Malware erscheint nur im Firefox-Browser

Heinz_Strunk · 28.08.2015, 22:12

Hallo zusammen,

ich habe seit kurzem Windows 10 und nutze Avast.

Ich habe mir neulich ein gratis Audio-Programm heruntergeladen, das offenbar unbekannte und sehr stressige Malware im Schlepptau hatte. Eine Toolbar, die dummerweise im Paket mit drin war, konnte ich bereits erfolgreich mit AdwCleaner entfernen, auch diverse andere Dateien konnte ich löschen.

Dennoch ist ein Problem geblieben: Wenn ich den Firefox-Browser nutze, werde ich beim Anklicken von Links nicht an die eigentliche Zieladresse geschickt sondern an irgendwelche Werbeseiten für Antivirus-Software, Online-Games oder ähnlichem. Wenn sich überhaupt noch die von mir gewünschten Webseiten öffnen, dann sind sie meist überfrachtet mit ungewöhnlich vielen und stark blinkenden Werbebannern und Ad-Ons.

Das Seltsame: Internet Explorer funzt einwandfrei! Trotzdem will ich die Schadsoftware loswerden.

Habt Ihr eine Idee, was ich tun kann? Tausend Dank!

deeprybka · 28.08.2015, 22:23

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...

Bitte arbeite alle Schritte der Reihe nach ab.
Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
Poste die Logfiles direkt in Deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.

Los geht's:

Schritt 1

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Heinz_Strunk · 02.09.2015, 18:40

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
durchgeführt von Luehmann (Administrator) auf LUEHMANN-PC (02-09-2015 19:34:49)
Gestartet von C:\Users\Luehmann\Downloads
Geladene Profile: Luehmann (Verfügbare Profile: Luehmann)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Nitro PDF Software) C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Microsoft Corporation) C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\Windows\system32\igfxpers.exe"
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [901216 2013-04-29] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [TpShocks] => C:\WINDOWS\system32\TpShocks.exe [555760 2014-12-08] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [295712 2014-08-07] (Lenovo Group Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3936936 2015-07-28] (Synaptics Incorporated)
HKLM\...\Run: [SynLenovoHelper] => C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe [146600 2015-07-28] (Synaptics)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [561672 2015-06-12] (Vimicro)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-10-21] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-20] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [39179912 2015-08-06] (Dropbox, Inc.)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\...\Run: [OneDrive] => C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\OneDrive.exe [404064 2015-08-21] (Microsoft Corporation)
HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\...\RunOnce: [Uninstall C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\...\RunOnce: [Uninstall C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\...\RunOnce: [Adobe Speed Launcher] => 1441214257
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll [2015-08-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll [2015-08-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll [2015-08-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-20] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll [2015-08-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll [2015-08-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll [2015-08-21] (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8515b949-94c2-4767-b362-e7ea02966bc8}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com/?pc=LNJB
HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001 -> DefaultScope {4F2E4AB7-1650-46FC-87EA-A5D6604EF333} URL = 
SearchScopes: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001 -> {4F2E4AB7-1650-46FC-87EA-A5D6604EF333} URL = 

FireFox:
========
FF ProfilePath: C:\Users\Luehmann\AppData\Roaming\Mozilla\Firefox\Profiles\3t0p86ou.default
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-08] (Intel Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2014-05-15] (Nitro PDF)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: ClassicThemeRestorerArisT2Noia4dev - C:\Users\Luehmann\AppData\Roaming\Mozilla\Firefox\Profiles\3t0p86ou.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev [2015-08-28]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-20]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\prefs.js [2015-08-28]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-20]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 0090711440786455mcinstcleanup; C:\Users\Luehmann\AppData\Local\Temp\009071~1.EXE [883024 2015-04-06] (McAfee, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-20] (Avast Software s.r.o.)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-06-20] (Avast Software s.r.o.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-24] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-24] (Dropbox, Inc.)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-08] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [619776 2014-12-05] (Lenovo)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [197408 2014-08-07] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [115184 2014-07-08] (Lenovo Group Limited)
S3 LenovoProdRegManager; C:\Program Files (x86)\Lenovo Registration\EngageService.exe [293416 2015-01-09] (Aviata, Inc.)
R2 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [21552 2014-02-21] (Lenovo)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-12-01] ()
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-08-07] (Microsoft Corporation)
R2 NitroDriverReadSpool9; C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe [230920 2014-05-15] (Nitro PDF Software)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe [417800 2014-05-15] ()
S2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [61232 2014-12-05] (Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [317224 2014-12-05] (Lenovo Group Limited)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22008 2015-07-01] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [237736 2015-07-28] (Synaptics Incorporated)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [49968 2015-03-03] (Synaptics Incorporated)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-07] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-08-07] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S4 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [X]
S2 mfemms; "C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe" [X]
S2 mfevtp; "C:\Windows\system32\mfevtps.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-02] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-09-02] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-02] (AVAST Software)
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-09-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-09-02] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-09-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-02] (AVAST Software)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [263952 2015-07-14] (Intel Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [99168 2015-07-10] (Avago Technologies)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-08-07] (Microsoft Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3496216 2015-07-10] (Intel Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [761600 2015-06-15] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-07-28] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [206744 2013-06-20] (Windows (R) Win 7 DDK provider)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [802312 2015-06-12] (Vimicro Corporation)
S0 cfwids; system32\drivers\cfwids.sys [X]
U3 idsvc; kein ImagePath
R0 mfeaack; system32\drivers\mfeaack.sys [X]
R0 mfeavfk; system32\drivers\mfeavfk.sys [X]
R4 mfedisk; system32\DRIVERS\mfedisk.sys [X]
S0 mfeelamk; system32\drivers\mfeelamk.sys [X]
S0 mfefirek; system32\drivers\mfefirek.sys [X]
R0 mfehidk; system32\drivers\mfehidk.sys [X]
R0 mfewfpk; system32\drivers\mfewfpk.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-02 19:35 - 2015-09-02 19:35 - 00095556 _____ C:\Users\Luehmann\Desktop\FRST.txt
2015-09-02 19:33 - 2015-09-02 19:34 - 00044037 _____ C:\Users\Luehmann\Downloads\Addition.txt
2015-09-02 19:32 - 2015-09-02 19:34 - 00023376 _____ C:\Users\Luehmann\Downloads\FRST.txt
2015-09-02 19:32 - 2015-09-02 19:34 - 00000000 ____D C:\FRST
2015-09-02 19:31 - 2015-09-02 19:32 - 02188800 _____ (Farbar) C:\Users\Luehmann\Downloads\FRST64.exe
2015-09-02 19:17 - 2015-09-02 19:17 - 00016148 _____ C:\WINDOWS\system32\LUEHMANN-PC_Luehmann_HistoryPrediction.bin
2015-09-02 08:12 - 2015-09-02 08:12 - 00454016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2015-09-02 08:12 - 2015-09-02 08:12 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-09-02 08:12 - 2015-09-02 08:12 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-09-02 08:12 - 2015-07-09 19:11 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\asw193A.tmp
2015-09-02 08:12 - 2015-06-20 13:58 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\asw1906.tmp
2015-09-02 08:12 - 2015-06-20 13:58 - 00272248 _____ C:\WINDOWS\system32\Drivers\asw193B.tmp
2015-09-02 08:12 - 2015-06-20 13:58 - 00137288 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\asw194B.tmp
2015-09-02 08:12 - 2015-06-20 13:58 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\asw1916.tmp
2015-09-02 08:12 - 2015-06-20 13:58 - 00089944 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\asw1928.tmp
2015-09-02 08:12 - 2015-06-20 13:58 - 00065736 _____ C:\WINDOWS\system32\Drivers\asw1929.tmp
2015-09-02 08:12 - 2015-06-20 13:58 - 00029168 _____ C:\WINDOWS\system32\Drivers\asw1917.tmp
2015-09-02 08:12 - 2015-06-20 13:58 - 00028144 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\asw1905.tmp
2015-08-31 23:27 - 2015-09-01 07:33 - 656068723 _____ C:\Users\Luehmann\Downloads\wetransfer-9fe53e.zip
2015-08-28 23:54 - 2015-08-28 23:54 - 00011527 _____ C:\Users\Luehmann\AppData\Local\recently-used.xbel
2015-08-28 23:49 - 2015-08-28 23:49 - 03565658 _____ C:\Users\Luehmann\Desktop\Unbenannt.xcf
2015-08-28 21:29 - 2015-08-28 21:29 - 00000000 ____D C:\Program Files (x86)\ESET
2015-08-28 21:25 - 2015-08-28 21:29 - 02870984 _____ (ESET) C:\Users\Luehmann\Downloads\esetsmartinstaller_enu.exe
2015-08-28 21:13 - 2015-08-28 21:14 - 01125626 _____ C:\Users\Luehmann\Downloads\ProcessExplorer_16.5.zip
2015-08-28 20:51 - 2015-08-28 20:51 - 00001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-28 20:51 - 2015-08-28 20:51 - 00001231 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-28 20:47 - 2015-08-28 20:47 - 00242984 _____ C:\Users\Luehmann\Downloads\Firefox Setup Stub 40.0.3.exe
2015-08-28 20:44 - 2015-08-28 20:44 - 01260832 _____ C:\Users\Luehmann\Downloads\Emsisoft Anti Malware - CHIP-Installer.exe
2015-08-28 20:29 - 2015-08-28 20:29 - 00000192 _____ C:\WINDOWS\wininit.ini
2015-08-28 15:33 - 2015-08-28 20:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-22 08:23 - 2015-08-22 08:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixVideoPlayer
2015-08-22 08:22 - 2015-08-28 15:00 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-08-22 08:22 - 2015-08-22 08:23 - 00000000 ____D C:\Program Files (x86)\MixVideoPlayer
2015-08-22 08:21 - 2015-08-22 08:21 - 00683504 _____ C:\Users\Luehmann\Downloads\Setup.exe
2015-08-22 08:08 - 2015-08-22 08:08 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-22 08:08 - 2015-08-22 08:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-20 22:25 - 2015-08-20 22:25 - 00000000 ____D C:\Users\Luehmann\.thumbnails
2015-08-20 22:10 - 2015-08-28 23:54 - 00000000 ____D C:\Users\Luehmann\AppData\Local\gtk-2.0
2015-08-20 22:07 - 2015-08-29 00:01 - 00000000 ____D C:\Users\Luehmann\.gimp-2.8
2015-08-20 22:07 - 2015-08-20 22:07 - 00000000 ____D C:\Users\Luehmann\AppData\Local\gegl-0.2
2015-08-20 22:06 - 2015-08-20 22:06 - 00000950 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-08-20 22:06 - 2015-08-20 22:06 - 00000000 ____D C:\Program Files\GIMP 2
2015-08-20 22:02 - 2015-08-20 22:06 - 91931728 _____ (The GIMP Team ) C:\Users\Luehmann\Downloads\gimp-2.8.14-setup-1.exe
2015-08-11 20:58 - 2015-08-11 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-09 19:19 - 2015-08-09 19:19 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-08-08 07:40 - 2015-08-08 07:40 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-08-08 07:36 - 2015-07-30 08:24 - 01561872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-08-08 07:36 - 2015-07-30 08:23 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-08-08 07:36 - 2015-07-30 08:22 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-08 07:36 - 2015-07-30 08:21 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-08-08 07:36 - 2015-07-30 08:17 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-08-08 07:36 - 2015-07-30 08:17 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-08-08 07:36 - 2015-07-30 08:17 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-08-08 07:36 - 2015-07-30 08:16 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-08-08 07:36 - 2015-07-30 08:16 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-08-08 07:36 - 2015-07-30 08:15 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-08-08 07:36 - 2015-07-30 08:14 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-08-08 07:36 - 2015-07-30 08:09 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-08-08 07:36 - 2015-07-30 08:06 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-08-08 07:36 - 2015-07-30 08:05 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-08 07:36 - 2015-07-30 08:05 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-08-08 07:36 - 2015-07-30 08:04 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-08 07:36 - 2015-07-30 08:03 - 02116448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-08-08 07:36 - 2015-07-30 08:03 - 01983328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-08-08 07:36 - 2015-07-30 07:30 - 22319520 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-08 07:36 - 2015-07-30 07:24 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-08-08 07:36 - 2015-07-30 06:42 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-08 07:36 - 2015-07-30 06:29 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-08-08 07:36 - 2015-07-30 06:26 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-08-08 07:36 - 2015-07-30 06:26 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-08-08 07:36 - 2015-07-30 06:25 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-08-08 07:36 - 2015-07-30 06:25 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-08-08 07:36 - 2015-07-30 06:24 - 01769056 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-08 07:36 - 2015-07-30 06:24 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-08-08 07:36 - 2015-07-30 06:24 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-08-08 07:36 - 2015-07-30 06:24 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-08-08 07:36 - 2015-07-30 06:22 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-08-08 07:36 - 2015-07-30 06:22 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-08-08 07:36 - 2015-07-30 06:21 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-08 07:36 - 2015-07-30 06:17 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-08-08 07:36 - 2015-07-30 06:12 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-08-08 07:36 - 2015-07-30 06:12 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-08-08 07:36 - 2015-07-30 06:09 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-08-08 07:36 - 2015-07-30 06:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-08-08 07:36 - 2015-07-30 06:08 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-08 07:36 - 2015-07-30 06:08 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2015-08-08 07:36 - 2015-07-30 06:07 - 20854776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-08 07:36 - 2015-07-30 06:02 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-08-08 07:36 - 2015-07-30 05:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-08-08 07:36 - 2015-07-30 05:56 - 16707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-08 07:36 - 2015-07-30 05:54 - 24591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-08 07:36 - 2015-07-30 05:54 - 02415616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-08 07:36 - 2015-07-30 05:53 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-08-08 07:36 - 2015-07-30 05:53 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-08-08 07:36 - 2015-07-30 05:53 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-08-08 07:36 - 2015-07-30 05:52 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-08 07:36 - 2015-07-30 05:52 - 00521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-08-08 07:36 - 2015-07-30 05:52 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2015-08-08 07:36 - 2015-07-30 05:49 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-08-08 07:36 - 2015-07-30 05:49 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-08 07:36 - 2015-07-30 05:49 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-08 07:36 - 2015-07-30 05:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-08-08 07:36 - 2015-07-30 05:46 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-08-08 07:36 - 2015-07-30 05:46 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-08-08 07:36 - 2015-07-30 05:46 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-08-08 07:36 - 2015-07-30 05:45 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2015-08-08 07:36 - 2015-07-30 05:45 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-08-08 07:36 - 2015-07-30 05:44 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-08 07:36 - 2015-07-30 05:44 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-08-08 07:36 - 2015-07-30 05:44 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-08-08 07:36 - 2015-07-30 05:44 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-08-08 07:36 - 2015-07-30 05:44 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-08-08 07:36 - 2015-07-30 05:44 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll
2015-08-08 07:36 - 2015-07-30 05:42 - 00596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-08-08 07:36 - 2015-07-30 05:42 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-08-08 07:36 - 2015-07-30 05:41 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-08-08 07:36 - 2015-07-30 05:41 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-08-08 07:36 - 2015-07-30 05:41 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2015-08-08 07:36 - 2015-07-30 05:40 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-08 07:36 - 2015-07-30 05:40 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-08-08 07:36 - 2015-07-30 05:38 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-08-08 07:36 - 2015-07-30 05:38 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2015-08-08 07:36 - 2015-07-30 05:34 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-08-08 07:36 - 2015-07-30 05:32 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-08 07:36 - 2015-07-30 05:32 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-08-08 07:36 - 2015-07-30 05:29 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-08-08 07:36 - 2015-07-30 05:23 - 13024256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-08 07:36 - 2015-07-30 05:15 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-08-08 07:36 - 2015-07-30 05:14 - 19333632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-08 07:36 - 2015-07-30 05:13 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-08-08 07:36 - 2015-07-30 05:13 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2015-08-08 07:36 - 2015-07-30 05:12 - 01914880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-08 07:36 - 2015-07-30 05:11 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-08-08 07:36 - 2015-07-30 05:10 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-08 07:36 - 2015-07-30 05:10 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-08 07:36 - 2015-07-30 05:07 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2015-08-08 07:36 - 2015-07-30 05:06 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-08-08 07:36 - 2015-07-30 05:06 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-08-08 07:36 - 2015-07-30 05:06 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2015-08-08 07:36 - 2015-07-30 05:06 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll
2015-08-08 07:36 - 2015-07-30 05:04 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-08-08 07:36 - 2015-07-30 05:04 - 00495616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-08-08 07:36 - 2015-07-30 05:04 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-08-08 07:36 - 2015-07-30 04:59 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-08-08 07:36 - 2015-07-30 04:58 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-08-08 07:36 - 2015-07-30 04:58 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-08-07 22:53 - 2015-08-07 22:53 - 00000000 ____D C:\Users\Luehmann\AppData\Local\NetworkTiles
2015-08-07 22:17 - 2015-08-07 22:17 - 00000000 ____D C:\Users\Luehmann\AppData\Local\Publishers
2015-08-07 22:11 - 2015-07-09 20:39 - 04847104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2015-08-07 22:11 - 2015-07-09 20:36 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2015-08-07 22:11 - 2015-07-09 20:28 - 06358016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2015-08-07 22:11 - 2015-07-09 20:25 - 05739520 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2015-08-07 22:11 - 2015-07-09 20:25 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2015-08-07 22:08 - 2015-08-07 22:08 - 00001062 _____ C:\Users\Luehmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2015-08-07 22:08 - 2015-08-07 22:08 - 00000000 ____D C:\Users\Luehmann\AppData\Local\PeerDistRepub
2015-08-07 22:04 - 2015-08-28 20:46 - 00000000 ____D C:\Users\Luehmann\AppData\Local\MicrosoftEdge
2015-08-07 22:04 - 2015-08-07 22:06 - 07812296 _____ (Microsoft Corporation) C:\Users\Luehmann\Downloads\OneDriveSetup.exe
2015-08-07 22:03 - 2015-08-21 07:48 - 00002420 _____ C:\Users\Luehmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-08-07 22:03 - 2015-08-21 07:48 - 00000000 ___RD C:\Users\Luehmann\OneDrive
2015-08-07 22:00 - 2015-08-09 17:15 - 00000000 ____D C:\Users\Luehmann\AppData\Local\Packages
2015-08-07 22:00 - 2015-08-07 22:00 - 00000020 ___SH C:\Users\Luehmann\ntuser.ini
2015-08-07 22:00 - 2015-08-07 22:00 - 00000000 ____D C:\Users\Luehmann\AppData\Local\TileDataLayer
2015-08-07 10:27 - 2015-08-07 22:00 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-07 10:24 - 2015-08-07 10:24 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 12502016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 11260928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 03589632 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-08-07 10:24 - 2015-08-07 10:24 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 02878000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 02462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 02224128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 02150696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01890304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01680896 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01601024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01593856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-08-07 10:24 - 2015-08-07 10:24 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-08-07 10:24 - 2015-08-07 10:24 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-07 10:24 - 2015-08-07 10:24 - 01161728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01085776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-08-07 10:24 - 2015-08-07 10:24 - 00991584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-08-07 10:24 - 2015-08-07 10:24 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2015-08-07 10:24 - 2015-08-07 10:24 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00916800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00643616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00607008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00606392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-08-07 10:24 - 2015-08-07 10:24 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2015-08-07 10:24 - 2015-08-07 10:24 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00539216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-07 10:24 - 2015-08-07 10:24 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-08-07 10:24 - 2015-08-07 10:24 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00412672 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00403968 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-08-07 10:24 - 2015-08-07 10:24 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00242264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2015-08-07 10:24 - 2015-08-07 10:24 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-08-07 10:24 - 2015-08-07 10:24 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2015-08-07 10:24 - 2015-08-07 10:24 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00000000 ____D C:\Windows.old
2015-08-07 10:22 - 2015-08-07 10:22 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-08-07 10:21 - 2015-08-07 10:21 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-08-07 10:21 - 2015-08-07 10:21 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-08-07 10:21 - 2015-08-07 10:21 - 00000000 ____D C:\WINDOWS\system32\msmq
2015-08-07 10:21 - 2015-08-07 10:21 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-08-07 10:21 - 2015-08-07 10:21 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-08-07 10:21 - 2015-08-07 10:21 - 00000000 ____D C:\Program Files\MSBuild
2015-08-07 10:21 - 2015-08-07 10:21 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-08-07 10:21 - 2015-08-07 10:21 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-08-07 10:21 - 2015-08-07 10:21 - 00000000 ____D C:\inetpub
2015-08-07 10:21 - 2015-06-17 19:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-08-07 10:21 - 2015-06-17 19:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-07 10:21 - 2015-06-17 19:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-08-07 10:21 - 2015-05-29 22:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-08-07 10:21 - 2015-05-29 22:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-07 10:21 - 2015-05-29 22:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 __SHD C:\Recovery
2015-08-07 09:34 - 2015-08-07 09:34 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-08-07 09:32 - 2015-08-07 09:32 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-07 09:32 - 2015-08-07 09:32 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-08-07 09:32 - 2015-08-07 09:32 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-08-07 09:31 - 2015-08-07 09:31 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-08-07 09:30 - 2015-09-02 08:10 - 02077062 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-07 09:30 - 2015-08-28 20:03 - 00000000 ____D C:\Users\Luehmann
2015-08-07 09:30 - 2015-08-07 22:00 - 00000000 ___RD C:\Users\Luehmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 09:30 - 2015-08-07 09:30 - 01980268 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-08-07 09:30 - 2015-08-07 09:30 - 00000000 _SHDL C:\Users\Luehmann\Vorlagen
2015-08-07 09:30 - 2015-08-07 09:30 - 00000000 _SHDL C:\Users\Luehmann\Startmenü
2015-08-07 09:30 - 2015-08-07 09:30 - 00000000 _SHDL C:\Users\Luehmann\Netzwerkumgebung
2015-08-07 09:30 - 2015-08-07 09:30 - 00000000 _SHDL C:\Users\Luehmann\Lokale Einstellungen
2015-08-07 09:30 - 2015-08-07 09:30 - 00000000 _SHDL C:\Users\Luehmann\Eigene Dateien
2015-08-07 09:30 - 2015-08-07 09:30 - 00000000 _SHDL C:\Users\Luehmann\Druckumgebung
2015-08-07 09:30 - 2015-08-07 09:30 - 00000000 _SHDL C:\Users\Luehmann\Documents\Eigene Musik
2015-08-07 09:30 - 2015-08-07 09:30 - 00000000 _SHDL C:\Users\Luehmann\Documents\Eigene Bilder
2015-08-07 09:30 - 2015-08-07 09:30 - 00000000 _SHDL C:\Users\Luehmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-07 09:30 - 2015-08-07 09:30 - 00000000 _SHDL C:\Users\Luehmann\AppData\Local\Verlauf
2015-08-07 09:30 - 2015-08-07 09:30 - 00000000 _SHDL C:\Users\Luehmann\AppData\Local\Anwendungsdaten
2015-08-07 09:30 - 2015-08-07 09:30 - 00000000 _SHDL C:\Users\Luehmann\Anwendungsdaten
2015-08-07 09:30 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\Luehmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-07 09:30 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Luehmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-07 09:30 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Luehmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-07 09:30 - 2015-07-10 13:04 - 00000000 ____D C:\Users\Luehmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-07 09:30 - 2015-07-10 12:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-08-07 09:29 - 2015-09-02 19:17 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-08-07 09:29 - 2015-08-28 20:03 - 00000000 ____D C:\ProgramData\Validity
2015-08-07 09:29 - 2015-08-07 09:31 - 00000000 ____D C:\Program Files\Synaptics
2015-08-07 09:29 - 2015-08-07 09:30 - 00021209 _____ C:\WINDOWS\iis.log
2015-08-07 09:29 - 2015-08-07 09:29 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2015-08-07 09:29 - 2015-08-07 09:29 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-08-07 09:29 - 2015-08-07 09:29 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_wbf_vfs_lvcmn_01_09_00.Wdf
2015-08-07 09:29 - 2015-08-07 09:29 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-08-07 09:29 - 2015-08-07 09:29 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-08-07 09:29 - 2015-08-07 09:29 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-08-07 09:29 - 2015-08-07 09:29 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-08-07 09:29 - 2015-08-07 09:29 - 00000000 ____D C:\Program Files (x86)\USB Camera
2015-08-07 09:29 - 2015-07-17 23:58 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-08-07 09:29 - 2015-07-17 23:58 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-08-07 09:28 - 2015-08-07 09:31 - 00000000 ____D C:\ProgramData\Conexant
2015-08-07 09:28 - 2015-08-07 09:31 - 00000000 ____D C:\Program Files\Intel
2015-08-07 09:28 - 2015-08-07 09:31 - 00000000 ____D C:\Program Files\CONEXANT
2015-08-07 09:27 - 2015-08-28 20:03 - 00012046 _____ C:\WINDOWS\PFRO.log
2015-08-07 09:27 - 2015-08-07 09:28 - 00031811 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-08-07 09:15 - 2015-08-07 09:34 - 00006611 _____ C:\WINDOWS\comsetup.log
2015-08-07 09:14 - 2015-08-07 09:34 - 00010449 _____ C:\WINDOWS\diagerr.xml
2015-08-07 09:14 - 2015-08-07 09:34 - 00009528 _____ C:\WINDOWS\diagwrn.xml

