Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01 durchgeführt von lenovo (Administrator) auf IDEA-PC (02-08-2015 23:10:49) Gestartet von C:\Users\lenovo\Desktop\Nowy folder Geladene Profile: UpdatusUser & lenovo (Verfügbare Profile: UpdatusUser & lenovo) Platform: Windows 8 (X64) Sprache: Niemiecki (Niemcy) Internet Explorer Version 10 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (DTools LIMITED) C:\ProgramData\cWinManProc\ProtectWindowsManager.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (XTab system) C:\Program Files (x86)\MiuiTab\ProtectService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe (Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE () C:\Windows\SysWOW64\PnkBstrA.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek semiconductor) C:\Windows\RTFTrack.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe (Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6334096 2012-10-17] (Realtek semiconductor) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2872720 2012-09-05] (ELAN Microelectronics Corp.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13262480 2012-12-07] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1256080 2012-12-03] (Realtek Semiconductor) HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-09-29] () HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo) HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2013-04-15] (Lenovo (Beijing) Limited) HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2013-04-15] (Lenovo(beijing) Limited) HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.) HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.) HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3592890206-491889516-2803871890-1002\...\Run: [ALLUpdate] => C:\ALLPlayer\ALLUpdate.exe [2765256 2014-11-03] (ALLPlayer Group Ltd.) HKU\S-1-5-21-3592890206-491889516-2803871890-1002\...\Run: [DAEMON Tools Lite] => C:\Daemon Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [245872 2013-02-13] (NVIDIA Corporation) AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [201576 2013-02-13] (NVIDIA Corporation) ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hppp&ts=1438195491&z=222d5f6d150e128e5c0d9ffg5z4c8b0g6tew3z7qde&from=cor&uid=ST1000LM024XHN-M101MBB_S2SMJ9FD302686 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hppp&ts=1438195491&z=222d5f6d150e128e5c0d9ffg5z4c8b0g6tew3z7qde&from=cor&uid=ST1000LM024XHN-M101MBB_S2SMJ9FD302686 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=dspp&ts=1438195491&z=222d5f6d150e128e5c0d9ffg5z4c8b0g6tew3z7qde&from=cor&uid=ST1000LM024XHN-M101MBB_S2SMJ9FD302686&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=dspp&ts=1438195491&z=222d5f6d150e128e5c0d9ffg5z4c8b0g6tew3z7qde&from=cor&uid=ST1000LM024XHN-M101MBB_S2SMJ9FD302686&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hppp&ts=1438195491&z=222d5f6d150e128e5c0d9ffg5z4c8b0g6tew3z7qde&from=cor&uid=ST1000LM024XHN-M101MBB_S2SMJ9FD302686 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hppp&ts=1438195491&z=222d5f6d150e128e5c0d9ffg5z4c8b0g6tew3z7qde&from=cor&uid=ST1000LM024XHN-M101MBB_S2SMJ9FD302686 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=dspp&ts=1438195491&z=222d5f6d150e128e5c0d9ffg5z4c8b0g6tew3z7qde&from=cor&uid=ST1000LM024XHN-M101MBB_S2SMJ9FD302686&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=dspp&ts=1438195491&z=222d5f6d150e128e5c0d9ffg5z4c8b0g6tew3z7qde&from=cor&uid=ST1000LM024XHN-M101MBB_S2SMJ9FD302686&q={searchTerms} HKU\S-1-5-21-3592890206-491889516-2803871890-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hppp&ts=1438195491&z=222d5f6d150e128e5c0d9ffg5z4c8b0g6tew3z7qde&from=cor&uid=ST1000LM024XHN-M101MBB_S2SMJ9FD302686 HKU\S-1-5-21-3592890206-491889516-2803871890-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hppp&ts=1438195491&z=222d5f6d150e128e5c0d9ffg5z4c8b0g6tew3z7qde&from=cor&uid=ST1000LM024XHN-M101MBB_S2SMJ9FD302686 HKU\S-1-5-21-3592890206-491889516-2803871890-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com HKU\S-1-5-21-3592890206-491889516-2803871890-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=dspp&ts=1438195491&z=222d5f6d150e128e5c0d9ffg5z4c8b0g6tew3z7qde&from=cor&uid=ST1000LM024XHN-M101MBB_S2SMJ9FD302686&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=dspp&ts=1438195491&z=222d5f6d150e128e5c0d9ffg5z4c8b0g6tew3z7qde&from=cor&uid=ST1000LM024XHN-M101MBB_S2SMJ9FD302686&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=dspp&ts=1438195491&z=222d5f6d150e128e5c0d9ffg5z4c8b0g6tew3z7qde&from=cor&uid=ST1000LM024XHN-M101MBB_S2SMJ9FD302686&q={searchTerms} SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=dspp&ts=1438195491&z=222d5f6d150e128e5c0d9ffg5z4c8b0g6tew3z7qde&from=cor&uid=ST1000LM024XHN-M101MBB_S2SMJ9FD302686&q={searchTerms} SearchScopes: HKU\S-1-5-21-3592890206-491889516-2803871890-1002 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=dspp&ts=1438195491&z=222d5f6d150e128e5c0d9ffg5z4c8b0g6tew3z7qde&from=cor&uid=ST1000LM024XHN-M101MBB_S2SMJ9FD302686&q={searchTerms} SearchScopes: HKU\S-1-5-21-3592890206-491889516-2803871890-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST1000LM024XHN-M101MBB_S2SMJ9FD302686&ts=1438195502&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-3592890206-491889516-2803871890-1002 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST1000LM024XHN-M101MBB_S2SMJ9FD302686&ts=1438195502&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-3592890206-491889516-2803871890-1002 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=dspp&ts=1438195491&z=222d5f6d150e128e5c0d9ffg5z4c8b0g6tew3z7qde&from=cor&uid=ST1000LM024XHN-M101MBB_S2SMJ9FD302686&q={searchTerms} SearchScopes: HKU\S-1-5-21-3592890206-491889516-2803871890-1002 -> {5F1783B9-CB72-4876-A6E2-4541E4873BB9} URL = http://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST1000LM024XHN-M101MBB_S2SMJ9FD302686&ts=1438195502&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-3592890206-491889516-2803871890-1002 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST1000LM024XHN-M101MBB_S2SMJ9FD302686&ts=1438195502&type=default&q={searchTerms} BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Microsoft Office\Office15\OCHelper.dll [2013-11-15] (Microsoft Corporation) BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-09-29] (Qualcomm Atheros Commnucations) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Microsoft Office\Office15\GROOVEEX.DLL [2013-11-02] (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated) BHO-x32: GoodTab Class -> {1F91A9A1-01BA-4c81-863D-3BA0751E1419} -> C:\Program Files (x86)\MiuiTab\SupTab.dll [2015-07-23] (Thinkgood Co. Limited) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2013-11-15] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2013-11-02] (Microsoft Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 62.179.1.62 62.179.1.63 Tcpip\..\Interfaces\{0568C2FB-5953-46FB-949F-2C55B1B40FB1}: [DhcpNameServer] 62.179.1.62 62.179.1.63 Tcpip\..\Interfaces\{1888839A-B8FC-48DD-A50A-73651762B20D}: [DhcpNameServer] 194.42.111.129 87.204.204.204 FireFox: ======== FF ProfilePath: C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\8r9a4b82.default FF DefaultSearchEngine: istartsurf FF SelectedSearchEngine: istartsurf FF Homepage: hxxp://www.google.pl/ FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] () FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-11-15] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2012-12-13] (Nitro PDF) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-09-04] (Pando Networks) FF Plugin-x32: Adobe Reader -> C:\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3592890206-491889516-2803871890-1002: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-09-04] (Pando Networks) FF user.js: detected! => C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\8r9a4b82.default\user.js [2015-07-31] FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013-11-15] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2012-09-23] (Adobe Systems Inc.) FF SearchPlugin: C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\8r9a4b82.default\searchplugins\istartsurf.xml [2015-08-02] FF Extension: Default SearchProtected - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\8r9a4b82.default\Extensions\defsearchp@gmail.com [2015-07-29] FF Extension: Adblock Plus - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\8r9a4b82.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-25] FF HKLM-x32\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\8r9a4b82.default\extensions\defsearchp@gmail.com ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [220288 2012-09-29] (Qualcomm Atheros Commnucations) [Datei ist nicht signiert] S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [528096 2014-06-08] (Futuremark) R2 IHProtect Service; C:\Program Files (x86)\MiuiTab\ProtectService.exe [125112 2015-07-23] (XTab system) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-11-15] () R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-13] (Nitro PDF Software) R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-07-14] () R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16024 2015-01-31] (Microsoft Corporation) R2 WindowsMangerProtect; C:\ProgramData\cWinManProc\ProtectWindowsManager.exe [435880 2015-07-29] (DTools LIMITED) <==== ACHTUNG R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-29] (Atheros) [Datei ist nicht signiert] R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [1153840 2012-11-15] (Intel® Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-29] (Qualcomm Atheros) S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-01-11] (Disc Soft Ltd) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8230160 2012-10-17] (Realtek Semiconductor Corp.) S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) S3 GPUZ; \??