS\NETwew00.sys;c:\windows\SYSNATIVE\DRIVERS\NETwew00.sys [x]
S3 Power Manager DBC Service;Lenovo Settings Power Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [x]
S3 RCUVCAVS;Ricoh UVC AVStream driver;c:\windows\system32\DRIVERS\RCUVCAVS.sys;c:\windows\SYSNATIVE\DRIVERS\RCUVCAVS.sys [x]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsP2Stor.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 TrueService;TrueAPI Service component;c:\program files\Common Files\AuthenTec\TrueService.exe;c:\program files\Common Files\AuthenTec\TrueService.exe [x]
S3 usb3Hub;USB-IF USB 3.0 Hub;c:\windows\System32\drivers\usb3Hub.sys;c:\windows\SYSNATIVE\drivers\usb3Hub.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S3 XHCIPort;USB-IF xHCI USB Host Controller;c:\windows\System32\drivers\XHCIPort.sys;c:\windows\SYSNATIVE\drivers\XHCIPort.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2013-09-05 14:04 215416 ----a-w- c:\program files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll
.
Inhalt des "geplante Tasks" Ordners
.
2013-10-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-06 20:38]
.
2013-10-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-11 09:39]
.
2013-10-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-11 09:39]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Christina\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Christina\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Christina\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Christina\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-27 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-27 441152]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2012-06-14 887968]
"ForteConfig"="c:\program files\Conexant\ForteConfig\fmapp.exe" [2010-10-26 49056]
"TpShocks"="TpShocks.exe" [2012-08-24 222720]
"LnvMobHotspotClient"="c:\program files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe" [2013-06-25 937976]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2013-07-04 593408]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2012-08-27 11577216]
"LenovoOptMouseUpdate"="c:\program files\Lenovo\HOTKEY\extapsup.exe" [2013-06-20 255480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"*WerKernelReporting"="c:\windows\SYSTEM32\WerFault.exe" [2013-07-09 439488]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://lenovo13-comm.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Citavi Picker... - file://c:\programdata\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html
IE: An Bluetooth senden - c:\program files (x86)\Intel\Bluetooth\btSendToObject.htm
IE: Mit PDF Viewer Plus öffnen - c:\program files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ouawb4lu.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
c:\users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - c:\users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2013-10-26 18:01:01
ComboFix-quarantined-files.txt 2013-10-26 16:00
.
Vor Suchlauf: 17 Verzeichnis(se), 236.501.024.768 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 237.957.095.424 Bytes frei
.
- - End Of File - - 477DC02FBA0FE5BC72F741664939A6D4
Vielleicht ist noch von Interesse, daß, als das Combofix-Log erschienen ist und ich es geschlossen habe, alles weg war, Desktop, Taskleiste etc. Ich habe dann den Stecker gezogen... Achja, der Echtzeitschutz ist inzwischen auch wieder möglich. Für Combofix habe ich ihn aber natürlich deaktiviert. Warum im Log oben "enabled" steht, verstehe ich nicht. |
|
27.10.2013, 07:28
| #4 |
| /// the machine /// TB-Ausbilder | Windows 8: regelmäßig bluescreens / Defender-Echtzeitschutz nicht aktivierbar Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.10.2013, 12:18
| #5 |
| | Windows 8: regelmäßig bluescreens / Defender-Echtzeitschutz nicht aktivierbar MBAM hat nichts gefunden: Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.10.27.02 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16721 Christina :: LENOVO-PC [limitiert] 27.10.2013 11:45:55 mbam-log-2013-10-27 (11-45-55).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 160061 Laufzeit: 3 Minute(n), 2 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter # AdwCleaner v3.010 - Bericht erstellt am 27/10/2013 um 11:52:06
# Updated 20/10/2013 von Xplode
# Betriebssystem : Windows 8 (64 bits)
# Benutzername : Admin - LENOVO-PC
# Gestartet von : C:\Users\Christina\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Conduit
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16537
-\\ Mozilla Firefox v24.0 (de)
[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ouawb4lu.default\prefs.js ]
[ Datei : C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [971 octets] - [27/10/2013 11:49:57]
AdwCleaner[S0].txt - [845 octets] - [27/10/2013 11:52:06]
########## EOF - \AdwCleaner\AdwCleaner[S0].txt - [904 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 8 x64
Ran by Christina on 27.10.2013 at 12:04:09,31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Christina\AppData\Roaming\mozilla\firefox\profiles\61prv1k0.default\minidumps [35 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.10.2013 at 12:07:38,24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-10-2013 01
Ran by Christina (ATTENTION: The logged in user is not administrator) on LENOVO-PC on 27-10-2013 12:16:13
Running from C:\Users\Christina\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Lenovo Group Limited) C:\PROGRA~1\Lenovo\HOTKEY\MKRMSG.EXE
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\x64\avfulsvr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Dropbox, Inc.) C:\Users\Christina\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Western Digital) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink Corp.) C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Dolby Laboratories Inc.) c:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
() C:\Program Files\Lenovo Fingerprint Reader\x86\IEWebSiteLogon.exe
(AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\TouchControl.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-14] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] - C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [TpShocks] - C:\Windows\system32\TpShocks.exe [222720 2012-08-24] (Lenovo.)
HKLM\...\Run: [LnvMobHotspotClient] - C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [937976 2013-06-25] (Lenovo)
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [593408 2013-07-04] (Lenovo Corporation)
HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [LenovoOptMouseUpdate] - C:\Program Files\Lenovo\HOTKEY\extapsup.exe [255480 2013-06-20] (Lenovo Group Limited)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-04-24] (Synaptics Incorporated)
HKLM\...\RunOnce: [*WerKernelReporting] - %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [439488 2013-07-09] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
MountPoints2: {03349f90-fa08-11e2-be9f-6036dd7e786c} - "E:\autorun.exe"
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)
HKLM-x32\...\Run: [RotateImage] - C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [64000 2012-08-10] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [IntelSBA] - C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe [4267784 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IndexSearch] - C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] - C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] - C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini [333 2013-04-06] ()
HKLM-x32\...\Run: [PDFHook] - C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] - C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] - C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [WD Drive Unlocker] - C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-06-13] (Western Digital)
HKLM-x32\...\Run: [WD Quick View] - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5537136 2013-08-14] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [PWMTRV] - C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL [6618920 2013-08-01] (Lenovo Group Limited)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Startup: C:\Users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Christina\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13-comm.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {63A968EE-78D4-48FA-97B8-EEC590270981} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM - {63A968EE-78D4-48FA-97B8-EEC590270981} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM-x32 - {63A968EE-78D4-48FA-97B8-EEC590270981} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKCU - {63A968EE-78D4-48FA-97B8-EEC590270981} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: TrueSuite Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\Lenovo Fingerprint Reader\IEBHO.DLL (AuthenTec Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: SwissAcademic.Citavi.Picker.IEPicker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\Lenovo Fingerprint Reader\x86\IEBHO.dll (AuthenTec Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @authentec.com/ffwloplugin - C:\Program Files\Lenovo Fingerprint Reader\npffwloplugin.dll (AuthenTec, Inc)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\searchplugins\leo-eng-deu-v20.xml
FF SearchPlugin: C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\searchplugins\startpage-https---deutsch.xml
FF SearchPlugin: C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\searchplugins\youtube-videosuche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: HTTPS-Everywhere - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\Extensions\https-everywhere@eff.org
FF Extension: Password Hasher - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\Extensions\passhash@mozilla.wijjo.com
FF Extension: WOT - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: 2.0 - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\Extensions\2.0@disconnect.me.xpi
FF Extension: contextMenuExtension - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\Extensions\contextMenuExtension@leo.org.xpi
FF Extension: firefox - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\Extensions\firefox@ghostery.com.xpi
FF Extension: defaults - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\Extensions\{6bdc61ae-7b80-44a3-9476-e1d121ec2238}.xpi
FF Extension: Adblock Plus - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: dta - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
Chrome:
=======
CHR Extension: (Docs) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Website Logon) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\iokmdlapebooifaijckgcmncjdpojmjl\6.0.200_0
CHR Extension: (Gmail) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [iokmdlapebooifaijckgcmncjdpojmjl] - C:\Program Files\Lenovo Fingerprint Reader\x86\tschrome.crx
==================== Services (Whitelisted) =================
R3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [565760 2013-07-04] (Lenovo Corporation)
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2012-12-29] (IvoSoft)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [218112 2013-05-28] ()
R2 FPLService; C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe [2139496 2012-08-31] (AuthenTec, Inc)
R2 HiSuiteOuc64.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe [137024 2013-07-11] ()
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [197632 2013-05-02] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 intelsba; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [47368 2012-07-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-05] (Intel Corporation)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2044408 2013-07-17] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [579400 2013-02-08] (LENOVO INCORPORATED.)