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-02 19:34 - 2015-06-20 15:04 - 00000000 ____D C:\Users\Luehmann\AppData\Roaming\Skype
2015-09-02 19:27 - 2015-07-10 14:20 - 00023036 _____ C:\WINDOWS\setupact.log
2015-09-02 19:18 - 2015-06-24 13:50 - 00000000 ___RD C:\Users\Luehmann\Dropbox
2015-09-02 19:18 - 2015-06-24 13:49 - 00000000 ____D C:\Users\Luehmann\AppData\Local\Dropbox
2015-09-02 19:17 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-02 19:17 - 2015-06-24 13:49 - 00001214 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2015-09-02 08:51 - 2015-06-20 14:28 - 01843472 _____ C:\Users\Public\CAFADEBUG.log
2015-09-02 08:13 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-02 08:12 - 2015-06-20 13:58 - 01048344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-09-02 08:12 - 2015-06-20 13:58 - 00447944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-09-02 08:12 - 2015-06-20 13:58 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-09-02 08:12 - 2015-06-20 13:58 - 00150672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-09-02 08:12 - 2015-06-20 13:58 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-09-02 08:12 - 2015-06-20 13:58 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-09-02 08:12 - 2015-06-20 13:58 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-09-02 08:12 - 2015-06-20 13:58 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-09-02 08:12 - 2015-06-20 13:58 - 00028144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2015-09-02 08:12 - 2015-06-20 13:58 - 00004006 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-09-02 08:10 - 2015-07-10 18:34 - 00884838 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-02 08:10 - 2015-07-10 18:34 - 00195936 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-01 07:32 - 2015-06-21 15:35 - 00000000 ____D C:\Users\Luehmann\AppData\Roaming\Nitro PDF
2015-08-28 20:51 - 2015-06-20 14:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-28 20:29 - 2015-07-10 13:04 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-08-28 20:29 - 2015-07-10 11:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-28 20:29 - 2015-03-19 20:40 - 00000000 ____D C:\ProgramData\McAfee
2015-08-28 20:27 - 2009-07-14 05:20 - 00000000 ____D C:\Users\Default.migrated
2015-08-28 20:07 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-28 20:03 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-28 20:03 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-28 20:03 - 2015-07-10 11:05 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-08-28 15:53 - 2015-06-24 13:57 - 00000000 ____D C:\Users\Luehmann\Desktop\Ebay
2015-08-27 21:34 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-27 20:10 - 2015-06-22 12:51 - 00001900 _____ C:\Users\Luehmann\AppData\Roaming\Microsoft\Windows\Start Menu\REACHit Drive.lnk
2015-08-27 20:10 - 2015-03-19 20:30 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2015-08-27 20:09 - 2015-06-22 12:51 - 00000000 ____D C:\Users\Luehmann\AppData\Local\Downloaded Installations
2015-08-22 08:08 - 2015-06-20 15:04 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk
2015-08-22 08:08 - 2015-06-20 15:04 - 00000000 ____D C:\ProgramData\Skype
2015-08-20 08:12 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-08-17 18:34 - 2015-07-10 14:20 - 00193800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-17 18:34 - 2015-03-19 20:40 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-08-17 18:32 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-17 18:32 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-08-15 09:12 - 2015-03-19 20:42 - 00000000 ____D C:\WINDOWS\System32\Tasks\TVT
2015-08-15 09:12 - 2015-03-19 13:06 - 00000000 ____D C:\ProgramData\Lenovo
2015-08-15 09:11 - 2015-03-19 20:38 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2015-08-15 09:11 - 2015-03-19 20:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-08-15 09:11 - 2015-03-19 20:30 - 00000000 ____D C:\Program Files (x86)\Lenovo
2015-08-11 20:58 - 2015-03-19 20:39 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-08-08 07:36 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\restore
2015-08-08 07:33 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\appcompat
2015-08-07 22:11 - 2015-07-10 18:35 - 00000000 ____D C:\WINDOWS\OCR
2015-08-07 22:00 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-08-07 22:00 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-08-07 22:00 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-08-07 22:00 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-08-07 22:00 - 2015-03-19 20:30 - 00000000 ____D C:\Intel
2015-08-07 10:27 - 2015-07-10 13:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-08-07 10:24 - 2015-07-10 13:06 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-07 10:24 - 2015-07-10 13:06 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-07 10:24 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-08-07 10:24 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-08-07 10:24 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-08-07 10:24 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-08-07 10:21 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-08-07 10:21 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-08-07 10:21 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-08-07 10:21 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-08-07 10:21 - 2015-07-10 13:01 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2015-08-07 10:21 - 2015-07-10 13:01 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2015-08-07 10:21 - 2015-07-10 13:01 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2015-08-07 10:21 - 2015-07-10 13:01 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-08-07 10:21 - 2015-07-10 13:01 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2015-08-07 10:21 - 2015-07-10 13:01 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2015-08-07 10:21 - 2015-07-10 13:01 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2015-08-07 10:21 - 2015-07-10 13:01 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2015-08-07 10:21 - 2015-07-10 13:01 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-08-07 10:21 - 2015-07-10 13:01 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2015-08-07 10:21 - 2015-07-10 13:01 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-08-07 10:21 - 2015-07-10 13:01 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-08-07 10:21 - 2015-07-10 13:01 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-08-07 10:21 - 2015-07-10 13:01 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-08-07 10:21 - 2015-07-10 13:01 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-08-07 10:21 - 2015-07-10 13:01 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2015-08-07 10:21 - 2015-07-10 13:00 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2015-08-07 10:21 - 2015-07-10 13:00 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2015-08-07 10:21 - 2015-07-10 13:00 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2015-08-07 10:21 - 2015-07-10 13:00 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2015-08-07 10:21 - 2015-07-10 13:00 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2015-08-07 10:21 - 2015-07-10 13:00 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-08-07 10:21 - 2015-07-10 13:00 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2015-08-07 10:21 - 2015-07-10 13:00 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2015-08-07 10:21 - 2015-07-10 13:00 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2015-08-07 10:21 - 2015-07-10 13:00 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2015-08-07 10:21 - 2015-07-10 13:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2015-08-07 10:21 - 2015-07-10 13:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-08-07 10:21 - 2015-07-10 13:00 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-08-07 10:21 - 2015-07-10 13:00 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2015-08-07 10:21 - 2015-07-10 13:00 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2015-08-07 10:21 - 2015-07-10 13:00 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2015-08-07 10:21 - 2015-07-10 13:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2015-08-07 10:21 - 2015-07-10 13:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-08-07 10:21 - 2015-07-10 13:00 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-08-07 10:21 - 2015-07-10 13:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-08-07 10:21 - 2015-07-10 13:00 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2015-08-07 09:35 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows NT
2015-08-07 09:35 - 2015-07-10 11:05 - 00000000 __RHD C:\Users\Default
2015-08-07 09:34 - 2015-07-23 00:04 - 00004320 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA1d0c4ca56c34337
2015-08-07 09:34 - 2015-07-10 13:04 - 00000000 __RSD C:\WINDOWS\Media
2015-08-07 09:34 - 2015-07-10 13:04 - 00000000 __RHD C:\Users\Public\Libraries
2015-08-07 09:34 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Registration
2015-08-07 09:34 - 2015-06-24 13:49 - 00004072 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2015-08-07 09:34 - 2015-03-19 20:43 - 00003974 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2
2015-08-07 09:34 - 2015-03-19 20:43 - 00003726 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon
2015-08-07 09:34 - 2015-03-19 20:38 - 00003172 _____ C:\WINDOWS\System32\Tasks\PMTask
2015-08-07 09:33 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\spool
2015-08-07 09:32 - 2015-07-10 13:05 - 00004362 _____ C:\WINDOWS\DtcInstall.log
2015-08-07 09:32 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 09:32 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 09:32 - 2015-07-10 13:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 09:32 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-08-07 09:32 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-08-07 09:32 - 2015-07-10 12:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage
2015-08-07 09:32 - 2015-06-21 10:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2015-08-07 09:32 - 2015-06-20 23:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-08-07 09:32 - 2015-06-20 15:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
2015-08-07 09:32 - 2015-06-20 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-08-07 09:32 - 2015-03-19 20:40 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo PowerENGAGE
2015-08-07 09:32 - 2015-03-19 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gesture Control
2015-08-07 09:32 - 2015-03-19 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2015-08-07 09:32 - 2015-03-19 20:33 - 00000000 ____D C:\Program Files\DisplayLink Core Software
2015-08-07 09:31 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-08-07 09:31 - 2015-07-10 15:19 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-08-07 09:31 - 2015-07-10 13:04 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-08-07 09:31 - 2015-07-10 13:04 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-08-07 09:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HK
2015-08-07 09:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR
2015-08-07 09:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-08-07 09:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-08-07 09:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\zh-HK
2015-08-07 09:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-07 09:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2015-08-07 09:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-08-07 09:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-07 09:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\IME
2015-08-07 09:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\schemas
2015-08-07 09:31 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-07 09:31 - 2015-03-19 20:42 - 00000000 ____D C:\Program Files\Intel Corporation
2015-08-07 09:31 - 2015-03-19 20:30 - 00000000 ____D C:\Program Files (x86)\Intel
2015-08-07 09:31 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-08-07 09:29 - 2015-07-10 14:20 - 00000113 _____ C:\WINDOWS\setuperr.log
2015-08-07 09:29 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\System
2015-08-07 09:29 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-08-07 09:18 - 2015-03-19 20:29 - 01727970 _____ C:\WINDOWS\WindowsUpdate (1).log
2015-08-07 09:18 - 2009-07-14 06:45 - 00031984 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-07 09:18 - 2009-07-14 06:45 - 00031984 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-07 09:15 - 2015-07-10 19:29 - 00000000 ___HD C:\$Windows.~BT

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-28 23:54 - 2015-08-28 23:54 - 0011527 _____ () C:\Users\Luehmann\AppData\Local\recently-used.xbel
2015-03-19 20:38 - 2015-03-19 20:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Luehmann\AppData\Local\Temp\0090711440786455mcinst.exe
C:\Users\Luehmann\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjynwif.dll
C:\Users\Luehmann\AppData\Local\Temp\McCSPInstall.dll
C:\Users\Luehmann\AppData\Local\Temp\mccspuninstall.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-01 08:00

==================== Ende von FRST.txt ============================

Heinz_Strunk · 02.09.2015, 18:43

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-08-2015
durchgeführt von Luehmann (2015-09-02 19:35:21)
Gestartet von C:\Users\Luehmann\Downloads
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3821891805-1902387822-2583955431-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3821891805-1902387822-2583955431-503 - Limited - Disabled)
Gast (S-1-5-21-3821891805-1902387822-2583955431-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3821891805-1902387822-2583955431-1002 - Limited - Enabled)
Luehmann (S-1-5-21-3821891805-1902387822-2583955431-1001 - Administrator - Enabled) => C:\Users\Luehmann

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.51.00 - )
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.58.0 - Conexant)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
DisplayLink Core Software (HKLM\...\{58F4C39B-D946-4A45-A314-DEFC2AFDF397}) (Version: 7.5.54609.0 - DisplayLink Corp.)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.8.6 - Dropbox, Inc.)
Dropbox 15 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.67.2 - Lenovo Group Limited)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Gesture Control (HKLM-x32\...\{8774ACAB-7051-4C7D-ABA2-C4E415F0108C}) (Version: 6.1.165.1 - Lenovo)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ACHTUNG
HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3383 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1419.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0462 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.6.3.70 - Intel Corporation) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.2.32 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{F949AE30-83D1-41B2-92D2-F44478DD058A}) (Version: 4.2.24.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{75895d95-3e4b-42b6-8440-97a0e234aeb3}) (Version: 17.0.2 - Intel Corporation)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.13 - )
Lenovo Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.1.16.0 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro)
Lenovo Peer Connect SDK (HKLM\...\{75C87855-9CBB-4892-B1A9-74C73A19CACA}_is1) (Version: 1.0.0.7 - Lenovo)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.15 - Lenovo)
Lenovo PowerENGAGE (HKLM-x32\...\{15B15395-FF53-44E1-ADAD-FCC279E3CA10}) (Version: 2.51.0040 - Lenovo Inc.)
Lenovo QuickControl (HKLM-x32\...\{04128C8C-7812-4DCC-816E-9C8AB1D6EECE}) (Version: 2.40 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{87D9837B-FFC4-45E2-8AE8-6F588EF30FD9}) (Version: 2.8.001.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0003 - Lenovo)
Lenovo USB Graphics (HKLM\...\{E6B1FE9A-CB1E-4096-A0AF-163419CB971C}) (Version: 7.5.54614.0 - Lenovo)
Lenovo USB3.0 to DVI VGA Monitor Adapter (HKLM-x32\...\{454D32AD-C149-49BE-9F2E-8C089C3D6620}) (Version: 1.07.17 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
Message Center Plus (HKLM\...\{EE4D9822-C7F3-4386-8703-889CDDA22FAA}) (Version: 3.4.0001.00 - Lenovo Group Limited)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.1005 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3 - Mozilla)
Mp3tag v2.70 (HKLM-x32\...\Mp3tag) (Version: v2.70 - Florian Heidenreich)
Nitro Pro 9 (HKLM\...\{941C6E5F-363B-4121-A374-3B2E0DEF877C}) (Version: 9.5.1.5 - Nitro)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.2.015.00 - Lenovo)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.21229 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.71.327.2013 - Realtek)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.11.0 - Lenovo Group Limited)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.0 - Synaptics Incorporated)
Thinkpad USB Ethernet Adapter Driver (HKLM-x32\...\{D8102684-7BA1-4948-88B9-535F84E6E588}) (Version: 7.14.1114.2014 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.80.03.00 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows-Treiberpaket - Intel Corporation (iaStorA) HDC  (04/29/2013 12.5.4.1001) (HKLM\...\64C5B2577D321E8D30DF813803EF008F338A0B1E) (Version: 04/29/2013 12.5.4.1001 - Intel Corporation)
Windows-Treiberpaket - Lenovo 1.67.09.03 (11/07/2014 1.67.09.03) (HKLM\...\FA3F6F3D6E8958FDDEE1E09CC77DFA71B0D7835A) (Version: 11/07/2014 1.67.09.03 - Lenovo)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

