| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: DNS-Unlocker - Wie entfernen?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
19.11.2015, 15:00
| #1 |
| |  DNS-Unlocker - Wie entfernen? ich bin neu hier und würde gerne wissen, wie ich dns unlocker enfernen kann. irgendwie war es auf einmal da, obwohl ich bis auf firefox, itunes und co. (meine standardprogramme also) keine programme installiert habe. habe mehrere deinstallationsanleitungen probiert, aber es funktioniert nicht. das programm scheint nicht mal in der auflistung aller programme in der systemsteuerung auf. |
|
19.11.2015, 15:18
| #2 |
| /// TB-Ausbilder   | DNS-Unlocker - Wie entfernen? Hallo hubre
__________________ Mein Name ist Timo und ich werde Dir bei deinem Problem behilflich sein.
 Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist immer der sicherste Weg. Wir arbeiten hier alle freiwillig und meist auch nur in unserer Freizeit. Daher kann es bei Antworten zu Verzögerungen kommen. Solltest du innerhalb 48 Std keine Antwort von mir erhalten, dann schreib mit eine PM Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis ich oder jemand vom Team sagt, dass Du clean bist. Führe sämtliche Tools mit administrativen Rechten aus, Vista, Win7,Win8 User mit Rechtsklick "als Administrator starten". So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
19.11.2015, 15:30
| #3 |
| | DNS-Unlocker - Wie entfernen? FRST Logfile:
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-11-2015 durchgeführt von Huber (Administrator) auf Karl-Heinz-LENOVO (19-11-2015 15:24:04) Gestartet von C:\Users\Huber\Desktop Geladene Profile: Huber & (Verfügbare Profile: Huber) Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe (Lenovo) C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Lenovo) C:\Program Files (x86)\Lenovo\Harmony\Setting\HarmonySettingService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe (Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe (Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe (LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe (Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe () C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe (Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe (PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe (Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe (PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe () C:\Program Files\Lenovo PhoneCompanion\adb.exe () C:\Program Files\Lenovo PhoneCompanion\adb.exe () C:\Program Files\Lenovo PhoneCompanion\adb.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe () C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Lenovo) C:\ProgramData\Lenovo App Services\Engine\LenovoAppServices.exe (Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Dolby Laboratories Inc.) C:\Program Files\Dolby\DDP_F3\ddpf3.exe () C:\Program Files\Lenovo\LenovoUtility\utility.exe () C:\Program Files (x86)\Lenovo\LenovoTransition\TransitionServer.exe (Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe (Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe (Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OnekeyOptimizerUpdata.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Spotify Ltd) C:\Users\Huber\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Lenovo) C:\Program Files (x86)\Lenovo\Harmony\Picks\Lenovo.HarmonyPicks.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Lenovo) C:\Program Files (x86)\Lenovo\Harmony\Setting\Lenovo.HarmonySetting.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\tpknrres.exe (Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizer.exe (Lenovo) C:\Users\Huber\AppData\Local\Apps\2.0\DMCP55HD.NQA\00WA6CTO.NBA\lsb...tion_91a10ba61c75c82d_0001.0005_a24d0d716055ed94\LSB.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe () C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe (Apple Inc.) C:\Program Files\iTunes\iTunes.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avcenter.exe (Farbar) C:\Users\Huber\Desktop\FRST64 (1).exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13874392 2015-01-22] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1392496 2015-01-26] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1392496 2015-01-26] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1392496 2015-01-26] (Realtek Semiconductor) HKLM\...\Run: [DDPF3] => C:\Program Files\Dolby\DDP_F3\ddpf3.exe [746496 2014-11-03] (Dolby Laboratories Inc.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322712 2014-10-09] (Intel Corporation) HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791368 2015-06-05] () HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\LenovoTransition\TransitionServer.exe [107776 2015-01-15] () HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [802800 2015-06-05] (Lenovo) HKLM\...\Run: [OneKeyOptimizer] => C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe [559896 2014-11-18] (Lenovo(beijing) Limited) HKLM\...\Run: [LMCSSTART1] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [30152 2015-03-23] (Lenovo Corporation) HKLM\...\Run: [LMCSSTART2] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [30152 2015-03-23] (Lenovo Corporation) HKLM\...\Run: [LMCSSTART3] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [30152 2015-03-23] (Lenovo Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.) HKLM\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft anti-malware\a2guard.exe [9135984 2015-11-10] (Emsisoft Ltd) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944648 2015-11-17] (Synaptics Incorporated) HKLM-x32\...\Run: [HarmonyPicks] => C:\Program Files (x86)\Lenovo\Harmony\Picks\Lenovo.HarmonyPicks.exe [5275064 2015-03-02] (Lenovo) HKLM-x32\...\Run: [HarmonySetting] => C:\Program Files (x86)\Lenovo\Harmony\Setting\Lenovo.HarmonySetting.exe [2721208 2015-03-03] (Lenovo) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782520 2015-09-01] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36713096 2015-11-05] (Dropbox, Inc.) HKU\S-1-5-21-2578957434-3418125615-3071978573-1004\...\Run: [Spotify Web Helper] => C:\Users\Huber\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2344768 2015-11-14] (Spotify Ltd) HKU\S-1-5-21-2578957434-3418125615-3071978573-1004\...\Run: [Spotify] => C:\Users\Huber\AppData\Roaming\Spotify\Spotify.exe [8281920 2015-11-14] (Spotify Ltd) HKU\S-1-5-21-2578957434-3418125615-3071978573-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd) HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Huber\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2344768 2015-11-14] (Spotify Ltd) HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\Huber\AppData\Roaming\Spotify\Spotify.exe [8281920 2015-11-14] (Spotify Ltd) HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Spotify Web Helper] => C:\Users\Huber\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2344768 2015-11-14] (Spotify Ltd) HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Spotify] => C:\Users\Huber\AppData\Roaming\Spotify\Spotify.exe [8281920 2015-11-14] (Spotify Ltd) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{2c5e84b5-ddf4-4d99-9720-9e6cc3d1e880}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{86061f15-d209-493e-b501-c096c6de8a0e}: [DhcpNameServer] 172.168.161.2 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-2578957434-3418125615-3071978573-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-2578957434-3418125615-3071978573-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-2578957434-3418125615-3071978573-1004\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2015-11-01] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2015-11-01] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2015-11-01] (Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2015-11-01] (Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Huber\AppData\Roaming\Mozilla\Firefox\Profiles\0d8bvwb1.default FF Homepage: orf.at FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-11-01] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-01] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2015-11-01] (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Extension: Avira Browser Safety - C:\Users\Huber\AppData\Roaming\Mozilla\Firefox\Profiles\0d8bvwb1.default\Extensions\abs@avira.com [2015-10-24] [ist nicht signiert] FF Extension: Adblock Plus - C:\Users\Huber\AppData\Roaming\Mozilla\Firefox\Profiles\0d8bvwb1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-12] Chrome: ======= CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [10768560 2015-11-10] (Emsisoft Ltd) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [932912 2015-09-01] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-09-01] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-09-01] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1147720 2015-10-14] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.) R2 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [560584 2015-03-23] (Lenovo Corporation) S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG) R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [644080 2014-10-22] () R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2869432 2015-11-01] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-15] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-15] (Dropbox, Inc.) R2 FastbootService; C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe [191512 2014-11-20] (Lenovo) [Datei ist nicht signiert] R2 HarmonySettingService; C:\Program Files (x86)\Lenovo\Harmony\Setting\HarmonySettingService.exe [19896 2015-02-11] (Lenovo) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18584 2014-10-09] (Intel Corporation) R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [124520 2014-12-14] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-17] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [132896 2014-10-10] (Intel Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation) S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [561408 2014-09-22] (Lenovo) R2 Lenovo OKO Service; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe [2544408 2014-11-18] (Lenovo(beijing) Limited) R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2016040 2015-04-10] (Lenovo Group Limited) R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584632 2015-03-06] (LENOVO INCORPORATED.) S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [625608 2015-03-23] (Lenovo Corporation) R2 LenovoPAWDService; C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe [133440 2015-06-05] () R2 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe [258544 2014-06-19] (Lenovo(beijing) Limited) R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [218952 2014-08-25] (Lenovo(beijing) Limited) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 OKOControlSvc; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe [113944 2014-11-17] (Lenovo(beijing) Limited) S2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-05-28] (PointGrab LTD) R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [524552 2014-05-28] (PointGrab LTD) R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [321520 2015-06-05] (Lenovo) S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [338416 2015-06-05] (Lenovo) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [30464 2015-01-15] (Lenovo) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-09-01] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-09-01] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-09-01] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-09-01] (Avira Operations GmbH & Co. KG) R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation) R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [123992 2015-10-23] (Emsisoft Ltd) R0 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [70168 2014-11-20] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert] R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [268048 2015-10-25] (Intel Corporation) R3 KMDFVirtualKbd; C:\Windows\System32\drivers\KMDFVirtualKbd.sys [22264 2014-08-04] () R3 KMDFVirtualMouse; C:\Windows\System32\drivers\KMDFVirtualMouse.sys [21240 2014-08-04] () R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-19] (Malwarebytes) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80160 2015-02-13] (McAfee, Inc.) R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3496216 2015-06-18] (Intel Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek ) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3057920 2015-06-02] (Realtek Semiconductor Corp.) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-11-17] (Synaptics Incorporated) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) U4 dmwappushsvc; kein ImagePath S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-19 15:16 - 2015-11-19 15:16 - 00016148 _____ C:\WINDOWS\system32\Karl-Heinz-LENOVO_Huber_HistoryPrediction.bin 2015-11-19 14:44 - 2015-11-19 14:44 - 00001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-11-19 14:44 - 2015-11-19 14:44 - 00001231 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-11-19 14:44 - 2015-11-19 14:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-11-19 14:37 - 2015-11-19 14:37 - 00246848 ____N (Kaspersky Lab, Yury Parshin) C:\WINDOWS\system32\Drivers\25984413.sys 2015-11-19 14:37 - 2015-11-19 14:37 - 00000000 ____D C:\Users\Huber\Downloads\tdsskiller 2015-11-19 14:36 - 2015-11-19 14:37 - 04376066 _____ C:\Users\Huber\Downloads\tdsskiller.zip 2015-11-19 14:36 - 2015-11-19 14:36 - 02008576 _____ (Farbar) C:\Users\Huber\Desktop\FRST64 (1).exe 2015-11-19 14:34 - 2015-11-19 14:41 - 00243976 _____ C:\Users\Huber\Downloads\Firefox Setup Stub 42.0.exe 2015-11-19 14:31 - 2015-11-19 14:32 - 00178064 _____ C:\Users\Huber\Documents\cc_20151119_143146.reg 2015-11-17 16:20 - 2015-11-17 16:20 - 00000000 ____D C:\WINDOWS\LastGood 2015-11-17 15:10 - 2015-11-17 15:10 - 00419528 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll 2015-11-17 15:10 - 2015-11-17 15:10 - 00255688 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo31.dll 2015-11-17 15:10 - 2015-11-17 15:10 - 00042696 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys 2015-11-17 15:10 - 2015-11-17 15:10 - 00042184 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys 2015-11-17 15:10 - 2015-11-17 15:10 - 00000000 ____D C:\WINDOWS\LastGood.Tmp 2015-11-17 14:51 - 2015-11-17 14:51 - 00000000 ____D C:\ProgramData\Emsisoft 2015-11-17 14:48 - 2015-11-19 14:42 - 00034906 _____ C:\Users\Huber\Desktop\MTB.txt 2015-11-17 14:44 - 2015-11-17 14:47 - 00039263 _____ C:\Users\Huber\Desktop\Addition.txt 2015-11-17 14:39 - 2015-11-19 15:24 - 00030366 _____ C:\Users\Huber\Desktop\FRST.txt 2015-11-17 14:38 - 2015-11-17 14:38 - 00000948 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk 2015-11-17 14:38 - 2015-11-17 14:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware 2015-11-17 14:37 - 2015-11-19 14:57 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware 2015-11-17 12:49 - 2015-11-19 15:23 - 00000000 ____D C:\FRST 2015-11-17 12:48 - 2015-11-17 12:49 - 00891392 _____ (Farbar) C:\Users\Huber\Desktop\MiniToolBox.exe 2015-11-17 12:47 - 2015-11-19 14:51 - 00000000 ____D C:\AdwCleaner 2015-11-17 12:46 - 2015-11-17 12:46 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Huber\Desktop\tdsskiller.exe 2015-11-17 12:45 - 2015-11-17 12:47 - 01732096 _____ C:\Users\Huber\Desktop\AdwCleaner_5.021.exe 2015-11-15 03:53 - 2015-11-15 03:53 - 00000000 ____D C:\Program Files\Common Files\DESIGNER 2015-11-15 01:26 - 2015-11-15 02:26 - 00000000 ____D C:\Users\Huber\AppData\Roaming\uTorrent 2015-11-15 01:26 - 2015-11-15 01:26 - 00002753 _____ C:\Users\Huber\Desktop\µTorrent.lnk 2015-11-12 21:11 - 2015-11-12 21:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-11-11 00:11 - 2015-11-05 06:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-11-11 00:11 - 2015-11-05 06:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll 2015-11-11 00:11 - 2015-11-05 06:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2015-11-11 00:11 - 2015-11-05 06:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2015-11-11 00:11 - 2015-11-05 06:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2015-11-11 00:11 - 2015-11-05 06:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-11-11 00:11 - 2015-11-05 06:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2015-11-11 00:11 - 2015-11-05 06:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2015-11-11 00:11 - 2015-11-05 05:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2015-11-11 00:11 - 2015-11-05 05:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2015-11-11 00:11 - 2015-11-05 05:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2015-11-11 00:11 - 2015-11-05 05:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-11-11 00:11 - 2015-11-05 05:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-11-11 00:11 - 2015-11-05 05:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2015-11-11 00:11 - 2015-11-05 05:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2015-11-11 00:11 - 2015-11-05 05:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-11-11 00:11 - 2015-11-05 05:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-11-11 00:11 - 2015-11-05 05:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2015-11-11 00:11 - 2015-11-05 05:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2015-11-11 00:11 - 2015-11-05 05:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-11-11 00:11 - 2015-11-05 05:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll 2015-11-11 00:11 - 2015-11-05 05:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2015-11-11 00:11 - 2015-11-05 05:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-11-11 