Windows 8: Teil eines Botnets & Trojanerbefall? - Logfiles

ThomasL · 27.11.2015, 20:11

Hi,

erstmal vielen Dank, dass es das Trojanerboard gibt. Es ist eine sehr große Hilfe

Ich bin Teil eines Botnets
Meine erste Spur: Ich bin Teil eines Botnets: Letzte Woche wollte ich XAMPP aufsetzten und der Port 80 war belegt. Skype und andere Programme waren deaktiviert. Und als ich localhost in den Browser eingetippt habe, kam diese Meldung.

Der zweite Spur: Das ich aus meinem Heimnetzwerk schon öfters von Google eine Fehlermeldung erhalten habe, leider können wir ihre Suchanfrage nicht verarbeiten, da zu viele Anfragen von ihrem Anschluss kommen. Meine Mitbewohner waren zu dieser Zeit nicht online.

Mein Laptop hat sich einen Trojaner eingefangen:
Wenn ich versuche einzelne Exe Dateien auszuführen wird oft die Installationsdatei der Free Studio Soft gestartet.

Hier ein Bespiel: ich versuche SAP zu installieren:

---> und es startet:

Dies ist der Code der FRST.txt

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:26-11-2015
durchgeführt von ThomasL 0176******29 (Administrator) auf LERCH-017638239 (27-11-2015 17:24:27)
Gestartet von C:\Users\ThomasL 0176******29\Downloads
Geladene Profile: ThomasL 0176******29 & ReportServer$SQLEXPRESS &  (Verfügbare Profile: ThomasL 0176******29 & MSSQL$SQLEXPRESS & ReportServer$SQLEXPRESS & MSSQLFDLauncher$SQLEXPRESS)
Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Softex Inc.) C:\Program Files\Lenovo\Fingerprint Manager Pro\OmniServ.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Sanford, L.P.) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
(Evolis Card Printer) C:\Program Files\Evolis Card Printer\Evolis Premium Suite\EvoPCSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS11.SQLEXPRESS\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(%CFullName%) C:\Program Files\Lenovo\Fingerprint Manager Pro\opvapp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\csisyncclient.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
() C:\Program Files\Ditto\Ditto.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Flux Software LLC) C:\Users\ThomasL 0176******29\AppData\Local\FluxSoftware\Flux\flux.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Evolis Card Printer) C:\Program Files\Evolis Card Printer\Evolis Premium Suite\PrinterManager.exe
(RescueTime, Inc.) C:\Program Files (x86)\RescueTime\RescueTime.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
() C:\Program Files (x86)\Launchy\Launchy.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung Connection Manager\ModemPnPService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(SunplusIT, Inc.) C:\Program Files (x86)\Integrated Camera\Monitor.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Joyent, Inc) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\x64\avfulsvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\Evernote.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
(Evernote) C:\Program Files (x86)\Evernote\Skitch\Skitch.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\cammute.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvchlpr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\ThomasL 0176******29\Downloads\Defogger.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [341448 2014-11-07] (Lenovo Group Limited)
HKLM\...\Run: [TpShocks] => C:\WINDOWS\system32\TpShocks.exe [382248 2013-06-20] (Lenovo.)
HKLM\...\Run: [LnvMobHotspotClient] => C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [939976 2015-02-20] (Lenovo)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-09-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [PasswordManager] => C:\Program Files\Lenovo\Password Manager\password_manager.exe [1792800 2014-10-21] (Lenovo Group Limited)
HKLM\...\Run: [LMCSSTART1] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [30152 2015-03-23] (Lenovo Corporation)
HKLM\...\Run: [LMCSSTART2] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [30152 2015-03-23] (Lenovo Corporation)
HKLM\...\Run: [LMCSSTART3] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [30152 2015-03-23] (Lenovo Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2823848 2015-02-05] (Synaptics Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-07-26] (Intel Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-09-24] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Blackcomb] => C:\Program Files (x86)\Samsung Connection Manager\ModemPnPService.exe [131072 2011-02-11] (Samsung Electronics.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [788176 2015-11-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [MMReminderService] => C:\Program Files (x86)\Mindjet\MindManager 8\MMReminderService.exe [38240 2009-12-18] (Mindjet)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [DLSService] => "C:\Program Files (x86)\DYMO\DYMO Label Software\DLSService.exe"
HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1723040 2014-09-01] (SunplusIT, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2292912 2015-09-17] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\Run: [Ditto] => C:\Program Files\Ditto\Ditto.exe [1717872 2012-11-08] ()
HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google)
HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\Run: [f.lux] => C:\Users\ThomasL 0176******29\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\Run: [DymoQuickPrint] => C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe [1867056 2014-03-20] (Sanford, L.P.)
HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe /start
HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\Run: [Google Update] => C:\Users\ThomasL 0176******29\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-03-25] (Google Inc.)
HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\Run: [Dropbox Update] => C:\Users\ThomasL 0176******29\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-28] (Dropbox, Inc.)
HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [48145024 2015-10-14] (Skype Technologies S.A.)
HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\Run: [GoogleChromeAutoLaunch_67ACB60E01AFF1F32402F0B6E8BE28E0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-11-07] (Google Inc.)
HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\Run: [Skitch] => C:\Program Files (x86)\Evernote\Skitch\Skitch.exe [4863296 2015-04-30] (Evernote)
HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\MountPoints2: {7bf58adc-47b4-11e4-8250-5c514f78ade2} - "D:\AutoInstaller.exe" 
HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\MountPoints2: {7bf58d0d-47b4-11e4-8250-5c514f78ade2} - "D:\AutoInstaller.exe" 
HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Ditto] => C:\Program Files\Ditto\Ditto.exe [1717872 2012-11-08] ()
HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google)
HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [f.lux] => C:\Users\ThomasL 0176******29\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DymoQuickPrint] => C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe [1867056 2014-03-20] (Sanford, L.P.)
HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe /start
HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\ThomasL 0176******29\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-03-25] (Google Inc.)
HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dropbox Update] => C:\Users\ThomasL 0176******29\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-28] (Dropbox, Inc.)
HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [48145024 2015-10-14] (Skype Technologies S.A.)
HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_67ACB60E01AFF1F32402F0B6E8BE28E0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-11-07] (Google Inc.)
HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skitch] => C:\Program Files (x86)\Evernote\Skitch\Skitch.exe [4863296 2015-04-30] (Evernote)
HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {7bf58adc-47b4-11e4-8250-5c514f78ade2} - "D:\AutoInstaller.exe" 
HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {7bf58d0d-47b4-11e4-8250-5c514f78ade2} - "D:\AutoInstaller.exe" 
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ThomasL 0176******29\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ThomasL 0176******29\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ThomasL 0176******29\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ThomasL 0176******29\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ThomasL 0176******29\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ThomasL 0176******29\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ThomasL 0176******29\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ThomasL 0176******29\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Evolis Printer Manager.lnk [2015-03-03]
ShortcutTarget: Evolis Printer Manager.lnk -> C:\Program Files\Evolis Card Printer\Evolis Premium Suite\PrinterManager.exe (Evolis Card Printer)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2014-09-29]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RescueTime.lnk [2014-10-12]
ShortcutTarget: RescueTime.lnk -> C:\Program Files (x86)\RescueTime\RescueTime.exe (RescueTime, Inc.)
Startup: C:\Users\ThomasL 0176******29\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-06-28]
ShortcutTarget: Dropbox.lnk -> C:\Users\ThomasL 0176******29\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\ThomasL 0176******29\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2014-10-07]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\ThomasL 0176******29\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Launchy.lnk [2014-10-07]