15-08-2015 08:53:26 Windows Modules Installer
16-08-2015 19:00:22 Windows-Sicherung
22-08-2015 08:22:38 Uniblue DriverScanner installation
25-08-2015 10:16:47 Windows-Sicherung
30-08-2015 22:40:32 Windows-Sicherung
02-09-2015 08:12:23 avast! antivirus system restore point

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {0CD9DD46-A2F5-4562-8B6A-D7C2FBF06E63} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {0ED0F2C9-C6F4-4DEE-ABDA-5BA7D2BB6D33} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {10BD1012-4934-422C-8CE5-88033C7EFF4A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {1144AC20-1E8C-41F0-ADAD-41E9C11D2DAA} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {13B0A2AD-0760-4134-AE9E-2DF4FA6571EC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {157CC2EA-2B4F-4F8F-851B-2B33C6861425} - System32\Tasks\Lenovo\Message Center Plus Launcher => C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe [2015-03-23] (Lenovo)
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {1D71D99B-80DD-4085-BEC3-62B62AD0817B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {218CF6B8-705E-4B63-B398-E680F49216B4} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {218E4731-FE33-440D-8E07-DF27C693D6C7} - System32\Tasks\DropboxUpdateTaskMachineUA1d0c4ca56c34337 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-24] (Dropbox, Inc.)
Task: {2628B1E4-8175-4D64-BAE8-27F9F7E6809D} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {26643903-8A9E-4AD6-B102-C4F9B9C8049B} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2014-12-01] (Lenovo)
Task: {2EEB3249-4494-4294-943F-BAEA528EEEBD} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {2F2D7690-4F2A-4892-A600-8BB376585344} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {3256306D-C824-458E-ADAD-B11CC4F90828} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-12-01] (Lenovo)
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {486E9823-F791-432B-A3E2-05AB27C1A68A} - System32\Tasks\Lenovo\Lenovo PowerENGAGE Update => C:\Program Files (x86)\Lenovo Registration\lenovoreg.exe [2015-01-09] (Aviata Inc)
Task: {51AF5666-3754-4EC0-A10E-771A89D1657D} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-08-19] (Lenovo)
Task: {54DBA86C-C414-4B92-9E50-DDFA6EB2D251} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-09-02] (AVAST Software)
Task: {54FC37AE-17AC-4C56-A863-944CDC38635A} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {56365FDA-DCB6-4135-8A83-D7920FFF5043} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {5A2A8BAC-4B9F-4F83-839B-EBFE915EF177} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2015-07-01] ()
Task: {5B6BFFE5-12CD-4082-A100-B0CCA6746163} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {5FEE588B-36B5-40C3-A323-375AB42DB4CD} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {646B0DBA-9DB9-4680-8ADB-859F069D7B02} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {69D59428-B51E-4908-AEFD-23AB24A29FD4} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {721AB63B-2CA5-49B7-8A50-1398FB541B90} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2014-12-12] ()
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {73DD3907-8EAB-4C4B-B4E5-E8FE282B1553} - System32\Tasks\TVT\LaunchFR => C:\Program Files (x86)\Lenovo\Factory Recovery\FRReminder.exe [2014-08-21] (TODO: <Company name>)
Task: {76E74B19-5BA8-4D6D-A52C-307C56BE3C3E} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {78D120C3-2DD4-4302-AD78-8BEA18957836} - System32\Tasks\Lenovo\Gesture Control => C:\Program Files (x86)\eyeSight\Gesture Control\launchGC.exe [2015-01-26] ()
Task: {79D93EB0-9B86-429E-BDBB-48D4E1871D34} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {831C3B30-E784-4827-B9AE-728C49B2803B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {85B04076-42D5-4E43-BB5D-BFC751D63CA2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {888AB188-C266-4302-9220-F2A310B8429E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {8B39A6D4-CFAD-4F5B-9CF1-F41438A69390} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-08-19] (Lenovo)
Task: {8DA20F40-87AF-4DE8-AC2F-BBDB078EAE5E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-08-07] (Microsoft Corporation)
Task: {9B44CC17-1D17-480C-A623-655FDA448C10} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {9FA4114F-B213-420D-BFAC-07AECE36FB92} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {A0FF1C4C-B44D-432C-AFCB-8A38CAAB8ADC} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> Keine Datei <==== ACHTUNG
Task: {A38ECDC1-2C04-430B-9FD6-ECEFE81991A0} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-24] (Dropbox, Inc.)
Task: {A5914EE9-28BC-4DA8-9B20-44BB4E46A704} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {A5980F38-C7CC-4C51-A5E5-76314668F18A} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {A7D7DF28-DD19-4C3F-941C-60EBDAC26021} - System32\Tasks\Lenovo\REACHit => C:\Program Files (x86)\Lenovo\REACHit\ReachitMetrics.exe [2015-08-19] ()
Task: {ADC83414-9B5D-43F1-B147-57CA0ADD257D} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-12-01] (Lenovo)
Task: {B1920AB8-9964-4A47-B2A0-CE65A43C8942} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {B61B7215-EE0B-4934-9809-755E43A6DA1E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {B72BA540-D18C-4D5F-8E2F-60FFB4FCA148} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {CB1AB1D3-B5FA-4ECA-B651-3A79316F7681} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {D8845769-7A9F-44B0-AFA9-E2AC2DDF5364} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {DCFF3DE4-31EF-4EC2-B787-5601F2439873} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {E1D397F4-458C-468A-A009-5E3A938BDB73} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {E3117ECE-E5A9-433D-B229-97D6D75D6EA5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {E3758915-6EEB-4735-8F10-2A912DED0BC5} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-12-01] ()
Task: {E3B33FF5-380F-4A4D-B41B-94D3DC15F397} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-09-02] (Lenovo)
Task: {EAA2618C-31ED-4996-BA65-F2F4DE4BC700} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2014-11-14] (Lenovo Group Limited)
Task: {EE3D8004-A250-4A84-BC68-B2E6E3A9A5CB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {F2BD94E8-1A8C-48A0-A4AB-94ADFF82E7F5} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {FF29A35D-949B-4F54-965A-AB0780567E44} - System32\Tasks\Lenovo\Lenovo PowerENGAGE => C:\Program Files (x86)\Lenovo Registration\lenovoreg.exe [2015-01-09] (Aviata Inc)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d0c4ca56c34337.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-07 10:24 - 2015-08-07 10:24 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00403968 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2014-05-15 19:39 - 2014-05-15 19:39 - 00417800 _____ () C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe
2015-08-08 07:36 - 2015-07-30 08:05 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-03-19 20:38 - 2014-11-14 00:07 - 00117760 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2015-08-08 07:36 - 2015-07-30 08:05 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-18 00:35 - 2015-07-18 00:35 - 00396688 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-08-08 07:36 - 2015-08-02 03:37 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 13:00 - 2015-07-10 18:43 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-08 07:36 - 2015-08-02 03:34 - 01806848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-08 07:36 - 2015-08-02 03:35 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 13:00 - 2015-07-10 18:43 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-03-19 20:36 - 2010-10-26 06:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2015-06-20 13:58 - 2015-06-20 13:58 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-06-20 13:58 - 2015-06-20 13:58 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-28 15:01 - 2015-08-28 15:01 - 02961408 _____ () C:\Program Files\AVAST Software\Avast\defs\15082800\algo.dll
2015-09-02 08:11 - 2015-09-02 08:11 - 02961408 _____ () C:\Program Files\AVAST Software\Avast\defs\15090100\algo.dll
2015-03-19 20:38 - 2011-08-02 21:58 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2015-03-19 20:38 - 2011-08-02 21:58 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2015-03-19 20:30 - 2013-05-08 22:23 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-06-20 13:58 - 2015-06-20 13:58 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-09-02 19:17 - 2015-09-02 19:17 - 00071168 _____ () c:\users\luehmann\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjynwif.dll
2015-06-24 13:50 - 2015-08-05 22:49 - 00012800 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-06-24 13:50 - 2015-08-05 22:49 - 00779776 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-08-02 10:08 - 2015-08-05 22:49 - 00056320 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-24 13:50 - 2015-08-05 22:49 - 00012288 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Think\Think_Blue.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{415A1CC8-B9CD-463C-802F-0B0BA14D042A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3FF8E241-14C7-4681-AEC2-67235BB7585C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5CAFE1E3-5C1C-4B90-8FD1-3F3D2B7DEC24}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{548CFF05-A4FB-48E0-A3C4-E113A78221B3}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{93E2041C-FCD1-48F9-821D-55B21975F252}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{16DAD92A-13D1-4AE1-9C84-96EF3C70802D}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [{C5C6445C-6BC1-479C-93DC-40C0B5E6B785}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [{5D91A6E7-3858-49EA-BB74-E54DC21B6B9D}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{9AC6FAD2-6BBD-476E-B5A0-9949423175E9}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{7A3CADC4-ED2B-4277-AA93-C4B815DA7318}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{622970A4-F8F2-46D3-8784-40B44C0C0971}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/02/2015 07:25:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OHub.exe, Version: 16.0.6121.2376, Zeitstempel: 0x55d7a527
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10240.16392, Zeitstempel: 0x55a864a2
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ea28c
ID des fehlerhaften Prozesses: 0x1ff8
Startzeit der fehlerhaften Anwendung: 0xOHub.exe0
Pfad der fehlerhaften Anwendung: OHub.exe1
Pfad des fehlerhaften Moduls: OHub.exe2
Berichtskennung: OHub.exe3
Vollständiger Name des fehlerhaften Pakets: OHub.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: OHub.exe5

Error: (09/02/2015 07:20:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ReachitMetrics.exe, Version: 2.0.17.0, Zeitstempel: 0x55d4dd4e
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10240.16384, Zeitstempel: 0x559f3b2a
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000b3e28
ID des fehlerhaften Prozesses: 0x65c
Startzeit der fehlerhaften Anwendung: 0xReachitMetrics.exe0
Pfad der fehlerhaften Anwendung: ReachitMetrics.exe1
Pfad des fehlerhaften Moduls: ReachitMetrics.exe2
Berichtskennung: ReachitMetrics.exe3
Vollständiger Name des fehlerhaften Pakets: ReachitMetrics.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ReachitMetrics.exe5

Error: (09/02/2015 07:20:04 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: ReachitMetrics.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.IO.FileNotFoundException
Stapel:
   bei ReachitMetrics.Program.InstallUnintallStatusCheck(System.String)
   bei ReachitMetrics.Program.Main(System.String[])

Error: (09/02/2015 08:51:04 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Luehmann-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/02/2015 08:37:29 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Luehmann-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/02/2015 08:21:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.10240.16384, Zeitstempel: 0x559f3853
Name des fehlerhaften Moduls: EDGEHTML.dll, Version: 11.0.10240.16412, Zeitstempel: 0x55b9a55c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000014dcae
ID des fehlerhaften Prozesses: 0xb0c
Startzeit der fehlerhaften Anwendung: 0xmicrosoftedgecp.exe0
Pfad der fehlerhaften Anwendung: microsoftedgecp.exe1
Pfad des fehlerhaften Moduls: microsoftedgecp.exe2
Berichtskennung: microsoftedgecp.exe3
Vollständiger Name des fehlerhaften Pakets: microsoftedgecp.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: microsoftedgecp.exe5

Error: (09/02/2015 08:12:25 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/02/2015 08:12:25 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary McAfee Inc. mfencbdc.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (09/02/2015 08:10:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ReachitMetrics.exe, Version: 2.0.17.0, Zeitstempel: 0x55d4dd4e
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10240.16384, Zeitstempel: 0x559f3b2a
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000b3e28
ID des fehlerhaften Prozesses: 0xe20
Startzeit der fehlerhaften Anwendung: 0xReachitMetrics.exe0
Pfad der fehlerhaften Anwendung: ReachitMetrics.exe1
Pfad des fehlerhaften Moduls: ReachitMetrics.exe2
Berichtskennung: ReachitMetrics.exe3
Vollständiger Name des fehlerhaften Pakets: ReachitMetrics.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ReachitMetrics.exe5

Error: (09/02/2015 08:10:31 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: ReachitMetrics.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.IO.FileNotFoundException
Stapel:
   bei ReachitMetrics.Program.InstallUnintallStatusCheck(System.String)
   bei ReachitMetrics.Program.Main(System.String[])


Systemfehler:
=============
Error: (09/02/2015 07:20:08 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (09/02/2015 08:51:04 AM) (Source: DCOM) (EventID: 10010) (User: Luehmann-PC)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (09/02/2015 08:51:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session6" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/02/2015 08:37:34 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_Session5 erreicht.

Error: (09/02/2015 08:37:29 AM) (Source: DCOM) (EventID: 10010) (User: Luehmann-PC)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca

Error: (09/02/2015 08:37:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session5" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/02/2015 08:36:22 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (09/02/2015 08:26:35 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (09/02/2015 08:26:35 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (09/01/2015 01:08:15 AM) (Source: DCOM) (EventID: 10010) (User: Luehmann-PC)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca


Microsoft Office:
=========================
Error: (09/02/2015 07:25:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OHub.exe16.0.6121.237655d7a527ntdll.dll10.0.10240.1639255a864a2c000037400000000000ea28c1ff801d0e5a469624810C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6121.23761.0_x64__8wekyb3d8bbwe\OHub.exeC:\WINDOWS\SYSTEM32\ntdll.dll39ac6719-6fd2-4bb0-9009-315f00bd5a79Microsoft.MicrosoftOfficeHub_17.6121.23761.0_x64__8wekyb3d8bbweMicrosoft.MicrosoftOfficeHub

Error: (09/02/2015 07:20:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ReachitMetrics.exe2.0.17.055d4dd4eKERNELBASE.dll10.0.10240.16384559f3b2ae0434352000b3e2865c01d0e5a39a82e06bC:\Program Files (x86)\Lenovo\REACHit\ReachitMetrics.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll9e37c397-e712-475e-960d-dd594f669837

Error: (09/02/2015 07:20:04 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: ReachitMetrics.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.IO.FileNotFoundException
Stapel:
   bei ReachitMetrics.Program.InstallUnintallStatusCheck(System.String)
   bei ReachitMetrics.Program.Main(System.String[])

Error: (09/02/2015 08:51:04 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Luehmann-PC)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141

Error: (09/02/2015 08:37:29 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Luehmann-PC)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141

Error: (09/02/2015 08:21:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: microsoftedgecp.exe11.0.10240.16384559f3853EDGEHTML.dll11.0.10240.1641255b9a55cc0000005000000000014dcaeb0c01d0e5474a9f2619C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exeC:\WINDOWS\SYSTEM32\EDGEHTML.dll32f3813f-fa27-4097-9693-e120063a5849Microsoft.MicrosoftEdge_20.10240.16384.0_neutral__8wekyb3d8bbweMicrosoftEdge

Error: (09/02/2015 08:12:25 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (09/02/2015 08:12:25 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary McAfee Inc. mfencbdc.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (09/02/2015 08:10:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ReachitMetrics.exe2.0.17.055d4dd4eKERNELBASE.dll10.0.10240.16384559f3b2ae0434352000b3e28e2001d0e54611872b32C:\Program Files (x86)\Lenovo\REACHit\ReachitMetrics.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll694e462f-aef9-44ee-8238-e48686ff6588

Error: (09/02/2015 08:10:31 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: ReachitMetrics.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.IO.FileNotFoundException
Stapel:
   bei ReachitMetrics.Program.InstallUnintallStatusCheck(System.String)
   bei ReachitMetrics.Program.Main(System.String[])


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 8108.07 MB
Verfügbarer physikalischer RAM: 4867.87 MB
Summe virtueller Speicher: 16300.07 MB
Verfügbarer virtueller Speicher: 12486.08 MB

==================== Laufwerke ================================

Drive c: (Windows7_OS) (Fixed) (Total:221.55 GB) (Free:146.64 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:14.99 GB) (Free:0 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: B0DCC8DE)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=221.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=476 MB) - (Type=27)
Partition 4: (Not Active) - (Size=15 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Danke, Jürgen, dass Du mir hilfst!

deeprybka · 02.09.2015, 18:43

Hi,

Schritt 1
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2

Download und Anleitung
Starte Malwarebytes' Anti-Malware (MBAM).
Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
Gehe zurück zum Armaturenbrett und klicke auf "Jetzt scannen".
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben und poste mir das Log.

Schritt 3

Bitte starte FRST erneut, markiere auch die checkbox

und drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

Heinz_Strunk · 03.09.2015, 21:05

Code:

ATTFilter

# AdwCleaner v5.005 - Bericht erstellt am 03/09/2015 um 22:00:06
# Aktualisiert am 31/08/2015 von Xplode
# Datenbank : 2015-08-31.2 [Server]
# Betriebssystem : Windows 10 Pro  (x64)
# Benutzername : Luehmann - LUEHMANN-PC
# Gestartet von : C:\Users\Luehmann\Downloads\adwcleaner_5.005.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****


*************************


########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [630 Bytes] ##########

Dass in der Textdatei keine Fehlermeldungen stehen, kann daran liegen, dass ich AdwCleaener vor meinem ersten Posting hier im Forum schon selbst benutzt hatte.

deeprybka · 03.09.2015, 21:06

Kein Problem, einfach weiter mit dem nächsten Schritt.