00:11 - 2015-11-05 05:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2015-11-11 00:11 - 2015-11-05 05:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2015-11-11 00:11 - 2015-11-05 05:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll 2015-11-11 00:11 - 2015-11-05 05:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-11-11 00:11 - 2015-11-05 05:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-11-11 00:11 - 2015-11-05 05:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-11-11 00:11 - 2015-11-05 05:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2015-11-11 00:11 - 2015-11-05 05:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2015-11-11 00:11 - 2015-11-05 05:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2015-11-11 00:11 - 2015-11-05 05:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2015-11-11 00:11 - 2015-11-05 04:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-11-11 00:11 - 2015-11-05 04:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2015-11-11 00:11 - 2015-11-05 04:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-11-11 00:11 - 2015-11-05 04:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2015-11-11 00:11 - 2015-11-05 04:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-11-11 00:11 - 2015-11-05 04:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2015-11-11 00:11 - 2015-11-05 04:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll 2015-11-11 00:11 - 2015-11-05 04:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-11-11 00:11 - 2015-11-05 04:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2015-11-11 00:11 - 2015-11-05 04:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-11-11 00:11 - 2015-11-05 04:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-11-11 00:11 - 2015-11-05 04:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll 2015-11-11 00:11 - 2015-11-05 04:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll 2015-11-11 00:11 - 2015-11-05 04:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-11-11 00:11 - 2015-11-05 04:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-11-11 00:11 - 2015-11-05 04:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2015-11-11 00:11 - 2015-11-05 04:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-11-11 00:11 - 2015-11-05 04:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2015-11-11 00:11 - 2015-11-05 04:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2015-11-11 00:11 - 2015-11-05 04:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll 2015-11-06 23:24 - 2015-11-06 23:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GMATPrep 2015-11-06 23:17 - 2015-11-06 23:17 - 00000000 ____D C:\Users\Huber\AppData\Roaming\GMATPrep 2015-11-06 23:16 - 2014-09-25 15:55 - 00071280 _____ (Nalpeiron Ltd.) C:\WINDOWS\SysWOW64\nlssrv32.exe 2015-11-06 23:15 - 2015-11-17 14:57 - 00000000 ____D C:\Program Files (x86)\GMATPrep2012 2015-11-06 23:10 - 2015-11-06 23:14 - 55950096 _____ (Graduate Management Admission Council (GMAC)) C:\Users\Huber\Desktop\GMATPrep-2.3.322-Windows.exe 2015-11-06 15:27 - 2015-11-06 15:27 - 00000000 ____D C:\Users\Huber\Desktop\Blockify_Lite_0.5 2015-11-06 15:25 - 2015-11-06 15:26 - 13440375 _____ C:\Users\Huber\Desktop\Blockify_Lite_0.5.zip 2015-11-05 12:27 - 2015-11-05 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-11-05 12:27 - 2015-11-05 12:27 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-11-05 12:27 - 2015-11-05 12:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-11-05 12:26 - 2015-11-05 12:27 - 13155552 _____ (Microsoft Corporation) C:\Users\Huber\Downloads\Silverlight_x64.exe 2015-10-29 00:46 - 2015-10-31 02:40 - 00000000 ____D C:\Users\Huber\Desktop\indiv 2015-10-27 22:29 - 2015-10-27 22:29 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys 2015-10-27 22:23 - 2015-10-27 22:23 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys 2015-10-27 22:22 - 2015-10-27 22:22 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2015-10-26 22:53 - 2015-11-17 15:10 - 00764616 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll 2015-10-26 22:53 - 2015-11-17 15:10 - 00615112 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys 2015-10-26 22:53 - 2015-11-17 15:10 - 00269000 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll 2015-10-26 22:53 - 2015-01-14 17:47 - 00208040 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo20.dll 2015-10-26 22:49 - 2015-10-26 22:49 - 00000000 ____D C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo 2015-10-26 22:48 - 2015-11-19 11:22 - 00000000 ____D C:\Users\Huber\AppData\Local\Deployment 2015-10-26 22:48 - 2015-10-26 22:48 - 00000000 ____D C:\Users\Huber\AppData\Local\Apps\2.0 2015-10-26 22:42 - 2015-10-26 22:42 - 00000000 ____D C:\Users\Huber\AppData\Roaming\WinRAR 2015-10-26 22:28 - 2015-10-26 22:28 - 00000000 ____D C:\Program Files\Synaptics 2015-10-26 21:57 - 2015-10-26 22:23 - 00001491 _____ C:\WINDOWS\SynInst.log 2015-10-26 21:57 - 2015-10-26 21:57 - 00000000 ____D C:\Users\Huber\AppData\Roaming\Synaptics 2015-10-26 21:28 - 2015-10-26 21:28 - 02058768 _____ C:\Users\Huber\Desktop\winrar-x64-521d.exe 2015-10-26 21:28 - 2015-10-26 21:28 - 00000000 ____D C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-10-26 21:28 - 2015-10-26 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-10-26 21:28 - 2015-10-26 21:28 - 00000000 ____D C:\Program Files\WinRAR 2015-10-26 17:31 - 2015-11-01 18:34 - 00000000 ____D C:\Users\Huber\Desktop\Studium 2015-10-26 16:43 - 2015-10-26 16:43 - 00001974 _____ C:\Users\Huber\Desktop\IrfanView Thumbnails.lnk 2015-10-26 16:43 - 2015-10-26 16:43 - 00001086 _____ C:\Users\Huber\Desktop\IrfanView.lnk 2015-10-26 16:43 - 2015-10-26 16:43 - 00000000 ____D C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView 2015-10-26 16:43 - 2015-10-26 16:43 - 00000000 ____D C:\Program Files (x86)\IrfanView 2015-10-26 16:42 - 2015-10-26 16:43 - 02426808 _____ (Irfan Skiljan) C:\Users\Huber\Downloads\iview440g_setup.exe 2015-10-26 16:40 - 2015-10-26 16:40 - 00000777 _____ C:\Users\Huber\AppData\Local\recently-used.xbel 2015-10-26 16:40 - 2015-10-26 16:40 - 00000000 ____D C:\Users\Huber\AppData\Local\gtk-2.0 2015-10-26 16:40 - 2015-10-26 16:40 - 00000000 ____D C:\Users\Huber\.thumbnails 2015-10-26 16:34 - 2015-10-26 16:41 - 00000000 ____D C:\Users\Huber\.gimp-2.8 2015-10-26 16:34 - 2015-10-26 16:34 - 00000000 ____D C:\Users\Huber\AppData\Local\gegl-0.2 2015-10-26 16:33 - 2015-10-26 16:33 - 00000950 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk 2015-10-26 16:32 - 2015-10-26 16:33 - 00000000 ____D C:\Program Files\GIMP 2 2015-10-26 15:56 - 2015-10-26 15:58 - 00283352 _____ C:\WINDOWS\Minidump\102615-38750-01.dmp 2015-10-26 00:58 - 2015-10-26 00:58 - 00000000 ____D C:\Users\Huber\Documents\Benutzerdefinierte Office-Vorlagen 2015-10-25 12:10 - 2015-10-25 12:10 - 00001833 _____ C:\Users\Public\Desktop\iTunes.lnk 2015-10-25 12:10 - 2015-10-25 12:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-10-25 12:09 - 2015-10-25 12:10 - 00000000 ____D C:\Program Files\iTunes 2015-10-25 12:09 - 2015-10-25 12:09 - 00000000 ____D C:\Program Files\iPod 2015-10-25 12:09 - 2015-10-25 12:09 - 00000000 ____D C:\Program Files (x86)\iTunes 2015-10-25 12:06 - 2015-10-25 12:06 - 00268048 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ibtusb.sys 2015-10-25 12:06 - 2015-10-25 12:06 - 00243960 _____ (Intel Corporation) C:\WINDOWS\system32\ibtproppage.dll 2015-10-22 23:28 - 2015-10-22 22:32 - 00002552 _____ C:\Users\Huber\Desktop\Word 2016.lnk 2015-10-22 22:32 - 2015-10-22 22:32 - 00002555 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk 2015-10-22 22:32 - 2015-10-22 22:32 - 00002552 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk 2015-10-22 22:32 - 2015-10-22 22:32 - 00002548 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk 2015-10-22 22:32 - 2015-10-22 22:32 - 00002527 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk 2015-10-22 22:32 - 2015-10-22 22:32 - 00002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk 2015-10-22 22:32 - 2015-10-22 22:32 - 00002502 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk 2015-10-22 22:32 - 2015-10-22 22:32 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk 2015-10-22 22:32 - 2015-10-22 22:32 - 00002466 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2015-10-22 22:32 - 2015-10-22 22:32 - 00002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk 2015-10-22 22:32 - 2015-10-22 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools 2015-10-22 22:16 - 2015-11-15 03:51 - 00000000 ____D C:\Program Files\Microsoft Office 2015-10-22 22:16 - 2015-10-22 22:16 - 00000000 ____D C:\Program Files\Microsoft Office 15 2015-10-21 20:15 - 2015-10-21 20:15 - 00000000 ____D C:\Users\Huber\AppData\Roaming\LibreOffice ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-19 15:22 - 2015-10-12 22:25 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-11-19 15:20 - 2015-10-15 23:15 - 00001244 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2015-11-19 15:19 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\sru 2015-11-19 15:04 - 2015-09-10 06:33 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log 2015-11-19 14:44 - 2015-10-12 21:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-11-19 14:33 - 2015-10-12 22:27 - 00000000 ____D C:\Users\Huber\AppData\Local\MicrosoftEdge 2015-11-19 14:32 - 2015-10-12 22:35 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-11-19 11:34 - 2015-06-05 16:27 - 00053764 _____ C:\WINDOWS\SysWOW64\Gms.log 2015-11-19 11:26 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-11-19 11:20 - 2015-10-15 23:20 - 00000000 ___RD C:\Users\Huber\Dropbox 2015-11-19 11:20 - 2015-10-15 23:15 - 00000000 ____D C:\Users\Huber\AppData\Local\Dropbox 2015-11-19 11:19 - 2015-10-12 23:11 - 00001423 _____ C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Harmony Settings Introduction.lnk 2015-11-19 11:19 - 2015-10-12 22:04 - 00002319 _____ C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Harmony Picks Introduction.lnk 2015-11-19 11:17 - 2015-10-15 23:15 - 00001240 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2015-11-19 11:17 - 2015-10-12 21:19 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2015-11-17 22:26 - 2015-07-30 22:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-11-17 22:25 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2015-11-17 16:22 - 2015-10-12 21:36 - 01793546 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-11-17 16:22 - 2015-09-10 06:10 - 00773380 _____ C:\WINDOWS\system32\perfh007.dat 2015-11-17 16:22 - 2015-09-10 06:10 - 00154706 _____ C:\WINDOWS\system32\perfc007.dat 2015-11-17 16:21 - 2015-07-30 22:50 - 00037421 _____ C:\WINDOWS\setupact.log 2015-11-17 16:19 - 2015-06-05 16:02 - 00104550 _____ C:\WINDOWS\DPINST.LOG 2015-11-17 15:10 - 2015-08-03 18:58 - 00042696 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys 2015-11-17 15:10 - 2014-01-30 18:17 - 01804696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll 2015-11-17 14:57 - 2015-09-09 21:31 - 00139170 _____ C:\WINDOWS\PFRO.log 2015-11-17 14:55 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-11-16 20:54 - 2015-10-13 09:44 - 00000000 ____D C:\Users\Huber\AppData\Local\Spotify 2015-11-16 20:45 - 2015-10-13 09:41 - 00000000 ____D C:\Users\Huber\AppData\Roaming\Spotify 2015-11-15 03:53 - 2015-07-30 23:42 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-11-14 15:43 - 2015-10-14 22:18 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-11-14 12:06 - 2015-10-14 22:18 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-11-12 21:11 - 2015-10-15 23:15 - 00000000 ____D C:\Program Files (x86)\Dropbox 2015-11-12 00:14 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\NDF 2015-11-11 00:35 - 2015-07-30 23:25 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-11-11 00:22 - 2015-10-12 22:25 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2015-11-10 09:29 - 2015-10-12 22:34 - 00001222 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2015-11-10 09:29 - 2015-10-12 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-11-10 09:29 - 2015-06-05 16:14 - 00000000 ____D C:\ProgramData\Package Cache 2015-11-06 22:34 - 2015-06-05 16:15 - 00003838 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2015-11-06 22:34 - 2015-06-05 16:15 - 00003604 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon 2015-11-03 19:20 - 2015-07-30 23:43 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-11-03 19:20 - 2015-07-30 23:43 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-11-01 12:21 - 2015-10-15 23:08 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2015-11-01 12:19 - 2015-10-15 23:09 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2015-10-29 00:08 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2015-10-26 22:55 - 2015-06-05 16:22 - 00001440 _____ C:\WINDOWS\Synaptics.log 2015-10-26 22:49 - 2015-06-05 16:44 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo 2015-10-26 17:03 - 2015-10-12 22:01 - 00000000 ____D C:\Users\Huber\AppData\Local\VirtualStore 2015-10-26 16:40 - 2015-10-12 22:00 - 00000000 ____D C:\Users\Huber 2015-10-26 15:56 - 2015-10-14 17:26 - 672141910 _____ C:\WINDOWS\MEMORY.DMP 2015-10-26 15:56 - 2015-10-14 17:26 - 00000000 ____D C:\WINDOWS\Minidump 2015-10-26 15:56 - 2015-07-30 22:49 - 00352272 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-10-25 12:09 - 2015-10-13 09:21 - 00000000 ____D C:\Program Files\Common Files\Apple 2015-10-25 12:07 - 2015-07-30 22:50 - 00000178 _____ C:\WINDOWS\setuperr.log 2015-10-22 22:57 - 2015-06-05 16:54 - 00000000 ____D C:\ProgramData\Office2013 2015-10-22 22:56 - 2015-10-12 22:05 - 00002421 _____ C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-10-22 22:56 - 2015-10-12 22:05 - 00000000 ___RD C:\Users\Huber\OneDrive 2015-10-20 23:32 - 2015-09-10 06:13 - 00000000 ____D C:\WINDOWS\OCR ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-10-26 16:40 - 2015-10-26 16:40 - 0000777 _____ () C:\Users\Huber\AppData\Local\recently-used.xbel 2015-10-12 21:19 - 2015-10-12 21:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Einige Dateien in TEMP: ==================== C:\Users\Huber\AppData\Local\Temp\avgnt.exe C:\Users\Huber\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9jk6ky.dll C:\Users\Huber\AppData\Local\Temp\LenovoExperienceImprovement.exe C:\Users\Huber\AppData\Local\Temp\McCSPInstall.dll C:\Users\Huber\AppData\Local\Temp\mccspuninstall.exe C:\Users\Huber\AppData\Local\Temp\nls-checker-xp.exe C:\Users\Huber\AppData\Local\Temp\nls-smart-installer-xp.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-11-12 18:02 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:16-11-2015
durchgeführt von Huber (2015-11-17 14:44:39)
Gestartet von C:\Users\Huber\Desktop
Windows 10 Home (X64) (2015-10-12 20:39:41)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2578957434-3418125615-3071978573-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2578957434-3418125615-3071978573-503 - Limited - Disabled)
Huber (S-1-5-21-2578957434-3418125615-3071978573-1004 - Administrator - Enabled) => C:\Users\Huber
Gast (S-1-5-21-2578957434-3418125615-3071978573-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2578957434-3418125615-3071978573-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Emsisoft Anti-Malware (Enabled - Up to date) {2F44E1F9-850B-1C7A-0E56-EB2E0A3E20C9}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {9425001D-A331-13F4-34E6-D05C71B96A74}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-2578957434-3418125615-3071978573-1004\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{d6a7cfcc-1f1c-4638-8f9e-0f184696fcdb}) (Version: 1.1.48.9049 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden
Benutzerhandbücher (x32 Version: 3.0.0.3 - Lenovo) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.1.0.7 - Lenovo)
COMPUTER BILD Spionage-Stopper für Windows 10 (HKLM-x32\...\{F9565211-5480-408D-BC7C-1FE7B8366ACE}_is1) (Version: 1.0.0.1 - pXc-coding.com)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.36.00 - Lenovo Inc.) Hidden
Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dolby Digital Plus (HKLM\...\{D2CD7DCF-D129-4A54-8543-38BECC6CFDAE}) (Version: 7.6.7.1 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 11.0 - Emsisoft Ltd.)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.2.0 - Genesys Logic)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
GMATPrep (HKLM-x32\...\GMATPrep 2.3.322) (Version: 2.3.322 - Graduate Management Admission Council (GMAC))
Harmony (HKLM-x32\...\{D02D9427-507D-4912-9285-97FCD5417E72}) (Version: 1.1.0.0304 - Lenovo)
Harmony (x32 Version: 1.1.0.0304 - Lenovo) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4062 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.5.0.1056 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.226.0 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.1.1449.356) (HKLM\...\{302600C1-6BDF-4FD1-1411-148929CC1385}) (Version: 17.1.1411.0506 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{9bffdf20-c3a3-4e93-9cbf-61712c6a38be}) (Version: 17.13.2 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Lenovo App Services (HKLM\...\Lenovo App Services) (Version: 0.200.7.619 - Lenovo)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.36.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.19.0 - Lenovo)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{D3F38500-4C99-4E4F-9786-B907224E13A1}) (Version: 2.6.0.0528 - PointGrab)
Lenovo Motion Control (x32 Version: 2.6.0.0528 - PointGrab) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 2.0.0.19 - Lenovo)
Lenovo PhoneCompanion (x32 Version: 2.0.0.19 - Lenovo) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.5.2624.01 - CyberLink Corp.)