R3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [687104 2013-07-04] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
R2 lmhosts; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [468984 2013-06-25] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [465912 2013-06-21] ()
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1674720 2013-09-25] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-07-31] (Nitro PDF Software)
R2 NlaSvc; C:\Windows\System32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-08] (Nuance Communications, Inc.)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22888 2013-09-17] ()
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2013-08-14] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270704 2013-08-14] (Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [121728 2012-08-27] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
S3 pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [19032 2013-03-07] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [9584 2013-03-07] ()
R3 RCUVCAVS; C:\Windows\system32\DRIVERS\RCUVCAVS.sys [149632 2012-10-22] (Ricoh co.,Ltd.)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288480 2012-12-13] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-03-18] (Synaptics Incorporated)
S3 SWIX64; C:\Program Files (x86)\Lenovo\System Update\tvsuhd64.sys [33856 2012-09-12] (Lenovo Group Limited)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-27 12:12 - 2013-10-27 12:12 - 00000094 _____ C:\Users\Christina\Desktop\prob2.txt
2013-10-27 12:07 - 2013-10-27 12:07 - 00000827 _____ C:\Users\Christina\Desktop\JRT.txt
2013-10-27 12:04 - 2013-10-27 12:04 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-27 11:59 - 2013-10-27 11:52 - 00000981 _____ C:\Users\Christina\Desktop\AdwCleaner[S0].txt
2013-10-27 11:53 - 2013-10-27 11:53 - 00000022 _____ C:\WINDOWS\S.dirmngr
2013-10-27 11:49 - 2013-10-27 11:52 - 00000000 ____D C:\AdwCleaner
2013-10-27 11:39 - 2013-10-27 11:39 - 01060070 _____ C:\Users\Christina\Desktop\adwcleaner.exe
2013-10-27 11:39 - 2013-10-27 11:39 - 01033335 _____ (Thisisu) C:\Users\Christina\Desktop\JRT.exe
2013-10-27 11:35 - 2013-10-27 11:35 - 01956160 _____ (Farbar) C:\Users\Christina\Desktop\FRST64.exe
2013-10-26 17:29 - 2013-10-26 17:31 - 00000000 ____D C:\Users\Christina\Desktop\IOT für GoGear
2013-10-26 17:01 - 2013-10-26 17:01 - 00026387 _____ C:\ComboFix.txt
2013-10-26 16:28 - 2013-10-26 17:01 - 00000000 ____D C:\Qoobox
2013-10-26 16:28 - 2013-10-26 16:55 - 00000000 ____D C:\WINDOWS\erdnt
2013-10-26 16:28 - 2011-06-26 07:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2013-10-26 16:28 - 2010-11-07 18:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2013-10-26 16:28 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2013-10-26 16:28 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2013-10-26 16:28 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2013-10-26 16:28 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2013-10-26 16:28 - 2000-08-31 01:00 - 00098816 _____ C:\WINDOWS\sed.exe
2013-10-26 16:28 - 2000-08-31 01:00 - 00080412 _____ C:\WINDOWS\grep.exe
2013-10-26 16:28 - 2000-08-31 01:00 - 00068096 _____ C:\WINDOWS\zip.exe
2013-10-26 16:23 - 2013-10-26 16:23 - 05136694 ____R (Swearware) C:\Users\Christina\Desktop\ComboFix.exe
2013-10-26 09:34 - 2013-10-26 09:34 - 00013941 _____ C:\Users\Christina\Desktop\gmer.log
2013-10-26 09:30 - 2013-10-26 09:34 - 00000160 _____ C:\Users\Christina\Desktop\prob.txt
2013-10-25 17:46 - 2013-10-25 17:46 - 00000016 ____H C:\Users\Christina\SyncToy_fa86564d-a98c-4d6f-bda2-df058a0b7606.dat
2013-10-24 18:07 - 2013-10-24 18:07 - 00000000 ____D C:\ProgramData\Intel.sav
2013-10-24 18:07 - 2013-10-24 18:07 - 00000000 ____D C:\Program Files (x86)\Cisco
2013-10-16 21:50 - 2013-10-16 21:50 - 00312744 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-10-16 21:50 - 2013-10-16 21:50 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-10-16 21:50 - 2013-10-16 21:50 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-10-16 21:50 - 2013-10-16 21:50 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2013-10-16 21:50 - 2013-10-16 21:50 - 00000000 ____D C:\Program Files\Java
2013-10-16 21:49 - 2013-10-16 21:49 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2013-10-16 21:49 - 2013-10-16 21:49 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2013-10-16 21:49 - 2013-10-16 21:49 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2013-10-16 21:49 - 2013-10-16 21:49 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2013-10-16 21:49 - 2013-10-16 21:49 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-13 20:57 - 2013-10-13 20:57 - 00001273 _____ C:\Users\Christina\Desktop\MediathekView - Verknüpfung.lnk
2013-10-11 22:26 - 2013-10-11 22:26 - 00000959 _____ C:\Users\Christina\Desktop\calibre.lnk
2013-10-11 22:24 - 2013-10-11 22:24 - 00000030 _____ C:\WINDOWS\success64.log
2013-10-11 22:21 - 2013-10-11 22:24 - 00000000 ____D C:\Program Files\Common Files\Lenovo
2013-10-11 22:19 - 2013-03-18 14:18 - 00171248 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo17.dll
2013-10-11 22:19 - 2013-03-18 14:18 - 00033008 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2013-10-11 22:19 - 2009-08-07 08:49 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2013-10-11 22:06 - 2013-10-11 22:07 - 00711376 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-11 21:52 - 2013-10-11 21:52 - 00000000 ____D C:\Users\Default\AppData\Local\Tvsukernel
2013-10-11 21:52 - 2013-10-11 21:52 - 00000000 ____D C:\Users\Default User\AppData\Local\Tvsukernel
2013-10-11 21:37 - 2012-12-27 16:01 - 00760032 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2013-10-11 21:37 - 2012-12-27 16:01 - 00074344 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2013-10-11 21:24 - 2013-10-26 22:39 - 00000000 ____D C:\Users\Christina\AppData\Roaming\vlc
2013-10-11 21:16 - 2013-07-16 15:38 - 00002149 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DesktopToastsForCriticalUpdates.lnk
2013-10-11 21:16 - 2013-07-16 15:38 - 00002149 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DesktopToastsForCriticalUpdates.lnk
2013-10-11 20:51 - 2013-10-11 20:51 - 00000000 ____D C:\FRST
2013-10-11 20:50 - 2013-10-26 09:03 - 00000472 _____ C:\Users\Christina\Desktop\defogger_disable.log
2013-10-11 20:50 - 2013-10-11 20:50 - 00000000 _____ C:\Users\Admin\defogger_reenable
2013-10-11 20:40 - 2013-10-11 20:41 - 00050477 _____ C:\Users\Christina\Desktop\Defogger.exe
2013-10-11 20:40 - 2013-10-11 20:40 - 00377856 _____ C:\Users\Christina\Desktop\gmer_2.1.19163.exe
2013-10-11 20:37 - 2013-09-14 02:15 - 00059416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2013-10-11 20:37 - 2013-09-13 23:36 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2013-10-11 20:37 - 2013-09-13 23:36 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ubpm.dll
2013-10-11 20:37 - 2013-09-13 23:36 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2013-10-11 20:37 - 2013-09-13 23:36 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2013-10-11 20:37 - 2013-09-13 23:36 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2013-10-11 20:37 - 2013-09-13 23:34 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2013-10-11 20:37 - 2013-09-13 23:33 - 03279360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2013-10-11 20:37 - 2013-09-13 23:33 - 01622016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2013-10-11 20:37 - 2013-09-13 23:33 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2013-10-11 20:37 - 2013-09-13 23:33 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2013-10-11 20:37 - 2013-09-13 23:33 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2013-10-11 20:37 - 2013-09-13 23:33 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2013-10-11 20:37 - 2013-09-13 23:33 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2013-10-11 20:37 - 2013-09-13 23:33 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2013-10-11 20:37 - 2013-08-30 06:43 - 00061784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2013-10-11 20:37 - 2013-08-30 06:20 - 01173504 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2013-10-11 20:37 - 2013-08-30 00:48 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2013-10-11 20:37 - 2013-08-21 07:39 - 00465240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2013-10-11 20:37 - 2013-08-10 07:30 - 00151896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2013-10-11 20:37 - 2013-08-10 06:21 - 00817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2013-10-11 20:37 - 2013-08-10 04:58 - 00656896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2013-10-11 20:37 - 2013-07-25 00:10 - 10799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2013-10-11 20:37 - 2013-07-25 00:07 - 13661696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2013-10-11 20:37 - 2013-07-12 02:38 - 00599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2013-10-11 20:37 - 2013-07-12 02:30 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2013-10-11 20:35 - 2013-10-11 20:35 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Malwarebytes
2013-10-11 20:29 - 2013-10-11 21:20 - 00000000 ____D C:\Program Files\VideoLAN