Heinz_Strunk · 03.09.2015, 21:42

ok. Kommt sofort. :-)

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 03.09.2015
Suchlaufzeit: 22:28
Protokolldatei:  Malwarebytes Anti-Malware .txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.09.03.07
Rootkit-Datenbank: v2015.08.16.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Luehmann

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 384071
Abgelaufene Zeit: 7 Min., 35 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 5
PUP.Optional.CinemaPlus, HKLM\SOFTWARE\WOW6432NODE\CinemaPlus-4.2vV22.08-nv-edge, , [255e04275239a0969758e19e818304fc], 
PUP.Optional.CinemaPlus, HKLM\SOFTWARE\WOW6432NODE\CinemaPlus-4.2vV22.08-nv-ie, , [afd41a11553690a62ac5621df2129c64], 
PUP.Optional.CinemaPlus, HKU\S-1-5-18\SOFTWARE\CinemaPlus-4.2vV22.08-nv-ie, , [3c472704355676c08b44a5dab64e45bb], 
PUP.Optional.CinemaPlus, HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\SOFTWARE\CinemaPlus-4.2vV22.08-nv-edge, , [8bf88d9eaae182b4a02f8af541c39a66], 
PUP.Optional.CinemaPlus, HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\SOFTWARE\CinemaPlus-4.2vV22.08-nv-ie, , [5f24f83398f370c6efe0641b2adaf907], 

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 7
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Controls, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Windows, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixVideoPlayer, , [394adb503853b87ed1377d21956f36ca], 
PUP.Optional.GlobalUpdate, C:\Users\Luehmann\AppData\Local\Temp\comh.363369, , [c6bd6ebd7d0ef93dff6cb35747bcc838], 

Dateien: 92
PUP.Optional.CinemaPlus, C:\Users\Luehmann\AppData\Local\Temp\379329ae-62e1-45d0-add9-9840ef25285f\setup.exe, , [dda650db07844de9afddf99aa75e02fe], 
PUP.Optional.MixVideoPlayer, C:\Users\Luehmann\AppData\Local\Temp\4eeeddd0-d94b-4e88-9eed-5fcf0c1ecfb2\mixvideoplayersetup.exe, , [e3a04ddee5a6ea4cfc26fa5fc8386898], 
PUP.Optional.WebBar, C:\Users\Luehmann\AppData\Local\Temp\97bc6a63-2f47-478e-8fd0-367deb30d64e\web_bar_setup.exe, , [52312605078481b5ac5d1ba77d8423dd], 
PUP.Optional.SystemNotifier, C:\Users\Luehmann\AppData\Local\Temp\cf28402b-6760-42ea-93d4-83becd1a3caa\mini_installer.exe, , [077cdb5056350b2b363e237147be37c9], 
PUP.Optional.ModGoog, C:\Users\Luehmann\AppData\Local\Temp\comh.363369\globalupdate.exe, , [e79c03289af147ef507494e35fa24db3], 
PUP.Optional.ModGoog, C:\Users\Luehmann\AppData\Local\Temp\comh.363369\globalupdateBroker.exe, , [bdc69a916b2063d37c482f484db4a55b], 
PUP.Optional.ModGoog, C:\Users\Luehmann\AppData\Local\Temp\comh.363369\globalupdateCrashHandler.exe, , [a3e064c7ddaea3937f45d2a5b54cf60a], 
PUP.Optional.ModGoog, C:\Users\Luehmann\AppData\Local\Temp\comh.363369\globalupdateOnDemand.exe, , [0380af7c8704ce684381c0b788796898], 
PUP.Optional.ModGoog, C:\Users\Luehmann\AppData\Local\Temp\comh.363369\goopdate.dll, , [9be85ad19dee1c1aedd7f1866d9418e8], 
PUP.Optional.ModGoog, C:\Users\Luehmann\AppData\Local\Temp\comh.363369\goopdateres_en.dll, , [bac977b4b1da56e0497b1e59c63bea16], 
PUP.Optional.ModGoog, C:\Users\Luehmann\AppData\Local\Temp\comh.363369\psmachine.dll, , [4c37c06b1576c96daf156314758c19e7], 
PUP.Optional.ModGoog, C:\Users\Luehmann\AppData\Local\Temp\comh.363369\psuser.dll, , [7c0772b99af1ab8bffc56314808156aa], 
PUP.Optional.DomaIQ, C:\Users\Luehmann\Downloads\Setup.exe, , [ceb54ae1e4a7082e1a43ab08f80950b0], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\mixvideoplayer.affcode, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\BrowserWeb.exe, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\DeleteTasks.exe, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\dotNetFx40_Full_setup.exe, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\FrameworkControl.exe, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\icon-uninstall.ico, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\icon.ico, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\LTV2.exe, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\LTVNetSdk.dll, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Microsoft.Win32.TaskScheduler.dll, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\mixUpdater.exe, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\mixvideoplayer.uidnum, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Newtonsoft.Json.dll, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\NLog.dll, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\PhotoLoader.dll, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\policy.2.0.taglib-sharp.config, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\policy.2.0.taglib-sharp.dll, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Sider.dll, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Snowplow.Tracker.dll, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\taglib-sharp.dll, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Controls\ifishplayer-icon2.ico, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Controls\Thumbs.db, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Hindi.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Arabic.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Bulgarian.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Catalan.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\ChineseS.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\ChineseT.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Czech.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Danish.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Dutch.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\English.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Estonian.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Finnish.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\French.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\German.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Greek.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\HaitianCreole.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Hebrew.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Hungarian.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Indonesian.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Italian.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Japanese.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Korean.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Latvian.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Lithuanian.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Norwegian.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Polish.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Portuguese.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Romanian.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Russian.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Slovak.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Slovenian.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Spanish.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Swedish.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Thai.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Turkish.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Ukrainian.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Languages\Vietnamese.ini, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references\extaudio.png, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references\extvideo.png, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references\ffmpeg.exe, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references\ffmpeg.zip, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references\folder.png, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references\Interop.SHDocVw.dll, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references\libreria.png, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references\mixChecker.exe, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references\NDde.dll, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references\Newtonsoft.Json.dll, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references\PhotoLoader.dll, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references\policy.2.0.taglib-sharp.config, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references\policy.2.0.taglib-sharp.dll, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references\taglib-sharp.dll, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\references\Thumbs.db, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Windows\logopeq-icon.ico, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\Program Files (x86)\MixVideoPlayer\Windows\Thumbs.db, , [a6ddea41b0dbc76feb1c316dea1a24dc], 
PUP.Optional.MixVideoPlayer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixVideoPlayer\Uninstall MixVideoPlayer.lnk, , [394adb503853b87ed1377d21956f36ca], 
PUP.Optional.MixVideoPlayer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixVideoPlayer\MixVideoPlayer.lnk, , [394adb503853b87ed1377d21956f36ca], 
PUP.Optional.GlobalUpdate, C:\Users\Luehmann\AppData\Local\Temp\comh.363369\globalupdateHelper.msi, , [c6bd6ebd7d0ef93dff6cb35747bcc838], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
durchgeführt von Luehmann (Administrator) auf LUEHMANN-PC (03-09-2015 22:40:21)
Gestartet von C:\Users\Luehmann\Downloads
Geladene Profile: Luehmann (Verfügbare Profile: Luehmann)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Nitro PDF Software) C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
() C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Microsoft Corporation) C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.12711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.827.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamresearch.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\consent.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\Windows\system32\igfxpers.exe"
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [901216 2013-04-29] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [TpShocks] => C:\WINDOWS\system32\TpShocks.exe [555760 2014-12-08] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [295712 2014-08-07] (Lenovo Group Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3936936 2015-07-28] (Synaptics Incorporated)
HKLM\...\Run: [SynLenovoHelper] => C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe [146600 2015-07-28] (Synaptics)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [561672 2015-06-12] (Vimicro)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-10-21] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-09-02] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [39179912 2015-08-06] (Dropbox, Inc.)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\...\Run: [OneDrive] => C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\OneDrive.exe [404064 2015-08-21] (Microsoft Corporation)
HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\...\RunOnce: [Uninstall C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\...\RunOnce: [Uninstall C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\...\RunOnce: [Adobe Speed Launcher] => 1441310497
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll [2015-08-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll [2015-08-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll [2015-08-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-09-02] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll [2015-08-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll [2015-08-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll [2015-08-21] (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8515b949-94c2-4767-b362-e7ea02966bc8}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com/?pc=LNJB
HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001 -> DefaultScope {4F2E4AB7-1650-46FC-87EA-A5D6604EF333} URL = 
SearchScopes: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001 -> {4F2E4AB7-1650-46FC-87EA-A5D6604EF333} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-02] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-02] (AVAST Software)

FireFox:
========
FF ProfilePath: C:\Users\Luehmann\AppData\Roaming\Mozilla\Firefox\Profiles\3t0p86ou.default
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-08] (Intel Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2014-05-15] (Nitro PDF)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: ClassicThemeRestorerArisT2Noia4dev - C:\Users\Luehmann\AppData\Roaming\Mozilla\Firefox\Profiles\3t0p86ou.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev [2015-08-28]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-20]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\prefs.js [2015-08-28]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-20]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-02] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109008 2015-09-02] (AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-24] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-24] (Dropbox, Inc.)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-08] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [619776 2014-12-05] (Lenovo)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [197408 2014-08-07] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [115184 2014-07-08] (Lenovo Group Limited)
S3 LenovoProdRegManager; C:\Program Files (x86)\Lenovo Registration\EngageService.exe [293416 2015-01-09] (Aviata, Inc.)
R2 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [21552 2014-02-21] (Lenovo)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-12-01] ()
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-08-07] (Microsoft Corporation)
R2 NitroDriverReadSpool9; C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe [230920 2014-05-15] (Nitro PDF Software)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe [417800 2014-05-15] ()
S2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [61232 2014-12-05] (Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [317224 2014-12-05] (Lenovo Group Limited)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22008 2015-07-01] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [237736 2015-07-28] (Synaptics Incorporated)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [49968 2015-03-03] (Synaptics Incorporated)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-07] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-08-07] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-02] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-09-02] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-02] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [454016 2015-09-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-02] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-09-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-09-02] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-09-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-02] (AVAST Software)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [263952 2015-07-14] (Intel Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [99168 2015-07-10] (Avago Technologies)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-03] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-08-07] (Microsoft Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3496216 2015-07-10] (Intel Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [761600 2015-06-15] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-07-28] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [206744 2013-06-20] (Windows (R) Win 7 DDK provider)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [802312 2015-06-12] (Vimicro Corporation)
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-03 22:37 - 2015-09-03 22:37 - 00014761 _____ C:\Users\Luehmann\Desktop\ Malwarebytes Anti-Malware .txt
2015-09-03 22:25 - 2015-09-03 22:28 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-03 22:24 - 2015-09-03 22:24 - 75501852 _____ C:\Users\Luehmann\Downloads\xvideos.com_ee45a353e25e886c4af60da8de8a4755.flv.5b703zp.partial
2015-09-03 22:22 - 2015-09-03 22:22 - 00001186 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-03 22:22 - 2015-09-03 22:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-09-03 22:22 - 2015-09-03 22:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-03 22:22 - 2015-09-03 22:22 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-09-03 22:22 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-09-03 22:22 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-09-03 22:22 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-09-03 22:21 - 2015-09-03 22:21 - 00016148 _____ C:\WINDOWS\system32\LUEHMANN-PC_Luehmann_HistoryPrediction.bin
2015-09-03 22:05 - 2015-09-03 22:21 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Luehmann\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-03 21:58 - 2015-09-03 22:00 - 00000000 ____D C:\AdwCleaner
2015-09-03 21:51 - 2015-09-03 21:55 - 01654272 _____ C:\Users\Luehmann\Downloads\adwcleaner_5.005.exe
2015-09-02 19:52 - 2015-09-02 19:52 - 00095524 _____ C:\Users\Luehmann\Desktop\FRST01.txt
2015-09-02 19:52 - 2015-09-02 19:52 - 00044278 _____ C:\Users\Luehmann\Desktop\Addition02.txt
2015-09-02 19:33 - 2015-09-02 19:37 - 00044278 _____ C:\Users\Luehmann\Downloads\Addition.txt
2015-09-02 19:32 - 2015-09-03 22:40 - 00023773 _____ C:\Users\Luehmann\Downloads\FRST.txt
2015-09-02 19:32 - 2015-09-03 22:40 - 00000000 ____D C:\FRST
2015-09-02 19:31 - 2015-09-03 22:40 - 02188800 _____ (Farbar) C:\Users\Luehmann\Downloads\FRST64.exe
2015-09-02 08:12 - 2015-09-02 08:12 - 00454016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2015-09-02 08:12 - 2015-09-02 08:12 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-09-02 08:12 - 2015-09-02 08:12 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-08-31 23:27 - 2015-09-01 07:33 - 656068723 _____ C:\Users\Luehmann\Downloads\wetransfer-9fe53e.zip
2015-08-28 23:54 - 2015-08-28 23:54 - 00011527 _____ C:\Users\Luehmann\AppData\Local\recently-used.xbel
2015-08-28 23:49 - 2015-08-28 23:49 - 03565658 _____ C:\Users\Luehmann\Desktop\Unbenannt.xcf
2015-08-28 21:29 - 2015-08-28 21:29 - 00000000 ____D C:\Program Files (x86)\ESET
2015-08-28 21:25 - 2015-08-28 21:29 - 02870984 _____ (ESET) C:\Users\Luehmann\Downloads\esetsmartinstaller_enu.exe
2015-08-28 21:13 - 2015-08-28 21:14 - 01125626 _____ C:\Users\Luehmann\Downloads\ProcessExplorer_16.5.zip
2015-08-28 20:51 - 2015-08-28 20:51 - 00001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-28 20:51 - 2015-08-28 20:51 - 00001231 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-28 20:47 - 2015-08-28 20:47 - 00242984 _____ C:\Users\Luehmann\Downloads\Firefox Setup Stub 40.0.3.exe
2015-08-28 20:44 - 2015-08-28 20:44 - 01260832 _____ C:\Users\Luehmann\Downloads\Emsisoft Anti Malware - CHIP-Installer.exe
2015-08-28 20:29 - 2015-08-28 20:29 - 00000192 _____ C:\WINDOWS\wininit.ini
2015-08-28 15:33 - 2015-08-28 20:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-22 08:23 - 2015-08-22 08:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixVideoPlayer
2015-08-22 08:22 - 2015-08-28 15:00 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-08-22 08:22 - 2015-08-22 08:23 - 00000000 ____D C:\Program Files (x86)\MixVideoPlayer
2015-08-22 08:21 - 2015-08-22 08:21 - 00683504 _____ C:\Users\Luehmann\Downloads\Setup.exe
2015-08-22 08:08 - 2015-08-22 08:08 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-22 08:08 - 2015-08-22 08:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-20 22:25 - 2015-08-20 22:25 - 00000000 ____D C:\Users\Luehmann\.thumbnails
2015-08-20 22:10 - 2015-08-28 23:54 - 00000000 ____D C:\Users\Luehmann\AppData\Local\gtk-2.0
2015-08-20 22:07 - 2015-08-29 00:01 - 00000000 ____D C:\Users\Luehmann\.gimp-2.8
2015-08-20 22:07 - 2015-08-20 22:07 - 00000000 ____D C:\Users\Luehmann\AppData\Local\gegl-0.2
2015-08-20 22:06 - 2015-08-20 22:06 - 00000950 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-08-20 22:06 - 2015-08-20 22:06 - 00000000 ____D C:\Program Files\GIMP 2
2015-08-20 22:02 - 2015-08-20 22:06 - 91931728 _____ (The GIMP Team ) C:\Users\Luehmann\Downloads\gimp-2.8.14-setup-1.exe
2015-08-11 20:58 - 2015-08-11 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-09 19:19 - 2015-08-09 19:19 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-08-08 07:40 - 2015-08-08 07:40 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-08-08 07:36 - 2015-07-30 08:24 - 01561872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-08-08 07:36 - 2015-07-30 08:23 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-08-08 07:36 - 2015-07-30 08:22 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-08 07:36 - 2015-07-30 08:21 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-08-08 07:36 - 2015-07-30 08:17 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-08-08 07:36 - 2015-07-30 08:17 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-08-08 07:36 - 2015-07-30 08:17 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-08-08 07:36 - 2015-07-30 08:16 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-08-08 07:36 - 2015-07-30 08:16 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-08-08 07:36 - 2015-07-30 08:15 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-08-08 07:36 - 2015-07-30 08:14 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-08-08 07:36 - 2015-07-30 08:09 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-08-08 07:36 - 2015-07-30 08:06 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-08-08 07:36 - 2015-07-30 08:05 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-08 07:36 - 2015-07-30 08:05 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-08-08 07:36 - 2015-07-30 08:04 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-08 07:36 - 2015-07-30 08:03 - 02116448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-08-08 07:36 - 2015-07-30 08:03 - 01983328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-08-08 07:36 - 2015-07-30 07:30 - 22319520 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-08 07:36 - 2015-07-30 07:24 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-08-08 07:36 - 2015-07-30 06:42 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-08 07:36 - 2015-07-30 06:29 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-08-08 07:36 - 2015-07-30 06:26 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-08-08 07:36 - 2015-07-30 06:26 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-08-08 07:36 - 2015-07-30 06:25 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-08-08 07:36 - 2015-07-30 06:25 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-08-08 07:36 - 2015-07-30 06:24 - 01769056 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-08 07:36 - 2015-07-30 06:24 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-08-08 07:36 - 2015-07-30 06:24 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-08-08 07:36 - 2015-07-30 06:24 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-08-08 07:36 - 2015-07-30 06:22 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-08-08 07:36 - 2015-07-30 06:22 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-08-08 07:36 - 2015-07-30 06:21 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-08 07:36 - 2015-07-30 06:17 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-08-08 07:36 - 2015-07-30 06:12 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-08-08 07:36 - 2015-07-30 06:12 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-08-08 07:36 - 2015-07-30 06:09 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-08-08 07:36 - 2015-07-30 06:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-08-08 07:36 - 2015-07-30 06:08 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-08 07:36 - 2015-07-30 06:08 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2015-08-08 07:36 - 2015-07-30 06:07 - 20854776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-08 07:36 - 2015-07-30 06:02 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-08-08 07:36 - 2015-07-30 05:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-08-08 07:36 - 2015-07-30 05:56 - 16707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-08 07:36 - 2015-07-30 05:54 - 24591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-08 07:36 - 2015-07-30 05:54 - 02415616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-08 07:36 - 2015-07-30 05:53 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-08-08 07:36 - 2015-07-30 05:53 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-08-08 07:36 - 2015-07-30 05:53 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-08-08 07:36 - 2015-07-30 05:52 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-08 07:36 - 2015-07-30 05:52 - 00521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-08-08 07:36 - 2015-07-30 05:52 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2015-08-08 07:36 - 2015-07-30 05:49 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-08-08 07:36 - 2015-07-30 05:49 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-08 07:36 - 2015-07-30 05:49 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-08 07:36 - 2015-07-30 05:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-08-08 07:36 - 2015-07-30 05:46 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-08-08 07:36 - 2015-07-30 05:46 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-08-08 07:36 - 2015-07-30 05:46 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-08-08 07:36 - 2015-07-30 05:45 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2015-08-08 07:36 - 2015-07-30 05:45 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-08-08 07:36 - 2015-07-30 05:44 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-08 07:36 - 2015-07-30 05:44 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-08-08 07:36 - 2015-07-30 05:44 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-08-08 07:36 - 2015-07-30 05:44 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-08-08 07:36 - 2015-07-30 05:44 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-08-08 07:36 - 2015-07-30 05:44 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll
2015-08-08 07:36 - 2015-07-30 05:42 - 00596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-08-08 07:36 - 2015-07-30 05:42 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-08-08 07:36 - 2015-07-30 05:41 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-08-08 07:36 - 2015-07-30 05:41 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-08-08 07:36 - 2015-07-30 05:41 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2015-08-08 07:36 - 2015-07-30 05:40 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-08 07:36 - 2015-07-30 05:40 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-08-08 07:36 - 2015-07-30 05:38 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-08-08 07:36 - 2015-07-30 05:38 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2015-08-08 07:36 - 2015-07-30 05:34 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-08-08 07:36 - 2015-07-30 05:32 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-08 07:36 - 2015-07-30 05:32 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-08-08 07:36 - 2015-07-30 05:29 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-08-08 07:36 - 2015-07-30 05:23 - 13024256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-08 07:36 - 2015-07-30 05:15 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-08-08 07:36 - 2015-07-30 05:14 - 19333632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-08 07:36 - 2015-07-30 05:13 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-08-08 07:36 - 2015-07-30 05:13 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2015-08-08 07:36 - 2015-07-30 05:12 - 01914880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-08 07:36 - 2015-07-30 05:11 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-08-08 07:36 - 2015-07-30 05:10 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-08 07:36 - 2015-07-30 05:10 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-08 07:36 - 2015-07-30 05:07 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2015-08-08 07:36 - 2015-07-30 05:06 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-08-08 07:36 - 2015-07-30 05:06 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-08-08 07:36 - 2015-07-30 05:06 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2015-08-08 07:36 - 2015-07-30 05:06 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll
2015-08-08 07:36 - 2015-07-30 05:04 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-08-08 07:36 - 2015-07-30 05:04 - 00495616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-08-08 07:36 - 2015-07-30 05:04 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-08-08 07:36 - 2015-07-30 04:59 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-08-08 07:36 - 2015-07-30 04:58 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-08-08 07:36 - 2015-07-30 04:58 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-08-07 22:53 - 2015-08-07 22:53 - 00000000 ____D C:\Users\Luehmann\AppData\Local\NetworkTiles
2015-08-07 22:17 - 2015-08-07 22:17 - 00000000 ____D C:\Users\Luehmann\AppData\Local\Publishers
2015-08-07 22:11 - 2015-07-09 20:39 - 04847104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2015-08-07 22:11 - 2015-07-09 20:36 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2015-08-07 22:11 - 2015-07-09 20:28 - 06358016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2015-08-07 22:11 - 2015-07-09 20:25 - 05739520 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2015-08-07 22:11 - 2015-07-09 20:25 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2015-08-07 22:08 - 2015-08-07 22:08 - 00001062 _____ C:\Users\Luehmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2015-08-07 22:08 - 2015-08-07 22:08 - 00000000 ____D C:\Users\Luehmann\AppData\Local\PeerDistRepub
2015-08-07 22:04 - 2015-08-28 20:46 - 00000000 ____D C:\Users\Luehmann\AppData\Local\MicrosoftEdge
2015-08-07 22:04 - 2015-08-07 22:06 - 07812296 _____ (Microsoft Corporation) C:\Users\Luehmann\Downloads\OneDriveSetup.exe
2015-08-07 22:03 - 2015-08-21 07:48 - 00002420 _____ C:\Users\Luehmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-08-07 22:03 - 2015-08-21 07:48 - 00000000 ___RD C:\Users\Luehmann\OneDrive
2015-08-07 22:00 - 2015-08-09 17:15 - 00000000 ____D C:\Users\Luehmann\AppData\Local\Packages
2015-08-07 22:00 - 2015-08-07 22:00 - 00000020 ___SH C:\Users\Luehmann\ntuser.ini
2015-08-07 22:00 - 2015-08-07 22:00 - 00000000 ____D C:\Users\Luehmann\AppData\Local\TileDataLayer
2015-08-07 10:27 - 2015-08-07 22:00 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-07 10:24 - 2015-08-07 10:24 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 12502016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 11260928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 03589632 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-08-07 10:24 - 2015-08-07 10:24 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 02878000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 02462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 02224128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 02150696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01890304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01680896 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01601024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01593856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-08-07 10:24 - 2015-08-07 10:24 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-08-07 10:24 - 2015-08-07 10:24 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-07 10:24 - 2015-08-07 10:24 - 01161728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01085776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-08-07 10:24 - 2015-08-07 10:24 - 00991584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-08-07 10:24 - 2015-08-07 10:24 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2015-08-07 10:24 - 2015-08-07 10:24 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00916800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00643616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00607008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00606392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-08-07 10:24 - 2015-08-07 10:24 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2015-08-07 10:24 - 2015-08-07 10:24 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00539216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-07 10:24 - 2015-08-07 10:24 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-08-07 10:24 - 2015-08-07 10:24 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00412672 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00403968 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-08-07 10:24 - 2015-08-07 10:24 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00242264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2015-08-07 10:24 - 2015-08-07 10:24 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-08-07 10:24 - 2015-08-07 10:24 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2015-08-07 10:24 - 2015-08-07 10:24 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-08-07 10:24 - 2015-08-07 10:24 - 00000000 ____D C:\Windows.old
2015-08-07 10:22 - 2015-08-07 10:22 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-08-07 10:21 - 2015-08-07 10:21 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-08-07 10:21 - 2015-08-07 10:21 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-08-07 10:21 - 2015-08-07 10:21 - 00000000 ____D C:\WINDOWS\system32\msmq
2015-08-07 10:21 - 2015-08-07 10:21 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-08-07 10:21 - 2015-08-07 10:21 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-08-07 10:21 - 2015-08-07 10:21 - 00000000 ____D C:\Program Files\MSBuild
2015-08-07 10:21 - 2015-08-07 10:21 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-08-07 10:21 - 2015-08-07 10:21 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-08-07 10:21 - 2015-08-07 10:21 - 00000000 ____D C:\inetpub
2015-08-07 10:21 - 2015-06-17 19:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-08-07 10:21 - 2015-06-17 19:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-07 10:21 - 2015-06-17 19:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-08-07 10:21 - 2015-05-29 22:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-08-07 10:21 - 2015-05-29 22:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-07 10:21 - 2015-05-29 22:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-08-07 09:35 - 2015-08-07 09:35 - 00000000 __SHD C:\Recovery
2015-08-07 09:34 - 2015-08-07 09:34 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-08-07 09:32 - 2015-08-07 09:32 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-07 09:32 - 2015-08-07 09:32 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-08-07 09:32 - 2015-08-07 09:32 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-08-07 09:31 - 2015-08-07 09:31 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-08-07 09:30 - 2015-09-03 22:07 - 02077062 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-07 09:30 - 2015-08-28 20:03 - 00000000 ____D C:\Users\Luehmann
2015-08-07 09:30 - 2015-08-07 22:00 - 00000000 ___RD C:\Users\Luehmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 09:30 - 2015-08-07 09:30 - 01980268 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-08-07 09:30 - 2015-08-07 09:30 - 00000000 _SHDL C:\Users\Luehmann\Vorlagen
2015-08-07 09:30 - 2015-08-07 09:30 - 00000000 _SHDL C:\Users\Luehmann\Startmenü
2015-08-07 09:30 - 2015-08-07 09:30 - 00000000 _SHDL C:\Users\Luehmann\Netzwerkumgebung
2015-08-07 09:30 - 2015-08-07 09:30 - 00000000 _SHDL C:\Users\Luehmann\Lokale Einstellungen
2015-08-07 09:30 - 2015-08-07 09:30 - 00000000 _SHDL C:\Users\Luehmann\Eigene Dateien
2015-08-07 09:30 - 2015-08-07 09:30 - 00000000 _SHDL C:\Users\Luehmann\Druckumgebung
2015-08-07 09:30 - 2015-08-07 09:30 - 00000000 _SHDL C:\Users\Luehmann\Documents\Eigene Musik
2015-08-07 09:30 - 2015-08-07 09:30 - 00000000 _SHDL C:\Users\Luehmann\Documents\Eigene Bilder
2015-08-07 09:30 - 2015-08-07 09:30 - 00000000 _SHDL C:\Users\Luehmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-07 09:30 - 2015-08-07 09:30 - 00000000 _SHDL C:\Users\Luehmann\AppData\Local\Verlauf
2015-08-07 09:30 - 2015-08-07 09:30 - 00000000 _SHDL C:\Users\Luehmann\AppData\Local\Anwendungsdaten
2015-08-07 09:30 - 2015-08-07 09:30 - 00000000 _SHDL C:\Users\Luehmann\Anwendungsdaten
2015-08-07 09:30 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\Luehmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-07 09:30 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Luehmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-07 09:30 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Luehmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-07 09:30 - 2015-07-10 13:04 - 00000000 ____D C:\Users\Luehmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-07 09:30 - 2015-07-10 12:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-08-07 09:29 - 2015-09-03 22:01 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-08-07 09:29 - 2015-09-03 22:00 - 00000000 ____D C:\ProgramData\Validity
2015-08-07 09:29 - 2015-08-07 09:31 - 00000000 ____D C:\Program Files\Synaptics
2015-08-07 09:29 - 2015-08-07 09:30 - 00021209 _____ C:\WINDOWS\iis.log
2015-08-07 09:29 - 2015-08-07 09:29 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2015-08-07 09:29 - 2015-08-07 09:29 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-08-07 09:29 - 2015-08-07 09:29 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_wbf_vfs_lvcmn_01_09_00.Wdf
2015-08-07 09:29 - 2015-08-07 09:29 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-08-07 09:29 - 2015-08-07 09:29 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-08-07 09:29 - 2015-08-07 09:29 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-08-07 09:29 - 2015-08-07 09:29 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-08-07 09:29 - 2015-08-07 09:29 - 00000000 ____D C:\Program Files (x86)\USB Camera
2015-08-07 09:29 - 2015-07-17 23:58 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-08-07 09:29 - 2015-07-17 23:58 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-08-07 09:28 - 2015-08-07 09:31 - 00000000 ____D C:\ProgramData\Conexant
2015-08-07 09:28 - 2015-08-07 09:31 - 00000000 ____D C:\Program Files\Intel
2015-08-07 09:28 - 2015-08-07 09:31 - 00000000 ____D C:\Program Files\CONEXANT
2015-08-07 09:27 - 2015-09-03 22:00 - 00105984 _____ C:\WINDOWS\PFRO.log
2015-08-07 09:27 - 2015-08-07 09:28 - 00031811 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-08-07 09:15 - 2015-08-07 09:34 - 00006611 _____ C:\WINDOWS\comsetup.log
2015-08-07 09:14 - 2015-08-07 09:34 - 00010449 _____ C:\WINDOWS\diagerr.xml
2015-08-07 09:14 - 2015-08-07 09:34 - 00009528 _____ C:\WINDOWS\diagwrn.xml

