Windows 8: neuer Laptop öffnet Unmengen an Werbung im Browser

schrauber · 05.04.2015, 13:28

hi,

Addition.txt fehlt noch

karl-heinz00 · 05.04.2015, 13:32

Zitat:

Zitat von schrauber

hi,

Addition.txt fehlt noch

stimmt

addition.txt

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Winfried at 2015-04-05 14:11:45
Running from C:\Users\Winfried\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.5.2126.02 - CyberLink Corp.)
 Lenovo Photo Master (x32 Version: 1.5.2126.02 - CyberLink Corp.) Hidden
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Avira (HKLM-x32\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.30.21727 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 15.0.8.656 - Avira)
Benutzerhandbücher (x32 Version: 3.0.0.3 - Lenovo) Hidden
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.1.0.7 - Lenovo)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.0 - Conexant)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.36.00 - Lenovo Inc.) Hidden
Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Harmony (HKLM-x32\...\{D02D9427-507D-4912-9285-97FCD5417E72}) (Version: 1.0.0.0929 - Lenovo)
Harmony (x32 Version: 1.0.0.0929 - Lenovo) Hidden
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.0.10100.71 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4029 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.5.0.1056 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{84A2B59B-6A7B-4C01-8592-15C9BFE6AC36}) (Version: 2.4.3 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{5BC2A343-DED5-40E8-8F64-472FD74D80EA}) (Version: 17.1.1433.02 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{c78a13fd-4324-4ddb-a613-746d2461441d}) (Version: 17.13.1 - Intel Corporation)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.36.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11064 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.19.0 - Lenovo)
Lenovo FusionEngine  (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{D3F38500-4C99-4E4F-9786-B907224E13A1}) (Version: 2.6.0.0528 - PointGrab)
Lenovo Motion Control (x32 Version: 2.6.0.0528 - PointGrab) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo Paper Display (HKLM-x32\...\InstallShield_{B5E4B638-FFF0-408F-9FB6-732CAFC73063}) (Version: 2.0.0.035 - Lenovo)
Lenovo Paper Display (x32 Version: 2.0.0.035 - Lenovo) Hidden
Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 2.0.0.19 - Lenovo)
Lenovo PhoneCompanion (x32 Version: 2.0.0.19 - Lenovo) Hidden
Lenovo Settings - Camera Audio (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 4.3.5.0 - Lenovo Corporation)
Lenovo Settings (HKLM\...\{D14CCBF5-1A3A-4C08-955B-BE6D519835C4}_is1) (Version: 2.0.0.5 - Lenovo)
Lenovo Settings Dependency Package (HKLM\...\{3694BA2E-BE31-4B7E-886B-A0B559E69D4D}_is1) (Version: 2.3.1.28 - Lenovo Group Limited)
Lenovo Settings Service (HKLM\...\{8C6F1EBA-17F1-4481-B688-9777E63E985F}_is1) (Version: 2.3.0.20 - Lenovo Group Limited)
Lenovo Settings UMDF driver (HKLM\...\{2BDC7413-65EA-4B99-8C4B-02F11075BE6D}_is1) (Version: 1.2.0.6 - Lenovo Group Limited)
Lenovo Settings WiFi (HKLM\...\{86045A6C-C156-4349-A3E2-47A88A42F5C2}_is1) (Version: 2.0.0.3 - Lenovo)
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.1.14.6181 - Lenovo)
Lenovo Yoga 3 Demo (HKLM-x32\...\{9B02CB47-B0E8-4BC8-9BF3-8EFF3CDEA30E}) (Version: 2.0.2 - Lenovo)
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 2.0.0.3 - Lenovo)
LenovoUtility (x32 Version: 2.0.0.3 - Lenovo) Hidden
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Maxx Audio Installer (x64) (Version: 1.6.4815.83 - Waves Audio Ltd.) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 36.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 de)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.4 - Mozilla)
Nitro Pro 9 (HKLM\...\{4C32F7E8-A65F-4D3C-9153-9F3B57CB6872}) (Version: 9.0.5.9 - Nitro)
OneKey Optimizer (HKLM-x32\...\InstallShield_{D5D573DC-D989-4769-9B56-D6A7EA503D7F}) (Version: 1.1.20.16 - Lenovo)
OneKey Optimizer (x32 Version: 1.1.20.16 - Lenovo) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39060 - Realtek Semiconductor Corp.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.8.0 - Lenovo Group Limited)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.7.89 - Synaptics Incorporated)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