2013-10-10 18:34 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-10-10 18:34 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-10-10 18:34 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-10-10 18:34 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-10-10 18:34 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-10-10 18:34 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-10-10 18:34 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2013-10-10 18:34 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2013-10-10 18:34 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-10-10 18:34 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-10-10 18:34 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-10-10 18:34 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-10-10 18:34 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-10-10 18:34 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-10-10 18:34 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-10-10 18:34 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2013-10-10 18:34 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2013-10-10 18:34 - 2013-07-06 01:15 - 00652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2013-10-10 18:34 - 2013-07-04 03:13 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2013-10-10 18:34 - 2013-05-15 23:37 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2013-10-10 18:34 - 2013-05-15 23:35 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2013-10-10 18:34 - 2013-05-14 14:14 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2013-10-10 18:34 - 2013-05-14 10:23 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2013-10-10 18:34 - 2013-04-28 23:28 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2013-10-10 18:34 - 2013-02-21 11:29 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2013-10-10 18:34 - 2013-02-21 11:29 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2013-10-10 18:34 - 2013-02-21 11:29 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2013-10-10 18:34 - 2013-02-21 11:29 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2013-10-10 18:34 - 2013-02-21 11:14 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2013-10-10 18:34 - 2013-02-21 11:14 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2013-10-10 18:34 - 2013-02-19 10:53 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2013-10-10 18:34 - 2012-11-08 05:20 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2013-10-10 18:34 - 2012-11-08 05:20 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2013-10-10 18:33 - 2013-08-23 06:11 - 04040192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-10-10 18:33 - 2013-07-19 23:13 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 18:33 - 2013-07-19 23:13 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 18:33 - 2013-07-05 23:02 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbcir.sys
2013-10-10 18:33 - 2013-07-05 23:01 - 00210560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2013-10-10 18:33 - 2013-07-02 02:41 - 00447320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2013-10-10 18:33 - 2013-07-02 02:41 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-10-10 18:33 - 2013-07-02 02:41 - 00213336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2013-10-10 18:33 - 2013-07-01 23:14 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbprint.sys
2013-10-10 18:33 - 2013-07-01 02:42 - 00623448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2013-10-10 18:33 - 2013-07-01 02:42 - 00498008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2013-10-10 18:33 - 2013-07-01 02:42 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2013-10-10 18:33 - 2013-07-01 02:42 - 00021848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2013-10-10 18:33 - 2013-06-29 04:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2013-10-10 18:33 - 2013-06-29 04:07 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2013-10-10 18:33 - 2013-06-29 04:07 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2013-10-10 18:33 - 2013-06-29 04:06 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2013-10-10 18:33 - 2013-06-22 06:45 - 00785624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2013-10-10 18:33 - 2013-06-22 06:45 - 00054488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2013-10-10 18:33 - 2013-05-27 00:17 - 00035328 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2013-10-10 18:33 - 2013-05-26 23:59 - 00046080 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2013-10-10 18:33 - 2013-05-25 04:15 - 00362496 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2013-10-10 18:33 - 2013-05-25 03:32 - 00300032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2013-10-09 21:42 - 2013-10-09 21:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-09 21:42 - 2013-10-09 21:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-09 21:42 - 2013-04-04 13:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-10-08 21:12 - 2013-10-08 21:12 - 06199000 _____ C:\WINDOWS\system32\Drivers\Netwfw00.dat
2013-10-08 21:12 - 2013-10-08 21:12 - 03345376 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\NETwew00.sys
2013-10-08 21:12 - 2013-10-08 21:12 - 02193136 _____ (Intel Corporation) C:\WINDOWS\system32\Netwuw01.dll
2013-10-01 19:52 - 2013-10-27 11:54 - 00000000 ___RD C:\Users\Christina\Dropbox
2013-10-01 19:52 - 2013-10-14 19:46 - 00001042 _____ C:\Users\Christina\Desktop\Dropbox.lnk
2013-10-01 19:50 - 2013-10-14 19:46 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-10-01 19:48 - 2013-10-27 12:03 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Dropbox
2013-09-28 23:03 - 2013-08-10 06:21 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2013-09-28 23:03 - 2013-08-10 06:21 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncInfo.dll
2013-09-28 23:03 - 2013-08-10 04:58 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2013-09-28 23:03 - 2013-08-03 07:40 - 01374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2013-09-28 23:03 - 2013-08-03 07:40 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2013-09-28 23:03 - 2013-08-03 07:40 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx
2013-09-28 23:03 - 2013-08-03 06:14 - 00399360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2013-09-28 23:03 - 2013-08-03 06:13 - 01245696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2013-09-28 23:03 - 2013-08-03 06:13 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2013-09-28 23:03 - 2013-08-02 07:28 - 19758080 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2013-09-28 23:03 - 2013-08-02 07:28 - 10116608 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-09-28 23:03 - 2013-08-02 07:28 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2013-09-28 23:03 - 2013-08-02 07:26 - 02304512 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2013-09-28 23:03 - 2013-08-02 06:08 - 17561088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2013-09-28 23:03 - 2013-08-02 06:08 - 08858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-09-28 23:03 - 2013-08-02 06:08 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2013-09-28 23:03 - 2013-08-02 06:06 - 02035712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2013-09-28 23:03 - 2013-08-01 11:41 - 02233688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2013-09-28 23:03 - 2013-07-31 00:30 - 00386923 _____ C:\WINDOWS\system32\ApnDatabase.xml
2013-09-28 23:03 - 2013-07-25 00:10 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2013-09-28 23:03 - 2013-07-25 00:06 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2013-09-28 23:03 - 2013-04-10 00:17 - 01125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2013-09-28 23:03 - 2013-04-09 23:29 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2013-09-27 22:35 - 2013-09-27 22:35 - 00000000 ____D C:\Users\Christina\Downloads\tools_v6.0.7
==================== One Month Modified Files and Folders =======
2013-10-27 12:15 - 2012-12-15 16:27 - 00753134 _____ C:\WINDOWS\system32\perfh007.dat
2013-10-27 12:15 - 2012-12-15 16:27 - 00155826 _____ C:\WINDOWS\system32\perfc007.dat
2013-10-27 12:15 - 2012-07-26 08:28 - 01745416 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-10-27 12:13 - 2012-12-15 07:48 - 01181008 _____ C:\WINDOWS\WindowsUpdate.log
2013-10-27 12:12 - 2013-10-27 12:12 - 00000094 _____ C:\Users\Christina\Desktop\prob2.txt
2013-10-27 12:08 - 2013-06-11 10:39 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-27 12:07 - 2013-10-27 12:07 - 00000827 _____ C:\Users\Christina\Desktop\JRT.txt
2013-10-27 12:05 - 2013-06-11 10:39 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-27 12:04 - 2013-10-27 12:04 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-27 12:03 - 2013-10-01 19:48 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Dropbox
2013-10-27 12:02 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\system32\sru
2013-10-27 11:56 - 2013-04-06 12:22 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Nitro PDF
2013-10-27 11:55 - 2013-04-11 14:28 - 00000000 ____D C:\Users\Christina\AppData\Local\CrashDumps
2013-10-27 11:54 - 2013-10-01 19:52 - 00000000 ___RD C:\Users\Christina\Dropbox
2013-10-27 11:53 - 2013-10-27 11:53 - 00000022 _____ C:\WINDOWS\S.dirmngr
2013-10-27 11:53 - 2013-04-27 13:15 - 00008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2013-10-27 11:53 - 2012-07-26 08:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-10-27 11:52 - 2013-10-27 11:59 - 00000981 _____ C:\Users\Christina\Desktop\AdwCleaner[S0].txt
2013-10-27 11:52 - 2013-10-27 11:49 - 00000000 ____D C:\AdwCleaner
2013-10-27 11:39 - 2013-10-27 11:39 - 01060070 _____ C:\Users\Christina\Desktop\adwcleaner.exe
2013-10-27 11:39 - 2013-10-27 11:39 - 01033335 _____ (Thisisu) C:\Users\Christina\Desktop\JRT.exe
2013-10-27 11:37 - 2013-04-06 18:09 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-10-27 11:35 - 2013-10-27 11:35 - 01956160 _____ (Farbar) C:\Users\Christina\Desktop\FRST64.exe
2013-10-26 22:39 - 2013-10-11 21:24 - 00000000 ____D C:\Users\Christina\AppData\Roaming\vlc
2013-10-26 17:45 - 2013-04-06 12:19 - 00000000 ___RD C:\Users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-26 17:31 - 2013-10-26 17:29 - 00000000 ____D C:\Users\Christina\Desktop\IOT für GoGear
2013-10-26 17:05 - 2012-10-10 00:08 - 00723324 _____ C:\WINDOWS\PFRO.log
2013-10-26 17:01 - 2013-10-26 17:01 - 00026387 _____ C:\ComboFix.txt
2013-10-26 17:01 - 2013-10-26 16:28 - 00000000 ____D C:\Qoobox
2013-10-26 16:55 - 2013-10-26 16:28 - 00000000 ____D C:\WINDOWS\erdnt
2013-10-26 16:44 - 2012-07-26 06:26 - 00000215 _____ C:\WINDOWS\system.ini
2013-10-26 16:23 - 2013-10-26 16:23 - 05136694 ____R (Swearware) C:\Users\Christina\Desktop\ComboFix.exe
2013-10-26 10:40 - 2013-04-15 07:45 - 743963496 _____ C:\WINDOWS\MEMORY.DMP
2013-10-26 10:26 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-10-26 09:34 - 2013-10-26 09:34 - 00013941 _____ C:\Users\Christina\Desktop\gmer.log
2013-10-26 09:34 - 2013-10-26 09:30 - 00000160 _____ C:\Users\Christina\Desktop\prob.txt
2013-10-26 09:28 - 2013-04-15 07:45 - 00000000 ____D C:\WINDOWS\Minidump
2013-10-26 09:25 - 2013-04-08 16:22 - 00000192 _____ C:\Users\Christina\AppData\Local\RegisteredPackageInformation.xml
2013-10-26 09:16 - 2013-04-27 11:54 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Mp3tag
2013-10-26 09:03 - 2013-10-11 20:50 - 00000472 _____ C:\Users\Christina\Desktop\defogger_disable.log
2013-10-26 08:39 - 2013-04-06 12:18 - 00000000 ____D C:\Users\Christina
2013-10-25 17:46 - 2013-10-25 17:46 - 00000016 ____H C:\Users\Christina\SyncToy_fa86564d-a98c-4d6f-bda2-df058a0b7606.dat