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-03 22:21 - 2015-06-20 15:04 - 00000000 ____D C:\Users\Luehmann\AppData\Roaming\Skype
2015-09-03 22:11 - 2015-07-10 14:20 - 00023483 _____ C:\WINDOWS\setupact.log
2015-09-03 22:11 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-03 22:07 - 2015-07-10 18:34 - 00884838 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-03 22:07 - 2015-07-10 18:34 - 00195936 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-03 22:03 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-03 22:01 - 2015-06-24 13:50 - 00000000 ___RD C:\Users\Luehmann\Dropbox
2015-09-03 22:01 - 2015-06-24 13:49 - 00001214 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2015-09-03 22:01 - 2015-06-24 13:49 - 00000000 ____D C:\Users\Luehmann\AppData\Local\Dropbox
2015-09-03 22:01 - 2015-03-19 20:40 - 00000000 ____D C:\ProgramData\McAfee
2015-09-03 22:01 - 2015-03-19 20:40 - 00000000 ____D C:\Program Files\Common Files\McAfee
2015-09-03 22:00 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-03 22:00 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-03 22:00 - 2015-07-10 11:05 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-09-03 22:00 - 2015-06-20 14:28 - 01877838 _____ C:\Users\Public\CAFADEBUG.log
2015-09-03 08:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-02 08:12 - 2015-06-20 13:58 - 01048344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-09-02 08:12 - 2015-06-20 13:58 - 00447944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-09-02 08:12 - 2015-06-20 13:58 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-09-02 08:12 - 2015-06-20 13:58 - 00150672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-09-02 08:12 - 2015-06-20 13:58 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-09-02 08:12 - 2015-06-20 13:58 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-09-02 08:12 - 2015-06-20 13:58 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-09-02 08:12 - 2015-06-20 13:58 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-09-02 08:12 - 2015-06-20 13:58 - 00028144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2015-09-02 08:12 - 2015-06-20 13:58 - 00004006 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-09-01 07:32 - 2015-06-21 15:35 - 00000000 ____D C:\Users\Luehmann\AppData\Roaming\Nitro PDF
2015-08-28 20:51 - 2015-06-20 14:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-28 20:29 - 2015-07-10 13:04 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-08-28 20:29 - 2015-07-10 11:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-28 20:27 - 2009-07-14 05:20 - 00000000 ____D C:\Users\Default.migrated
2015-08-28 15:53 - 2015-06-24 13:57 - 00000000 ____D C:\Users\Luehmann\Desktop\Ebay
2015-08-27 21:34 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-27 20:10 - 2015-06-22 12:51 - 00001900 _____ C:\Users\Luehmann\AppData\Roaming\Microsoft\Windows\Start Menu\REACHit Drive.lnk
2015-08-27 20:10 - 2015-03-19 20:30 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2015-08-27 20:09 - 2015-06-22 12:51 - 00000000 ____D C:\Users\Luehmann\AppData\Local\Downloaded Installations
2015-08-22 08:08 - 2015-06-20 15:04 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk
2015-08-22 08:08 - 2015-06-20 15:04 - 00000000 ____D C:\ProgramData\Skype
2015-08-20 08:12 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-08-17 18:34 - 2015-07-10 14:20 - 00193800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-17 18:32 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-17 18:32 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-08-15 09:12 - 2015-03-19 20:42 - 00000000 ____D C:\WINDOWS\System32\Tasks\TVT
2015-08-15 09:12 - 2015-03-19 13:06 - 00000000 ____D C:\ProgramData\Lenovo
2015-08-15 09:11 - 2015-03-19 20:38 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2015-08-15 09:11 - 2015-03-19 20:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-08-15 09:11 - 2015-03-19 20:30 - 00000000 ____D C:\Program Files (x86)\Lenovo
2015-08-11 20:58 - 2015-03-19 20:39 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-08-08 07:36 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\restore
2015-08-08 07:33 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\appcompat
2015-08-07 22:11 - 2015-07-10 18:35 - 00000000 ____D C:\WINDOWS\OCR
2015-08-07 22:00 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-08-07 22:00 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-08-07 22:00 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-08-07 22:00 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-08-07 22:00 - 2015-03-19 20:30 - 00000000 ____D C:\Intel
2015-08-07 10:27 - 2015-07-10 13:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-08-07 10:24 - 2015-07-10 13:06 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-07 10:24 - 2015-07-10 13:06 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-07 10:24 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-08-07 10:24 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-08-07 10:24 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-08-07 10:24 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-08-07 10:21 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-08-07 10:21 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-08-07 10:21 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-08-07 10:21 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-08-07 10:21 - 2015-07-10 13:01 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2015-08-07 10:21 - 2015-07-10 13:01 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2015-08-07 10:21 - 2015-07-10 13:01 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2015-08-07 10:21 - 2015-07-10 13:01 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-08-07 10:21 - 2015-07-10 13:01 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2015-08-07 10:21 - 2015-07-10 13:01 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2015-08-07 10:21 - 2015-07-10 13:01 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2015-08-07 10:21 - 2015-07-10 13:01 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2015-08-07 10:21 - 2015-07-10 13:01 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-08-07 10:21 - 2015-07-10 13:01 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2015-08-07 10:21 - 2015-07-10 13:01 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-08-07 10:21 - 2015-07-10 13:01 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-08-07 10:21 - 2015-07-10 13:01 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-08-07 10:21 - 2015-07-10 13:01 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-08-07 10:21 - 2015-07-10 13:01 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-08-07 10:21 - 2015-07-10 13:01 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2015-08-07 10:21 - 2015-07-10 13:00 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2015-08-07 10:21 - 2015-07-10 13:00 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2015-08-07 10:21 - 2015-07-10 13:00 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2015-08-07 10:21 - 2015-07-10 13:00 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2015-08-07 10:21 - 2015-07-10 13:00 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2015-08-07 10:21 - 2015-07-10 13:00 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-08-07 10:21 - 2015-07-10 13:00 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2015-08-07 10:21 - 2015-07-10 13:00 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2015-08-07 10:21 - 2015-07-10 13:00 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2015-08-07 10:21 - 2015-07-10 13:00 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2015-08-07 10:21 - 2015-07-10 13:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2015-08-07 10:21 - 2015-07-10 13:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-08-07 10:21 - 2015-07-10 13:00 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-08-07 10:21 - 2015-07-10 13:00 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2015-08-07 10:21 - 2015-07-10 13:00 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2015-08-07 10:21 - 2015-07-10 13:00 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2015-08-07 10:21 - 2015-07-10 13:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2015-08-07 10:21 - 2015-07-10 13:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-08-07 10:21 - 2015-07-10 13:00 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-08-07 10:21 - 2015-07-10 13:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-08-07 10:21 - 2015-07-10 13:00 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2015-08-07 09:35 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows NT
2015-08-07 09:35 - 2015-07-10 11:05 - 00000000 __RHD C:\Users\Default
2015-08-07 09:34 - 2015-07-23 00:04 - 00004320 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA1d0c4ca56c34337
2015-08-07 09:34 - 2015-07-10 13:04 - 00000000 __RSD C:\WINDOWS\Media
2015-08-07 09:34 - 2015-07-10 13:04 - 00000000 __RHD C:\Users\Public\Libraries
2015-08-07 09:34 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Registration
2015-08-07 09:34 - 2015-06-24 13:49 - 00004072 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2015-08-07 09:34 - 2015-03-19 20:43 - 00003974 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2
2015-08-07 09:34 - 2015-03-19 20:43 - 00003726 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon
2015-08-07 09:34 - 2015-03-19 20:38 - 00003172 _____ C:\WINDOWS\System32\Tasks\PMTask
2015-08-07 09:33 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\spool
2015-08-07 09:32 - 2015-07-10 13:05 - 00004362 _____ C:\WINDOWS\DtcInstall.log
2015-08-07 09:32 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 09:32 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 09:32 - 2015-07-10 13:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 09:32 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-08-07 09:32 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-08-07 09:32 - 2015-07-10 12:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage
2015-08-07 09:32 - 2015-06-21 10:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2015-08-07 09:32 - 2015-06-20 23:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-08-07 09:32 - 2015-06-20 15:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
2015-08-07 09:32 - 2015-06-20 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-08-07 09:32 - 2015-03-19 20:40 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo PowerENGAGE
2015-08-07 09:32 - 2015-03-19 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gesture Control
2015-08-07 09:32 - 2015-03-19 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2015-08-07 09:32 - 2015-03-19 20:33 - 00000000 ____D C:\Program Files\DisplayLink Core Software
2015-08-07 09:31 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-08-07 09:31 - 2015-07-10 15:19 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-08-07 09:31 - 2015-07-10 13:04 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-08-07 09:31 - 2015-07-10 13:04 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-08-07 09:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HK
2015-08-07 09:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR
2015-08-07 09:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-08-07 09:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-08-07 09:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\zh-HK
2015-08-07 09:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-07 09:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2015-08-07 09:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-08-07 09:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-07 09:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\IME
2015-08-07 09:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\schemas
2015-08-07 09:31 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-07 09:31 - 2015-03-19 20:42 - 00000000 ____D C:\Program Files\Intel Corporation
2015-08-07 09:31 - 2015-03-19 20:30 - 00000000 ____D C:\Program Files (x86)\Intel
2015-08-07 09:31 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-08-07 09:29 - 2015-07-10 14:20 - 00000113 _____ C:\WINDOWS\setuperr.log
2015-08-07 09:29 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\System
2015-08-07 09:29 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-08-07 09:18 - 2015-03-19 20:29 - 01727970 _____ C:\WINDOWS\WindowsUpdate (1).log
2015-08-07 09:18 - 2009-07-14 06:45 - 00031984 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-07 09:18 - 2009-07-14 06:45 - 00031984 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-07 09:15 - 2015-07-10 19:29 - 00000000 ___HD C:\$Windows.~BT

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-28 23:54 - 2015-08-28 23:54 - 0011527 _____ () C:\Users\Luehmann\AppData\Local\recently-used.xbel
2015-03-19 20:38 - 2015-03-19 20:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Luehmann\AppData\Local\Temp\0090711440786455mcinst.exe
C:\Users\Luehmann\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplryjho.dll
C:\Users\Luehmann\AppData\Local\Temp\McCSPInstall.dll
C:\Users\Luehmann\AppData\Local\Temp\mccspuninstall.exe
C:\Users\Luehmann\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-01 08:00

==================== Ende von FRST.txt ============================

Heinz_Strunk · 03.09.2015, 21:43

FRST Additions Logfile:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-08-2015
durchgeführt von Luehmann (2015-09-03 22:40:53)
Gestartet von C:\Users\Luehmann\Downloads
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3821891805-1902387822-2583955431-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3821891805-1902387822-2583955431-503 - Limited - Disabled)
Gast (S-1-5-21-3821891805-1902387822-2583955431-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3821891805-1902387822-2583955431-1002 - Limited - Enabled)
Luehmann (S-1-5-21-3821891805-1902387822-2583955431-1001 - Administrator - Enabled) => C:\Users\Luehmann