ShortcutTarget: Launchy.lnk -> C:\Program Files (x86)\Launchy\Launchy.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{95F65AF9-43E0-48E5-9EEC-65CE35D9B7AC}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-870434993-2128780150-3758257639-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-870434993-2128780150-3758257639-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-870434993-2128780150-3758257639-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-870434993-2128780150-3758257639-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-870434993-2128780150-3758257639-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
URLSearchHook: [S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] ACHTUNG => Standard URLSearchHook fehlt
URLSearchHook: [S-1-5-80-425977601-1203083412-1631309457-2457533047-3321749933] ACHTUNG => Standard URLSearchHook fehlt
URLSearchHook: [S-1-5-80-425977601-1203083412-1631309457-2457533047-3321749933-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] ACHTUNG => Standard URLSearchHook fehlt
URLSearchHook: [S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] ACHTUNG => Standard URLSearchHook fehlt
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-870434993-2128780150-3758257639-1001 -> DefaultScope {025A1D3D-31FF-4B79-B97D-0E9694925239} URL = 
SearchScopes: HKU\S-1-5-21-870434993-2128780150-3758257639-1001 -> {025A1D3D-31FF-4B79-B97D-0E9694925239} URL = 
SearchScopes: HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {025A1D3D-31FF-4B79-B97D-0E9694925239} URL = 
SearchScopes: HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {025A1D3D-31FF-4B79-B97D-0E9694925239} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-10-13] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-09-29] (LastPass)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO: Kein Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> Keine Datei
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2015-10-13] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: CmjBrowserHelperObject Object -> {6FE6A929-59D1-4763-91AD-29B61CFFB35B} -> C:\Program Files (x86)\Mindjet\MindManager 8\Mm8InternetExplorer.dll [2009-12-18] (Mindjet)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-10-06] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-09-03] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-09-29] (LastPass)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-06] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-09-29] (LastPass)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-09-29] (LastPass)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-11-11] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\ThomasL 0176******29\AppData\Roaming\Mozilla\Firefox\Profiles\caouhisc.default
FF NetworkProxy: "autoconfig_url", "https://www.bibliothek.fhws.de/proxy.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-09-29] (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-11-11] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin-x32: @dymo.com/DymoLabelFramework -> C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll [2014-03-20] ( Sanford L.P.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-07-26] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-07-26] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-06] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll [2014-09-29] (LastPass)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2014-11-11] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF Plugin HKU\S-1-5-21-870434993-2128780150-3758257639-1001: @citrixonline.com/appdetectorplugin -> C:\Users\ThomasL 0176******29\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-11-10] (Citrix Online)
FF Plugin HKU\S-1-5-21-870434993-2128780150-3758257639-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\ThomasL 0176******29\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-870434993-2128780150-3758257639-1001: @talk.google.com/O1DPlugin -> C:\Users\ThomasL 0176******29\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-870434993-2128780150-3758257639-1001: @tools.google.com/Google Update;version=3 -> C:\Users\ThomasL 0176******29\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-870434993-2128780150-3758257639-1001: @tools.google.com/Google Update;version=9 -> C:\Users\ThomasL 0176******29\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @citrixonline.com/appdetectorplugin -> C:\Users\ThomasL 0176******29\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-11-10] (Citrix Online)