Lenovo Photo Master (x32 Version: 1.5.2624.01 - CyberLink Corp.) Hidden
Lenovo Service Bridge (HKU\S-1-5-21-2578957434-3418125615-3071978573-1004\...\cbe8636f7dd0cf1d) (Version: 1.5.1.0 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\cbe8636f7dd0cf1d) (Version: 1.5.1.0 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\cbe8636f7dd0cf1d) (Version: 1.5.1.0 - Lenovo)
Lenovo Settings - Camera Audio (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 4.3.24.256 - Lenovo Corporation)
Lenovo Settings (HKLM\...\{D14CCBF5-1A3A-4C08-955B-BE6D519835C4}_is1) (Version: 2.0.0.5 - Lenovo)
Lenovo Settings Dependency Package (HKLM\...\{3694BA2E-BE31-4B7E-886B-A0B559E69D4D}_is1) (Version: 2.3.3.33 - Lenovo Group Limited)
Lenovo Settings Service (HKLM\...\{8C6F1EBA-17F1-4481-B688-9777E63E985F}_is1) (Version: 2.3.0.21 - Lenovo Group Limited)
Lenovo Settings UMDF driver (HKLM\...\{2BDC7413-65EA-4B99-8C4B-02F11075BE6D}_is1) (Version: 1.2.0.7 - Lenovo Group Limited)
Lenovo Settings WiFi (HKLM\...\{86045A6C-C156-4349-A3E2-47A88A42F5C2}_is1) (Version: 2.0.0.4 - Lenovo)
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 2.0.0.6 - Ihr Firmenname)
LenovoUtility (x32 Version: 2.0.0.6 - Ihr Firmenname) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.6001.1038 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Mozilla Thunderbird 38.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.3.0 (x86 de)) (Version: 38.3.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.6001.1038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6001.1038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.6001.1038 - Microsoft Corporation) Hidden
OneKey Optimizer (HKLM-x32\...\InstallShield_{D5D573DC-D989-4769-9B56-D6A7EA503D7F}) (Version: 1.1.20.16 - Lenovo)
OneKey Optimizer (x32 Version: 1.1.20.16 - Lenovo) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7443 - Realtek Semiconductor Corp.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.8.0 - Lenovo Group Limited)
Spotify (HKU\S-1-5-21-2578957434-3418125615-3071978573-1004\...\Spotify) (Version: 1.0.18.60.g5fe0413d - Spotify AB)
Spotify (HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.18.60.g5fe0413d - Spotify AB)
Spotify (HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Spotify) (Version: 1.0.18.60.g5fe0413d - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.7.143 - Synaptics Incorporated)
Telegram Desktop version 0.9.10 (HKU\S-1-5-21-2578957434-3418125615-3071978573-1004\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.9.10 - Telegram Messenger LLP)
Telegram Desktop version 0.9.10 (HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.9.10 - Telegram Messenger LLP)
Telegram Desktop version 0.9.10 (HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.9.10 - Telegram Messenger LLP)
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.3.6 - Lenovo)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2015-10-12 22:42 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1109BCCB-5554-48CE-A1EF-6A34B687B1DE} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-09-02] (Lenovo)
Task: {1A11B739-D18B-4A16-B264-85B8CC41B172} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {2E2CB6C8-8916-42D0-A1A9-0A89A47942E3} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-15] (Dropbox, Inc.)
Task: {3AA6FF40-0F15-4303-9BF3-7D8153E5F951} - System32\Tasks\Lenovo App Services => C:\ProgramData\Lenovo App Services\Engine\LenovoAppServices.exe [2015-04-16] (Lenovo)
Task: {54318087-B341-41E5-BB49-2C40CC156B4E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2015-11-01] (Microsoft Corporation)
Task: {56121098-C52C-492A-8977-400662138231} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {6856D5D8-55B2-41C9-BFF2-2AB782DD0223} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {6D133BFC-EFF1-4A18-BF4C-0A6203C23C79} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {7ABBC39D-8F84-4571-93DF-AFBACB0D909A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2015-11-01] (Microsoft Corporation)
Task: {809E1AFE-3C0A-4637-86CD-587939EC0121} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-11-01] (Microsoft Corporation)
Task: {87B64ABE-C772-4B74-8B40-74B2B788DE65} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2015-10-13] (Lenovo)
Task: {8D430244-9F59-4243-BEBB-5503278661D6} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {99C6BB2A-60DF-4D43-91BA-35928242958D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-14] (Microsoft Corporation)
Task: {A10957E4-80D7-408E-84B5-E065EC6AC3B3} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-11-01] (Microsoft Corporation)
Task: {A5D0AF1C-E350-4457-A0C0-70041AA15873} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {A7B7D3BA-055F-49B8-87BB-0CB63A779457} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {AA1E9665-0447-4850-8C5A-53AD905E0802} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {AD2F386C-39E4-47C7-BECC-43A68D401EFD} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-03-06] ()
Task: {B4127E4D-B6A2-4499-9E00-AF3766C6637F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {B694EF0C-CAEE-4E97-AFC1-9FBBEB707690} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-11-01] (Microsoft Corporation)
Task: {BB0E7209-34DF-47AD-A9B9-906061C44405} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2578957434-3418125615-3071978573-1004 => Rundll32.exe dfshim.dll,ShOpenVerbShortcut C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
Task: {CE6AF873-F07F-4CA5-9D1E-760777533C01} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {EDB120EF-E7A9-43DE-A495-8DF2FD5C9A77} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {F27D6CF6-70E5-44EA-9510-FCA6D1C6E3F9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-15] (Dropbox, Inc.)
Task: {FEB3B944-EA6D-4B86-81C3-05E679EC388F} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-09-10 06:12 - 2015-09-10 06:12 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-10-19 21:44 - 2015-10-19 21:44 - 00961536 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Security\fbcfb99d07dc1046f643e386e253b266\Windows.Security.ni.dll
2015-06-05 16:48 - 2014-08-25 09:33 - 00017176 _____ () C:\Program Files (x86)\Lenovo\Harmony\Setting\TouchScreenContronlDLL.dll
2015-09-23 15:47 - 2015-09-23 15:47 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-06-05 16:51 - 2015-06-05 16:50 - 00133440 _____ () C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
2015-06-05 16:54 - 2014-11-20 09:43 - 00016920 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\FbServicePS.dll
2015-06-05 16:50 - 2012-04-24 11:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-06-05 16:48 - 2015-01-15 09:06 - 00058624 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2015-06-05 16:44 - 2014-10-22 09:15 - 00644080 _____ () C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
2015-06-05 16:51 - 2015-06-05 16:50 - 00815104 _____ () C:\Program Files\Lenovo PhoneCompanion\adb.exe
2015-07-10 04:26 - 2015-07-10 04:26 - 00009216 _____ () C:\Windows\System32\WppRecorderUM.dll
2015-10-22 22:15 - 2015-11-01 02:11 - 00161448 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-10-12 22:08 - 2015-10-12 22:08 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00396688 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-06-05 16:53 - 2014-11-17 14:35 - 00036632 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\Metric.dll
2015-06-05 16:53 - 2014-11-17 14:35 - 00166680 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\Lenovo.MetricCollectionMFCx64.dll
2015-10-12 22:08 - 2015-10-12 22:08 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-06-05 16:44 - 2014-10-22 09:15 - 00410096 _____ () C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
2015-10-12 22:08 - 2015-10-12 22:08 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 04:13 - 2015-07-10 04:13 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-10-12 22:08 - 2015-10-12 22:08 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-12 22:08 - 2015-10-12 22:08 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-12 22:08 - 2015-10-12 22:08 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-12 22:08 - 2015-10-12 22:08 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 04:13 - 2015-09-10 06:12 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-06-05 16:45 - 2015-06-05 16:45 - 00791368 _____ () C:\Program Files\Lenovo\LenovoUtility\utility.exe
2015-06-05 16:45 - 2015-06-05 16:45 - 00097048 _____ () C:\Program Files\Lenovo\LenovoUtility\kbdhook.dll
2015-06-05 16:48 - 2015-01-15 09:04 - 00107776 _____ () C:\Program Files (x86)\Lenovo\LenovoTransition\TransitionServer.exe
2015-06-05 16:53 - 2014-11-17 14:35 - 00047896 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\res_GR_German_DEU.dll
2015-10-19 21:44 - 2015-10-19 21:44 - 00438272 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.System\bc2098002fd52b147cd6f36228c62407\Windows.System.ni.dll
2015-10-19 21:44 - 2015-10-19 21:44 - 00497152 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\c313db6ba66467f0704aea415c8e453f\Windows.Foundation.ni.dll
2015-10-19 21:45 - 2015-10-19 21:45 - 01808896 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Networking\4c592134e17e3090d2957875eb21849a\Windows.Networking.ni.dll
2015-06-05 16:48 - 2014-08-25 09:27 - 00074520 _____ () C:\Program Files (x86)\Lenovo\Harmony\Picks\Lenovo.Harmonydll.dll
2015-06-05 16:54 - 2014-11-20 09:43 - 00159256 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\FbApi.dll
2015-06-05 16:53 - 2014-11-17 14:35 - 00036120 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\zd.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 00306960 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
2015-06-05 16:17 - 2013-10-01 10:09 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2014-05-28 12:16 - 2014-05-28 12:16 - 00013576 _____ () C:\Program Files (x86)\Lenovo\Motion Control\PointGrabDeviceAPI.dll
2014-10-10 08:37 - 2014-10-10 08:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-10-21 21:52 - 2015-10-21 21:52 - 00656384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Security\baa6f59723f38fc9ab9188d24ee05f77\Windows.Security.ni.dll
2015-10-21 21:52 - 2015-10-21 21:52 - 01232896 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Networking\8a5953ebf860a6927ad426f1d263bd41\Windows.Networking.ni.dll
2015-10-21 21:52 - 2015-10-21 21:52 - 00335360 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\9c623a02ebfec7b3c6af4e87bf2f9434\Windows.Foundation.ni.dll
2015-10-21 21:52 - 2015-10-21 21:52 - 00302080 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.System\e2e3d6ae606e4657bb6c23eaad850901\Windows.System.ni.dll
2015-06-05 16:48 - 2014-08-25 09:32 - 00168216 _____ () C:\Program Files (x86)\Lenovo\Harmony\Setting\PG_SettingsLib.dll
2015-06-05 16:48 - 2014-08-25 09:30 - 00018200 _____ () C:\Program Files (x86)\Lenovo\Harmony\Setting\Lenovo.Harmonydll.dll
2015-10-15 23:17 - 2015-11-05 00:44 - 00166416 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2015-11-17 11:25 - 2015-11-17 11:25 - 00071168 _____ () c:\users\Huber\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpp7biik.dll
2015-10-15 23:17 - 2015-09-03 01:11 - 00012800 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-10-15 23:17 - 2015-09-03 01:11 - 00779776 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-10-15 23:17 - 2015-09-03 01:11 - 00056320 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-10-15 23:17 - 2015-09-03 01:11 - 00012288 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2015-10-12 22:20 - 2015-09-28 14:53 - 00153768 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-10-12 22:20 - 2015-09-28 14:53 - 00023208 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2015-10-13 05:46 - 2015-10-13 05:46 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-23 15:47 - 2015-09-23 15:47 - 00073512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2578957434-3418125615-3071978573-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2578957434-3418125615-3071978573-1004\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Spotify"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{50C63600-73AA-4E57-A271-36274F3B7A3C}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{EAA29542-AE6F-492F-95E6-E27909BA0329}] => (Allow) LPort=55100
FirewallRules: [{94EC1CE1-E645-4EAA-A41B-56581BF5A25A}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{952D4584-C094-4CC7-A068-855CE60A3C57}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe
FirewallRules: [{31774FBC-176D-43EE-8592-9DB69A122A19}] => (Allow) C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
FirewallRules: [{6411C8C2-CB31-468D-9A5F-B7C4AFC7C276}] => (Allow) C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
FirewallRules: [{A545B2BE-858A-437C-BD47-A27DEFE4A9EF}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{71EDC1B7-EE9F-4382-B2CD-6523A7FAFEC0}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{B05E3705-6B85-4BD7-8278-3540088D77A4}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{90D5A9B9-16D1-4BE0-B18C-0D5451464299}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{00616BC0-D2B5-45E2-BAA1-EC886EABACB6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2AEFEEA8-983A-4AF7-B86B-44BF40CA3724}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AD03FB0C-BC9B-4BBE-A557-368162DCB96F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D85207A5-2C01-4E88-ACC9-53BD1D8605A9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5ED756A4-14D2-472A-A1B4-F25CB9D1B3F4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4E9A2D6A-2C14-4700-BEA4-F1CAD244138A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{C0A7194F-8A2C-43B5-9CA7-A0548512029A}C:\users\Huber\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\Huber\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{0C3316B0-8258-455D-BDCD-A00AF56F58AC}C:\users\Huber\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\Huber\appdata\roaming\spotify\spotify.exe
FirewallRules: [{2D7DCD14-D6EA-4246-8A95-480661769634}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{1EB5E529-0432-4895-AA9A-ABA8F1C0182D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{AB05A78C-E21D-4025-9522-6F41AA6349D8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{6461E776-1AA2-42D7-99C3-D3C800EA59D7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{8DE5A9BF-D816-4331-97F4-C796BD5E718A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{BA602042-5C5F-43F9-A1F8-8C7EF33F8068}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{AF1E1D36-0ACA-4769-8DE0-71CA1F67287C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D989EDB4-97FD-4A0C-A899-B6F01FAE8D16}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{51A1694A-1AE5-45DE-8294-8E429403CAE8}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{79E676A2-E52B-4FC6-80DA-718C74AB029E}] => (Allow) C:\Users\Huber\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A7D23A3E-75AB-45B4-8E8C-3C068A33D11D}] => (Allow) C:\Users\Huber\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2AD8E6AB-7A99-4AFE-8314-6B2870CD2DD7}] => (Allow) C:\Users\Huber\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9CCB39D9-0169-4853-8DDE-F68B64CE1D84}] => (Allow) C:\Users\Huber\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{892FB0DD-0B9A-45B5-B520-17C1071CF489}] => (Allow) C:\Users\Huber\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{679E26C0-2AD3-4E93-A09B-84B3AF554797}] => (Allow) C:\Users\Huber\AppData\Roaming\uTorrent\uTorrent.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : Windows cannot load the device driver for this hardware because a previous instance of the device driver is still in memory. (Code 38)
Resolution: The driver could not be loaded because a previous instance is still loaded.