04-04-2015 11:32:34 McAfee  Vulnerability Scanner

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {10635313-837A-4988-8E43-C5C1F66D3101} - System32\Tasks\AXDGX => C:\Users\Winfried\AppData\Roaming\AXDGX.exe <==== ATTENTION
Task: {109FF231-DBF9-4736-BDC2-A51BD10357FC} - System32\Tasks\XLA => C:\Users\Winfried\AppData\Roaming\XLA.exe <==== ATTENTION
Task: {1CC7F122-A63D-47B3-9250-6CB00B5B0319} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-04-09] ()
Task: {22C94394-D734-41DC-8A7E-E859D77628A6} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {269FBE55-C11D-446A-AF92-F49D575851EC} - System32\Tasks\oDweklayyunBXthwbuHX => C:\Users\Winfried\AppData\Roaming\oDweklayyunBXthwbuHX.exe
Task: {2FD9A8B3-9F46-48AF-BAAC-A808A4D7FDC7} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2015-03-21] (Lenovo)
Task: {4378E825-0D7A-4F9A-B061-5D10172E1712} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-23] (Adobe Systems Incorporated)
Task: {566F4469-2726-4A4E-B3C1-2CDD24B9158F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-04-09] ()
Task: {6C8EB349-E5D0-467D-9956-A62A5D04324A} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-03-06] ()
Task: {7752E575-2FA9-4CC6-B3DF-29BB9B0C01AF} - System32\Tasks\disco_savings_notification_service => C:\Program Files (x86)\disco savings\disco_savings_notification_service.exe
Task: {82351605-5B54-49EC-9642-1448F014DCC9} - \7b4ca387-5551-400b-9a35-fa2d32f182c9-4 No Task File <==== ATTENTION
Task: {E6BB0C1A-F09D-4228-9C91-789445B8BCAA} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-09-02] (Lenovo)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AXDGX.job => C:\Users\Winfried\AppData\Roaming\AXDGX.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\disco_savings_notification_service.job => C:\Program Files (x86)\disco savings\disco_savings_notification_service.exeé/url='http:/cdn.selectbestopt.com/notf_sys/index.html' /crregname='disco savings' /appid='73143' /srcid='2913' /bic='f443762ed80e68e9a05cdcfa979034b6' /verifier='fe5513bae41efa38680f32b84a75c913' /installerversion='1.50.3.10' /statsdomain='http:/stats.buildomserv.com/data.gif?' /errorsdomain='http:/stats.buildomserv.com/data.gif?' /monetizationdomain='http:/logs.buildomserv.com/monetization.gif
Task: C:\WINDOWS\Tasks\oDweklayyunBXthwbuHX.job => C:\Users\Winfried\AppData\Roaming\oDweklayyunBXthwbuHX.exe
Task: C:\WINDOWS\Tasks\XLA.job => C:\Users\Winfried\AppData\Roaming\XLA.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) ==============