2013-10-25 16:32 - 2013-04-06 17:16 - 00000000 ____D C:\Users\Admin
2013-10-24 21:16 - 2012-12-15 07:35 - 00000000 ____D C:\Intel
2013-10-24 19:42 - 2013-04-11 11:35 - 00000000 ____D C:\Users\Christina\Documents\Calibre Bibliothek
2013-10-24 19:41 - 2013-09-25 22:56 - 00000000 ____D C:\Program Files\Calibre2
2013-10-24 18:09 - 2013-04-27 13:11 - 00000000 ____D C:\ProgramData\Package Cache
2013-10-24 18:09 - 2012-12-15 07:35 - 00000000 ____D C:\Program Files\Intel
2013-10-24 18:08 - 2012-12-15 07:35 - 00000000 ____D C:\ProgramData\Intel
2013-10-24 18:07 - 2013-10-24 18:07 - 00000000 ____D C:\ProgramData\Intel.sav
2013-10-24 18:07 - 2013-10-24 18:07 - 00000000 ____D C:\Program Files (x86)\Cisco
2013-10-24 18:07 - 2012-12-15 07:36 - 00000000 ____D C:\Program Files\Common Files\Intel
2013-10-24 18:07 - 2012-12-15 07:35 - 00000000 ____D C:\Program Files (x86)\Intel
2013-10-24 17:56 - 2013-04-06 13:40 - 00000000 ____D C:\Users\Christina\AppData\Local\Lenovo
2013-10-17 21:01 - 2013-04-06 12:40 - 00000000 ____D C:\Users\Christina\Documents\Referendariat
2013-10-16 21:50 - 2013-10-16 21:50 - 00312744 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-10-16 21:50 - 2013-10-16 21:50 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-10-16 21:50 - 2013-10-16 21:50 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-10-16 21:50 - 2013-10-16 21:50 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2013-10-16 21:50 - 2013-10-16 21:50 - 00000000 ____D C:\Program Files\Java
2013-10-16 21:50 - 2013-09-24 06:31 - 00000000 ____D C:\ProgramData\Oracle
2013-10-16 21:49 - 2013-10-16 21:49 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2013-10-16 21:49 - 2013-10-16 21:49 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2013-10-16 21:49 - 2013-10-16 21:49 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2013-10-16 21:49 - 2013-10-16 21:49 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2013-10-16 21:49 - 2013-10-16 21:49 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-15 17:31 - 2013-04-06 17:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-14 21:14 - 2012-07-26 08:21 - 00048764 _____ C:\WINDOWS\setupact.log
2013-10-14 19:46 - 2013-10-01 19:52 - 00001042 _____ C:\Users\Christina\Desktop\Dropbox.lnk
2013-10-14 19:46 - 2013-10-01 19:50 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-10-13 21:19 - 2013-08-07 17:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-13 21:19 - 2013-04-06 17:42 - 00002101 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2013-10-13 20:57 - 2013-10-13 20:57 - 00001273 _____ C:\Users\Christina\Desktop\MediathekView - Verknüpfung.lnk
2013-10-12 19:38 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\rescache
2013-10-11 22:51 - 2013-04-27 12:55 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2013-10-11 22:26 - 2013-10-11 22:26 - 00000959 _____ C:\Users\Christina\Desktop\calibre.lnk
2013-10-11 22:24 - 2013-10-11 22:24 - 00000030 _____ C:\WINDOWS\success64.log
2013-10-11 22:24 - 2013-10-11 22:21 - 00000000 ____D C:\Program Files\Common Files\Lenovo
2013-10-11 22:20 - 2012-12-15 07:59 - 00001422 _____ C:\WINDOWS\Synaptics.log
2013-10-11 22:20 - 2012-12-15 07:33 - 00099908 _____ C:\WINDOWS\DPINST.LOG
2013-10-11 22:07 - 2013-10-11 22:06 - 00711376 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-11 21:52 - 2013-10-11 21:52 - 00000000 ____D C:\Users\Default\AppData\Local\Tvsukernel
2013-10-11 21:52 - 2013-10-11 21:52 - 00000000 ____D C:\Users\Default User\AppData\Local\Tvsukernel
2013-10-11 21:43 - 2012-12-15 07:47 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2013-10-11 21:41 - 2012-07-26 09:12 - 00000000 __RSD C:\WINDOWS\Media
2013-10-11 21:38 - 2013-07-24 21:06 - 00000000 ____D C:\Users\Christina\AppData\Roaming\LSC
2013-10-11 21:37 - 2012-12-15 07:36 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-10-11 21:34 - 2013-05-06 14:24 - 00000000 ____D C:\ldiag
2013-10-11 21:33 - 2012-12-15 07:36 - 00000000 ____D C:\Program Files\Lenovo
2013-10-11 21:20 - 2013-10-11 20:29 - 00000000 ____D C:\Program Files\VideoLAN
2013-10-11 21:18 - 2012-12-15 00:06 - 00000000 ____D C:\ProgramData\Lenovo
2013-10-11 21:15 - 2012-12-15 07:36 - 00000000 ____D C:\Program Files (x86)\Lenovo
2013-10-11 21:03 - 2013-04-06 11:22 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-10-11 20:51 - 2013-10-11 20:51 - 00000000 ____D C:\FRST
2013-10-11 20:50 - 2013-10-11 20:50 - 00000000 _____ C:\Users\Admin\defogger_reenable
2013-10-11 20:43 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\WinStore
2013-10-11 20:41 - 2013-10-11 20:40 - 00050477 _____ C:\Users\Christina\Desktop\Defogger.exe
2013-10-11 20:40 - 2013-10-11 20:40 - 00377856 _____ C:\Users\Christina\Desktop\gmer_2.1.19163.exe
2013-10-11 20:35 - 2013-10-11 20:35 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Malwarebytes
2013-10-11 18:02 - 2013-04-06 22:25 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-11 18:01 - 2013-04-06 22:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-10 21:18 - 2013-05-05 13:29 - 00000000 ____D C:\Users\Christina\Downloads\Cut
2013-10-10 21:17 - 2013-05-05 14:11 - 00000000 ____D C:\Users\Christina\Downloads\CutOriginale
2013-10-10 21:17 - 2013-05-05 13:18 - 00000000 ____D C:\Users\Christina\AppData\Local\ColdCut
2013-10-10 21:16 - 2013-05-05 13:23 - 00025088 _____ C:\Users\Christina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-10 20:25 - 2013-04-06 15:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-10 20:24 - 2013-07-15 15:52 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-10-10 20:21 - 2013-04-06 18:10 - 80541720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-10-09 22:18 - 2013-04-06 11:24 - 00000000 ____D C:\Program Files (x86)\Mp3tag
2013-10-09 21:42 - 2013-10-09 21:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-09 21:42 - 2013-10-09 21:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-08 21:12 - 2013-10-08 21:12 - 06199000 _____ C:\WINDOWS\system32\Drivers\Netwfw00.dat
2013-10-08 21:12 - 2013-10-08 21:12 - 03345376 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\NETwew00.sys
2013-10-08 21:12 - 2013-10-08 21:12 - 02193136 _____ (Intel Corporation) C:\WINDOWS\system32\Netwuw01.dll
2013-10-02 02:38 - 2012-07-26 09:14 - 00694232 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-10-02 02:38 - 2012-07-26 09:14 - 00078296 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-30 21:21 - 2013-04-07 11:55 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Skype
2013-09-29 11:55 - 2013-04-11 11:34 - 00000000 ____D C:\Users\Christina\AppData\Roaming\calibre
2013-09-28 23:09 - 2013-04-06 12:19 - 00000000 ___RD C:\Users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-28 23:08 - 2012-07-26 09:12 - 00000000 ___RD C:\WINDOWS\ToastData
2013-09-27 23:33 - 2013-04-27 15:55 - 00000000 ____D C:\Users\Christina\Documents\My Digital Editions
2013-09-27 22:35 - 2013-09-27 22:35 - 00000000 ____D C:\Users\Christina\Downloads\tools_v6.0.7
2013-09-27 21:18 - 2013-04-06 12:33 - 00000000 ____D C:\Users\Christina\Documents\Citavi 3
2013-09-27 19:26 - 2013-05-05 14:09 - 00000000 ____D C:\ProgramData\DivX
2013-09-27 19:26 - 2013-05-05 14:09 - 00000000 ____D C:\Program Files (x86)\DivX
Files to move or delete:
====================
C:\Users\Christina\SyncToy_a645ea82-1fcf-4d3a-aed1-3aaa61c38cbc.dat
C:\Users\Christina\SyncToy_fa86564d-a98c-4d6f-bda2-df058a0b7606.dat
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
Übrigens meckert jetzt der "Windows Script Host", daß die Skriptdatei "C:\ProgramData\Lenovo-26270.vbs" nicht gefunden wird - war die etwa wichtig? |
|
27.10.2013, 18:00
| #6 |
| /// the machine /// TB-Ausbilder | Windows 8: regelmäßig bluescreens / Defender-Echtzeitschutz nicht aktivierbarESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ --> Windows 8: regelmäßig bluescreens / Defender-Echtzeitschutz nicht aktivierbar |
|
27.10.2013, 22:46
| #7 |
| | Windows 8: regelmäßig bluescreens / Defender-Echtzeitschutz nicht aktivierbar Der ESET Scan läuft noch, aber es gibt seit der Reinigungsaktion ein Problem mit Firefox: bei jedem Start zeigt er mir die "Firstrun"-Seiten, von FF selbst und von diversen Add-ons, und das installierte Theme verschwindet auch jedesmal wieder. Möglicherweise liegt es daran, daß bei der Reinigung einmal auch die pref.js gelöscht wurde, aber dann dürfte das doch nicht jedes Mal wieder neu so sein? Also das ist für mich ein echtes Problem. :-( ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d4870e803cef6b4dbe119c5827fa13da
# engine=15655
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-10-27 09:35:46
# local_time=2013-10-27 10:35:46 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=5893 16776573 100 94 40917 10193221 0 0
# scanned=288621
# found=0
# cleaned=0
# scan_time=7223
Code:
ATTFilter Results of screen317's Security Check version 0.99.74 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Defender WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 Java 7 Update 45 Java version out of Date! Adobe Flash Player 11.9.900.117 Adobe Reader XI Mozilla Firefox (24.0) Mozilla Thunderbird (24.0.1) ````````Process Check: objlist.exe by Laurent```````` Windows Defender MSMpEng.exe Intel Intel(R) Small Business Advantage Service Intel.SmallBusinessAdvantage.WindowsService.exe Windows Defender MsMpEng.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-10-2013 01
Ran by Christina (ATTENTION: The logged in user is not administrator) on LENOVO-PC on 27-10-2013 22:38:55
Running from C:\Users\Christina\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\TouchControl.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Lenovo Group Limited) C:\PROGRA~1\Lenovo\HOTKEY\MKRMSG.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\x64\avfulsvr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Dropbox, Inc.) C:\Users\Christina\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Western Digital) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(CyberLink Corp.) C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Dolby Laboratories Inc.) c:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
() C:\Program Files\Lenovo Fingerprint Reader\x86\IEWebSiteLogon.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-14] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] - C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [TpShocks] - C:\Windows\system32\TpShocks.exe [222720 2012-08-24] (Lenovo.)