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.51.00 - )
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.58.0 - Conexant)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
DisplayLink Core Software (HKLM\...\{58F4C39B-D946-4A45-A314-DEFC2AFDF397}) (Version: 7.5.54609.0 - DisplayLink Corp.)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.8.6 - Dropbox, Inc.)
Dropbox 15 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.67.2 - Lenovo Group Limited)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Gesture Control (HKLM-x32\...\{8774ACAB-7051-4C7D-ABA2-C4E415F0108C}) (Version: 6.1.165.1 - Lenovo)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ACHTUNG
HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3383 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1419.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0462 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.6.3.70 - Intel Corporation) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.2.32 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{F949AE30-83D1-41B2-92D2-F44478DD058A}) (Version: 4.2.24.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{75895d95-3e4b-42b6-8440-97a0e234aeb3}) (Version: 17.0.2 - Intel Corporation)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.13 - )
Lenovo Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.1.16.0 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro)
Lenovo Peer Connect SDK (HKLM\...\{75C87855-9CBB-4892-B1A9-74C73A19CACA}_is1) (Version: 1.0.0.7 - Lenovo)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.15 - Lenovo)
Lenovo PowerENGAGE (HKLM-x32\...\{15B15395-FF53-44E1-ADAD-FCC279E3CA10}) (Version: 2.51.0040 - Lenovo Inc.)
Lenovo QuickControl (HKLM-x32\...\{04128C8C-7812-4DCC-816E-9C8AB1D6EECE}) (Version: 2.40 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{87D9837B-FFC4-45E2-8AE8-6F588EF30FD9}) (Version: 2.8.001.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0003 - Lenovo)
Lenovo USB Graphics (HKLM\...\{E6B1FE9A-CB1E-4096-A0AF-163419CB971C}) (Version: 7.5.54614.0 - Lenovo)
Lenovo USB3.0 to DVI VGA Monitor Adapter (HKLM-x32\...\{454D32AD-C149-49BE-9F2E-8C089C3D6620}) (Version: 1.07.17 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Message Center Plus (HKLM\...\{EE4D9822-C7F3-4386-8703-889CDDA22FAA}) (Version: 3.4.0001.00 - Lenovo Group Limited)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.1005 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3 - Mozilla)
Mp3tag v2.70 (HKLM-x32\...\Mp3tag) (Version: v2.70 - Florian Heidenreich)
Nitro Pro 9 (HKLM\...\{941C6E5F-363B-4121-A374-3B2E0DEF877C}) (Version: 9.5.1.5 - Nitro)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.2.015.00 - Lenovo)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.21229 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.71.327.2013 - Realtek)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.11.0 - Lenovo Group Limited)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.0 - Synaptics Incorporated)
Thinkpad USB Ethernet Adapter Driver (HKLM-x32\...\{D8102684-7BA1-4948-88B9-535F84E6E588}) (Version: 7.14.1114.2014 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.80.03.00 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows-Treiberpaket - Intel Corporation (iaStorA) HDC  (04/29/2013 12.5.4.1001) (HKLM\...\64C5B2577D321E8D30DF813803EF008F338A0B1E) (Version: 04/29/2013 12.5.4.1001 - Intel Corporation)
Windows-Treiberpaket - Lenovo 1.67.09.03 (11/07/2014 1.67.09.03) (HKLM\...\FA3F6F3D6E8958FDDEE1E09CC77DFA71B0D7835A) (Version: 11/07/2014 1.67.09.03 - Lenovo)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

16-08-2015 19:00:22 Windows-Sicherung
22-08-2015 08:22:38 Uniblue DriverScanner installation
25-08-2015 10:16:47 Windows-Sicherung
30-08-2015 22:40:32 Windows-Sicherung
02-09-2015 08:12:23 avast! antivirus system restore point

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {0CD9DD46-A2F5-4562-8B6A-D7C2FBF06E63} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {0ED0F2C9-C6F4-4DEE-ABDA-5BA7D2BB6D33} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {10BD1012-4934-422C-8CE5-88033C7EFF4A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {1144AC20-1E8C-41F0-ADAD-41E9C11D2DAA} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {13B0A2AD-0760-4134-AE9E-2DF4FA6571EC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {157CC2EA-2B4F-4F8F-851B-2B33C6861425} - System32\Tasks\Lenovo\Message Center Plus Launcher => C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe [2015-03-23] (Lenovo)
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {1D71D99B-80DD-4085-BEC3-62B62AD0817B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {218CF6B8-705E-4B63-B398-E680F49216B4} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {218E4731-FE33-440D-8E07-DF27C693D6C7} - System32\Tasks\DropboxUpdateTaskMachineUA1d0c4ca56c34337 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-24] (Dropbox, Inc.)
Task: {2628B1E4-8175-4D64-BAE8-27F9F7E6809D} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {26643903-8A9E-4AD6-B102-C4F9B9C8049B} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2014-12-01] (Lenovo)
Task: {2EEB3249-4494-4294-943F-BAEA528EEEBD} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {2F2D7690-4F2A-4892-A600-8BB376585344} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {3256306D-C824-458E-ADAD-B11CC4F90828} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-12-01] (Lenovo)
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {486E9823-F791-432B-A3E2-05AB27C1A68A} - System32\Tasks\Lenovo\Lenovo PowerENGAGE Update => C:\Program Files (x86)\Lenovo Registration\lenovoreg.exe [2015-01-09] (Aviata Inc)
Task: {51AF5666-3754-4EC0-A10E-771A89D1657D} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-08-19] (Lenovo)
Task: {54DBA86C-C414-4B92-9E50-DDFA6EB2D251} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-09-02] (AVAST Software)
Task: {54FC37AE-17AC-4C56-A863-944CDC38635A} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {56365FDA-DCB6-4135-8A83-D7920FFF5043} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {5A2A8BAC-4B9F-4F83-839B-EBFE915EF177} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2015-07-01] ()
Task: {5B6BFFE5-12CD-4082-A100-B0CCA6746163} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {5FEE588B-36B5-40C3-A323-375AB42DB4CD} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {646B0DBA-9DB9-4680-8ADB-859F069D7B02} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {69D59428-B51E-4908-AEFD-23AB24A29FD4} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {721AB63B-2CA5-49B7-8A50-1398FB541B90} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2014-12-12] ()
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {73DD3907-8EAB-4C4B-B4E5-E8FE282B1553} - System32\Tasks\TVT\LaunchFR => C:\Program Files (x86)\Lenovo\Factory Recovery\FRReminder.exe [2014-08-21] (TODO: <Company name>)
Task: {76E74B19-5BA8-4D6D-A52C-307C56BE3C3E} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {78D120C3-2DD4-4302-AD78-8BEA18957836} - System32\Tasks\Lenovo\Gesture Control => C:\Program Files (x86)\eyeSight\Gesture Control\launchGC.exe [2015-01-26] ()
Task: {79D93EB0-9B86-429E-BDBB-48D4E1871D34} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {831C3B30-E784-4827-B9AE-728C49B2803B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {85B04076-42D5-4E43-BB5D-BFC751D63CA2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {888AB188-C266-4302-9220-F2A310B8429E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {8B39A6D4-CFAD-4F5B-9CF1-F41438A69390} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-08-19] (Lenovo)
Task: {8DA20F40-87AF-4DE8-AC2F-BBDB078EAE5E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-08-07] (Microsoft Corporation)
Task: {9B44CC17-1D17-480C-A623-655FDA448C10} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {9FA4114F-B213-420D-BFAC-07AECE36FB92} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {A0FF1C4C-B44D-432C-AFCB-8A38CAAB8ADC} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> Keine Datei <==== ACHTUNG
Task: {A38ECDC1-2C04-430B-9FD6-ECEFE81991A0} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-24] (Dropbox, Inc.)
Task: {A5914EE9-28BC-4DA8-9B20-44BB4E46A704} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {A5980F38-C7CC-4C51-A5E5-76314668F18A} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {A7D7DF28-DD19-4C3F-941C-60EBDAC26021} - System32\Tasks\Lenovo\REACHit => C:\Program Files (x86)\Lenovo\REACHit\ReachitMetrics.exe [2015-08-19] ()
Task: {ADC83414-9B5D-43F1-B147-57CA0ADD257D} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-12-01] (Lenovo)
Task: {B1920AB8-9964-4A47-B2A0-CE65A43C8942} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {B61B7215-EE0B-4934-9809-755E43A6DA1E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {B72BA540-D18C-4D5F-8E2F-60FFB4FCA148} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {CB1AB1D3-B5FA-4ECA-B651-3A79316F7681} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {D8845769-7A9F-44B0-AFA9-E2AC2DDF5364} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {DCFF3DE4-31EF-4EC2-B787-5601F2439873} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {E1D397F4-458C-468A-A009-5E3A938BDB73} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {E3117ECE-E5A9-433D-B229-97D6D75D6EA5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {E3758915-6EEB-4735-8F10-2A912DED0BC5} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-12-01] ()
Task: {E3B33FF5-380F-4A4D-B41B-94D3DC15F397} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-09-02] (Lenovo)
Task: {EAA2618C-31ED-4996-BA65-F2F4DE4BC700} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2014-11-14] (Lenovo Group Limited)
Task: {EE3D8004-A250-4A84-BC68-B2E6E3A9A5CB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {F2BD94E8-1A8C-48A0-A4AB-94ADFF82E7F5} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {FF29A35D-949B-4F54-965A-AB0780567E44} - System32\Tasks\Lenovo\Lenovo PowerENGAGE => C:\Program Files (x86)\Lenovo Registration\lenovoreg.exe [2015-01-09] (Aviata Inc)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d0c4ca56c34337.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-07 10:24 - 2015-08-07 10:24 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00403968 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2014-05-15 19:39 - 2014-05-15 19:39 - 00417800 _____ () C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe
2015-08-08 07:36 - 2015-07-30 08:05 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-03-19 20:38 - 2014-11-14 00:07 - 00117760 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2015-08-08 07:36 - 2015-07-30 08:05 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-18 00:35 - 2015-07-18 00:35 - 00396688 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00642048 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-08-08 07:36 - 2015-08-02 03:37 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 13:00 - 2015-07-10 18:43 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-08 07:36 - 2015-08-02 03:34 - 01806848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-08 07:36 - 2015-08-02 03:35 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 13:00 - 2015-07-10 18:43 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-03-19 20:36 - 2010-10-26 06:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2015-08-29 17:47 - 2015-08-29 17:50 - 00007168 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.827.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-08-29 17:47 - 2015-08-29 17:50 - 11606528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.827.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-07-10 18:50 - 2015-07-10 18:50 - 07897088 _____ () C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.0_1.0.22929.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
2015-09-02 08:12 - 2015-09-02 08:12 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-09-02 08:12 - 2015-09-02 08:12 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-09-03 21:56 - 2015-09-03 21:56 - 02964480 _____ () C:\Program Files\AVAST Software\Avast\defs\15090300\algo.dll
2015-03-19 20:38 - 2011-08-02 21:58 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2015-03-19 20:38 - 2011-08-02 21:58 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2015-06-20 13:58 - 2015-06-20 13:58 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-09-03 22:01 - 2015-09-03 22:01 - 00071168 _____ () c:\users\luehmann\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplryjho.dll
2015-06-24 13:50 - 2015-08-05 22:49 - 00012800 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-06-24 13:50 - 2015-08-05 22:49 - 00779776 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-08-02 10:08 - 2015-08-05 22:49 - 00056320 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-24 13:50 - 2015-08-05 22:49 - 00012288 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2015-03-19 20:30 - 2013-05-08 22:23 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Think\Think_Blue.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{415A1CC8-B9CD-463C-802F-0B0BA14D042A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3FF8E241-14C7-4681-AEC2-67235BB7585C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5CAFE1E3-5C1C-4B90-8FD1-3F3D2B7DEC24}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{548CFF05-A4FB-48E0-A3C4-E113A78221B3}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{93E2041C-FCD1-48F9-821D-55B21975F252}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{16DAD92A-13D1-4AE1-9C84-96EF3C70802D}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [{C5C6445C-6BC1-479C-93DC-40C0B5E6B785}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [{5D91A6E7-3858-49EA-BB74-E54DC21B6B9D}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{9AC6FAD2-6BBD-476E-B5A0-9949423175E9}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{7A3CADC4-ED2B-4277-AA93-C4B815DA7318}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{622970A4-F8F2-46D3-8784-40B44C0C0971}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/03/2015 10:11:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OHub.exe, Version: 16.0.6121.2376, Zeitstempel: 0x55d7a527
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10240.16392, Zeitstempel: 0x55a864a2
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ea28c
ID des fehlerhaften Prozesses: 0x228
Startzeit der fehlerhaften Anwendung: 0xOHub.exe0
Pfad der fehlerhaften Anwendung: OHub.exe1
Pfad des fehlerhaften Moduls: OHub.exe2
Berichtskennung: OHub.exe3
Vollständiger Name des fehlerhaften Pakets: OHub.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: OHub.exe5

Error: (09/03/2015 08:57:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OHub.exe, Version: 16.0.6121.2376, Zeitstempel: 0x55d7a527
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10240.16392, Zeitstempel: 0x55a864a2
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ea28c
ID des fehlerhaften Prozesses: 0x1c9c
Startzeit der fehlerhaften Anwendung: 0xOHub.exe0
Pfad der fehlerhaften Anwendung: OHub.exe1
Pfad des fehlerhaften Moduls: OHub.exe2
Berichtskennung: OHub.exe3
Vollständiger Name des fehlerhaften Pakets: OHub.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: OHub.exe5

Error: (09/03/2015 08:50:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ReachitMetrics.exe, Version: 2.0.17.0, Zeitstempel: 0x55d4dd4e
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10240.16384, Zeitstempel: 0x559f3b2a
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000b3e28
ID des fehlerhaften Prozesses: 0x2670
Startzeit der fehlerhaften Anwendung: 0xReachitMetrics.exe0
Pfad der fehlerhaften Anwendung: ReachitMetrics.exe1
Pfad des fehlerhaften Moduls: ReachitMetrics.exe2
Berichtskennung: ReachitMetrics.exe3
Vollständiger Name des fehlerhaften Pakets: ReachitMetrics.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ReachitMetrics.exe5

Error: (09/03/2015 08:50:12 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: ReachitMetrics.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.IO.FileNotFoundException
Stapel:
   bei ReachitMetrics.Program.InstallUnintallStatusCheck(System.String)
   bei ReachitMetrics.Program.Main(System.String[])

Error: (09/03/2015 08:47:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Luehmann-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/03/2015 08:47:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SearchUI.exe, Version 10.0.10240.16413 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 108c

Startzeit: 01d0e678f4024d02

Beendigungszeit: 4294967295

Anwendungspfad: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

Berichts-ID: 3e713913-526c-11e5-9bc6-4851b7f60274

Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy

Auf das fehlerhafte Paket bezogene Anwendungs-ID: CortanaUI

Error: (09/03/2015 08:47:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Luehmann-PC)
Description: Das Paket „Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (09/03/2015 09:10:16 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Luehmann-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/03/2015 08:07:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OHub.exe, Version: 16.0.6121.2376, Zeitstempel: 0x55d7a527
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10240.16392, Zeitstempel: 0x55a864a2
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ea28c
ID des fehlerhaften Prozesses: 0x2420
Startzeit der fehlerhaften Anwendung: 0xOHub.exe0
Pfad der fehlerhaften Anwendung: OHub.exe1
Pfad des fehlerhaften Moduls: OHub.exe2
Berichtskennung: OHub.exe3
Vollständiger Name des fehlerhaften Pakets: OHub.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: OHub.exe5

Error: (09/03/2015 08:03:13 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Luehmann-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (09/03/2015 10:12:06 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/03/2015 10:01:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (09/03/2015 10:00:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (09/03/2015 10:00:36 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (09/03/2015 10:00:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/03/2015 10:00:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Content Protection HECI Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/03/2015 10:00:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Lenovo Auto Scroll" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/03/2015 10:00:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "lnvDiscoveryWinSvc" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/03/2015 10:00:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Power Manager Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/03/2015 10:00:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office:
=========================
Error: (09/03/2015 10:11:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OHub.exe16.0.6121.237655d7a527ntdll.dll10.0.10240.1639255a864a2c000037400000000000ea28c22801d0e684aa93a0fdC:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6121.23761.0_x64__8wekyb3d8bbwe\OHub.exeC:\WINDOWS\SYSTEM32\ntdll.dlladb4d7d1-0795-4024-b4b7-c20e8515b217Microsoft.MicrosoftOfficeHub_17.6121.23761.0_x64__8wekyb3d8bbweMicrosoft.MicrosoftOfficeHub

Error: (09/03/2015 08:57:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OHub.exe16.0.6121.237655d7a527ntdll.dll10.0.10240.1639255a864a2c000037400000000000ea28c1c9c01d0e67a6b63f3c4C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6121.23761.0_x64__8wekyb3d8bbwe\OHub.exeC:\WINDOWS\SYSTEM32\ntdll.dll6a56f31f-5e35-4a68-8958-5c11ca3acb97Microsoft.MicrosoftOfficeHub_17.6121.23761.0_x64__8wekyb3d8bbweMicrosoft.MicrosoftOfficeHub

Error: (09/03/2015 08:50:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ReachitMetrics.exe2.0.17.055d4dd4eKERNELBASE.dll10.0.10240.16384559f3b2ae0434352000b3e28267001d0e6795cefe83cC:\Program Files (x86)\Lenovo\REACHit\ReachitMetrics.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dllfd58adce-1a0f-4df4-aff5-0272f64a2f77

Error: (09/03/2015 08:50:12 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: ReachitMetrics.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.IO.FileNotFoundException
Stapel:
   bei ReachitMetrics.Program.InstallUnintallStatusCheck(System.String)
   bei ReachitMetrics.Program.Main(System.String[])

Error: (09/03/2015 08:47:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Luehmann-PC)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2147023170

Error: (09/03/2015 08:47:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SearchUI.exe10.0.10240.16413108c01d0e678f4024d024294967295C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe3e713913-526c-11e5-9bc6-4851b7f60274Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyCortanaUI

Error: (09/03/2015 08:47:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Luehmann-PC)
Description: Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI

Error: (09/03/2015 09:10:16 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Luehmann-PC)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141

Error: (09/03/2015 08:07:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: OHub.exe16.0.6121.237655d7a527ntdll.dll10.0.10240.1639255a864a2c000037400000000000ea28c242001d0e60edfb6a19dC:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6121.23761.0_x64__8wekyb3d8bbwe\OHub.exeC:\WINDOWS\SYSTEM32\ntdll.dllc4425c8d-9953-405d-9156-133cf5762cc4Microsoft.MicrosoftOfficeHub_17.6121.23761.0_x64__8wekyb3d8bbweMicrosoft.MicrosoftOfficeHub

Error: (09/03/2015 08:03:13 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Luehmann-PC)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2147023170


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Prozentuale Nutzung des RAM: 36%
Installierter physikalischer RAM: 8108.07 MB
Verfügbarer physikalischer RAM: 5125.56 MB
Summe virtueller Speicher: 16300.07 MB
Verfügbarer virtueller Speicher: 13034.97 MB

==================== Laufwerke ================================

Drive c: (Windows7_OS) (Fixed) (Total:221.55 GB) (Free:147.61 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:14.99 GB) (Free:0 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: B0DCC8DE)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=221.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=476 MB) - (Type=27)
Partition 4: (Not Active) - (Size=15 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

--- --- ---

deeprybka · 03.09.2015, 22:14

Die Malwarebytes-Funde hast Du löschen lassen bzw. Quarantäne gewählt?

Heinz_Strunk · 04.09.2015, 11:33

Nein, diese Option wurde nicht angeboten. Zudem wurden die 104 Treffer, die angezeigt wurden, nicht als gefährlich eingestuft. Soll ich sie trotzdem löschen / in Quarantäne schieben? Nur, wie geht das?

Hallo,
ich habe jetzt noch mal das Malwarebytes-Programm durchlaufen lassen und die 104 Dateien, die gemeldet wurden in Quarantäne geschoben. Wie könnte es nun weitergehen? Bin dankbar für jede Hilfe!
Gruß, Heinz

deeprybka · 04.09.2015, 15:25

Zitat:

Zitat von Heinz_Strunk

Wie könnte es nun weitergehen? Bin dankbar für jede Hilfe!
Gruß, Heinz

Keine Sorge, Hilfe bekommst Du bei uns. Nur etwas Geduld, wir machen das alle hier in unserer Freizeit.

Poste bitte nochmal frische FRST-Logs.