Restart the computer.
Name: Microsoft ISATAP Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : Windows cannot load the device driver for this hardware because a previous instance of the device driver is still in memory. (Code 38)
Resolution: The driver could not be loaded because a previous instance is still loaded.
Restart the computer.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/17/2015 02:22:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1437
Error: (11/17/2015 02:22:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1437
Error: (11/17/2015 02:22:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/17/2015 02:21:55 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220
Error: (11/17/2015 01:16:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4235
Error: (11/17/2015 01:16:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4235
Error: (11/17/2015 01:16:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/17/2015 01:16:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2735
Error: (11/17/2015 01:16:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2735
Error: (11/17/2015 01:16:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Systemfehler:
=============
Error: (11/17/2015 11:40:02 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (11/17/2015 00:00:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session37" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/16/2015 11:36:47 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}
Error: (11/16/2015 11:36:46 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {B91D5831-B1BD-4608-8198-D72E155020F7}
Error: (11/16/2015 08:07:33 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (11/16/2015 00:20:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session36" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/16/2015 09:54:05 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (11/16/2015 00:45:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session35" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/16/2015 00:24:50 AM) (Source: DCOM) (EventID: 10010) (User: Karl-Heinz-Lenovo)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca
Error: (11/15/2015 06:52:57 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Pentium(R) 3805U @ 1.90GHz
Prozentuale Nutzung des RAM: 79%
Installierter physikalischer RAM: 4001.92 MB
Verfügbarer physikalischer RAM: 809.27 MB
Summe virtueller Speicher: 5897.17 MB
Verfügbarer virtueller Speicher: 1303.26 MB
==================== Laufwerke ================================
Drive c: (Windows8_OS) (Fixed) (Total:426.12 GB) (Free:387.82 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.88 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: DB009E8A)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
19.11.2015, 22:18
| #4 |
| /// TB-Ausbilder | DNS-Unlocker - Wie entfernen? Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 3 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 4 Starte noch einmal FRST.
__________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie | Spende | Lob & Kritik |
|
19.11.2015, 23:23
| #5 |
| | DNS-Unlocker - Wie entfernen?Code:
ATTFilter # AdwCleaner v5.021 - Bericht erstellt am 19/11/2015 um 22:30:57
# Aktualisiert am 14/11/2015 von Xplode
# Datenbank : 2015-11-19.3 [Server]
# Betriebssystem : Windows 10 Home (x64)
# Benutzername : Huber - Karl-Heinz-LENOVO
# Gestartet von : C:\Users\Huber\Desktop\AdwCleaner_5.021.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [808 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.0 (11.12.2015)
Operating System: Windows 10 Home x64
Ran by Huber (Administrator) on 19.11.2015 at 22:38:23,44
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.11.2015 at 22:48:42,16
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 19.11.2015 Suchlaufzeit: 22:50 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.11.19.05 Rootkit-Datenbank: v2015.11.14.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Huber Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 366577 Abgelaufene Zeit: 25 Min., 32 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:19-11-2015 durchgeführt von Huber (Administrator) auf Karl-Heinz-LENOVO (19-11-2015 23:19:20) Gestartet von C:\Users\Huber\Desktop Geladene Profile: Huber & (Verfügbare Profile: Huber) Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe (Lenovo) C:\Program Files (x86)\Lenovo\Harmony\Setting\HarmonySettingService.exe (Lenovo) C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe (Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe (LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe () C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe (Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe (Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe (Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe (PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe (Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe (Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe (PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe () C:\Program Files\Lenovo PhoneCompanion\adb.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe () C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Lenovo) C:\Users\Huber\AppData\Local\Apps\2.0\DMCP55HD.NQA\00WA6CTO.NBA\lsb...tion_91a10ba61c75c82d_0001.0005_a24d0d716055ed94\LSB.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Lenovo) C:\ProgramData\Lenovo App Services\Engine\LenovoAppServices.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avcenter.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13874392 2015-01-22] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1392496 2015-01-26] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1392496 2015-01-26] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1392496 2015-01-26] (Realtek Semiconductor) HKLM\...\Run: [DDPF3] => C:\Program Files\Dolby\DDP_F3\ddpf3.exe [746496 2014-11-03] (Dolby Laboratories Inc.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322712 2014-10-09] (Intel Corporation) HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791368 2015-06-05] () HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\LenovoTransition\TransitionServer.exe [107776 2015-01-15] () HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [802800 2015-06-05] (Lenovo) HKLM\...\Run: [OneKeyOptimizer] => C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe [559896 2014-11-18] (Lenovo(beijing) Limited) HKLM\...\Run: [LMCSSTART1] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [30152 2015-03-23] (Lenovo Corporation) HKLM\...\Run: [LMCSSTART2] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [30152 2015-03-23] (Lenovo Corporation) HKLM\...\Run: [LMCSSTART3] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [30152 2015-03-23] (Lenovo Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.) HKLM\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft anti-malware\a2guard.exe [9135984 2015-11-10] (Emsisoft Ltd) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944648 2015-11-17] (Synaptics Incorporated) HKLM-x32\...\Run: [HarmonyPicks] => C:\Program Files (x86)\Lenovo\Harmony\Picks\Lenovo.HarmonyPicks.exe [5275064 2015-03-02] (Lenovo) HKLM-x32\...\Run: [HarmonySetting] => C:\Program Files (x86)\Lenovo\Harmony\Setting\Lenovo.HarmonySetting.exe [2721208 2015-03-03] (Lenovo) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782520 2015-09-01] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36713096 2015-11-05] (Dropbox, Inc.) HKU\S-1-5-21-2578957434-3418125615-3071978573-1004\...\Run: [Spotify Web Helper] => C:\Users\Huber\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2344768 2015-11-14] (Spotify Ltd) HKU\S-1-5-21-2578957434-3418125615-3071978573-1004\...\Run: [Spotify] => C:\Users\Huber\AppData\Roaming\Spotify\Spotify.exe [8281920 2015-11-14] (Spotify Ltd) HKU\S-1-5-21-2578957434-3418125615-3071978573-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd) HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Huber\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2344768 2015-11-14] (Spotify Ltd) HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\Huber\AppData\Roaming\Spotify\Spotify.exe [8281920 2015-11-14] (Spotify Ltd) HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{2c5e84b5-ddf4-4d99-9720-9e6cc3d1e880}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{86061f15-d209-493e-b501-c096c6de8a0e}: [DhcpNameServer] 172.168.161.2 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-2578957434-3418125615-3071978573-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-2578957434-3418125615-3071978573-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-2578957434-3418125615-3071978573-1004\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2015-11-01] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2015-11-01] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2015-11-01] (Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2015-11-01] (Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Huber\AppData\Roaming\Mozilla\Firefox\Profiles\0d8bvwb1.default FF Homepage: orf.at FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-11-01] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-01] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2015-11-01] (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Extension: Avira Browser Safety - C:\Users\Huber\AppData\Roaming\Mozilla\Firefox\Profiles\0d8bvwb1.default\Extensions\abs@avira.com [2015-10-24] [ist nicht signiert] FF Extension: Adblock Plus - C:\Users\Huber\AppData\Roaming\Mozilla\Firefox\Profiles\0d8bvwb1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-12] Chrome: ======= CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [10768560 2015-11-10] (Emsisoft Ltd) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [932912 2015-09-01] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-09-01] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-09-01] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1147720 2015-10-14] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.) R2 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [560584 2015-03-23] (Lenovo Corporation) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG) R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [644080 2014-10-22] () R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2869432 2015-11-01] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-15] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-15] (Dropbox, Inc.) R2 FastbootService; C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe [191512 2014-11-20] (Lenovo) [Datei ist nicht signiert] R2 HarmonySettingService; C:\Program Files (x86)\Lenovo\Harmony\Setting\HarmonySettingService.exe [19896 2015-02-11] (Lenovo) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18584 2014-10-09] (Intel Corporation) R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [124520 2014-12-14] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-17] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [132896 2014-10-10] (Intel Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation) S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [561408 2014-09-22] (Lenovo) R2 Lenovo OKO Service; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe [2544408 2014-11-18] (Lenovo(beijing) Limited) R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2016040 2015-04-10] (Lenovo Group Limited) R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584632 2015-03-06] (LENOVO INCORPORATED.) S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [625608 2015-03-23] (Lenovo Corporation) R2 LenovoPAWDService; C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe [133440 2015-06-05] () R2 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe [258544 2014-06-19] (Lenovo(beijing) Limited) R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [218952 2014-08-25] (Lenovo(beijing) Limited) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 OKOControlSvc; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe [113944 2014-11-17] (Lenovo(beijing) Limited) R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-05-28] (PointGrab LTD) R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [524552 2014-05-28] (PointGrab LTD) R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [321520 2015-06-05] (Lenovo) S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [338416 2015-06-05] (Lenovo) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [30464 2015-01-15] (Lenovo) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-09-01] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-09-01] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-09-01] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-09-01] (Avira Operations GmbH & Co. KG) R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation) R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [123992 2015-10-23] (Emsisoft Ltd) R0 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [70168 2014-11-20] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert] R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [268048 2015-10-25] (Intel Corporation) R3 KMDFVirtualKbd; C:\Windows\System32\drivers\KMDFVirtualKbd.sys [22264 2014-08-04] () R3 KMDFVirtualMouse; C:\Windows\System32\drivers\KMDFVirtualMouse.sys [21240 2014-08-04] () R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-19] (Malwarebytes) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80160 2015-02-13] (McAfee, Inc.) R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3496216 2015-06-18] (Intel Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek ) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3057920 2015-06-02] (Realtek Semiconductor Corp.) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-11-17] (Synaptics Incorporated) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) U4 dmwappushsvc; kein ImagePath S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-19 23:19 - 2015-11-19 23:19 - 02020352 _____ (Farbar) C:\Users\Huber\Desktop\FRST64.exe 2015-11-19 23:19 - 2015-11-19 23:19 - 00000000 ____D C:\Users\Huber\Desktop\FRST-OlderVersion 2015-11-19 23:16 - 2015-11-19 23:17 - 00001196 _____ C:\Users\Huber\Desktop\mbam.txt 2015-11-19 22:48 - 2015-11-19 22:49 - 00000547 _____ C:\Users\Huber\Desktop\JRT.txt 2015-11-19 22:33 - 2015-11-19 22:33 - 00016148 _____ C:\WINDOWS\system32\Karl-Heinz-LENOVO_Huber_HistoryPrediction.bin 2015-11-19 22:27 - 2015-11-19 22:27 - 01599080 _____ (Malwarebytes) C:\Users\Huber\Downloads\JRT.exe 2015-11-19 14:44 - 2015-11-19 14:44 - 00001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-11-19 14:44 - 2015-11-19 14:44 - 00001231 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-11-19 14:44 - 2015-11-19 14:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-11-19 14:37 - 2015-11-19 14:37 - 00000000 ____D C:\Users\Huber\Downloads\tdsskiller 2015-11-19 14:36 - 2015-11-19 14:37 - 04376066 _____ C:\Users\Huber\Downloads\tdsskiller.zip 2015-11-19 14:34 - 2015-11-19 14:41 - 00243976 _____ C:\Users\Huber\Downloads\Firefox Setup Stub 42.0.exe 2015-11-19 14:31 - 2015-11-19 14:32 - 00178064 _____ C:\Users\Huber\Documents\cc_20151119_143146.reg 2015-11-17 15:10 - 2015-11-17 15:10 - 00419528 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll 2015-11-17 15:10 - 2015-11-17 15:10 - 00255688 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo31.dll 2015-11-17 15:10 - 2015-11-17 15:10 - 00042696 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys 2015-11-17 15:10 - 2015-11-17 15:10 - 00042184 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys 2015-11-17 14:51 - 2015-11-17 14:51 - 00000000 ____D C:\ProgramData\Emsisoft 2015-11-17 14:48 - 2015-11-19 14:42 - 00034906 _____ C:\Users\Huber\Desktop\MTB.txt 2015-11-17 14:44 - 2015-11-19 15:28 - 00039220 _____ C:\Users\Huber\Desktop\Addition.txt 2015-11-17 14:39 - 2015-11-19 23:19 - 00027318 _____ C:\Users\Huber\Desktop\FRST.txt 2015-11-17 14:38 - 2015-11-17 14:38 - 00000948 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk 2015-11-17 14:38 - 2015-11-17 14:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware 2015-11-17 14:37 - 2015-11-19 22:34 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware 2015-11-17 12:49 - 2015-11-19 23:19 - 00000000 ____D C:\FRST 2015-11-17 12:48 - 2015-11-17 12:49 - 00891392 _____ (Farbar) C:\Users\Huber\Desktop\MiniToolBox.exe 2015-11-17 12:47 - 2015-11-19 22:30 - 00000000 ____D C:\AdwCleaner 2015-11-17 12:46 - 2015-11-17 12:46 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Huber\Desktop\tdsskiller.exe 2015-11-17 12:45 - 2015-11-17 12:47 - 01732096 _____ C:\Users\Huber\Desktop\AdwCleaner_5.021.exe 2015-11-15 03:53 - 2015-11-15 03:53 - 00000000 ____D C:\Program Files\Common Files\DESIGNER 2015-11-15 01:26 - 2015-11-15 02:26 - 00000000 ____D C:\Users\Huber\AppData\Roaming\uTorrent 2015-11-15 01:26 - 2015-11-15 01:26 - 00002753 _____ C:\Users\Huber\Desktop\µTorrent.lnk 2015-11-12 21:11 - 2015-11-12 21:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-11-11 00:11 - 2015-11-05 06:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-11-11 00:11 - 2015-11-05 06:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll 2015-11-11 00:11 - 2015-11-05 06:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2015-11-11 00:11 - 2015-11-05 06:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2015-11-11 00:11 - 2015-11-05 06:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2015-11-11 00:11 - 2015-11-05 06:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-11-11 00:11 - 2015-11-05 06:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2015-11-11 00:11 - 2015-11-05 06:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2015-11-11 00:11 - 2015-11-05 05:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2015-11-11 00:11 - 2015-11-05 05:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2015-11-11 00:11 - 2015-11-05 05:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2015-11-11 00:11 - 2015-11-05 05:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-11-11 00:11 - 2015-11-05 05:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-11-11 00:11 - 2015-11-05 05:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2015-11-11 00:11 - 2015-11-05 05:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2015-11-11 00:11 - 2015-11-05 05:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-11-11 00:11 - 2015-11-05 05:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-11-11 00:11 - 2015-11-05 05:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2015-11-11 00:11 - 2015-11-05 05:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2015-11-11 00:11 - 2015-11-05 05:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-11-11 00:11 - 2015-11-05 05:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll 2015-11-11 00:11 - 2015-11-05 05:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2015-11-11 00:11 - 2015-11-05 05:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-11-11 00:11 - 2015-11-05 05:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2015-11-11 00:11 - 2015-11-05 05:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2015-11-11 00:11 - 2015-11-05 05:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll 2015-11-11 00:11 - 2015-11-05 05:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-11-11 00:11 - 2015-11-05 05:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-11-11 00:11 - 2015-11-05 05:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-11-11 00:11 - 2015-11-05 05:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2015-11-11 00:11 - 2015-11-05 05:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2015-11-11 00:11 - 2015-11-05 05:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2015-11-11 00:11 - 2015-11-05 05:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2015-11-11 00:11 - 2015-11-05 04:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-11-11 00:11 - 2015-11-05 04:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2015-11-11 00:11 - 2015-11-05 04:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-11-11 00:11 - 2015-11-05 04:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2015-11-11 00:11 - 2015-11-05 04:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-11-11 00:11 - 2015-11-05 04:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2015-11-11 00:11 - 2015-11-05 04:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll 2015-11-11 00:11 - 2015-11-05 04:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-11-11 00:11 - 2015-11-05 04:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2015-11-11 00:11 - 2015-11-05 04:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-11-11 00:11 - 2015-11-05 04:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-11-11 00:11 - 2015-11-05 04:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll 2015-11-11 00:11 - 2015-11-05 04:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll 2015-11-11 00:11 - 2015-11-05 04:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-11-11 00:11 - 2015-11-05 04:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-11-11 00:11 - 2015-11-05 04:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2015-11-11 00:11 - 2015-11-05 04:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-11-11 00:11 - 2015-11-05 04:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2015-11-11 00:11 - 2015-11-05 04:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2015-11-11 00:11 - 2015-11-05 04:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll 2015-11-06 23:24 - 2015-11-06 23:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GMATPrep 2015-11-06 23:17 - 2015-11-06 23:17 - 00000000 ____D C:\Users\Huber\AppData\Roaming\GMATPrep 2015-11-06 23:16 - 2014-09-25 15:55 - 00071280 _____ (Nalpeiron Ltd.) C:\WINDOWS\SysWOW64\nlssrv32.exe 2015-11-06 23:15 - 2015-11-17 14:57 - 00000000 ____D C:\Program Files (x86)\GMATPrep2012 2015-11-06 23:10 - 2015-11-06 23:14 - 55950096 _____ (Graduate Management Admission Council (GMAC)) C:\Users\Huber\Desktop\GMATPrep-2.3.322-Windows.exe 2015-11-06 15:27 - 2015-11-06 15:27 - 00000000 ____D C:\Users\Huber\Desktop\Blockify_Lite_0.5 2015-11-06 15:25 - 2015-11-06 15:26 - 13440375 _____ C:\Users\Huber\Desktop\Blockify_Lite_0.5.zip 2015-11-05 12:27 - 2015-11-05 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-11-05 12:27 - 2015-11-05 12:27 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-11-05 12:27 - 2015-11-05 12:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-11-05 12:26 - 2015-11-05 12:27 - 13155552 _____ (Microsoft Corporation) C:\Users\Huber\Downloads\Silverlight_x64.exe 2015-10-29 00:46 - 2015-10-31 02:40 - 00000000 ____D C:\Users\Huber\Desktop\indiv 2015-10-27 22:29 - 2015-10-27 22:29 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys 2015-10-27 22:23 - 2015-10-27 22:23 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys 2015-10-27 22:22 - 2015-10-27 22:22 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2015-10-26 22:53 - 2015-11-17 15:10 - 00764616 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll 2015-10-26 22:53 - 2015-11-17 15:10 - 00615112 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys 2015-10-26 22:53 - 2015-11-17 15:10 - 00269000 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll 2015-10-26 22:53 - 2015-01-14 17:47 - 00208040 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo20.dll 2015-10-26 22:49 - 2015-10-26 22:49 - 00000000 ____D C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo 2015-10-26 22:48 - 2015-11-19 22:40 - 00000000 ____D C:\Users\Huber\AppData\Local\Deployment 2015-10-26 22:48 - 2015-10-26 22:48 - 00000000 ____D C:\Users\Huber\AppData\Local\Apps\2.0 2015-10-26 22:42 - 2015-10-26 22:42 - 00000000 ____D C:\Users\Huber\AppData\Roaming\WinRAR 2015-10-26 22:28 - 2015-10-26 22:28 - 00000000 ____D C:\Program Files\Synaptics 2015-10-26 21:57 - 2015-10-26 22:23 - 00001491 _____ C:\WINDOWS\SynInst.log 2015-10-26 21:57 - 2015-10-26 21:57 - 00000000 ____D C:\Users\Huber\AppData\Roaming\Synaptics 2015-10-26 21:28 - 2015-10-26 21:28 - 02058768 _____ C:\Users\Huber\Desktop\winrar-x64-521d.exe 2015-10-26 21:28 - 2015-10-26 21:28 - 00000000 ____D C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-10-26 21:28 - 2015-10-26 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-10-26 21:28 - 2015-10-26 21:28 - 00000000 ____D C:\Program Files\WinRAR 2015-10-26 17:31 - 2015-11-01 18:34 - 00000000 ____D C:\Users\Huber\Desktop\Studium 2015-10-26 16:43 - 2015-10-26 16:43 - 00001974 _____ C:\Users\Huber\Desktop\IrfanView Thumbnails.lnk 2015-10-26 16:43 - 2015-10-26 16:43 - 00001086 _____ C:\Users\Huber\Desktop\IrfanView.lnk 2015-10-26 16:43 - 2015-10-26 16:43 - 00000000 ____D C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView 2015-10-26 16:43 - 2015-10-26 16:43 - 00000000 ____D C:\Program Files (x86)\IrfanView 2015-10-26 16:42 - 2015-10-26 16:43 - 02426808 _____ (Irfan Skiljan) C:\Users\Huber\Downloads\iview440g_setup.exe 2015-10-26 16:40 - 2015-10-26 16:40 - 00000777 _____ C:\Users\Huber\AppData\Local\recently-used.xbel 2015-10-26 16:40 - 2015-10-26 16:40 - 00000000 ____D C:\Users\Huber\AppData\Local\gtk-2.0 2015-10-26 16:40 - 2015-10-26 16:40 - 00000000 ____D C:\Users\Huber\.thumbnails 2015-10-26 16:34 - 2015-10-26 16:41 - 00000000 ____D C:\Users\Huber\.gimp-2.8 2015-10-26 16:34 - 2015-10-26 16:34 - 00000000 ____D C:\Users\Huber\AppData\Local\gegl-0.2 2015-10-26 16:33 - 2015-10-26 16:33 - 00000950 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk 2015-10-26 16:32 - 2015-10-26 16:33 - 00000000 ____D C:\Program Files\GIMP 2 2015-10-26 15:56 - 2015-10-26 15:58 - 00283352 _____ C:\WINDOWS\Minidump\102615-38750-01.dmp 2015-10-26 00:58 - 2015-10-26 00:58 - 00000000 ____D C:\Users\Huber\Documents\Benutzerdefinierte Office-Vorlagen 2015-10-25 12:10 - 2015-10-25 12:10 - 00001833 _____ C:\Users\Public\Desktop\iTunes.lnk 2015-10-25 12:10 - 2015-10-25 12:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-10-25 12:09 - 2015-10-25 12:10 - 00000000 ____D C:\Program Files\iTunes 2015-10-25 12:09 - 2015-10-25 12:09 - 00000000 ____D C:\Program Files\iPod 2015-10-25 12:09 - 2015-10-25 12:09 - 00000000 ____D C:\Program Files (x86)\iTunes 2015-10-25 12:06 - 2015-10-25 12:06 - 00268048 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ibtusb.sys 2015-10-25 12:06 - 2015-10-25 12:06 - 00243960 _____ (Intel Corporation) C:\WINDOWS\system32\ibtproppage.dll 2015-10-22 23:28 - 2015-10-22 22:32 - 00002552 _____ C:\Users\Huber\Desktop\Word 2016.lnk 2015-10-22 22:32 - 2015-10-22 22:32 - 00002555 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk 2015-10-22 22:32 - 2015-10-22 22:32 - 00002552 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk 2015-10-22 22:32 - 2015-10-22 22:32 - 00002548 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk 2015-10-22 22:32 - 2015-10-22 22:32 - 00002527 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk 2015-10-22 22:32 - 2015-10-22 22:32 - 00002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk 2015-10-22 22:32 - 2015-10-22 22:32 - 00002502 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk 2015-10-22 22:32 - 2015-10-22 22:32 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk 2015-10-22 22:32 - 2015-10-22 22:32 - 00002466 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2015-10-22 22:32 - 2015-10-22 22:32 - 00002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk 2015-10-22 22:32 - 2015-10-22 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools 2015-10-22 22:16 - 2015-11-15 03:51 - 00000000 ____D C:\Program Files\Microsoft Office 2015-10-22 22:16 - 2015-10-22 22:16 - 00000000 ____D C:\Program Files\Microsoft Office 15 2015-10-21 20:15 - 2015-10-21 20:15 - 00000000 ____D C:\Users\Huber\AppData\Roaming\LibreOffice ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-19 23:20 - 2015-10-15 23:15 - 00001244 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2015-11-19 22:45 - 2015-10-12 22:35 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-11-19 22:39 - 2015-06-05 16:27 - 00006400 _____ C:\WINDOWS\SysWOW64\Gms.log 2015-11-19 22:35 - 2015-10-15 23:20 - 00000000 ___RD C:\Users\Huber\Dropbox 2015-11-19 22:35 - 2015-10-15 23:15 - 00000000 ____D C:\Users\Huber\AppData\Local\Dropbox 2015-11-19 22:35 - 2015-10-12 23:11 - 00001423 _____ C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Harmony Settings Introduction.lnk 2015-11-19 22:35 - 2015-10-12 22:04 - 00002319 _____ C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Harmony Picks Introduction.lnk 2015-11-19 22:35 - 2015-09-10 06:33 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log 2015-11-19 22:34 - 2015-10-12 21:19 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2015-11-19 22:33 - 2015-10-15 23:15 - 00001240 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2015-11-19 22:32 - 2015-10-12 21:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-11-19 22:32 - 2015-07-30 22:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-11-19 22:32 - 2015-07-30 22:49 - 00352272 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-11-19 22:31 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\sru 2015-11-19 22:31 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2015-11-19 21:22 - 2015-10-12 22:25 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-11-19 14:33 - 2015-10-12 22:27 - 00000000 ____D C:\Users\Huber\AppData\Local\MicrosoftEdge 2015-11-19 11:26 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-11-17 16:22 - 2015-10-12 21:36 - 01793546 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-11-17 16:22 - 2015-09-10 06:10 - 00773380 _____ C:\WINDOWS\system32\perfh007.dat 2015-11-17 16:22 - 2015-09-10 06:10 - 00154706 _____ C:\WINDOWS\system32\perfc007.dat 2015-11-17 16:21 - 2015-07-30 22:50 - 00037421 _____ C:\WINDOWS\setupact.log 2015-11-17 16:19 - 2015-06-05 16:02 - 00104550 _____ C:\WINDOWS\DPINST.LOG 2015-11-17 15:10 - 2015-08-03 18:58 - 00042696 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys 2015-11-17 15:10 - 2014-01-30 18:17 - 01804696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll 2015-11-17 14:57 - 2015-09-09 21:31 - 00139170 _____ C:\WINDOWS\PFRO.log 2015-11-17 14:55 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-11-16 20:54 - 2015-10-13 09:44 - 00000000 ____D C:\Users\Huber\AppData\Local\Spotify 2015-11-16 20:45 - 2015-10-13 09:41 - 00000000 ____D C:\Users\Huber\AppData\Roaming\Spotify 2015-11-15 03:53 - 2015-07-30 23:42 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-11-14 15:43 - 2015-10-14 22:18 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-11-14 12:06 - 2015-10-14 22:18 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-11-12 21:11 - 2015-10-15 23:15 - 00000000 ____D C:\Program Files (x86)\Dropbox 2015-11-12 00:14 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\NDF 2015-11-11 00:35 - 2015-07-30 23:25 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-11-11 00:22 - 2015-10-12 22:25 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2015-11-10 09:29 - 2015-10-12 22:34 - 00001222 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2015-11-10 09:29 - 2015-10-12 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-11-10 09:29 - 2015-06-05 16:14 - 00000000 ____D C:\ProgramData\Package Cache 2015-11-06 22:34 - 2015-06-05 16:15 - 00003838 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2015-11-06 22:34 - 2015-06-05 16:15 - 00003604 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon 2015-11-03 19:20 - 2015-07-30 23:43 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-11-03 19:20 - 2015-07-30 23:43 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-11-01 12:21 - 2015-10-15 23:08 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2015-11-01 12:19 - 2015-10-15 23:09 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2015-10-29 00:08 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2015-10-26 22:55 - 2015-06-05 16:22 - 00001440 _____ C:\WINDOWS\Synaptics.log 2015-10-26 22:49 - 2015-06-05 16:44 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo 2015-10-26 17:03 - 2015-10-12 22:01 - 00000000 ____D C:\Users\Huber\AppData\Local\VirtualStore 2015-10-26 16:40 - 2015-10-12 22:00 - 00000000 ____D C:\Users\Huber 2015-10-26 15:56 - 2015-10-14 17:26 - 672141910 _____ C:\WINDOWS\MEMORY.DMP 2015-10-26 15:56 - 2015-10-14 17:26 - 00000000 ____D C:\WINDOWS\Minidump 2015-10-25 12:09 - 2015-10-13 09:21 - 00000000 ____D C:\Program Files\Common Files\Apple 2015-10-25 12:07 - 2015-07-30 22:50 - 00000178 _____ C:\WINDOWS\setuperr.log 2015-10-22 22:57 - 2015-06-05 16:54 - 00000000 ____D C:\ProgramData\Office2013 2015-10-22 22:56 - 2015-10-12 22:05 - 00002421 _____ C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-10-22 22:56 - 2015-10-12 22:05 - 00000000 ___RD C:\Users\Huber\OneDrive 2015-10-20 23:32 - 2015-09-10 06:13 - 00000000 ____D C:\WINDOWS\OCR ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-10-26 16:40 - 2015-10-26 16:40 - 0000777 _____ () C:\Users\Huber\AppData\Local\recently-used.xbel 2015-10-12 21:19 - 2015-10-12 21:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Einige Dateien in TEMP: ==================== C:\Users\Huber\AppData\Local\Temp\avgnt.exe C:\Users\Huber\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpdnthdl.dll C:\Users\Huber\AppData\Local\Temp\LenovoExperienceImprovement.exe C:\Users\Huber\AppData\Local\Temp\McCSPInstall.dll C:\Users\Huber\AppData\Local\Temp\mccspuninstall.exe C:\Users\Huber\AppData\Local\Temp\nls-checker-xp.exe C:\Users\Huber\AppData\Local\Temp\nls-smart-installer-xp.exe C:\Users\Huber\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-11-19 21:24 ==================== Ende von FRST.txt ============================ |
|
21.11.2015, 13:44
| #6 |
| /// TB-Ausbilder | DNS-Unlocker - Wie entfernen? Hmm, kannst du mir schildern, wie sich der DNS-Unlocker bei dir zeigt ? Und bitte neue FRST Logs. Diesmal den Haken setzen bei shortcut.txt dann auf Scan klicken Nur den Inhalt der shortcut.txt posten.