HKLM\...\Run: [LnvMobHotspotClient] - C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [937976 2013-06-25] (Lenovo)
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [593408 2013-07-04] (Lenovo Corporation)
HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [LenovoOptMouseUpdate] - C:\Program Files\Lenovo\HOTKEY\extapsup.exe [255480 2013-06-20] (Lenovo Group Limited)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-04-24] (Synaptics Incorporated)
HKLM\...\RunOnce: [*WerKernelReporting] - %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [439488 2013-07-09] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
MountPoints2: {03349f90-fa08-11e2-be9f-6036dd7e786c} - "E:\autorun.exe"
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)
HKLM-x32\...\Run: [RotateImage] - C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [64000 2012-08-10] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [IntelSBA] - C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe [4267784 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IndexSearch] - C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] - C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] - C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini [333 2013-04-06] ()
HKLM-x32\...\Run: [PDFHook] - C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] - C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] - C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [WD Drive Unlocker] - C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-06-13] (Western Digital)
HKLM-x32\...\Run: [WD Quick View] - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5537136 2013-08-14] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [PWMTRV] - C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL [6618920 2013-08-01] (Lenovo Group Limited)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Startup: C:\Users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Christina\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13-comm.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {63A968EE-78D4-48FA-97B8-EEC590270981} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM - {63A968EE-78D4-48FA-97B8-EEC590270981} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM-x32 - {63A968EE-78D4-48FA-97B8-EEC590270981} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKCU - {63A968EE-78D4-48FA-97B8-EEC590270981} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: TrueSuite Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\Lenovo Fingerprint Reader\IEBHO.DLL (AuthenTec Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: SwissAcademic.Citavi.Picker.IEPicker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\Lenovo Fingerprint Reader\x86\IEBHO.dll (AuthenTec Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @authentec.com/ffwloplugin - C:\Program Files\Lenovo Fingerprint Reader\npffwloplugin.dll (AuthenTec, Inc)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\searchplugins\leo-eng-deu-v20.xml
FF SearchPlugin: C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\searchplugins\startpage-https---deutsch.xml
FF SearchPlugin: C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\searchplugins\youtube-videosuche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: HTTPS-Everywhere - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\Extensions\https-everywhere@eff.org
FF Extension: Password Hasher - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\Extensions\passhash@mozilla.wijjo.com
FF Extension: WOT - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: 2.0 - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\Extensions\2.0@disconnect.me.xpi
FF Extension: contextMenuExtension - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\Extensions\contextMenuExtension@leo.org.xpi
FF Extension: firefox - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\Extensions\firefox@ghostery.com.xpi
FF Extension: defaults - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\Extensions\{6bdc61ae-7b80-44a3-9476-e1d121ec2238}.xpi
FF Extension: Adblock Plus - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: dta - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\61prv1k0.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
Chrome:
=======
CHR Extension: (Docs) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Website Logon) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\iokmdlapebooifaijckgcmncjdpojmjl\6.0.200_0
CHR Extension: (Gmail) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [iokmdlapebooifaijckgcmncjdpojmjl] - C:\Program Files\Lenovo Fingerprint Reader\x86\tschrome.crx
==================== Services (Whitelisted) =================
R3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [565760 2013-07-04] (Lenovo Corporation)
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2012-12-29] (IvoSoft)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [218112 2013-05-28] ()
R2 FPLService; C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe [2139496 2012-08-31] (AuthenTec, Inc)
R2 HiSuiteOuc64.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe [137024 2013-07-11] ()
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [197632 2013-05-02] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 intelsba; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [47368 2012-07-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-05] (Intel Corporation)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2044408 2013-07-17] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [579400 2013-02-08] (LENOVO INCORPORATED.)
R3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [687104 2013-07-04] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
R2 lmhosts; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [468984 2013-06-25] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [465912 2013-06-21] ()
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1674720 2013-09-25] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-07-31] (Nitro PDF Software)
R2 NlaSvc; C:\Windows\System32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-08] (Nuance Communications, Inc.)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22888 2013-09-17] ()
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2013-08-14] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270704 2013-08-14] (Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [121728 2012-08-27] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
S3 pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [19032 2013-03-07] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [9584 2013-03-07] ()
R3 RCUVCAVS; C:\Windows\system32\DRIVERS\RCUVCAVS.sys [149632 2012-10-22] (Ricoh co.,Ltd.)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288480 2012-12-13] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-03-18] (Synaptics Incorporated)
S3 SWIX64; C:\Program Files (x86)\Lenovo\System Update\tvsuhd64.sys [33856 2012-09-12] (Lenovo Group Limited)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-27 20:30 - 2013-10-27 20:30 - 02347384 _____ (ESET) C:\Users\Christina\Desktop\esetsmartinstaller_enu.exe
2013-10-27 12:12 - 2013-10-27 12:12 - 00000094 _____ C:\Users\Christina\Desktop\prob2.txt
2013-10-27 12:07 - 2013-10-27 12:07 - 00000827 _____ C:\Users\Christina\Desktop\JRT.txt
2013-10-27 12:04 - 2013-10-27 12:04 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-27 11:59 - 2013-10-27 11:52 - 00000981 _____ C:\Users\Christina\Desktop\AdwCleaner[S0].txt
2013-10-27 11:53 - 2013-10-27 11:53 - 00000022 _____ C:\WINDOWS\S.dirmngr
2013-10-27 11:49 - 2013-10-27 11:52 - 00000000 ____D C:\AdwCleaner
2013-10-27 11:39 - 2013-10-27 11:39 - 01060070 _____ C:\Users\Christina\Desktop\adwcleaner.exe
2013-10-27 11:39 - 2013-10-27 11:39 - 01033335 _____ (Thisisu) C:\Users\Christina\Desktop\JRT.exe
2013-10-27 11:35 - 2013-10-27 11:35 - 01956160 _____ (Farbar) C:\Users\Christina\Desktop\FRST64.exe
2013-10-26 17:29 - 2013-10-26 17:31 - 00000000 ____D C:\Users\Christina\Desktop\IOT für GoGear
2013-10-26 17:01 - 2013-10-26 17:01 - 00026387 _____ C:\ComboFix.txt
2013-10-26 16:28 - 2013-10-26 17:01 - 00000000 ____D C:\Qoobox
2013-10-26 16:28 - 2013-10-26 16:55 - 00000000 ____D C:\WINDOWS\erdnt
2013-10-26 16:28 - 2011-06-26 07:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2013-10-26 16:28 - 2010-11-07 18:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2013-10-26 16:28 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2013-10-26 16:28 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2013-10-26 16:28 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2013-10-26 16:28 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2013-10-26 16:28 - 2000-08-31 01:00 - 00098816 _____ C:\WINDOWS\sed.exe
2013-10-26 16:28 - 2000-08-31 01:00 - 00080412 _____ C:\WINDOWS\grep.exe
2013-10-26 16:28 - 2000-08-31 01:00 - 00068096 _____ C:\WINDOWS\zip.exe
2013-10-26 16:23 - 2013-10-26 16:23 - 05136694 ____R (Swearware) C:\Users\Christina\Desktop\ComboFix.exe