Schritt 1

Bitte starte FRST erneut, markiere auch die checkbox

und drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

Heinz_Strunk · 09.09.2015, 23:22

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-09-2015
durchgeführt von Luehmann (Administrator) auf LUEHMANN-PC (10-09-2015 00:13:37)
Gestartet von C:\Users\Luehmann\Downloads
Geladene Profile: Luehmann (Verfügbare Profile: Luehmann)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe
(Nitro PDF Software) C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SETD2EB.tmp
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\OldBinaries\bin_a4kwm5\Client\Dropbox.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Microsoft Corporation) C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Farbar) C:\Users\Luehmann\Downloads\FRST64 (1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\Windows\system32\igfxpers.exe"
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [901216 2013-04-29] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [TpShocks] => C:\WINDOWS\system32\TpShocks.exe [555760 2014-12-08] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [295712 2014-08-07] (Lenovo Group Limited)
HKLM\...\Run: [SynLenovoHelper] => C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe [164032 2015-09-07] (Synaptics)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954880 2015-09-07] (Synaptics Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [561672 2015-06-12] (Vimicro)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-10-21] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-09-02] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [39175960 2015-08-14] (Dropbox, Inc.)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\...\Run: [OneDrive] => C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\OneDrive.exe [404064 2015-08-21] (Microsoft Corporation)
HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\...\RunOnce: [Uninstall C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\...\RunOnce: [Uninstall C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\...\RunOnce: [Adobe Speed Launcher] => 1441834727
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll [2015-08-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll [2015-08-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll [2015-08-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-09-02] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll [2015-08-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll [2015-08-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll [2015-08-21] (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8515b949-94c2-4767-b362-e7ea02966bc8}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com/?pc=LNJB
HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001 -> DefaultScope {4F2E4AB7-1650-46FC-87EA-A5D6604EF333} URL = 
SearchScopes: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001 -> {4F2E4AB7-1650-46FC-87EA-A5D6604EF333} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-02] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-02] (AVAST Software)

FireFox:
========
FF ProfilePath: C:\Users\Luehmann\AppData\Roaming\Mozilla\Firefox\Profiles\3t0p86ou.default
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-08] (Intel Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2014-05-15] (Nitro PDF)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: ClassicThemeRestorerArisT2Noia4dev - C:\Users\Luehmann\AppData\Roaming\Mozilla\Firefox\Profiles\3t0p86ou.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev [2015-08-28]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-20]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\prefs.js [2015-08-28]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-20]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-02] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109008 2015-09-02] (AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-24] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-24] (Dropbox, Inc.)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-08] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [619776 2014-12-05] (Lenovo)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [197408 2014-08-07] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [115184 2014-07-08] (Lenovo Group Limited)
S3 LenovoProdRegManager; C:\Program Files (x86)\Lenovo Registration\EngageService.exe [293416 2015-01-09] (Aviata, Inc.)
R2 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [21552 2014-02-21] (Lenovo)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-12-01] ()
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-08-07] (Microsoft Corporation)
R2 NitroDriverReadSpool9; C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe [230920 2014-05-15] (Nitro PDF Software)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe [417800 2014-05-15] ()
S2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [61232 2014-12-05] (Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [317224 2014-12-05] (Lenovo Group Limited)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22008 2015-07-01] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2015-09-07] (Synaptics Incorporated)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2973400 2015-08-04] (AVG Technologies)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [49968 2015-03-03] (Synaptics Incorporated)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-07] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-08-07] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-02] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-09-02] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-02] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [454016 2015-09-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-02] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-09-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-09-02] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-09-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-02] (AVAST Software)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [263952 2015-07-14] (Intel Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-08-07] (Microsoft Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3496216 2015-07-10] (Intel Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [761600 2015-06-15] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [52912 2015-09-07] (Synaptics Incorporated)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-07-23] (TuneUp Software)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [206744 2013-06-20] (Windows (R) Win 7 DDK provider)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [802312 2015-06-12] (Vimicro Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-10 00:11 - 2015-09-10 00:11 - 02190336 _____ (Farbar) C:\Users\Luehmann\Downloads\FRST64 (1).exe
2015-09-09 23:43 - 2015-09-09 23:51 - 12597375 _____ C:\Users\Luehmann\Downloads\xvideos.com_bc9b8323986774066bc6d06f3ec73c00.flv.j97ledj.partial
2015-09-09 23:38 - 2015-09-09 23:38 - 00016148 _____ C:\WINDOWS\system32\LUEHMANN-PC_Luehmann_HistoryPrediction.bin
2015-09-07 09:17 - 2015-09-07 09:17 - 00000000 ____D C:\Users\Luehmann\AppData\Roaming\dlg
2015-09-07 08:48 - 2015-09-07 08:48 - 00000511 _____ C:\WINDOWS\Synaptics.PD.log
2015-09-07 08:47 - 2015-09-07 08:47 - 00430256 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll
2015-09-07 08:47 - 2015-09-07 08:47 - 00276160 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo34.dll
2015-09-07 08:47 - 2015-09-07 08:47 - 00067248 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynRMIHID_Aux.sys
2015-09-07 08:47 - 2015-09-07 08:47 - 00052912 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys
2015-09-07 08:47 - 2015-09-07 08:47 - 00052400 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys
2015-09-07 03:42 - 2015-09-07 03:42 - 00510584 _____ C:\Users\Luehmann\Downloads\PC_Wecker_by_IP-MAN_v4.00.zip
2015-09-07 03:42 - 2015-09-07 03:42 - 00002200 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk
2015-09-07 03:42 - 2015-09-07 03:42 - 00002192 _____ C:\Users\Public\Desktop\AVG 1-Klick-Wartung.lnk
2015-09-07 03:42 - 2015-09-07 03:42 - 00002188 _____ C:\Users\Public\Desktop\AVG PC TuneUp 2015.lnk
2015-09-07 03:42 - 2015-09-07 03:42 - 00000000 ____D C:\Users\Luehmann\AppData\Roaming\AVG
2015-09-07 03:42 - 2015-09-07 03:42 - 00000000 ____D C:\Users\Luehmann\AppData\Local\Avg
2015-09-07 03:42 - 2015-09-07 03:42 - 00000000 ____D C:\Program Files (x86)\AVG
2015-09-07 03:42 - 2015-08-04 14:25 - 00041688 _____ (AVG Technologies) C:\WINDOWS\system32\TURegOpt.exe
2015-09-07 03:42 - 2015-08-04 14:25 - 00030424 _____ (AVG Technologies) C:\WINDOWS\system32\authuitu.dll
2015-09-07 03:42 - 2015-08-04 14:25 - 00025816 _____ (AVG Technologies) C:\WINDOWS\SysWOW64\authuitu.dll
2015-09-07 03:41 - 2015-09-07 03:42 - 00000000 ____D C:\ProgramData\AVG
2015-09-07 03:40 - 2015-09-07 03:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-07 03:39 - 2015-09-07 03:39 - 00003964 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1441589962
2015-09-07 03:39 - 2015-09-07 03:39 - 00001219 _____ C:\Users\Public\Desktop\Opera.lnk
2015-09-07 03:39 - 2015-09-07 03:39 - 00001219 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-09-07 03:39 - 2015-09-07 03:39 - 00000000 ____D C:\Users\Luehmann\AppData\Roaming\Opera Software
2015-09-07 03:39 - 2015-09-07 03:39 - 00000000 ____D C:\Users\Luehmann\AppData\Local\Opera Software
2015-09-07 03:37 - 2015-09-07 03:39 - 00000000 ____D C:\Program Files (x86)\Opera
2015-09-07 03:36 - 2015-09-07 03:37 - 00553064 _____ C:\Users\Luehmann\Downloads\PC_Wecker_by_IP-MAN_v4.00_CB-DL-Manager.exe
2015-09-04 08:25 - 2015-09-04 09:20 - 00000000 ____D C:\Users\Luehmann\Desktop\Mixes
2015-09-03 22:37 - 2015-09-03 22:37 - 00014761 _____ C:\Users\Luehmann\Desktop\ Malwarebytes Anti-Malware .txt
2015-09-03 22:25 - 2015-09-04 08:04 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-03 22:24 - 2015-09-09 23:45 - 85057968 _____ C:\Users\Luehmann\Downloads\xvideos.com_ee45a353e25e886c4af60da8de8a4755.flv
2015-09-03 22:22 - 2015-09-03 22:22 - 00001186 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-03 22:22 - 2015-09-03 22:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-09-03 22:22 - 2015-09-03 22:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-03 22:22 - 2015-09-03 22:22 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-09-03 22:22 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-09-03 22:22 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-09-03 22:22 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-09-03 22:05 - 2015-09-03 22:21 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Luehmann\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-03 21:58 - 2015-09-03 22:00 - 00000000 ____D C:\AdwCleaner
2015-09-03 21:51 - 2015-09-03 21:55 - 01654272 _____ C:\Users\Luehmann\Downloads\adwcleaner_5.005.exe
2015-09-02 19:52 - 2015-09-02 19:52 - 00095524 _____ C:\Users\Luehmann\Desktop\FRST01.txt
2015-09-02 19:52 - 2015-09-02 19:52 - 00044278 _____ C:\Users\Luehmann\Desktop\Addition02.txt
2015-09-02 19:33 - 2015-09-03 22:41 - 00044669 _____ C:\Users\Luehmann\Downloads\Addition.txt
2015-09-02 19:32 - 2015-09-10 00:13 - 00023673 _____ C:\Users\Luehmann\Downloads\FRST.txt
2015-09-02 19:32 - 2015-09-10 00:13 - 00000000 ____D C:\FRST
2015-09-02 19:31 - 2015-09-03 22:40 - 02188800 _____ (Farbar) C:\Users\Luehmann\Downloads\FRST64.exe
2015-09-02 08:12 - 2015-09-02 08:12 - 00454016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2015-09-02 08:12 - 2015-09-02 08:12 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-09-02 08:12 - 2015-09-02 08:12 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-08-31 23:27 - 2015-09-01 07:33 - 656068723 _____ C:\Users\Luehmann\Downloads\wetransfer-9fe53e.zip
2015-08-28 23:54 - 2015-08-28 23:54 - 00011527 _____ C:\Users\Luehmann\AppData\Local\recently-used.xbel
2015-08-28 23:49 - 2015-08-28 23:49 - 03565658 _____ C:\Users\Luehmann\Desktop\Unbenannt.xcf
2015-08-28 21:29 - 2015-08-28 21:29 - 00000000 ____D C:\Program Files (x86)\ESET
2015-08-28 21:25 - 2015-08-28 21:29 - 02870984 _____ (ESET) C:\Users\Luehmann\Downloads\esetsmartinstaller_enu.exe
2015-08-28 21:13 - 2015-08-28 21:14 - 01125626 _____ C:\Users\Luehmann\Downloads\ProcessExplorer_16.5.zip
2015-08-28 20:51 - 2015-08-28 20:51 - 00001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-28 20:51 - 2015-08-28 20:51 - 00001231 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-28 20:47 - 2015-08-28 20:47 - 00242984 _____ C:\Users\Luehmann\Downloads\Firefox Setup Stub 40.0.3.exe
2015-08-28 20:44 - 2015-08-28 20:44 - 01260832 _____ C:\Users\Luehmann\Downloads\Emsisoft Anti Malware - CHIP-Installer.exe
2015-08-28 20:29 - 2015-08-28 20:29 - 00000192 _____ C:\WINDOWS\wininit.ini
2015-08-28 15:33 - 2015-08-28 20:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-22 08:22 - 2015-08-28 15:00 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-08-22 08:08 - 2015-08-22 08:08 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-22 08:08 - 2015-08-22 08:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-20 22:25 - 2015-08-20 22:25 - 00000000 ____D C:\Users\Luehmann\.thumbnails
2015-08-20 22:10 - 2015-08-28 23:54 - 00000000 ____D C:\Users\Luehmann\AppData\Local\gtk-2.0
2015-08-20 22:07 - 2015-08-29 00:01 - 00000000 ____D C:\Users\Luehmann\.gimp-2.8
2015-08-20 22:07 - 2015-08-20 22:07 - 00000000 ____D C:\Users\Luehmann\AppData\Local\gegl-0.2
2015-08-20 22:06 - 2015-08-20 22:06 - 00000950 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-08-20 22:06 - 2015-08-20 22:06 - 00000000 ____D C:\Program Files\GIMP 2
2015-08-20 22:02 - 2015-08-20 22:06 - 91931728 _____ (The GIMP Team ) C:\Users\Luehmann\Downloads\gimp-2.8.14-setup-1.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-10 00:09 - 2015-06-24 13:49 - 00001214 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2015-09-10 00:00 - 2015-06-20 15:04 - 00000000 ____D C:\Users\Luehmann\AppData\Roaming\Skype
2015-09-09 23:51 - 2015-06-20 23:31 - 00000000 ____D C:\Users\Luehmann\AppData\Roaming\vlc
2015-09-09 23:50 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-09 23:48 - 2015-07-10 14:20 - 00024971 _____ C:\WINDOWS\setupact.log
2015-09-09 23:43 - 2015-06-22 12:51 - 00001900 _____ C:\Users\Luehmann\AppData\Roaming\Microsoft\Windows\Start Menu\REACHit Drive.lnk
2015-09-09 23:43 - 2015-06-22 12:51 - 00000000 ____D C:\Users\Luehmann\AppData\Local\Downloaded Installations
2015-09-09 23:43 - 2015-03-19 20:38 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2015-09-09 23:43 - 2015-03-19 20:30 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2015-09-09 23:42 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-09 23:41 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-09 23:38 - 2015-08-07 09:29 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-09-09 23:38 - 2015-06-24 13:50 - 00000000 ___RD C:\Users\Luehmann\Dropbox
2015-09-09 23:38 - 2015-06-24 13:49 - 00000000 ____D C:\Users\Luehmann\AppData\Local\Dropbox
2015-09-08 00:26 - 2015-06-20 14:28 - 01939680 _____ C:\Users\Public\CAFADEBUG.log
2015-09-07 08:48 - 2015-03-19 20:34 - 00000511 _____ C:\WINDOWS\Synaptics.log
2015-09-07 08:47 - 2015-07-28 18:01 - 00773312 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2015-09-07 08:47 - 2015-07-28 18:01 - 00629440 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2015-09-07 08:47 - 2015-07-28 18:01 - 00279216 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2015-09-07 08:47 - 2015-07-28 18:01 - 00052912 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2015-09-07 08:47 - 2013-09-12 21:22 - 01813392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2015-09-07 03:48 - 2015-06-20 13:14 - 00000000 ____D C:\Users\Luehmann\AppData\Local\VirtualStore
2015-09-07 03:40 - 2015-03-19 20:39 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-09-04 08:04 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-04 08:03 - 2015-08-07 09:30 - 02077062 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-04 08:03 - 2015-07-10 18:34 - 00884838 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-04 08:03 - 2015-07-10 18:34 - 00195936 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-04 07:59 - 2015-08-07 09:29 - 00000000 ____D C:\ProgramData\Validity
2015-09-04 07:59 - 2015-08-07 09:27 - 00132088 _____ C:\WINDOWS\PFRO.log
2015-09-04 07:59 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-04 07:59 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Globalization
2015-09-04 07:58 - 2015-07-10 11:05 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-09-03 22:01 - 2015-03-19 20:40 - 00000000 ____D C:\ProgramData\McAfee
2015-09-03 22:01 - 2015-03-19 20:40 - 00000000 ____D C:\Program Files\Common Files\McAfee
2015-09-02 08:12 - 2015-06-20 13:58 - 01048344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-09-02 08:12 - 2015-06-20 13:58 - 00447944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-09-02 08:12 - 2015-06-20 13:58 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-09-02 08:12 - 2015-06-20 13:58 - 00150672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-09-02 08:12 - 2015-06-20 13:58 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-09-02 08:12 - 2015-06-20 13:58 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-09-02 08:12 - 2015-06-20 13:58 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-09-02 08:12 - 2015-06-20 13:58 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-09-02 08:12 - 2015-06-20 13:58 - 00028144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2015-09-02 08:12 - 2015-06-20 13:58 - 00004006 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-09-01 07:32 - 2015-06-21 15:35 - 00000000 ____D C:\Users\Luehmann\AppData\Roaming\Nitro PDF
2015-08-28 20:51 - 2015-06-20 14:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-28 20:46 - 2015-08-07 22:04 - 00000000 ____D C:\Users\Luehmann\AppData\Local\MicrosoftEdge
2015-08-28 20:29 - 2015-07-10 13:04 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-08-28 20:29 - 2015-07-10 11:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-28 20:27 - 2009-07-14 05:20 - 00000000 ____D C:\Users\Default.migrated
2015-08-28 20:03 - 2015-08-07 09:30 - 00000000 ____D C:\Users\Luehmann
2015-08-28 15:53 - 2015-06-24 13:57 - 00000000 ____D C:\Users\Luehmann\Desktop\Ebay
2015-08-27 21:34 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-22 08:08 - 2015-06-20 15:04 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk
2015-08-22 08:08 - 2015-06-20 15:04 - 00000000 ____D C:\ProgramData\Skype
2015-08-21 07:48 - 2015-08-07 22:03 - 00002420 _____ C:\Users\Luehmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-08-21 07:48 - 2015-08-07 22:03 - 00000000 ___RD C:\Users\Luehmann\OneDrive
2015-08-20 08:12 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-08-17 18:34 - 2015-07-10 14:20 - 00193800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-17 18:32 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-17 18:32 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-08-15 09:12 - 2015-03-19 20:42 - 00000000 ____D C:\WINDOWS\System32\Tasks\TVT
2015-08-15 09:12 - 2015-03-19 13:06 - 00000000 ____D C:\ProgramData\Lenovo
2015-08-15 09:11 - 2015-03-19 20:38 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2015-08-15 09:11 - 2015-03-19 20:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-08-15 09:11 - 2015-03-19 20:30 - 00000000 ____D C:\Program Files (x86)\Lenovo

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-28 23:54 - 2015-08-28 23:54 - 0011527 _____ () C:\Users\Luehmann\AppData\Local\recently-used.xbel
2015-03-19 20:38 - 2015-03-19 20:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Luehmann\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpr1mifa.dll
C:\Users\Luehmann\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpug1sqb.dll
C:\Users\Luehmann\AppData\Local\Temp\McCSPInstall.dll
C:\Users\Luehmann\AppData\Local\Temp\mccspuninstall.exe
C:\Users\Luehmann\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-01 08:00

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-09-2015
durchgeführt von Luehmann (2015-09-10 00:14:10)
Gestartet von C:\Users\Luehmann\Downloads
Windows 10 Pro (X64) (2015-08-07 20:00:17)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3821891805-1902387822-2583955431-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3821891805-1902387822-2583955431-503 - Limited - Disabled)
Gast (S-1-5-21-3821891805-1902387822-2583955431-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3821891805-1902387822-2583955431-1002 - Limited - Enabled)
Luehmann (S-1-5-21-3821891805-1902387822-2583955431-1001 - Administrator - Enabled) => C:\Users\Luehmann