__________________ --> DNS-Unlocker - Wie entfernen? |
|
22.11.2015, 15:55
| #7 |
| | DNS-Unlocker - Wie entfernen?Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-11-2015 durchgeführt von Huber (Administrator) auf Karl-Heinz-LENOVO (21-11-2015 18:23:51) Gestartet von C:\Users\Huber\Desktop Geladene Profile: Huber & (Verfügbare Profile: Huber) Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe (Lenovo) C:\Program Files (x86)\Lenovo\Harmony\Setting\HarmonySettingService.exe (Lenovo) C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe (Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe (LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe () C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe (Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe (Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe (Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe (PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe (Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe (Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe (PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe () C:\Program Files\Lenovo PhoneCompanion\adb.exe () C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Lenovo) C:\ProgramData\Lenovo App Services\Engine\LenovoAppServices.exe (Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Dolby Laboratories Inc.) C:\Program Files\Dolby\DDP_F3\ddpf3.exe () C:\Program Files\Lenovo\LenovoUtility\utility.exe () C:\Program Files (x86)\Lenovo\LenovoTransition\TransitionServer.exe (Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe (Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe (Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OnekeyOptimizerUpdata.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Spotify Ltd) C:\Users\Huber\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Lenovo) C:\Program Files (x86)\Lenovo\Harmony\Picks\Lenovo.HarmonyPicks.exe (Lenovo) C:\Program Files (x86)\Lenovo\Harmony\Setting\Lenovo.HarmonySetting.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe (Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\tpknrres.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe () C:\Program Files\Lenovo\iMController\AutoUpdate.exe (Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizer.exe (Lenovo) C:\Users\Huber\AppData\Local\Apps\2.0\DMCP55HD.NQA\00WA6CTO.NBA\lsb...tion_91a10ba61c75c82d_0001.0005_a24d0d716055ed94\LSB.exe (Apple Inc.) C:\Program Files\iTunes\iTunes.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avcenter.exe () C:\Program Files\Lenovo\iMController\PluginCommunication.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13874392 2015-01-22] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1392496 2015-01-26] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1392496 2015-01-26] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1392496 2015-01-26] (Realtek Semiconductor) HKLM\...\Run: [DDPF3] => C:\Program Files\Dolby\DDP_F3\ddpf3.exe [746496 2014-11-03] (Dolby Laboratories Inc.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322712 2014-10-09] (Intel Corporation) HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791368 2015-06-05] () HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\LenovoTransition\TransitionServer.exe [107776 2015-01-15] () HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [802800 2015-06-05] (Lenovo) HKLM\...\Run: [OneKeyOptimizer] => C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe [559896 2014-11-18] (Lenovo(beijing) Limited) HKLM\...\Run: [LMCSSTART1] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [30152 2015-03-23] (Lenovo Corporation) HKLM\...\Run: [LMCSSTART2] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [30152 2015-03-23] (Lenovo Corporation) HKLM\...\Run: [LMCSSTART3] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [30152 2015-03-23] (Lenovo Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.) HKLM\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft anti-malware\a2guard.exe [9135984 2015-11-10] (Emsisoft Ltd) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944648 2015-11-17] (Synaptics Incorporated) HKLM-x32\...\Run: [HarmonyPicks] => C:\Program Files (x86)\Lenovo\Harmony\Picks\Lenovo.HarmonyPicks.exe [5275064 2015-03-02] (Lenovo) HKLM-x32\...\Run: [HarmonySetting] => C:\Program Files (x86)\Lenovo\Harmony\Setting\Lenovo.HarmonySetting.exe [2721208 2015-03-03] (Lenovo) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782520 2015-09-01] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36713096 2015-11-05] (Dropbox, Inc.) HKU\S-1-5-21-2578957434-3418125615-3071978573-1004\...\Run: [Spotify Web Helper] => C:\Users\Huber\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2344768 2015-11-14] (Spotify Ltd) HKU\S-1-5-21-2578957434-3418125615-3071978573-1004\...\Run: [Spotify] => C:\Users\Huber\AppData\Roaming\Spotify\Spotify.exe [8281920 2015-11-14] (Spotify Ltd) HKU\S-1-5-21-2578957434-3418125615-3071978573-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd) HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Huber\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2344768 2015-11-14] (Spotify Ltd) HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\Huber\AppData\Roaming\Spotify\Spotify.exe [8281920 2015-11-14] (Spotify Ltd) HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd) HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Spotify Web Helper] => C:\Users\Huber\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2344768 2015-11-14] (Spotify Ltd) HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Spotify] => C:\Users\Huber\AppData\Roaming\Spotify\Spotify.exe [8281920 2015-11-14] (Spotify Ltd) HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{2c5e84b5-ddf4-4d99-9720-9e6cc3d1e880}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{86061f15-d209-493e-b501-c096c6de8a0e}: [DhcpNameServer] 172.168.161.2 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-2578957434-3418125615-3071978573-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-2578957434-3418125615-3071978573-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-2578957434-3418125615-3071978573-1004\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-2578957434-3418125615-3071978573-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2015-11-01] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2015-11-01] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2015-11-01] (Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2015-11-01] (Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Huber\AppData\Roaming\Mozilla\Firefox\Profiles\0d8bvwb1.default FF Homepage: orf.at FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-11-01] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-01] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2015-11-01] (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Extension: Avira Browser Safety - C:\Users\Huber\AppData\Roaming\Mozilla\Firefox\Profiles\0d8bvwb1.default\Extensions\abs@avira.com [2015-10-24] [ist nicht signiert] FF Extension: Adblock Plus - C:\Users\Huber\AppData\Roaming\Mozilla\Firefox\Profiles\0d8bvwb1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-12] Chrome: ======= CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [10768560 2015-11-10] (Emsisoft Ltd) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [932912 2015-09-01] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-09-01] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-09-01] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1147720 2015-10-14] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.) R2 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [560584 2015-03-23] (Lenovo Corporation) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG) R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [644080 2014-10-22] () R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2869432 2015-11-01] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-15] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-15] (Dropbox, Inc.) R2 FastbootService; C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe [191512 2014-11-20] (Lenovo) [Datei ist nicht signiert] R2 HarmonySettingService; C:\Program Files (x86)\Lenovo\Harmony\Setting\HarmonySettingService.exe [19896 2015-02-11] (Lenovo) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18584 2014-10-09] (Intel Corporation) R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [124520 2014-12-14] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-17] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [132896 2014-10-10] (Intel Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation) S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [561408 2014-09-22] (Lenovo) R2 Lenovo OKO Service; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe [2544408 2014-11-18] (Lenovo(beijing) Limited) R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2016040 2015-04-10] (Lenovo Group Limited) R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584632 2015-03-06] (LENOVO INCORPORATED.) S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [625608 2015-03-23] (Lenovo Corporation) R2 LenovoPAWDService; C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe [133440 2015-06-05] () R2 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe [258544 2014-06-19] (Lenovo(beijing) Limited) R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [218952 2014-08-25] (Lenovo(beijing) Limited) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 OKOControlSvc; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe [113944 2014-11-17] (Lenovo(beijing) Limited) R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-05-28] (PointGrab LTD) R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [524552 2014-05-28] (PointGrab LTD) R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [321520 2015-06-05] (Lenovo) S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [338416 2015-06-05] (Lenovo) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [30464 2015-01-15] (Lenovo) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-09-01] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-09-01] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-09-01] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-09-01] (Avira Operations GmbH & Co. KG) R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation) R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [123992 2015-10-23] (Emsisoft Ltd) R0 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [70168 2014-11-20] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert] R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [268048 2015-10-25] (Intel Corporation) R3 KMDFVirtualKbd; C:\Windows\System32\drivers\KMDFVirtualKbd.sys [22264 2014-08-04] () R3 KMDFVirtualMouse; C:\Windows\System32\drivers\KMDFVirtualMouse.sys [21240 2014-08-04] () R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-21] (Malwarebytes) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80160 2015-02-13] (McAfee, Inc.) R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3496216 2015-06-18] (Intel Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek ) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3057920 2015-06-02] (Realtek Semiconductor Corp.) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-11-17] (Synaptics Incorporated) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) U4 dmwappushsvc; kein ImagePath S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-21 18:15 - 2015-11-21 18:15 - 00016148 _____ C:\WINDOWS\system32\Karl-Heinz-LENOVO_Huber_HistoryPrediction.bin 2015-11-19 23:19 - 2015-11-21 18:23 - 02345984 _____ (Farbar) C:\Users\Huber\Desktop\FRST64.exe 2015-11-19 23:19 - 2015-11-21 18:23 - 00000000 ____D C:\Users\Huber\Desktop\FRST-OlderVersion 2015-11-19 23:16 - 2015-11-19 23:17 - 00001196 _____ C:\Users\Huber\Desktop\mbam.txt 2015-11-19 22:48 - 2015-11-19 22:49 - 00000547 _____ C:\Users\Huber\Desktop\JRT.txt 2015-11-19 22:27 - 2015-11-19 22:27 - 01599080 _____ (Malwarebytes) C:\Users\Huber\Downloads\JRT.exe 2015-11-19 14:44 - 2015-11-19 14:44 - 00001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-11-19 14:44 - 2015-11-19 14:44 - 00001231 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-11-19 14:44 - 2015-11-19 14:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-11-19 14:37 - 2015-11-19 14:37 - 00000000 ____D C:\Users\Huber\Downloads\tdsskiller 2015-11-19 14:36 - 2015-11-19 14:37 - 04376066 _____ C:\Users\Huber\Downloads\tdsskiller.zip 2015-11-19 14:34 - 2015-11-19 14:41 - 00243976 _____ C:\Users\Huber\Downloads\Firefox Setup Stub 42.0.exe 2015-11-19 14:31 - 2015-11-19 14:32 - 00178064 _____ C:\Users\Huber\Documents\cc_20151119_143146.reg 2015-11-17 15:10 - 2015-11-17 15:10 - 00419528 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll 2015-11-17 15:10 - 2015-11-17 15:10 - 00255688 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo31.dll 2015-11-17 15:10 - 2015-11-17 15:10 - 00042696 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys 2015-11-17 15:10 - 2015-11-17 15:10 - 00042184 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys 2015-11-17 14:51 - 2015-11-17 14:51 - 00000000 ____D C:\ProgramData\Emsisoft 2015-11-17 14:48 - 2015-11-19 14:42 - 00034906 _____ C:\Users\Huber\Desktop\MTB.txt 2015-11-17 14:44 - 2015-11-19 15:28 - 00039220 _____ C:\Users\Huber\Desktop\Addition.txt 2015-11-17 14:39 - 2015-11-21 18:23 - 00030812 _____ C:\Users\Huber\Desktop\FRST.txt 2015-11-17 14:38 - 2015-11-17 14:38 - 00000948 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk 2015-11-17 14:38 - 2015-11-17 14:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware 2015-11-17 14:37 - 2015-11-21 18:21 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware 2015-11-17 12:49 - 2015-11-21 18:23 - 00000000 ____D C:\FRST 2015-11-17 12:48 - 2015-11-17 12:49 - 00891392 _____ (Farbar) C:\Users\Huber\Desktop\MiniToolBox.exe 2015-11-17 12:47 - 2015-11-19 22:30 - 00000000 ____D C:\AdwCleaner 2015-11-17 12:46 - 2015-11-17 12:46 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Huber\Desktop\tdsskiller.exe 2015-11-17 12:45 - 2015-11-17 12:47 - 01732096 _____ C:\Users\Huber\Desktop\AdwCleaner_5.021.exe 2015-11-15 03:53 - 2015-11-15 03:53 - 00000000 ____D C:\Program Files\Common Files\DESIGNER 2015-11-15 01:26 - 2015-11-15 02:26 - 00000000 ____D C:\Users\Huber\AppData\Roaming\uTorrent 2015-11-15 01:26 - 2015-11-15 01:26 - 00002753 _____ C:\Users\Huber\Desktop\µTorrent.lnk 2015-11-12 21:11 - 2015-11-12 21:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-11-11 00:11 - 2015-11-05 06:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-11-11 00:11 - 2015-11-05 06:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll 2015-11-11 00:11 - 2015-11-05 06:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2015-11-11 00:11 - 2015-11-05 06:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2015-11-11 00:11 - 2015-11-05 06:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2015-11-11 00:11 - 2015-11-05 06:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-11-11 00:11 - 2015-11-05 06:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2015-11-11 00:11 - 2015-11-05 06:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2015-11-11 00:11 - 2015-11-05 05:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2015-11-11 00:11 - 2015-11-05 05:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2015-11-11 