2015-02-26 19:40 - 2014-11-20 11:43 - 00016920 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\FbServicePS.dll
2015-02-26 19:36 - 2014-08-25 11:26 - 00017176 _____ () C:\Program Files (x86)\Lenovo\Harmony\Picks\HarmonyPicksService.exe
2015-02-26 19:36 - 2014-09-04 15:46 - 00017688 _____ () C:\Program Files (x86)\Lenovo\Harmony\Setting\HarmonySettingService.exe
2015-02-26 19:36 - 2014-09-28 17:29 - 00065304 _____ () C:\Program Files (x86)\Lenovo\Harmony\Setting\Util.dll
2015-04-04 13:30 - 2015-04-04 13:30 - 00632320 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Security\c7f6d022c5d5aec4891cb6b3b9934336\Windows.Security.ni.dll
2015-02-26 19:36 - 2014-09-15 13:21 - 00018200 _____ () C:\Program Files (x86)\Lenovo\Harmony\Setting\RemoteObject.dll
2015-02-26 19:36 - 2014-08-25 11:30 - 00075032 _____ () C:\Program Files (x86)\Lenovo\Harmony\Setting\HarmonyAudio.dll
2015-02-26 19:36 - 2014-08-25 11:33 - 00017176 _____ () C:\Program Files (x86)\Lenovo\Harmony\Setting\TouchScreenContronlDLL.dll
2015-02-26 19:36 - 2014-08-25 11:32 - 00026392 _____ () C:\Program Files (x86)\Lenovo\Harmony\Setting\PowerDll.DLL
2015-02-26 19:38 - 2015-02-26 19:37 - 00133440 _____ () C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
2014-11-25 15:54 - 2014-11-25 15:54 - 00026392 _____ () C:\Program Files (x86)\Lenovo\PaperDisplay\x86\PLHotkeyService.exe
2015-02-26 19:37 - 2012-04-24 12:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-02-26 19:34 - 2015-02-26 19:34 - 00068880 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
2015-02-26 19:34 - 2015-02-26 19:34 - 00672016 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfDataStorageInterface.dll
2015-02-26 19:36 - 2014-05-20 17:16 - 00061200 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2015-02-26 19:34 - 2014-10-22 11:15 - 00644080 _____ () C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
2015-02-26 19:38 - 2015-02-26 19:37 - 00815104 _____ () C:\Program Files\Lenovo PhoneCompanion\adb.exe
2015-02-26 19:39 - 2014-11-17 16:35 - 00036632 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\Metric.dll
2015-02-26 19:39 - 2014-11-17 16:35 - 00166680 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\Lenovo.MetricCollectionMFCx64.dll
2014-12-08 05:10 - 2014-11-21 10:54 - 00456808 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-02-26 19:34 - 2014-10-22 11:15 - 00410096 _____ () C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
2015-02-26 19:10 - 2010-10-26 06:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2015-02-26 19:34 - 2015-02-26 19:34 - 00791368 _____ () C:\Program Files\Lenovo\LenovoUtility\utility.exe
2015-02-26 19:34 - 2015-02-26 19:34 - 00097048 _____ () C:\Program Files\Lenovo\LenovoUtility\kbdhook.dll
2015-02-26 19:36 - 2014-08-14 11:47 - 00109840 _____ () C:\Program Files (x86)\Lenovo\LenovoTransition\TransitionServer.exe
2015-02-26 19:39 - 2014-11-17 16:35 - 00047896 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\res_GR_German_DEU.dll
2015-02-26 19:36 - 2014-09-28 17:29 - 00065304 _____ () C:\Program Files (x86)\Lenovo\Harmony\Picks\Util.dll
2015-02-26 19:36 - 2014-09-15 13:21 - 00018200 _____ () C:\Program Files (x86)\Lenovo\Harmony\Picks\RemoteObject.dll
2015-04-04 13:30 - 2015-04-04 13:30 - 00207872 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.System\a4efa88b742703220e527956d8ab4e84\Windows.System.ni.dll
2015-04-04 13:30 - 2015-04-04 13:30 - 00363520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\6382e6f5ad8b7a9db4f5cd4817e70319\Windows.Foundation.ni.dll
2015-02-26 19:40 - 2015-02-26 19:40 - 00019232 _____ () C:\WINDOWS\Microsoft.Net\assembly\GAC_MSIL\Lenovo.MetricCollectionSDK\v4.0_1.1.9.0__d43be3ee47b19ecb\Lenovo.MetricCollectionSDK.dll
2015-04-04 13:30 - 2015-04-04 13:30 - 01259520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Networking\8f0dd293f95c402613c49fb2fac85bdd\Windows.Networking.ni.dll
2015-02-26 19:36 - 2014-08-25 11:27 - 00074520 _____ () C:\Program Files (x86)\Lenovo\Harmony\Picks\Lenovo.Harmonydll.dll
2014-12-08 05:10 - 2014-11-21 10:54 - 17170624 _____ () C:\WINDOWS\SYSTEM32\igd11dxva64.dll
2015-02-26 19:40 - 2014-11-20 11:43 - 00159256 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\FbApi.dll
2015-02-26 19:39 - 2014-11-17 16:35 - 00036120 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\zd.dll
2014-05-28 14:16 - 2014-05-28 14:16 - 00013576 _____ () C:\Program Files (x86)\Lenovo\Motion Control\PointGrabDeviceAPI.dll
2014-10-10 10:37 - 2014-10-10 10:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-02-26 19:23 - 2014-08-04 19:06 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2015-02-26 19:23 - 2014-08-04 19:06 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2015-04-04 13:30 - 2015-04-04 13:30 - 00402432 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Security\ade4f25e9d8384f190ede9eb090281cb\Windows.Security.ni.dll
2015-04-04 13:30 - 2015-04-04 13:30 - 00797696 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Networking\e1a2f3f274995f1f847c00f962657943\Windows.Networking.ni.dll
2015-04-04 13:30 - 2015-04-04 13:30 - 00228864 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\f7e726805e56676bd7b8662a3d842b0e\Windows.Foundation.ni.dll
2015-04-04 13:30 - 2015-04-04 13:30 - 00133120 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.System\7819e306c2c55c42f35a5fa10b93710f\Windows.System.ni.dll
2015-02-26 19:36 - 2014-08-25 11:32 - 00168216 _____ () C:\Program Files (x86)\Lenovo\Harmony\Setting\PG_SettingsLib.dll
2015-02-26 19:36 - 2014-08-25 11:30 - 00018200 _____ () C:\Program Files (x86)\Lenovo\Harmony\Setting\Lenovo.Harmonydll.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Users\Winfried\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1872664996-1993104736-2441894966-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Winfried\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-1872664996-1993104736-2441894966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Winfried\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-1872664996-1993104736-2441894966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Users\Winfried\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-1872664996-1993104736-2441894966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\Control Panel\Desktop\\Wallpaper -> C:\Users\Winfried\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-1872664996-1993104736-2441894966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\Control Panel\Desktop\\Wallpaper -> C:\Users\Winfried\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-1872664996-1993104736-2441894966-500 - Administrator - Disabled)
Gast (S-1-5-21-1872664996-1993104736-2441894966-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1872664996-1993104736-2441894966-1003 - Limited - Enabled)
Winfried (S-1-5-21-1872664996-1993104736-2441894966-1001 - Administrator - Enabled) => C:\Users\Winfried