2013-10-26 09:34 - 2013-10-26 09:34 - 00013941 _____ C:\Users\Christina\Desktop\gmer.log
2013-10-26 09:30 - 2013-10-26 09:34 - 00000160 _____ C:\Users\Christina\Desktop\prob.txt
2013-10-25 17:46 - 2013-10-25 17:46 - 00000016 ____H C:\Users\Christina\SyncToy_fa86564d-a98c-4d6f-bda2-df058a0b7606.dat
2013-10-24 18:07 - 2013-10-24 18:07 - 00000000 ____D C:\ProgramData\Intel.sav
2013-10-24 18:07 - 2013-10-24 18:07 - 00000000 ____D C:\Program Files (x86)\Cisco
2013-10-16 21:50 - 2013-10-16 21:50 - 00312744 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-10-16 21:50 - 2013-10-16 21:50 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-10-16 21:50 - 2013-10-16 21:50 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-10-16 21:50 - 2013-10-16 21:50 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2013-10-16 21:50 - 2013-10-16 21:50 - 00000000 ____D C:\Program Files\Java
2013-10-16 21:49 - 2013-10-16 21:49 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2013-10-16 21:49 - 2013-10-16 21:49 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2013-10-16 21:49 - 2013-10-16 21:49 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2013-10-16 21:49 - 2013-10-16 21:49 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2013-10-16 21:49 - 2013-10-16 21:49 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-13 20:57 - 2013-10-13 20:57 - 00001273 _____ C:\Users\Christina\Desktop\MediathekView - Verknüpfung.lnk
2013-10-11 22:26 - 2013-10-11 22:26 - 00000959 _____ C:\Users\Christina\Desktop\calibre.lnk
2013-10-11 22:24 - 2013-10-11 22:24 - 00000030 _____ C:\WINDOWS\success64.log
2013-10-11 22:21 - 2013-10-11 22:24 - 00000000 ____D C:\Program Files\Common Files\Lenovo
2013-10-11 22:19 - 2013-03-18 14:18 - 00171248 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo17.dll
2013-10-11 22:19 - 2013-03-18 14:18 - 00033008 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2013-10-11 22:19 - 2009-08-07 08:49 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2013-10-11 22:06 - 2013-10-11 22:07 - 00711376 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-11 21:52 - 2013-10-11 21:52 - 00000000 ____D C:\Users\Default\AppData\Local\Tvsukernel
2013-10-11 21:52 - 2013-10-11 21:52 - 00000000 ____D C:\Users\Default User\AppData\Local\Tvsukernel
2013-10-11 21:37 - 2012-12-27 16:01 - 00760032 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2013-10-11 21:37 - 2012-12-27 16:01 - 00074344 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2013-10-11 21:24 - 2013-10-27 21:43 - 00000000 ____D C:\Users\Christina\AppData\Roaming\vlc
2013-10-11 21:16 - 2013-07-16 15:38 - 00002149 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DesktopToastsForCriticalUpdates.lnk
2013-10-11 21:16 - 2013-07-16 15:38 - 00002149 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DesktopToastsForCriticalUpdates.lnk
2013-10-11 20:51 - 2013-10-11 20:51 - 00000000 ____D C:\FRST
2013-10-11 20:50 - 2013-10-26 09:03 - 00000472 _____ C:\Users\Christina\Desktop\defogger_disable.log
2013-10-11 20:50 - 2013-10-11 20:50 - 00000000 _____ C:\Users\Admin\defogger_reenable
2013-10-11 20:40 - 2013-10-11 20:41 - 00050477 _____ C:\Users\Christina\Desktop\Defogger.exe
2013-10-11 20:40 - 2013-10-11 20:40 - 00377856 _____ C:\Users\Christina\Desktop\gmer_2.1.19163.exe
2013-10-11 20:37 - 2013-09-14 02:15 - 00059416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2013-10-11 20:37 - 2013-09-13 23:36 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2013-10-11 20:37 - 2013-09-13 23:36 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ubpm.dll
2013-10-11 20:37 - 2013-09-13 23:36 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2013-10-11 20:37 - 2013-09-13 23:36 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2013-10-11 20:37 - 2013-09-13 23:36 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2013-10-11 20:37 - 2013-09-13 23:34 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2013-10-11 20:37 - 2013-09-13 23:33 - 03279360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2013-10-11 20:37 - 2013-09-13 23:33 - 01622016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2013-10-11 20:37 - 2013-09-13 23:33 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2013-10-11 20:37 - 2013-09-13 23:33 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2013-10-11 20:37 - 2013-09-13 23:33 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2013-10-11 20:37 - 2013-09-13 23:33 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2013-10-11 20:37 - 2013-09-13 23:33 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2013-10-11 20:37 - 2013-09-13 23:33 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2013-10-11 20:37 - 2013-08-30 06:43 - 00061784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2013-10-11 20:37 - 2013-08-30 06:20 - 01173504 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2013-10-11 20:37 - 2013-08-30 00:48 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2013-10-11 20:37 - 2013-08-21 07:39 - 00465240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2013-10-11 20:37 - 2013-08-10 07:30 - 00151896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2013-10-11 20:37 - 2013-08-10 06:21 - 00817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2013-10-11 20:37 - 2013-08-10 04:58 - 00656896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2013-10-11 20:37 - 2013-07-25 00:10 - 10799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2013-10-11 20:37 - 2013-07-25 00:07 - 13661696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2013-10-11 20:37 - 2013-07-12 02:38 - 00599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2013-10-11 20:37 - 2013-07-12 02:30 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2013-10-11 20:35 - 2013-10-11 20:35 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Malwarebytes
2013-10-11 20:29 - 2013-10-11 21:20 - 00000000 ____D C:\Program Files\VideoLAN
2013-10-10 18:34 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-10-10 18:34 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-10-10 18:34 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-10-10 18:34 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-10-10 18:34 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-10-10 18:34 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-10-10 18:34 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2013-10-10 18:34 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2013-10-10 18:34 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-10-10 18:34 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-10-10 18:34 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-10-10 18:34 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-10-10 18:34 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-10-10 18:34 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-10-10 18:34 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-10-10 18:34 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2013-10-10 18:34 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2013-10-10 18:34 - 2013-07-06 01:15 - 00652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2013-10-10 18:34 - 2013-07-04 03:13 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2013-10-10 18:34 - 2013-05-15 23:37 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2013-10-10 18:34 - 2013-05-15 23:35 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2013-10-10 18:34 - 2013-05-14 14:14 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2013-10-10 18:34 - 2013-05-14 10:23 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2013-10-10 18:34 - 2013-04-28 23:28 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2013-10-10 18:34 - 2013-02-21 11:29 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2013-10-10 18:34 - 2013-02-21 11:29 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2013-10-10 18:34 - 2013-02-21 11:29 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2013-10-10 18:34 - 2013-02-21 11:29 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2013-10-10 18:34 - 2013-02-21 11:14 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2013-10-10 18:34 - 2013-02-21 11:14 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2013-10-10 18:34 - 2013-02-19 10:53 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2013-10-10 18:34 - 2012-11-08 05:20 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2013-10-10 18:34 - 2012-11-08 05:20 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2013-10-10 18:33 - 2013-08-23 06:11 - 04040192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-10-10 18:33 - 2013-07-19 23:13 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 18:33 - 2013-07-19 23:13 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 18:33 - 2013-07-05 23:02 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbcir.sys
2013-10-10 18:33 - 2013-07-05 23:01 - 00210560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2013-10-10 18:33 - 2013-07-02 02:41 - 00447320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2013-10-10 18:33 - 2013-07-02 02:41 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-10-10 18:33 - 2013-07-02 02:41 - 00213336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2013-10-10 18:33 - 2013-07-01 23:14 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbprint.sys