00:11 - 2015-11-05 05:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2015-11-11 00:11 - 2015-11-05 05:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-11-11 00:11 - 2015-11-05 05:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-11-11 00:11 - 2015-11-05 05:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2015-11-11 00:11 - 2015-11-05 05:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2015-11-11 00:11 - 2015-11-05 05:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-11-11 00:11 - 2015-11-05 05:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-11-11 00:11 - 2015-11-05 05:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2015-11-11 00:11 - 2015-11-05 05:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2015-11-11 00:11 - 2015-11-05 05:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-11-11 00:11 - 2015-11-05 05:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll 2015-11-11 00:11 - 2015-11-05 05:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2015-11-11 00:11 - 2015-11-05 05:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-11-11 00:11 - 2015-11-05 05:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2015-11-11 00:11 - 2015-11-05 05:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2015-11-11 00:11 - 2015-11-05 05:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll 2015-11-11 00:11 - 2015-11-05 05:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-11-11 00:11 - 2015-11-05 05:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-11-11 00:11 - 2015-11-05 05:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-11-11 00:11 - 2015-11-05 05:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2015-11-11 00:11 - 2015-11-05 05:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2015-11-11 00:11 - 2015-11-05 05:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2015-11-11 00:11 - 2015-11-05 05:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2015-11-11 00:11 - 2015-11-05 04:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-11-11 00:11 - 2015-11-05 04:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2015-11-11 00:11 - 2015-11-05 04:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-11-11 00:11 - 2015-11-05 04:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2015-11-11 00:11 - 2015-11-05 04:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-11-11 00:11 - 2015-11-05 04:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2015-11-11 00:11 - 2015-11-05 04:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll 2015-11-11 00:11 - 2015-11-05 04:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-11-11 00:11 - 2015-11-05 04:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2015-11-11 00:11 - 2015-11-05 04:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-11-11 00:11 - 2015-11-05 04:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-11-11 00:11 - 2015-11-05 04:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll 2015-11-11 00:11 - 2015-11-05 04:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll 2015-11-11 00:11 - 2015-11-05 04:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-11-11 00:11 - 2015-11-05 04:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-11-11 00:11 - 2015-11-05 04:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2015-11-11 00:11 - 2015-11-05 04:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-11-11 00:11 - 2015-11-05 04:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2015-11-11 00:11 - 2015-11-05 04:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2015-11-11 00:11 - 2015-11-05 04:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll 2015-11-06 23:24 - 2015-11-06 23:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GMATPrep 2015-11-06 23:17 - 2015-11-06 23:17 - 00000000 ____D C:\Users\Huber\AppData\Roaming\GMATPrep 2015-11-06 23:16 - 2014-09-25 15:55 - 00071280 _____ (Nalpeiron Ltd.) C:\WINDOWS\SysWOW64\nlssrv32.exe 2015-11-06 23:15 - 2015-11-17 14:57 - 00000000 ____D C:\Program Files (x86)\GMATPrep2012 2015-11-06 23:10 - 2015-11-06 23:14 - 55950096 _____ (Graduate Management Admission Council (GMAC)) C:\Users\Huber\Desktop\GMATPrep-2.3.322-Windows.exe 2015-11-06 15:27 - 2015-11-06 15:27 - 00000000 ____D C:\Users\Huber\Desktop\Blockify_Lite_0.5 2015-11-06 15:25 - 2015-11-06 15:26 - 13440375 _____ C:\Users\Huber\Desktop\Blockify_Lite_0.5.zip 2015-11-05 12:27 - 2015-11-05 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-11-05 12:27 - 2015-11-05 12:27 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-11-05 12:27 - 2015-11-05 12:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-11-05 12:26 - 2015-11-05 12:27 - 13155552 _____ (Microsoft Corporation) C:\Users\Huber\Downloads\Silverlight_x64.exe 2015-10-29 00:46 - 2015-10-31 02:40 - 00000000 ____D C:\Users\Huber\Desktop\indiv 2015-10-27 22:29 - 2015-10-27 22:29 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys 2015-10-27 22:23 - 2015-10-27 22:23 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys 2015-10-27 22:22 - 2015-10-27 22:22 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2015-10-26 22:53 - 2015-11-17 15:10 - 00764616 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll 2015-10-26 22:53 - 2015-11-17 15:10 - 00615112 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys 2015-10-26 22:53 - 2015-11-17 15:10 - 00269000 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll 2015-10-26 22:53 - 2015-01-14 17:47 - 00208040 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo20.dll 2015-10-26 22:49 - 2015-10-26 22:49 - 00000000 ____D C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo 2015-10-26 22:48 - 2015-11-20 12:45 - 00000000 ____D C:\Users\Huber\AppData\Local\Deployment 2015-10-26 22:48 - 2015-10-26 22:48 - 00000000 ____D C:\Users\Huber\AppData\Local\Apps\2.0 2015-10-26 22:42 - 2015-10-26 22:42 - 00000000 ____D C:\Users\Huber\AppData\Roaming\WinRAR 2015-10-26 22:28 - 2015-10-26 22:28 - 00000000 ____D C:\Program Files\Synaptics 2015-10-26 21:57 - 2015-10-26 22:23 - 00001491 _____ C:\WINDOWS\SynInst.log 2015-10-26 21:57 - 2015-10-26 21:57 - 00000000 ____D C:\Users\Huber\AppData\Roaming\Synaptics 2015-10-26 21:28 - 2015-10-26 21:28 - 02058768 _____ C:\Users\Huber\Desktop\winrar-x64-521d.exe 2015-10-26 21:28 - 2015-10-26 21:28 - 00000000 ____D C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-10-26 21:28 - 2015-10-26 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-10-26 21:28 - 2015-10-26 21:28 - 00000000 ____D C:\Program Files\WinRAR 2015-10-26 17:31 - 2015-11-01 18:34 - 00000000 ____D C:\Users\Huber\Desktop\Studium 2015-10-26 16:43 - 2015-10-26 16:43 - 00001974 _____ C:\Users\Huber\Desktop\IrfanView Thumbnails.lnk 2015-10-26 16:43 - 2015-10-26 16:43 - 00001086 _____ C:\Users\Huber\Desktop\IrfanView.lnk 2015-10-26 16:43 - 2015-10-26 16:43 - 00000000 ____D C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView 2015-10-26 16:43 - 2015-10-26 16:43 - 00000000 ____D C:\Program Files (x86)\IrfanView 2015-10-26 16:42 - 2015-10-26 16:43 - 02426808 _____ (Irfan Skiljan) C:\Users\Huber\Downloads\iview440g_setup.exe 2015-10-26 16:40 - 2015-10-26 16:40 - 00000777 _____ C:\Users\Huber\AppData\Local\recently-used.xbel 2015-10-26 16:40 - 2015-10-26 16:40 - 00000000 ____D C:\Users\Huber\AppData\Local\gtk-2.0 2015-10-26 16:40 - 2015-10-26 16:40 - 00000000 ____D C:\Users\Huber\.thumbnails 2015-10-26 16:34 - 2015-10-26 16:41 - 00000000 ____D C:\Users\Huber\.gimp-2.8 2015-10-26 16:34 - 2015-10-26 16:34 - 00000000 ____D C:\Users\Huber\AppData\Local\gegl-0.2 2015-10-26 16:33 - 2015-10-26 16:33 - 00000950 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk 2015-10-26 16:32 - 2015-10-26 16:33 - 00000000 ____D C:\Program Files\GIMP 2 2015-10-26 15:56 - 2015-10-26 15:58 - 00283352 _____ C:\WINDOWS\Minidump\102615-38750-01.dmp 2015-10-26 00:58 - 2015-10-26 00:58 - 00000000 ____D C:\Users\Huber\Documents\Benutzerdefinierte Office-Vorlagen 2015-10-25 12:10 - 2015-10-25 12:10 - 00001833 _____ C:\Users\Public\Desktop\iTunes.lnk 2015-10-25 12:10 - 2015-10-25 12:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-10-25 12:09 - 2015-10-25 12:10 - 00000000 ____D C:\Program Files\iTunes 2015-10-25 12:09 - 2015-10-25 12:09 - 00000000 ____D C:\Program Files\iPod 2015-10-25 12:09 - 2015-10-25 12:09 - 00000000 ____D C:\Program Files (x86)\iTunes 2015-10-25 12:06 - 2015-10-25 12:06 - 00268048 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ibtusb.sys 2015-10-25 12:06 - 2015-10-25 12:06 - 00243960 _____ (Intel Corporation) C:\WINDOWS\system32\ibtproppage.dll 2015-10-22 23:28 - 2015-10-22 22:32 - 00002552 _____ C:\Users\Huber\Desktop\Word 2016.lnk 2015-10-22 22:32 - 2015-10-22 22:32 - 00002555 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk 2015-10-22 22:32 - 2015-10-22 22:32 - 00002552 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk 2015-10-22 22:32 - 2015-10-22 22:32 - 00002548 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk 2015-10-22 22:32 - 2015-10-22 22:32 - 00002527 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk 2015-10-22 22:32 - 2015-10-22 22:32 - 00002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk 2015-10-22 22:32 - 2015-10-22 22:32 - 00002502 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk 2015-10-22 22:32 - 2015-10-22 22:32 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk 2015-10-22 22:32 - 2015-10-22 22:32 - 00002466 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2015-10-22 22:32 - 2015-10-22 22:32 - 00002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk 2015-10-22 22:32 - 2015-10-22 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools 2015-10-22 22:16 - 2015-11-15 03:51 - 00000000 ____D C:\Program Files\Microsoft Office 2015-10-22 22:16 - 2015-10-22 22:16 - 00000000 ____D C:\Program Files\Microsoft Office 15 ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-21 18:22 - 2015-10-12 22:25 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-11-21 18:21 - 2015-10-15 23:15 - 00001244 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2015-11-21 18:21 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\sru 2015-11-21 18:19 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-11-21 18:17 - 2015-10-12 23:11 - 00001423 _____ C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Harmony Settings Introduction.lnk 2015-11-21 18:17 - 2015-10-12 22:35 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-11-21 18:17 - 2015-10-12 22:04 - 00002319 _____ C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Harmony Picks Introduction.lnk 2015-11-21 18:15 - 2015-10-15 23:15 - 00001240 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2015-11-21 18:15 - 2015-10-12 21:19 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2015-11-20 12:41 - 2015-10-15 23:20 - 00000000 ___RD C:\Users\Huber\Dropbox 2015-11-20 12:41 - 2015-10-15 23:15 - 00000000 ____D C:\Users\Huber\AppData\Local\Dropbox 2015-11-20 12:39 - 2015-09-10 06:33 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log 2015-11-20 12:37 - 2015-06-05 16:27 - 00016786 _____ C:\WINDOWS\SysWOW64\Gms.log 2015-11-19 22:32 - 2015-10-12 21:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-11-19 22:32 - 2015-07-30 22:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-11-19 22:32 - 2015-07-30 22:49 - 00352272 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-11-19 22:31 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2015-11-19 14:33 - 2015-10-12 22:27 - 00000000 ____D C:\Users\Huber\AppData\Local\MicrosoftEdge 2015-11-17 16:22 - 2015-10-12 21:36 - 01793546 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-11-17 16:22 - 2015-09-10 06:10 - 00773380 _____ C:\WINDOWS\system32\perfh007.dat 2015-11-17 16:22 - 2015-09-10 06:10 - 00154706 _____ C:\WINDOWS\system32\perfc007.dat 2015-11-17 16:21 - 2015-07-30 22:50 - 00037421 _____ C:\WINDOWS\setupact.log 2015-11-17 16:19 - 2015-06-05 16:02 - 00104550 _____ C:\WINDOWS\DPINST.LOG 2015-11-17 15:10 - 2015-08-03 18:58 - 00042696 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys 2015-11-17 15:10 - 2014-01-30 18:17 - 01804696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll 2015-11-17 14:57 - 2015-09-09 21:31 - 00139170 _____ C:\WINDOWS\PFRO.log 2015-11-17 14:55 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-11-16 20:54 - 2015-10-13 09:44 - 00000000 ____D C:\Users\Huber\AppData\Local\Spotify 2015-11-16 20:45 - 2015-10-13 09:41 - 00000000 ____D C:\Users\Huber\AppData\Roaming\Spotify 2015-11-15 03:53 - 2015-07-30 23:42 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-11-14 15:43 - 2015-10-14 22:18 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-11-14 12:06 - 2015-10-14 22:18 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-11-12 21:11 - 2015-10-15 23:15 - 00000000 ____D C:\Program Files (x86)\Dropbox 2015-11-12 00:14 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\NDF 2015-11-11 00:35 - 2015-07-30 23:25 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-11-11 00:22 - 2015-10-12 22:25 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2015-11-10 09:29 - 2015-10-12 22:34 - 00001222 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2015-11-10 09:29 - 2015-10-12 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-11-10 09:29 - 2015-06-05 16:14 - 00000000 ____D C:\ProgramData\Package Cache 2015-11-06 22:34 - 2015-06-05 16:15 - 00003838 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2015-11-06 22:34 - 2015-06-05 16:15 - 00003604 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon 2015-11-03 19:20 - 2015-07-30 23:43 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-11-03 19:20 - 2015-07-30 23:43 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-11-01 12:21 - 2015-10-15 23:08 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2015-11-01 12:19 - 2015-10-15 23:09 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2015-10-29 00:08 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2015-10-26 22:55 - 2015-06-05 16:22 - 00001440 _____ C:\WINDOWS\Synaptics.log 2015-10-26 22:49 - 2015-06-05 16:44 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo 2015-10-26 17:03 - 2015-10-12 22:01 - 00000000 ____D C:\Users\Huber\AppData\Local\VirtualStore 2015-10-26 16:40 - 2015-10-12 22:00 - 00000000 ____D C:\Users\Huber 2015-10-26 15:56 - 2015-10-14 17:26 - 672141910 _____ C:\WINDOWS\MEMORY.DMP 2015-10-26 15:56 - 2015-10-14 17:26 - 00000000 ____D C:\WINDOWS\Minidump 2015-10-25 12:09 - 2015-10-13 09:21 - 00000000 ____D C:\Program Files\Common Files\Apple 2015-10-25 12:07 - 2015-07-30 22:50 - 00000178 _____ C:\WINDOWS\setuperr.log 2015-10-22 22:57 - 2015-06-05 16:54 - 00000000 ____D C:\ProgramData\Office2013 2015-10-22 22:56 - 2015-10-12 22:05 - 00002421 _____ C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-10-22 22:56 - 2015-10-12 22:05 - 00000000 ___RD C:\Users\Huber\OneDrive ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-10-26 16:40 - 2015-10-26 16:40 - 0000777 _____ () C:\Users\Huber\AppData\Local\recently-used.xbel 2015-10-12 21:19 - 2015-10-12 21:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Einige Dateien in TEMP: ==================== C:\Users\Huber\AppData\Local\Temp\avgnt.exe C:\Users\Huber\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvwfgcy.dll C:\Users\Huber\AppData\Local\Temp\LenovoExperienceImprovement.exe C:\Users\Huber\AppData\Local\Temp\McCSPInstall.dll C:\Users\Huber\AppData\Local\Temp\mccspuninstall.exe C:\Users\Huber\AppData\Local\Temp\nls-checker-xp.exe C:\Users\Huber\AppData\Local\Temp\nls-smart-installer-xp.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-11-19 21:24 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version:20-11-2015