\C:\WINDOWS\TEMP\GPUZ.sys [X] S1 qsafd_vw_1_10_0_20; system32\drivers\qsafd_vw_1_10_0_20.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-02 23:10 - 2015-08-02 23:10 - 00000000 ____D C:\FRST 2015-08-02 23:08 - 2015-08-02 23:10 - 00000000 ____D C:\Users\lenovo\Desktop\Nowy folder 2015-08-02 22:46 - 2015-08-02 23:02 - 00049853 _____ C:\WINDOWS\WindowsUpdate.log 2015-07-31 15:01 - 2015-07-31 15:01 - 00600514 _____ C:\Users\lenovo\Downloads\Sam_Harris_-_Waking_Up_A_Guide_to_Spirituality_wit.mobi 2015-07-31 14:59 - 2015-07-31 14:59 - 02539068 _____ C:\Users\lenovo\Downloads\The_Vital_Question_-_Why_Is_Life_the_Way_It_Is_-_N.mobi 2015-07-29 20:46 - 2015-07-29 20:46 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-07-29 20:46 - 2015-07-29 20:46 - 00000000 ____D C:\Reader 11.0 2015-07-29 20:45 - 2015-07-29 20:49 - 00000000 ____D C:\ProgramData\Adobe 2015-07-29 20:45 - 2015-07-29 20:45 - 00000000 ____D C:\ProgramData\IHProtectUpDate 2015-07-29 20:45 - 2015-07-29 20:45 - 00000000 ____D C:\Program Files (x86)\MiuiTab 2015-07-29 20:44 - 2015-07-29 20:45 - 00000000 ____D C:\ProgramData\cWinManProc 2015-07-29 20:43 - 2015-07-29 20:43 - 38966928 _____ (Adobe Systems Incorporated) C:\Users\lenovo\Downloads\AdbeRdr11000_pl_PL.exe 2015-07-29 20:41 - 2015-07-29 20:42 - 00837376 _____ (Internet Installer ) C:\Users\lenovo\Downloads\Adobe-Reader-XI-21590-dp.exe 2015-07-29 20:34 - 2015-07-29 20:34 - 00000000 ____D C:\ProgramData\Samsung 2015-07-29 16:15 - 2015-07-29 16:15 - 00288306 _____ C:\Users\lenovo\Downloads\latarnik.mobi 2015-07-21 14:26 - 2015-07-14 22:11 - 00035328 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2015-07-21 14:26 - 2015-07-14 22:09 - 00046080 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-07-21 14:26 - 2015-07-14 21:43 - 00366592 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-07-21 14:26 - 2015-07-14 21:43 - 00304128 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2015-07-17 21:59 - 2015-07-13 23:22 - 00792032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-07-17 21:59 - 2015-07-13 23:22 - 00177632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-07-15 10:10 - 2015-06-27 18:36 - 00171352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2015-07-15 10:10 - 2015-06-27 15:56 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll 2015-07-15 10:10 - 2015-06-27 15:55 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-07-15 10:10 - 2015-06-27 15:55 - 00668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2015-07-15 10:10 - 2015-06-27 15:55 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2015-07-15 10:10 - 2015-06-27 15:46 - 03960320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-07-15 10:10 - 2015-06-27 15:46 - 01314816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2015-07-15 10:10 - 2015-06-27 15:46 - 00829952 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2015-07-15 10:10 - 2015-06-27 15:46 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll 2015-07-15 10:10 - 2015-06-27 15:46 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2015-07-15 10:10 - 2015-06-27 15:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2015-07-15 10:10 - 2015-06-25 20:29 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2015-07-15 10:10 - 2015-06-25 20:27 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2015-07-15 10:10 - 2015-06-15 17:22 - 13771264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-07-15 10:10 - 2015-06-15 17:22 - 02056704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-07-15 10:10 - 2015-06-15 17:22 - 01763328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-07-15 10:10 - 2015-06-15 17:22 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-07-15 10:10 - 2015-06-15 17:22 - 00737280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2015-07-15 10:10 - 2015-06-15 17:22 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-07-15 10:10 - 2015-06-15 17:22 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-07-15 10:10 - 