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/05/2015 01:45:26 PM) (Source: PLCoreService) (EventID: 0) (User: )
Description: PLCoreServicereg session lock = failed w/err 0x00000000

Error: (04/05/2015 01:45:26 PM) (Source: PLCoreService) (EventID: 0) (User: )
Description: PLCoreServicesession change id =  failed w/err 0x00000003

Error: (04/05/2015 01:45:18 PM) (Source: PLCoreService) (EventID: 0) (User: )
Description: PLCoreServicereg session lock = failed w/err 0x00000001

Error: (04/05/2015 01:45:18 PM) (Source: PLCoreService) (EventID: 0) (User: )
Description: PLCoreServicesession change id =  failed w/err 0x00000003

Error: (04/05/2015 01:45:17 PM) (Source: PLCoreService) (EventID: 0) (User: )
Description: PLCoreServiceevent type =  failed w/err 0x00000007

Error: (04/05/2015 01:45:12 PM) (Source: PLCoreService) (EventID: 0) (User: )
Description: PLCoreServiceevent type =  failed w/err 0x00000012

Error: (04/05/2015 01:45:12 PM) (Source: PLCoreService) (EventID: 0) (User: )
Description: PLCoreServiceevent type =  failed w/err 0x0000000a

Error: (04/05/2015 01:45:12 PM) (Source: PLCoreService) (EventID: 0) (User: )
Description: PLCoreServiceevent type =  failed w/err 0x00008013

Error: (04/04/2015 04:53:27 PM) (Source: PLCoreService) (EventID: 0) (User: )
Description: PLCoreServiceevent type =  failed w/err 0x00000004

Error: (04/04/2015 04:53:27 PM) (Source: PLCoreService) (EventID: 0) (User: )
Description: PLCoreServicereg session lock = failed w/err 0x00000001