durchgeführt von Huber (2015-11-21 18:31:12)
Gestartet von C:\Users\Huber\Desktop
Start-Modus: Normal
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\01 - File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\03 - Documents.lnk -> C:\Users\Huber\Documents ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\04 - Downloads.lnk -> C:\Users\Huber\Downloads ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\05 - Music.lnk -> C:\Users\Huber\Music ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\06 - Pictures.lnk -> C:\Users\Huber\Pictures ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\07 - Videos.lnk -> C:\Users\Huber\Videos ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\10 - UserProfile.lnk -> C:\Users\Huber ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}\SC_Reader.ico (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}\AppleSoftwareUpdateIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk -> C:\Windows\DevicesFlow\DevicesFlow.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk -> C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.8.exe (Spencer Kimball, Peter Mattis and the GIMP Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk -> C:\Windows\MiracastView\MiracastView.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk -> C:\Program Files\Microsoft Office\root\Office16\GROOVE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk -> C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk -> C:\Windows\PrintDialog\PrintDialog.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk -> C:\Program Files\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk -> C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek\Realtek HD Audio-Manager.lnk -> C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Aufzeichnungs-Manager von Skype for Business.lnk -> C:\Program Files\Microsoft Office\root\Office16\OcPubMgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Office 2016-Spracheinstellungen.lnk -> C:\Program Files\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Telemetriedashboard für Office 2016.lnk -> C:\Program Files\Microsoft Office\root\Office16\msotd.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Telemetrieprotokoll für Office 2016.lnk -> C:\Program Files\Microsoft Office\root\Office16\msoev.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Malwarebytes Anti-Malware entfernen.lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Malwarebytes Anti-Malware Notifications.lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware .lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Photo Master\Lenovo Photo Master.lnk -> C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMaster.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\Benutzerhandbücher.lnk -> C:\Program Files (x86)\Lenovo\UserGuide\UserGuide.exe (Lenovo)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\Harmony.lnk -> C:\Program Files (x86)\Lenovo\Harmony\Picks\Lenovo.HarmonyPicks.exe (Lenovo)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Messenger.lnk -> C:\Program Files (x86)\Lenovo\Lenovo Messenger\NotificationsViewHost.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\OneKey Optimizer.Lnk -> C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizer.exe (Lenovo(beijing) Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\SHAREit.lnk -> C:\Program Files (x86)\Lenovo\SHAREit\Shareit.exe (Lenovo)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\OneKey Recovery\OneKey Recovery.lnk -> C:\Program Files\Lenovo\OneKey App\OneKey Recovery\OneKey Recovery.exe (CyberLink)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Über iTunes.lnk -> C:\Program Files\iTunes\iTunes.Resources\de.lproj\About iTunes.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel Control Center.lnk -> C:\Program Files (x86)\Intel\Intel Control Center\IntelControlCenter.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Rapid Storage Technology.lnk -> C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GMATPrep\GMATPrep.lnk -> C:\Program Files (x86)\GMATPrep2012\GMATPrep.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware\Deinstallieren.lnk -> C:\Program Files\Emsisoft Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware\Emsisoft Anti-Malware.lnk -> C:\Program Files\Emsisoft Anti-Malware\a2start.exe (Emsisoft Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware\Emsisoft Homepage.lnk -> C:\Program Files\Emsisoft Anti-Malware\Emsisoft.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware\Hilfe.lnk -> C:\Program Files\Emsisoft Anti-Malware\de-de.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby\Dolby Digital Plus.lnk -> C:\Program Files\Dolby\DDP_F3\ddpf3.exe (Dolby Laboratories Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10\PowerDirector 10.lnk -> C:\Program Files\CyberLink\PowerDirector10\PDR10.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMPUTER BILD\Spionage-Stopper für Windows 10.lnk -> C:\Program Files (x86)\COMPUTER BILD Spionage-Stopper für Windows 10\COMPUTER BILD Spionage-Stopper für Windows 10.exe (pXc-coding)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Antivirus\Avira Antivirus Hilfe.lnk -> C:\Program Files (x86)\Avira\Antivirus\208\avwin.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Antivirus\Avira Antivirus starten.lnk -> C:\Program Files (x86)\Avira\Antivirus\avcenter.exe (Avira Operations GmbH & Co. KG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Antivirus\Avira im Internet.lnk -> C:\Program Files (x86)\Avira\Antivirus\weblink.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\Huber\Documents ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\Huber\Pictures ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Huber\Links\Desktop.lnk -> C:\Users\Huber\Desktop ()
Shortcut: C:\Users\Huber\Links\Downloads.lnk -> C:\Users\Huber\Downloads ()
Shortcut: C:\Users\Huber\Links\Dropbox.lnk -> C:\Users\Huber\Dropbox ()
Shortcut: C:\Users\Huber\Downloads\g95\lib\gcc-lib\i686-pc-mingw32\4.1.2\cc1.lnk -> C:\Users\Huber\Downloads\g95\lib\gcc-lib\i686-pc-mingw32\4.1.2\f951.exe ()
Shortcut: C:\Users\Huber\Desktop\IrfanView.lnk -> C:\Program Files (x86)\IrfanView\i_view32.exe (Irfan Skiljan)
Shortcut: C:\Users\Huber\Desktop\Spotify.lnk -> C:\Users\Huber\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
Shortcut: C:\Users\Huber\Desktop\Telegram.lnk -> C:\Users\Huber\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram Messenger LLP)
Shortcut: C:\Users\Huber\Desktop\Word 2016.lnk -> C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\Users\Huber\Desktop\µTorrent.lnk -> C:\Users\Huber\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Huber\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk -> C:\Users\Huber\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop\Telegram entfernen.lnk -> C:\Users\Huber\AppData\Roaming\Telegram Desktop\unins000.exe ()
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop\Telegram.lnk -> C:\Users\Huber\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram Messenger LLP)
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView 4.40.lnk -> C:\Program Files (x86)\IrfanView\i_view32.exe (Irfan Skiljan)
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView Hilfe.lnk -> C:\Program Files (x86)\IrfanView\Help\i_view32_deutsch.chm ()
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Kommandozeilen-Optionen.lnk -> C:\Program Files (x86)\IrfanView\i_options.txt ()
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Verfügbare PlugIns.lnk -> C:\Program Files (x86)\IrfanView\i_plugins.txt ()
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Verfügbare Sprachen.lnk -> C:\Program Files (x86)\IrfanView\i_languages.txt ()
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Was ist neu.lnk -> C:\Program Files (x86)\IrfanView\i_changes.txt ()
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Über IrfanView.lnk -> C:\Program Files (x86)\IrfanView\i_about.txt ()
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\SendTo\Dropbox.lnk -> C:\Users\Huber\Dropbox ()
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Shortcut: C:\Users\Huber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Spotify.lnk -> C:\Users\Huber\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
Shortcut: C:\Users\Huber\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Huber\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Huber\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Huber\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Huber\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Huber\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Huber\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Huber\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Huber\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\Users\Public\Desktop\COMPUTER BILD Spionage-Stopper für Windows 10.lnk -> C:\Program Files (x86)\COMPUTER BILD Spionage-Stopper für Windows 10\COMPUTER BILD Spionage-Stopper für Windows 10.exe (pXc-coding)
Shortcut: C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk -> C:\Program Files\Emsisoft Anti-Malware\a2start.exe (Emsisoft Ltd)
Shortcut: C:\Users\Public\Desktop\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes)
Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> -sta {C90FB8CA-3295-4462-A721-2935E83694BA}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Database Compare 2016.lnk -> C:\Program Files\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Office16\DCF\DATABASECOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Office 2016 Upload Center.lnk -> C:\Program Files\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files\Microsoft Office\Root\Office16\MSOUC.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Spreadsheet Compare 2016.lnk -> C:\Program Files\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Office16\DCF\SPREADSHEETCOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Update Manager\Intel(R) Update Manager.lnk -> C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe (Intel Corporation) -> --showui
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GMATPrep\Uninstall GMATPrep.lnk -> C:\Program Files (x86)\GMATPrep2012\uninstall.exe () -> runas
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Launcher.lnk -> C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG) -> /showMiniGui
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Huber\Desktop\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\Users\Huber\Desktop\IrfanView Thumbnails.lnk -> C:\Program Files (x86)\IrfanView\i_view32.exe (Irfan Skiljan) -> /thumbs
ShortcutWithArgument: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Harmony Picks Introduction.lnk -> C:\Program Files (x86)\Lenovo\Harmony\Picks\Lenovo.HarmonyPicks.exe (Lenovo) -> i
ShortcutWithArgument: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Harmony Settings Introduction.lnk -> C:\Program Files (x86)\Lenovo\Harmony\Setting\Lenovo.HarmonySetting.exe (Lenovo) -> i
ShortcutWithArgument: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView - Thumbnails.lnk -> C:\Program Files (x86)\IrfanView\i_view32.exe (Irfan Skiljan) -> /thumbs
ShortcutWithArgument: C:\Users\Huber\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Huber\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Huber\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Huber\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Huber\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Huber\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Huber\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Huber\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Huber\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Huber\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Huber\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Public\Desktop\Avira Launcher.lnk -> C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG) -> /showMiniGui
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL -> 0
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> hxxp://www.piriform.com/ccleaner
InternetURL: C:\Users\Default\Favorites\Lenovo\Lenovo Support.url -> hxxp://support.lenovo.com/
InternetURL: C:\Users\Default\Favorites\Lenovo\Lenovo.url -> hxxp://www.lenovo.com/
InternetURL: C:\Users\Huber\Favorites\Bing.url -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Huber\Favorites\Lenovo\Lenovo Support.url -> hxxp://support.lenovo.com/
InternetURL: C:\Users\Huber\Favorites\Lenovo\Lenovo.url -> hxxp://www.lenovo.com/
==================== Ende von Shortcut.txt =============================
Es wird immer mehr. |
|
23.11.2015, 09:31
| #8 |
| /// TB-Ausbilder | DNS-Unlocker - Wie entfernen? Wie ich sehe hast du Avira + Emsisoft installiert. Bitte nur einen aktiven Virenschutz installieren, meine Empfehlung geht da eindeutig zu Emsisoft. Da ist noch nen verwaister McAfee Treiber, den entfernen wir: Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80160 2015-02-13] (McAfee, Inc.)
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Dann bitte Neustarten ESET Online Scanner
__________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie | Spende | Lob & Kritik |
|
23.11.2015, 20:53
| #9 |
| | DNS-Unlocker - Wie entfernen?Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:22-11-2015
durchgeführt von Huber (2015-11-23 11:20:11) Run:4
Gestartet von C:\Users\Huber\Desktop
Geladene Profile: Huber & (Verfügbare Profile: Huber)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80160 2015-02-13] (McAfee, Inc.)
emptytemp:
*****************
mfeelamk => Dienst nicht gefunden.
EmptyTemp: => 96.9 MB temporäre Dateien entfernt.
Das System musste neu gestartet werden.
==== Ende von Fixlog 11:21:31 ====
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=d136d25ab463304ebc5204ffea117c4b
# end=init
# utc_time=2015-11-23 10:28:03
# local_time=2015-11-23 11:28:03 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 26851
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=d136d25ab463304ebc5204ffea117c4b
# end=updated
# utc_time=2015-11-23 10:32:10
# local_time=2015-11-23 11:32:10 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=d136d25ab463304ebc5204ffea117c4b
# engine=26851
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-11-23 07:46:41
# local_time=2015-11-23 08:46:41 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 3624270 12883373 0 0
# scanned=223439
# found=0
# cleaned=0
# scan_time=33271
|
|
24.11.2015, 11:34
| #10 |
| /// TB-Ausbilder | DNS-Unlocker - Wie entfernen? Ok, ich kann beim besten Willen nichts finden. Ich vermute, das die Werbeeinblendungen nicht direkt mit DNS Unlocker in Form eines ungewollten Add-Ins daherkommen, sondern einfach am Adblocker vorbei ausgeliefert werden.
__________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie | Spende | Lob & Kritik |
|
| Themen zu DNS-Unlocker - Wie entfernen? |
| adware, auf einmal, dns, dns unlocker, dns-unlocker, dnsunlocker, enfernen, entferne, entfernen, firefox, funktionier, funktioniert, hilfe, installier, installiert, itunes, keine programme, locker, neu, probiert, schei, standardprogramme, systems, systemsteuerung, trojaner, unbemerkt, unlocker, wie entfernen, wie entfernen?, wissen, würde |
Hybrid-Darstellung