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.51.00 - )
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
AVG PC TuneUp 2015 (de-DE) (x32 Version: 15.0.1001.638 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.638 - AVG Technologies)
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.638 - AVG Technologies) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.58.0 - Conexant)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
DisplayLink Core Software (HKLM\...\{58F4C39B-D946-4A45-A314-DEFC2AFDF397}) (Version: 7.5.54609.0 - DisplayLink Corp.)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
Dropbox 15 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.67.2 - Lenovo Group Limited)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Gesture Control (HKLM-x32\...\{8774ACAB-7051-4C7D-ABA2-C4E415F0108C}) (Version: 6.1.165.1 - Lenovo)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ACHTUNG
HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3383 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1419.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0462 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.6.3.70 - Intel Corporation) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.2.32 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{F949AE30-83D1-41B2-92D2-F44478DD058A}) (Version: 4.2.24.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{75895d95-3e4b-42b6-8440-97a0e234aeb3}) (Version: 17.0.2 - Intel Corporation)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.13 - )
Lenovo Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.1.16.0 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro)
Lenovo Peer Connect SDK (HKLM\...\{75C87855-9CBB-4892-B1A9-74C73A19CACA}_is1) (Version: 1.0.0.7 - Lenovo)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.15 - Lenovo)
Lenovo PowerENGAGE (HKLM-x32\...\{15B15395-FF53-44E1-ADAD-FCC279E3CA10}) (Version: 2.51.0040 - Lenovo Inc.)
Lenovo QuickControl (HKLM-x32\...\{04128C8C-7812-4DCC-816E-9C8AB1D6EECE}) (Version: 2.40 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{87D9837B-FFC4-45E2-8AE8-6F588EF30FD9}) (Version: 2.8.001.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0003 - Lenovo)
Lenovo USB Graphics (HKLM\...\{E6B1FE9A-CB1E-4096-A0AF-163419CB971C}) (Version: 7.5.54614.0 - Lenovo)
Lenovo USB3.0 to DVI VGA Monitor Adapter (HKLM-x32\...\{454D32AD-C149-49BE-9F2E-8C089C3D6620}) (Version: 1.07.17 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Message Center Plus (HKLM\...\{EE4D9822-C7F3-4386-8703-889CDDA22FAA}) (Version: 3.4.0001.00 - Lenovo Group Limited)
Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.1005 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3 - Mozilla)
Mp3tag v2.70 (HKLM-x32\...\Mp3tag) (Version: v2.70 - Florian Heidenreich)
Nitro Pro 9 (HKLM\...\{941C6E5F-363B-4121-A374-3B2E0DEF877C}) (Version: 9.5.1.5 - Nitro)
Opera Stable 31.0.1889.174 (HKLM-x32\...\Opera 31.0.1889.174) (Version: 31.0.1889.174 - Opera Software)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.2.016.00 - Lenovo)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.21229 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.71.327.2013 - Realtek)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.11.0 - Lenovo Group Limited)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.2 - Synaptics Incorporated)
Thinkpad USB Ethernet Adapter Driver (HKLM-x32\...\{D8102684-7BA1-4948-88B9-535F84E6E588}) (Version: 7.14.1114.2014 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.80.03.00 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows-Treiberpaket - Intel Corporation (iaStorA) HDC  (04/29/2013 12.5.4.1001) (HKLM\...\64C5B2577D321E8D30DF813803EF008F338A0B1E) (Version: 04/29/2013 12.5.4.1001 - Intel Corporation)
Windows-Treiberpaket - Lenovo 1.67.09.03 (11/07/2014 1.67.09.03) (HKLM\...\FA3F6F3D6E8958FDDEE1E09CC77DFA71B0D7835A) (Version: 11/07/2014 1.67.09.03 - Lenovo)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3821891805-1902387822-2583955431-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Luehmann\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

22-08-2015 08:22:38 Uniblue DriverScanner installation
25-08-2015 10:16:47 Windows-Sicherung
30-08-2015 22:40:32 Windows-Sicherung
02-09-2015 08:12:23 avast! antivirus system restore point
07-09-2015 03:21:50 Windows-Sicherung

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {0CD9DD46-A2F5-4562-8B6A-D7C2FBF06E63} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {0ED0F2C9-C6F4-4DEE-ABDA-5BA7D2BB6D33} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {10BD1012-4934-422C-8CE5-88033C7EFF4A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {1144AC20-1E8C-41F0-ADAD-41E9C11D2DAA} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {13B0A2AD-0760-4134-AE9E-2DF4FA6571EC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {157CC2EA-2B4F-4F8F-851B-2B33C6861425} - System32\Tasks\Lenovo\Message Center Plus Launcher => C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe [2015-03-23] (Lenovo)
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {1D71D99B-80DD-4085-BEC3-62B62AD0817B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {218CF6B8-705E-4B63-B398-E680F49216B4} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {218E4731-FE33-440D-8E07-DF27C693D6C7} - System32\Tasks\DropboxUpdateTaskMachineUA1d0c4ca56c34337 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-24] (Dropbox, Inc.)
Task: {2628B1E4-8175-4D64-BAE8-27F9F7E6809D} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {26643903-8A9E-4AD6-B102-C4F9B9C8049B} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2014-12-01] (Lenovo)
Task: {2EEB3249-4494-4294-943F-BAEA528EEEBD} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {2F2D7690-4F2A-4892-A600-8BB376585344} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {3230CD06-BFBF-4BE8-8794-C3700360A7FB} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
Task: {3256306D-C824-458E-ADAD-B11CC4F90828} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-12-01] (Lenovo)
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {486E9823-F791-432B-A3E2-05AB27C1A68A} - System32\Tasks\Lenovo\Lenovo PowerENGAGE Update => C:\Program Files (x86)\Lenovo Registration\lenovoreg.exe [2015-01-09] (Aviata Inc)
Task: {51AF5666-3754-4EC0-A10E-771A89D1657D} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-09-02] (Lenovo)
Task: {529AE8DD-C5FB-4D62-A1B1-53A34762780F} - System32\Tasks\Opera scheduled Autoupdate 1441589962 => C:\Program Files (x86)\Opera\launcher.exe [2015-08-17] (Opera Software)
Task: {54DBA86C-C414-4B92-9E50-DDFA6EB2D251} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-09-02] (AVAST Software)
Task: {54FC37AE-17AC-4C56-A863-944CDC38635A} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {56365FDA-DCB6-4135-8A83-D7920FFF5043} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {5A2A8BAC-4B9F-4F83-839B-EBFE915EF177} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2015-07-01] ()
Task: {5B6BFFE5-12CD-4082-A100-B0CCA6746163} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {5FEE588B-36B5-40C3-A323-375AB42DB4CD} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {646B0DBA-9DB9-4680-8ADB-859F069D7B02} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {69D59428-B51E-4908-AEFD-23AB24A29FD4} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {721AB63B-2CA5-49B7-8A50-1398FB541B90} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2014-12-12] ()
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {73DD3907-8EAB-4C4B-B4E5-E8FE282B1553} - System32\Tasks\TVT\LaunchFR => C:\Program Files (x86)\Lenovo\Factory Recovery\FRReminder.exe [2014-08-21] (TODO: <Company name>)
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {78D120C3-2DD4-4302-AD78-8BEA18957836} - System32\Tasks\Lenovo\Gesture Control => C:\Program Files (x86)\eyeSight\Gesture Control\launchGC.exe [2015-01-26] ()
Task: {79D93EB0-9B86-429E-BDBB-48D4E1871D34} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {831C3B30-E784-4827-B9AE-728C49B2803B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {85B04076-42D5-4E43-BB5D-BFC751D63CA2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {888AB188-C266-4302-9220-F2A310B8429E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {8B39A6D4-CFAD-4F5B-9CF1-F41438A69390} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-09-02] (Lenovo)
Task: {8DA20F40-87AF-4DE8-AC2F-BBDB078EAE5E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-08-07] (Microsoft Corporation)
Task: {9B44CC17-1D17-480C-A623-655FDA448C10} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {9FA4114F-B213-420D-BFAC-07AECE36FB92} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {A0FF1C4C-B44D-432C-AFCB-8A38CAAB8ADC} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> Keine Datei <==== ACHTUNG
Task: {A38ECDC1-2C04-430B-9FD6-ECEFE81991A0} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-24] (Dropbox, Inc.)
Task: {A5914EE9-28BC-4DA8-9B20-44BB4E46A704} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {A5980F38-C7CC-4C51-A5E5-76314668F18A} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {A7D7DF28-DD19-4C3F-941C-60EBDAC26021} - System32\Tasks\Lenovo\REACHit => C:\Program Files (x86)\Lenovo\REACHit\ReachitMetrics.exe [2015-09-02] ()
Task: {ADC83414-9B5D-43F1-B147-57CA0ADD257D} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-12-01] (Lenovo)
Task: {B1920AB8-9964-4A47-B2A0-CE65A43C8942} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {B61B7215-EE0B-4934-9809-755E43A6DA1E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {B72BA540-D18C-4D5F-8E2F-60FFB4FCA148} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {CB1AB1D3-B5FA-4ECA-B651-3A79316F7681} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {D8845769-7A9F-44B0-AFA9-E2AC2DDF5364} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {DCFF3DE4-31EF-4EC2-B787-5601F2439873} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {E1D397F4-458C-468A-A009-5E3A938BDB73} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {E3117ECE-E5A9-433D-B229-97D6D75D6EA5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {E3758915-6EEB-4735-8F10-2A912DED0BC5} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-12-01] ()
Task: {EAA2618C-31ED-4996-BA65-F2F4DE4BC700} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2014-11-14] (Lenovo Group Limited)
Task: {EE3D8004-A250-4A84-BC68-B2E6E3A9A5CB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {F2BD94E8-1A8C-48A0-A4AB-94ADFF82E7F5} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {FF29A35D-949B-4F54-965A-AB0780567E44} - System32\Tasks\Lenovo\Lenovo PowerENGAGE => C:\Program Files (x86)\Lenovo Registration\lenovoreg.exe [2015-01-09] (Aviata Inc)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d0c4ca56c34337.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-07 10:24 - 2015-08-07 10:24 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-07 10:24 - 2015-08-07 10:24 - 00403968 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2014-05-15 19:39 - 2014-05-15 19:39 - 00417800 _____ () C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe
2015-08-04 14:26 - 2015-08-04 14:26 - 00718040 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll
2015-08-08 07:36 - 2015-07-30 08:05 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-03-19 20:38 - 2014-11-14 00:07 - 00117760 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2015-08-08 07:36 - 2015-07-30 08:05 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-08-04 14:26 - 2015-08-04 14:26 - 00861912 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll
2015-07-18 00:35 - 2015-07-18 00:35 - 00396688 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-08-08 07:36 - 2015-08-02 03:37 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 13:00 - 2015-07-10 18:43 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-08 07:36 - 2015-08-02 03:34 - 01806848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-08 07:36 - 2015-08-02 03:35 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 13:00 - 2015-07-10 18:43 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-03-19 20:36 - 2010-10-26 06:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2015-09-02 08:12 - 2015-09-02 08:12 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-09-02 08:12 - 2015-09-02 08:12 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-09-03 21:56 - 2015-09-03 21:56 - 02964480 _____ () C:\Program Files\AVAST Software\Avast\defs\15090300\algo.dll
2015-09-04 07:59 - 2015-09-04 07:59 - 02964480 _____ () C:\Program Files\AVAST Software\Avast\defs\15090301\algo.dll
2015-09-07 03:41 - 2015-09-07 03:41 - 02964480 _____ () C:\Program Files\AVAST Software\Avast\defs\15090601\algo.dll
2015-03-19 20:38 - 2011-08-02 21:58 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2015-03-19 20:38 - 2011-08-02 21:58 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2015-03-19 20:30 - 2013-05-08 22:23 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-09-07 03:40 - 2015-09-07 03:40 - 00071168 _____ () c:\users\luehmann\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpr1mifa.dll
2015-06-24 13:50 - 2015-08-05 07:26 - 00012800 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-06-20 13:58 - 2015-06-20 13:58 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-09-09 23:38 - 2015-09-09 23:38 - 00071168 _____ () c:\users\luehmann\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpug1sqb.dll
2015-06-24 13:50 - 2015-08-05 07:26 - 00779776 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-08-02 10:08 - 2015-08-05 07:26 - 00056320 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-24 13:50 - 2015-08-05 07:26 - 00012288 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3821891805-1902387822-2583955431-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Think\Think_Blue.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{415A1CC8-B9CD-463C-802F-0B0BA14D042A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3FF8E241-14C7-4681-AEC2-67235BB7585C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5CAFE1E3-5C1C-4B90-8FD1-3F3D2B7DEC24}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{548CFF05-A4FB-48E0-A3C4-E113A78221B3}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{93E2041C-FCD1-48F9-821D-55B21975F252}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{16DAD92A-13D1-4AE1-9C84-96EF3C70802D}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [{C5C6445C-6BC1-479C-93DC-40C0B5E6B785}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [{5D91A6E7-3858-49EA-BB74-E54DC21B6B9D}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{7A3CADC4-ED2B-4277-AA93-C4B815DA7318}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{622970A4-F8F2-46D3-8784-40B44C0C0971}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{578D3282-D8D5-4152-BF92-17F35B4B1F3A}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/09/2015 11:41:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ReachitMetrics.exe, Version: 2.0.17.0, Zeitstempel: 0x55d4dd4e
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10240.16384, Zeitstempel: 0x559f3b2a
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000b3e28
ID des fehlerhaften Prozesses: 0x1938
Startzeit der fehlerhaften Anwendung: 0xReachitMetrics.exe0
Pfad der fehlerhaften Anwendung: ReachitMetrics.exe1
Pfad des fehlerhaften Moduls: ReachitMetrics.exe2
Berichtskennung: ReachitMetrics.exe3
Vollständiger Name des fehlerhaften Pakets: ReachitMetrics.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ReachitMetrics.exe5

Error: (09/09/2015 11:41:19 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: ReachitMetrics.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.IO.FileNotFoundException
Stapel:
   bei ReachitMetrics.Program.InstallUnintallStatusCheck(System.String)
   bei ReachitMetrics.Program.Main(System.String[])

Error: (09/08/2015 12:26:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Luehmann-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/08/2015 12:18:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.2.1.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: libqt4_plugin.dll, Version: 2.2.1.0, Zeitstempel: 0xa2d0a2c0
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000076310b
ID des fehlerhaften Prozesses: 0x277c
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5

Error: (09/07/2015 11:09:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OHub.exe, Version: 16.0.6203.2351, Zeitstempel: 0x55e86a67
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10240.16392, Zeitstempel: 0x55a864a2
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ea28c
ID des fehlerhaften Prozesses: 0x2478
Startzeit der fehlerhaften Anwendung: 0xOHub.exe0
Pfad der fehlerhaften Anwendung: OHub.exe1
Pfad des fehlerhaften Moduls: OHub.exe2
Berichtskennung: OHub.exe3
Vollständiger Name des fehlerhaften Pakets: OHub.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: OHub.exe5

Error: (09/07/2015 11:07:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ReachitMetrics.exe, Version: 2.0.17.0, Zeitstempel: 0x55d4dd4e
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10240.16384, Zeitstempel: 0x559f3b2a
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000b3e28
ID des fehlerhaften Prozesses: 0x20cc
Startzeit der fehlerhaften Anwendung: 0xReachitMetrics.exe0
Pfad der fehlerhaften Anwendung: ReachitMetrics.exe1
Pfad des fehlerhaften Moduls: ReachitMetrics.exe2
Berichtskennung: ReachitMetrics.exe3
Vollständiger Name des fehlerhaften Pakets: ReachitMetrics.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ReachitMetrics.exe5

Error: (09/07/2015 11:07:41 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: ReachitMetrics.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.IO.FileNotFoundException
Stapel:
   bei ReachitMetrics.Program.InstallUnintallStatusCheck(System.String)
   bei ReachitMetrics.Program.Main(System.String[])

Error: (09/07/2015 09:18:01 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Luehmann-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/07/2015 03:22:49 AM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005).

Error: (09/07/2015 03:22:48 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.


Systemfehler:
=============
Error: (09/08/2015 12:26:22 AM) (Source: DCOM) (EventID: 10010) (User: Luehmann-PC)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (09/08/2015 12:26:22 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session3" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/07/2015 09:18:01 AM) (Source: DCOM) (EventID: 10010) (User: Luehmann-PC)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (09/07/2015 09:18:00 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/07/2015 08:47:55 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246007 fehlgeschlagen: Sicherheitsupdate für Internet Explorer Flash Player für Windows 10 für x64-Systeme (KB3087916)

Error: (09/07/2015 03:19:06 AM) (Source: DCOM) (EventID: 10010) (User: Luehmann-PC)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (09/04/2015 09:30:13 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_Session1 erreicht.

Error: (09/04/2015 09:30:04 AM) (Source: DCOM) (EventID: 10010) (User: Luehmann-PC)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (09/04/2015 09:30:03 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/04/2015 07:59:24 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058


Microsoft Office:
=========================
Error: (09/09/2015 11:41:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ReachitMetrics.exe2.0.17.055d4dd4eKERNELBASE.dll10.0.10240.16384559f3b2ae0434352000b3e28193801d0eb48413ab715C:\Program Files (x86)\Lenovo\REACHit\ReachitMetrics.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dllbde9b39f-3010-4c7a-b781-4968698acc01

Error: (09/09/2015 11:41:19 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: ReachitMetrics.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.IO.FileNotFoundException
Stapel:
   bei ReachitMetrics.Program.InstallUnintallStatusCheck(System.String)
   bei ReachitMetrics.Program.Main(System.String[])

Error: (09/08/2015 12:26:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Luehmann-PC)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141

Error: (09/08/2015 12:18:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.2.1.000000000libqt4_plugin.dll2.2.1.0a2d0a2c040000015000000000076310b277c01d0e9bb1262e7d5C:\Program Files\VideoLAN\VLC\vlc.exeC:\Program Files\VideoLAN\VLC\plugins\gui\libqt4_plugin.dllc62e0e87-86c7-4199-b07c-62453fd19f61

Error: (09/07/2015 11:09:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OHub.exe16.0.6203.235155e86a67ntdll.dll10.0.10240.1639255a864a2c000037400000000000ea28c247801d0e9b16b328c7eC:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6203.23511.0_x64__8wekyb3d8bbwe\OHub.exeC:\WINDOWS\SYSTEM32\ntdll.dllcfef8ae9-543e-474b-b89b-926c969dab05Microsoft.MicrosoftOfficeHub_17.6203.23511.0_x64__8wekyb3d8bbweMicrosoft.MicrosoftOfficeHub

Error: (09/07/2015 11:07:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ReachitMetrics.exe2.0.17.055d4dd4eKERNELBASE.dll10.0.10240.16384559f3b2ae0434352000b3e2820cc01d0e9b13b5ebd7cC:\Program Files (x86)\Lenovo\REACHit\ReachitMetrics.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll54f65092-b6aa-4530-a787-b219856dc2ea

Error: (09/07/2015 11:07:41 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: ReachitMetrics.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.IO.FileNotFoundException
Stapel:
   bei ReachitMetrics.Program.InstallUnintallStatusCheck(System.String)
   bei ReachitMetrics.Program.Main(System.String[])

Error: (09/07/2015 09:18:01 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Luehmann-PC)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141

Error: (09/07/2015 03:22:49 AM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)

Error: (09/07/2015 03:22:48 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Prozentuale Nutzung des RAM: 45%
Installierter physikalischer RAM: 8108.07 MB
Verfügbarer physikalischer RAM: 4456.26 MB
Summe virtueller Speicher: 16300.07 MB
Verfügbarer virtueller Speicher: 12159.1 MB

==================== Laufwerke ================================

Drive c: (Windows7_OS) (Fixed) (Total:221.55 GB) (Free:144.84 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:14.99 GB) (Free:0 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: B0DCC8DE)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=221.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=476 MB) - (Type=27)
Partition 4: (Not Active) - (Size=15 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

deeprybka · 10.09.2015, 08:34

Hallo,
bevor wir die Reste fixen noch einen Suchscan mit ESET durchführen:

Schritt 1

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

03.09.2015, 21:06	#7
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Malware erscheint nur im Firefox-Browser Kein Problem, einfach weiter mit dem nächsten Schritt. __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

03.09.2015, 22:14	#10
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Malware erscheint nur im Firefox-Browser Die Malwarebytes-Funde hast Du löschen lassen bzw. Quarantäne gewählt? __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Malware erscheint nur im Firefox-Browser

Plagegeister aller Art und deren Bekämpfung: Malware erscheint nur im Firefox-Browser