2013-10-10 18:33 - 2013-07-01 02:42 - 00623448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2013-10-10 18:33 - 2013-07-01 02:42 - 00498008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2013-10-10 18:33 - 2013-07-01 02:42 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2013-10-10 18:33 - 2013-07-01 02:42 - 00021848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2013-10-10 18:33 - 2013-06-29 04:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2013-10-10 18:33 - 2013-06-29 04:07 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2013-10-10 18:33 - 2013-06-29 04:07 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2013-10-10 18:33 - 2013-06-29 04:06 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2013-10-10 18:33 - 2013-06-22 06:45 - 00785624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2013-10-10 18:33 - 2013-06-22 06:45 - 00054488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2013-10-10 18:33 - 2013-05-27 00:17 - 00035328 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2013-10-10 18:33 - 2013-05-26 23:59 - 00046080 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2013-10-10 18:33 - 2013-05-25 04:15 - 00362496 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2013-10-10 18:33 - 2013-05-25 03:32 - 00300032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2013-10-09 21:42 - 2013-10-09 21:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-09 21:42 - 2013-10-09 21:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-09 21:42 - 2013-04-04 13:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-10-08 21:12 - 2013-10-08 21:12 - 06199000 _____ C:\WINDOWS\system32\Drivers\Netwfw00.dat
2013-10-08 21:12 - 2013-10-08 21:12 - 03345376 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\NETwew00.sys
2013-10-08 21:12 - 2013-10-08 21:12 - 02193136 _____ (Intel Corporation) C:\WINDOWS\system32\Netwuw01.dll
2013-10-01 19:52 - 2013-10-27 20:29 - 00000000 ___RD C:\Users\Christina\Dropbox
2013-10-01 19:52 - 2013-10-14 19:46 - 00001042 _____ C:\Users\Christina\Desktop\Dropbox.lnk
2013-10-01 19:50 - 2013-10-14 19:46 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-10-01 19:48 - 2013-10-27 20:29 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Dropbox
2013-09-28 23:03 - 2013-08-10 06:21 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2013-09-28 23:03 - 2013-08-10 06:21 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncInfo.dll
2013-09-28 23:03 - 2013-08-10 04:58 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2013-09-28 23:03 - 2013-08-03 07:40 - 01374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2013-09-28 23:03 - 2013-08-03 07:40 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2013-09-28 23:03 - 2013-08-03 07:40 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx
2013-09-28 23:03 - 2013-08-03 06:14 - 00399360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2013-09-28 23:03 - 2013-08-03 06:13 - 01245696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2013-09-28 23:03 - 2013-08-03 06:13 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2013-09-28 23:03 - 2013-08-02 07:28 - 19758080 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2013-09-28 23:03 - 2013-08-02 07:28 - 10116608 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-09-28 23:03 - 2013-08-02 07:28 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2013-09-28 23:03 - 2013-08-02 07:26 - 02304512 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2013-09-28 23:03 - 2013-08-02 06:08 - 17561088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2013-09-28 23:03 - 2013-08-02 06:08 - 08858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-09-28 23:03 - 2013-08-02 06:08 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2013-09-28 23:03 - 2013-08-02 06:06 - 02035712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2013-09-28 23:03 - 2013-08-01 11:41 - 02233688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2013-09-28 23:03 - 2013-07-31 00:30 - 00386923 _____ C:\WINDOWS\system32\ApnDatabase.xml
2013-09-28 23:03 - 2013-07-25 00:10 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2013-09-28 23:03 - 2013-07-25 00:06 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2013-09-28 23:03 - 2013-04-10 00:17 - 01125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2013-09-28 23:03 - 2013-04-09 23:29 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2013-09-27 22:35 - 2013-09-27 22:35 - 00000000 ____D C:\Users\Christina\Downloads\tools_v6.0.7
==================== One Month Modified Files and Folders =======
2013-10-27 22:37 - 2013-04-06 18:09 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-10-27 22:31 - 2013-04-07 11:55 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Skype
2013-10-27 22:05 - 2013-06-11 10:39 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-27 22:02 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\system32\sru
2013-10-27 21:43 - 2013-10-11 21:24 - 00000000 ____D C:\Users\Christina\AppData\Roaming\vlc
2013-10-27 20:36 - 2012-12-15 16:27 - 00753134 _____ C:\WINDOWS\system32\perfh007.dat
2013-10-27 20:36 - 2012-12-15 16:27 - 00155826 _____ C:\WINDOWS\system32\perfc007.dat
2013-10-27 20:36 - 2012-07-26 08:28 - 01745416 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-10-27 20:30 - 2013-10-27 20:30 - 02347384 _____ (ESET) C:\Users\Christina\Desktop\esetsmartinstaller_enu.exe
2013-10-27 20:29 - 2013-10-01 19:52 - 00000000 ___RD C:\Users\Christina\Dropbox
2013-10-27 20:29 - 2013-10-01 19:48 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Dropbox
2013-10-27 20:29 - 2013-06-11 10:39 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-27 20:23 - 2012-12-15 07:48 - 01200883 _____ C:\WINDOWS\WindowsUpdate.log
2013-10-27 20:13 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-10-27 12:12 - 2013-10-27 12:12 - 00000094 _____ C:\Users\Christina\Desktop\prob2.txt
2013-10-27 12:07 - 2013-10-27 12:07 - 00000827 _____ C:\Users\Christina\Desktop\JRT.txt
2013-10-27 12:04 - 2013-10-27 12:04 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-27 11:56 - 2013-04-06 12:22 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Nitro PDF
2013-10-27 11:55 - 2013-04-11 14:28 - 00000000 ____D C:\Users\Christina\AppData\Local\CrashDumps
2013-10-27 11:53 - 2013-10-27 11:53 - 00000022 _____ C:\WINDOWS\S.dirmngr
2013-10-27 11:53 - 2013-04-27 13:15 - 00008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2013-10-27 11:53 - 2012-07-26 08:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-10-27 11:52 - 2013-10-27 11:59 - 00000981 _____ C:\Users\Christina\Desktop\AdwCleaner[S0].txt
2013-10-27 11:52 - 2013-10-27 11:49 - 00000000 ____D C:\AdwCleaner
2013-10-27 11:39 - 2013-10-27 11:39 - 01060070 _____ C:\Users\Christina\Desktop\adwcleaner.exe
2013-10-27 11:39 - 2013-10-27 11:39 - 01033335 _____ (Thisisu) C:\Users\Christina\Desktop\JRT.exe
2013-10-27 11:35 - 2013-10-27 11:35 - 01956160 _____ (Farbar) C:\Users\Christina\Desktop\FRST64.exe
2013-10-26 17:45 - 2013-04-06 12:19 - 00000000 ___RD C:\Users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-26 17:31 - 2013-10-26 17:29 - 00000000 ____D C:\Users\Christina\Desktop\IOT für GoGear
2013-10-26 17:05 - 2012-10-10 00:08 - 00723324 _____ C:\WINDOWS\PFRO.log
2013-10-26 17:01 - 2013-10-26 17:01 - 00026387 _____ C:\ComboFix.txt
2013-10-26 17:01 - 2013-10-26 16:28 - 00000000 ____D C:\Qoobox
2013-10-26 16:55 - 2013-10-26 16:28 - 00000000 ____D C:\WINDOWS\erdnt
2013-10-26 16:44 - 2012-07-26 06:26 - 00000215 _____ C:\WINDOWS\system.ini
2013-10-26 16:23 - 2013-10-26 16:23 - 05136694 ____R (Swearware) C:\Users\Christina\Desktop\ComboFix.exe
2013-10-26 10:40 - 2013-04-15 07:45 - 743963496 _____ C:\WINDOWS\MEMORY.DMP
2013-10-26 09:34 - 2013-10-26 09:34 - 00013941 _____ C:\Users\Christina\Desktop\gmer.log
2013-10-26 09:34 - 2013-10-26 09:30 - 00000160 _____ C:\Users\Christina\Desktop\prob.txt
2013-10-26 09:28 - 2013-04-15 07:45 - 00000000 ____D C:\WINDOWS\Minidump
2013-10-26 09:25 - 2013-04-08 16:22 - 00000192 _____ C:\Users\Christina\AppData\Local\RegisteredPackageInformation.xml
2013-10-26 09:16 - 2013-04-27 11:54 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Mp3tag
2013-10-26 09:03 - 2013-10-11 20:50 - 00000472 _____ C:\Users\Christina\Desktop\defogger_disable.log
2013-10-26 08:39 - 2013-04-06 12:18 - 00000000 ____D C:\Users\Christina
2013-10-25 17:46 - 2013-10-25 17:46 - 00000016 ____H C:\Users\Christina\SyncToy_fa86564d-a98c-4d6f-bda2-df058a0b7606.dat
2013-10-25 16:32 - 2013-04-06 17:16 - 00000000 ____D C:\Users\Admin
2013-10-24 21:16 - 2012-12-15 07:35 - 00000000 ____D C:\Intel
2013-10-24 19:42 - 2013-04-11 11:35 - 00000000 ____D C:\Users\Christina\Documents\Calibre Bibliothek
2013-10-24 19:41 - 2013-09-25 22:56 - 00000000 ____D C:\Program Files\Calibre2
2013-10-24 18:09 - 2013-04-27 13:11 - 00000000 ____D C:\ProgramData\Package Cache