System errors:
=============
Error: (04/04/2015 04:32:56 PM) (Source: DCOM) (EventID: 10016) (User: KLEINERPCANDI)
Description: ComputerstandardLokalAktivierung{53362C32-A296-4F2D-A2F8-FD984D08340B}{53362C32-A296-4F2D-A2F8-FD984D08340B}kleinerPCAndiWinfriedS-1-5-21-1872664996-1993104736-2441894966-1001LocalHost (unter Verwendung von LRPC)Microsoft.BingTravel_3.0.4.309_x64__8wekyb3d8bbweS-1-15-2-2870191891-2241688837-171142518-109998219-184790337-3361571429-3188846544

Error: (04/04/2015 02:20:45 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x000000d1 (0x0000000000000008, 0x0000000000000002, 0x0000000000000000, 0xfffff80101e43823)C:\WINDOWS\MEMORY.DMP040415-5984-01

Error: (04/04/2015 02:20:43 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎04.‎04.‎2015 um 14:15:43 unerwartet heruntergefahren.

Error: (04/04/2015 01:50:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PG_Service_Launcher" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/04/2015 00:19:12 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll

Error: (04/04/2015 00:19:12 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll

Error: (04/04/2015 00:19:10 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll

Error: (04/04/2015 00:18:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.

Error: (04/04/2015 00:18:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "lupdate" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/04/2015 00:18:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (04/05/2015 01:45:26 PM) (Source: PLCoreService) (EventID: 0) (User: )
Description: PLCoreServicereg session lock = failed w/err 0x00000000

Error: (04/05/2015 01:45:26 PM) (Source: PLCoreService) (EventID: 0) (User: )
Description: PLCoreServicesession change id =  failed w/err 0x00000003

Error: (04/05/2015 01:45:18 PM) (Source: PLCoreService) (EventID: 0) (User: )
Description: PLCoreServicereg session lock = failed w/err 0x00000001

Error: (04/05/2015 01:45:18 PM) (Source: PLCoreService) (EventID: 0) (User: )
Description: PLCoreServicesession change id =  failed w/err 0x00000003

Error: (04/05/2015 01:45:17 PM) (Source: PLCoreService) (EventID: 0) (User: )
Description: PLCoreServiceevent type =  failed w/err 0x00000007

Error: (04/05/2015 01:45:12 PM) (Source: PLCoreService) (EventID: 0) (User: )
Description: PLCoreServiceevent type =  failed w/err 0x00000012

Error: (04/05/2015 01:45:12 PM) (Source: PLCoreService) (EventID: 0) (User: )
Description: PLCoreServiceevent type =  failed w/err 0x0000000a

Error: (04/05/2015 01:45:12 PM) (Source: PLCoreService) (EventID: 0) (User: )
Description: PLCoreServiceevent type =  failed w/err 0x00008013

Error: (04/04/2015 04:53:27 PM) (Source: PLCoreService) (EventID: 0) (User: )
Description: PLCoreServiceevent type =  failed w/err 0x00000004

Error: (04/04/2015 04:53:27 PM) (Source: PLCoreService) (EventID: 0) (User: )
Description: PLCoreServicereg session lock = failed w/err 0x00000001


CodeIntegrity Errors:
===================================
  Date: 2015-04-04 09:52:18.164
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-04 09:51:32.391
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 64%
Total physical RAM: 3977.11 MB
Available physical RAM: 1393.56 MB
Total Pagefile: 8073.11 MB
Available Pagefile: 4426.64 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:103.08 GB) (Free:66.81 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 7CB0AFFE)

Partition: GPT Partition Type.

==================== End Of Log ============================

05.04.2015, 13:28	#1
schrauber /// the machine /// TB-Ausbilder	Windows 8: neuer Laptop öffnet Unmengen an Werbung im Browser hi, Addition.txt fehlt noch __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Windows 8: neuer Laptop öffnet Unmengen an Werbung im Browser

Log-Analyse und Auswertung: Windows 8: neuer Laptop öffnet Unmengen an Werbung im Browser

Windows 8: neuer Laptop öffnet Unmengen an Werbung im Browser

Windows 8: neuer Laptop öffnet Unmengen an Werbung im Browser

Ähnliche Themen: Windows 8: neuer Laptop öffnet Unmengen an Werbung im Browser