2015-06-15 17:22 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-07-15 10:10 - 2015-06-15 17:22 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2015-07-15 10:10 - 2015-06-15 17:22 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-07-15 10:10 - 2015-06-15 17:22 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2015-07-15 10:10 - 2015-06-15 17:22 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2015-07-15 10:10 - 2015-06-15 17:20 - 15415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-07-15 10:10 - 2015-06-15 17:20 - 02656768 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-07-15 10:10 - 2015-06-15 17:20 - 02237440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-07-15 10:10 - 2015-06-15 17:20 - 01409024 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-07-15 10:10 - 2015-06-15 17:20 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2015-07-15 10:10 - 2015-06-15 17:20 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-07-15 10:10 - 2015-06-15 17:20 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-07-15 10:10 - 2015-06-15 17:20 - 00601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-07-15 10:10 - 2015-06-15 17:20 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2015-07-15 10:10 - 2015-06-15 17:20 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2015-07-15 10:10 - 2015-06-15 17:19 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-07-15 10:10 - 2015-06-15 17:19 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2015-07-15 10:10 - 2015-04-30 15:44 - 00478296 _____ C:\WINDOWS\SysWOW64\locale.nls 2015-07-15 10:10 - 2015-04-30 15:44 - 00478296 _____ C:\WINDOWS\system32\locale.nls 2015-07-15 10:09 - 2015-07-02 22:31 - 19291136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-07-15 10:09 - 2015-07-02 21:15 - 14384640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-07-15 10:09 - 2015-06-29 18:18 - 00026288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2015-07-15 10:09 - 2015-06-29 15:28 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2015-07-15 10:09 - 2015-06-29 15:27 - 01084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2015-07-15 10:09 - 2015-06-29 15:27 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2015-07-15 10:09 - 2015-06-29 15:27 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2015-07-15 10:09 - 2015-06-29 15:27 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll 2015-07-15 10:09 - 2015-06-29 15:27 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-07-15 10:09 - 2015-06-26 15:07 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2015-07-15 10:09 - 2015-06-25 03:54 - 04064768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-07-15 10:09 - 2015-06-17 16:13 - 01150264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2015-07-15 10:09 - 2015-06-17 15:44 - 01567560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2015-07-15 10:09 - 2015-06-15 17:22 - 08858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2015-07-15 10:09 - 2015-06-15 17:22 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2015-07-15 10:09 - 2015-06-15 17:22 - 02037760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2015-07-15 10:09 - 2015-06-15 17:22 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe 2015-07-15 10:09 - 2015-06-15 17:21 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe 2015-07-15 10:09 - 2015-06-15 17:20 - 10116608 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2015-07-15 10:09 - 2015-06-15 17:20 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2015-07-15 10:09 - 2015-06-15 17:19 - 02307072 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-07-15 10:09 - 2015-06-11 22:29 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2015-07-15 10:09 - 2015-06-11 18:27 - 01024000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2015-07-15 10:09 - 2015-06-09 15:57 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2015-07-15 10:09 - 2015-05-07 15:05 - 00410739 _____ C:\WINDOWS\system32\ApnDatabase.xml 2015-07-15 10:09 - 2015-04-21 15:53 - 01174528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2015-07-15 10:09 - 2015-01-07 06:25 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2015-07-15 09:57 - 2015-07-15 09:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-07-14 20:39 - 2015-07-14 20:44 - 00348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr 2015-07-14 20:39 - 2015-07-14 20:39 - 00000000 ____D C:\Users\lenovo\AppData\Local\PunkBuster 2015-07-14 20:37 - 2015-07-14 20:37 - 01640768 _____ C:\Users\lenovo\Downloads\battlelog-web-plugins_2.7.1_162.exe 2015-07-14 20:34 - 2015-07-14 20:34 - 00000000 ____D C:\ProgramData\EA Core 2015-07-14 19:54 - 2015-07-14 20:44 - 00348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe 2015-07-14 19:54 - 2015-07-14 20:44 - 00076152 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe 2015-07-14 19:54 - 2015-07-14 20:39 - 00280904 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0 2015-07-14 18:36 - 2015-07-14 18:37 - 00000000 ____D C:\Program Files (x86)\Origin Games 2015-07-14 18:35 - 2015-07-14 20:33 - 00000000 ____D C:\Users\lenovo\AppData\Roaming\Origin 2015-07-14 18:32 - 2015-07-15 09:57 - 00000000 ____D C:\ProgramData\Origin 2015-07-14 18:32 - 2015-07-14 20:34 - 00000000 ____D C:\ProgramData\Electronic Arts 2015-07-14 18:29 - 2015-07-14 18:29 - 17116168 _____ (Electronic Arts, Inc.) C:\Users\lenovo\Downloads\OriginThinSetup.exe 2015-07-13 15:38 - 2015-07-13 15:39 - 00000000 ____D C:\Users\lenovo\AppData\Roaming\NVIDIA 2015-07-13 15:35 - 2015-07-13 15:44 - 00000000 ____D C:\Counter Strike 1.6 2015-07-09 18:20 - 2015-08-02 20:58 - 00003758 _____ C:\WINDOWS\System32\Tasks\AutoKMS 2015-07-07 22:50 - 2015-07-13 14:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-02 23:06 - 2014-08-26 19:24 - 00000000 ____D C:\Users\lenovo\AppData\Roaming\uTorrent 2015-08-02 23:02 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\sru 2015-08-02 22:17 - 2014-08-27 13:37 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-08-02 22:10 - 2015-01-11 17:25 - 00000000 ____D C:\Users\lenovo\AppData\Roaming\DAEMON Tools Lite 2015-08-02 22:09 - 2014-08-28 19:46 - 00000000 ____D C:\Users\lenovo\AppData\Local\CrashDumps 2015-08-02 22:03 - 2014-08-22 11:39 - 01626336 _____ C:\WINDOWS\system32\perfh015.dat 2015-08-02 22:03 - 2014-08-22 11:39 - 00426182 _____ C:\WINDOWS\system32\perfc015.dat 2015-08-02 22:03 - 2013-04-16 05:16 - 01011990 _____ C:\WINDOWS\system32\perfh007.dat 2015-08-02 22:03 - 2013-04-16 05:16 - 00413838 _____ C:\WINDOWS\system32\perfc007.dat 2015-08-02 22:03 - 2012-07-26 09:28 - 00005472 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-08-02 20:59 - 2013-04-15 20:29 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo 2015-08-02 11:50 - 2014-11-21 23:57 - 00000000 ___HD C:\$Windows.~BT 2015-07-31 12:59 - 2012-07-26 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-07-31 12:34 - 2012-07-26 07:26 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2015-07-29 20:48 - 2015-07-02 08:08 - 00000000 ____D C:\Users\lenovo\AppData\Local\Adobe 2015-07-29 20:48 - 2014-08-22 11:19 - 00000000 ____D C:\Users\lenovo\AppData\Roaming\Adobe 2015-07-29 20:40 - 2014-08-22 11:18 - 00000000 ____D C:\Users\lenovo\AppData\Local\Packages 2015-07-25 16:35 - 2014-08-25 15:13 - 00000000 ____D C:\ProgramData\tmp 2015-07-22 15:52 - 2015-03-19 10:30 - 00430640 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-07-21 17:18 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-07-17 21:54 - 2014-12-11 19:51 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-07-17 21:54 - 2014-08-27 17:09 - 00000000 ___SD C:\WINDOWS\system32\CompatTel 2015-07-17 21:53 - 2014-08-27 14:37 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-07-17 21:53 - 2012-07-26 10:12 - 00000000 ___RD C:\WINDOWS\ToastData 2015-07-15 10:17 - 2014-08-27 13:37 - 00003818 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2015-07-14 20:48 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\rescache 2015-07-14 20:31 - 2014-11-19 09:16 - 00003870 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1415824054 2015-07-14 20:31 - 2014-11-12 22:27 - 00001062 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2015-07-14 20:31 - 2014-11-12 22:27 - 00000000 ____D C:\Program Files (x86)\Opera 2015-07-13 15:44 - 2013-04-15 19:54 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-07-13 14:45 - 2014-08-25 15:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-07-11 18:09 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent 2015-07-11 16:30 - 2014-08-25 15:13 - 00000000 ____D C:\ProgramData\hps 2015-07-05 12:08 - 2014-08-27 14:24 - 00300704 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2015-07-03 08:43 - 2014-08-27 14:37 - 130333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2013-04-15 20:27 - 2013-04-15 20:27 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2013-04-15 20:29 - 2013-04-15 20:29 - 0000198 ____H () C:\ProgramData\Lenovo-9264.vbs Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\ProgramData\Lenovo-9264.vbs ==================== Bamital & volsnap Check ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-07-29 13:42 ==================== Ende von log ============================