2013-10-24 18:09 - 2012-12-15 07:35 - 00000000 ____D C:\Program Files\Intel
2013-10-24 18:08 - 2012-12-15 07:35 - 00000000 ____D C:\ProgramData\Intel
2013-10-24 18:07 - 2013-10-24 18:07 - 00000000 ____D C:\ProgramData\Intel.sav
2013-10-24 18:07 - 2013-10-24 18:07 - 00000000 ____D C:\Program Files (x86)\Cisco
2013-10-24 18:07 - 2012-12-15 07:36 - 00000000 ____D C:\Program Files\Common Files\Intel
2013-10-24 18:07 - 2012-12-15 07:35 - 00000000 ____D C:\Program Files (x86)\Intel
2013-10-24 17:56 - 2013-04-06 13:40 - 00000000 ____D C:\Users\Christina\AppData\Local\Lenovo
2013-10-17 21:01 - 2013-04-06 12:40 - 00000000 ____D C:\Users\Christina\Documents\Referendariat
2013-10-16 21:50 - 2013-10-16 21:50 - 00312744 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-10-16 21:50 - 2013-10-16 21:50 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-10-16 21:50 - 2013-10-16 21:50 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-10-16 21:50 - 2013-10-16 21:50 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2013-10-16 21:50 - 2013-10-16 21:50 - 00000000 ____D C:\Program Files\Java
2013-10-16 21:50 - 2013-09-24 06:31 - 00000000 ____D C:\ProgramData\Oracle
2013-10-16 21:49 - 2013-10-16 21:49 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2013-10-16 21:49 - 2013-10-16 21:49 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2013-10-16 21:49 - 2013-10-16 21:49 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2013-10-16 21:49 - 2013-10-16 21:49 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2013-10-16 21:49 - 2013-10-16 21:49 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-15 17:31 - 2013-04-06 17:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-14 21:14 - 2012-07-26 08:21 - 00048764 _____ C:\WINDOWS\setupact.log
2013-10-14 19:46 - 2013-10-01 19:52 - 00001042 _____ C:\Users\Christina\Desktop\Dropbox.lnk
2013-10-14 19:46 - 2013-10-01 19:50 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-10-13 21:19 - 2013-08-07 17:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-13 21:19 - 2013-04-06 17:42 - 00002101 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2013-10-13 20:57 - 2013-10-13 20:57 - 00001273 _____ C:\Users\Christina\Desktop\MediathekView - Verknüpfung.lnk
2013-10-12 19:38 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\rescache
2013-10-11 22:51 - 2013-04-27 12:55 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2013-10-11 22:26 - 2013-10-11 22:26 - 00000959 _____ C:\Users\Christina\Desktop\calibre.lnk
2013-10-11 22:24 - 2013-10-11 22:24 - 00000030 _____ C:\WINDOWS\success64.log
2013-10-11 22:24 - 2013-10-11 22:21 - 00000000 ____D C:\Program Files\Common Files\Lenovo
2013-10-11 22:20 - 2012-12-15 07:59 - 00001422 _____ C:\WINDOWS\Synaptics.log
2013-10-11 22:20 - 2012-12-15 07:33 - 00099908 _____ C:\WINDOWS\DPINST.LOG
2013-10-11 22:07 - 2013-10-11 22:06 - 00711376 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-11 21:52 - 2013-10-11 21:52 - 00000000 ____D C:\Users\Default\AppData\Local\Tvsukernel
2013-10-11 21:52 - 2013-10-11 21:52 - 00000000 ____D C:\Users\Default User\AppData\Local\Tvsukernel
2013-10-11 21:43 - 2012-12-15 07:47 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2013-10-11 21:41 - 2012-07-26 09:12 - 00000000 __RSD C:\WINDOWS\Media
2013-10-11 21:38 - 2013-07-24 21:06 - 00000000 ____D C:\Users\Christina\AppData\Roaming\LSC
2013-10-11 21:37 - 2012-12-15 07:36 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-10-11 21:34 - 2013-05-06 14:24 - 00000000 ____D C:\ldiag
2013-10-11 21:33 - 2012-12-15 07:36 - 00000000 ____D C:\Program Files\Lenovo
2013-10-11 21:20 - 2013-10-11 20:29 - 00000000 ____D C:\Program Files\VideoLAN
2013-10-11 21:18 - 2012-12-15 00:06 - 00000000 ____D C:\ProgramData\Lenovo
2013-10-11 21:15 - 2012-12-15 07:36 - 00000000 ____D C:\Program Files (x86)\Lenovo
2013-10-11 21:03 - 2013-04-06 11:22 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-10-11 20:51 - 2013-10-11 20:51 - 00000000 ____D C:\FRST
2013-10-11 20:50 - 2013-10-11 20:50 - 00000000 _____ C:\Users\Admin\defogger_reenable
2013-10-11 20:43 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\WinStore
2013-10-11 20:41 - 2013-10-11 20:40 - 00050477 _____ C:\Users\Christina\Desktop\Defogger.exe
2013-10-11 20:40 - 2013-10-11 20:40 - 00377856 _____ C:\Users\Christina\Desktop\gmer_2.1.19163.exe
2013-10-11 20:35 - 2013-10-11 20:35 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Malwarebytes
2013-10-11 18:02 - 2013-04-06 22:25 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-11 18:01 - 2013-04-06 22:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-10 21:18 - 2013-05-05 13:29 - 00000000 ____D C:\Users\Christina\Downloads\Cut
2013-10-10 21:17 - 2013-05-05 14:11 - 00000000 ____D C:\Users\Christina\Downloads\CutOriginale
2013-10-10 21:17 - 2013-05-05 13:18 - 00000000 ____D C:\Users\Christina\AppData\Local\ColdCut
2013-10-10 21:16 - 2013-05-05 13:23 - 00025088 _____ C:\Users\Christina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-10 20:25 - 2013-04-06 15:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-10 20:24 - 2013-07-15 15:52 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-10-10 20:21 - 2013-04-06 18:10 - 80541720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-10-09 22:18 - 2013-04-06 11:24 - 00000000 ____D C:\Program Files (x86)\Mp3tag
2013-10-09 21:42 - 2013-10-09 21:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-09 21:42 - 2013-10-09 21:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-08 21:12 - 2013-10-08 21:12 - 06199000 _____ C:\WINDOWS\system32\Drivers\Netwfw00.dat
2013-10-08 21:12 - 2013-10-08 21:12 - 03345376 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\NETwew00.sys
2013-10-08 21:12 - 2013-10-08 21:12 - 02193136 _____ (Intel Corporation) C:\WINDOWS\system32\Netwuw01.dll
2013-10-02 02:38 - 2012-07-26 09:14 - 00694232 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-10-02 02:38 - 2012-07-26 09:14 - 00078296 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-29 11:55 - 2013-04-11 11:34 - 00000000 ____D C:\Users\Christina\AppData\Roaming\calibre
2013-09-28 23:09 - 2013-04-06 12:19 - 00000000 ___RD C:\Users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-28 23:08 - 2012-07-26 09:12 - 00000000 ___RD C:\WINDOWS\ToastData
2013-09-27 23:33 - 2013-04-27 15:55 - 00000000 ____D C:\Users\Christina\Documents\My Digital Editions
2013-09-27 22:35 - 2013-09-27 22:35 - 00000000 ____D C:\Users\Christina\Downloads\tools_v6.0.7
2013-09-27 21:18 - 2013-04-06 12:33 - 00000000 ____D C:\Users\Christina\Documents\Citavi 3
2013-09-27 19:26 - 2013-05-05 14:09 - 00000000 ____D C:\ProgramData\DivX
2013-09-27 19:26 - 2013-05-05 14:09 - 00000000 ____D C:\Program Files (x86)\DivX
Files to move or delete:
====================
C:\Users\Christina\SyncToy_a645ea82-1fcf-4d3a-aed1-3aaa61c38cbc.dat
C:\Users\Christina\SyncToy_fa86564d-a98c-4d6f-bda2-df058a0b7606.dat
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
--- --- --- Den bluescreen hatte ich jetzt länger nicht mehr, aber das war schon früher so, daß der ab und an mal Pause gemacht hat. |
|
28.10.2013, 12:09
| #8 |
| /// the machine /// TB-Ausbilder | Windows 8: regelmäßig bluescreens / Defender-Echtzeitschutz nicht aktivierbar Firefox am besten mal neu installieren.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
28.10.2013, 20:25
| #9 |
| | Windows 8: regelmäßig bluescreens / Defender-Echtzeitschutz nicht aktivierbar Hilft nichts. Habe auch festgestellt, daß ich auf die ausgeblendeten Ordner keinen Zugriff mehr habe. Da dort ja auch die Profildaten für FF liegen, dürfte das der Grund sein. Bei Thunderbird gibt es aber keine Probleme, seltsam. Ich muß mich korrigieren, es sind nicht die ausgeblendeten Ordner, sondern nur bestimmte, nämlich die Ordner, die nur als Links dargestellt werden -Anwendungsdaten -Cookies -Druckumgebung -Eigene Dateien -Lokale Einstellungen -Netzwerkumgebung -Recent -SendTo -Startmenü -Vorlagen Das sind ja meines Wissens alles Ordner, die es gar nicht gibt, sondern die nur als interne Links dargestellt werden. Aber es ist schon seltsam, zB gibt es unter C jetzt noch einen Link-Ordner "Programme", der vorher nicht da war, zusätzlich zum normalen Ordner Programme , und auch Links zu "Dokumente und Einstellungen" sowie "Documents and Settings". Habe natürlich nirgendwo Zugriff und kann ihn auch nicht einrichten. Hier hat irgendein Säuberungsprogramm gewaltig herumgepfuscht, würde ich sagen :-( |
|
29.10.2013, 10:38
| #10 |
| /// the machine /// TB-Ausbilder | Windows 8: regelmäßig bluescreens / Defender-Echtzeitschutz nicht aktivierbar Zeig mir mal bitte nen Screenshot davon.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 8: regelmäßig bluescreens / Defender-Echtzeitschutz nicht aktivierbar |
| adblock, bluescreen, browser, defender, error, farbar, farbar recovery scan tool, fehlermeldung, firefox, flash player, helper, homepage, hotspot, mozilla, mp3, object, plug-in, pwmtr64v.dll, realtek, registry, rundll, scan, schutz, security, services.exe, software, svchost.exe, system, taskmanager, usb, windows, windowsapps |
Linear-Darstellung