FF Plugin HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/GoogleTalkPlugin -> C:\Users\ThomasL 0176******29\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/O1DPlugin -> C:\Users\ThomasL 0176******29\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\ThomasL 0176******29\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\ThomasL 0176******29\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\ThomasL 0176******29\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\ThomasL 0176******29\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF SearchPlugin: C:\Users\ThomasL 0176******29\AppData\Roaming\Mozilla\Firefox\Profiles\caouhisc.default\searchplugins\youtube-videosuche.xml [2015-02-28]
FF SearchPlugin: C:\Users\ThomasL 0176******29\AppData\Roaming\Mozilla\Firefox\Profiles\caouhisc.default\searchplugins\youtube.xml [2014-11-01]
FF Extension: Web Developer - C:\Users\ThomasL 0176******29\AppData\Roaming\Mozilla\Firefox\Profiles\caouhisc.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2015-05-30]
FF Extension: Live HTTP headers - C:\Users\ThomasL 0176******29\AppData\Roaming\Mozilla\Firefox\Profiles\caouhisc.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2015-06-15]
FF Extension: Thumbnail Zoom Plus - C:\Users\ThomasL 0176******29\AppData\Roaming\Mozilla\Firefox\Profiles\caouhisc.default\extensions\thumbnailZoom@dadler.github.com.xpi [2015-07-29]
FF Extension: MozBar - C:\Users\ThomasL 0176******29\AppData\Roaming\Mozilla\Firefox\Profiles\caouhisc.default\extensions\toolbar@seomoz.org.xpi [2015-09-12]
FF Extension: LastPass - C:\Users\ThomasL 0176******29\AppData\Roaming\Mozilla\Firefox\Profiles\caouhisc.default\extensions\support@lastpass.com [2015-09-26]
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2015-10-18] [ist nicht signiert]
FF Extension: NoScript - C:\Users\ThomasL 0176******29\AppData\Roaming\Mozilla\Firefox\Profiles\caouhisc.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-11-24]
FF Extension: Avira Browser Safety - C:\Users\ThomasL 0176******29\AppData\Roaming\Mozilla\Firefox\Profiles\caouhisc.default\Extensions\abs@avira.com [2015-10-23] [ist nicht signiert]
FF Extension: Kein Name - C:\Users\ThomasL 0176******29\AppData\Roaming\Mozilla\Firefox\Profiles\caouhisc.default\Extensions\colorPicker@colorPicker.xpi [2015-05-28] [ist nicht signiert]
FF Extension: Kein Name - C:\Users\ThomasL 0176******29\AppData\Roaming\Mozilla\Firefox\Profiles\caouhisc.default\Extensions\jid1-7m2vI7AUZN1Ovg@jetpack.xpi [2015-11-08] [ist nicht signiert]
FF Extension: Nimbus Screen Capture - editable screenshots. - C:\Users\ThomasL 0176******29\AppData\Roaming\Mozilla\Firefox\Profiles\caouhisc.default\Extensions\nimbusscreencaptureff@everhelper.me.xpi [2015-10-30]
FF Extension: FireShot - C:\Users\ThomasL 0176******29\AppData\Roaming\Mozilla\Firefox\Profiles\caouhisc.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2015-11-08]
FF Extension: ProxTube - C:\Users\ThomasL 0176******29\AppData\Roaming\Mozilla\Firefox\Profiles\caouhisc.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2015-04-09] [ist nicht signiert]
FF Extension: Video DownloadHelper - C:\Users\ThomasL 0176******29\AppData\Roaming\Mozilla\Firefox\Profiles\caouhisc.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30]
FF Extension: Adblock Plus - C:\Users\ThomasL 0176******29\AppData\Roaming\Mozilla\Firefox\Profiles\caouhisc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-26]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2015-09-26] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-10-27] [ist nicht signiert]
FF HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\Firefox\Extensions: [{F74D5734-46F5-4B16-96F0-1E7FBF41B750}] - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12
FF Extension: ThinkVantage Password Manager - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12 [2014-12-21] [ist nicht signiert]
FF HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [{F74D5734-46F5-4B16-96F0-1E7FBF41B750}] - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12
FF Extension: ThinkVantage Password Manager - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12 [2014-12-21] [ist nicht signiert]

Chrome: 
=======
CHR DefaultSearchKeyword: Profile 1 -> lp
CHR Session Restore: Profile 1 -> ist aktiviert.
CHR Profile: C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Präsentationen) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-15]
CHR Extension: (Google Docs) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-15]
CHR Extension: (Google Drive) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (RescueTime for Chrome™ & ChromeOS™) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bdakmnplckeopfghnlpocafcepegjeap [2015-09-15]
CHR Extension: (Web Developer) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2015-09-15]
CHR Extension: (ColorZilla) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2015-09-15]
CHR Extension: (YouTube) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Pomodoro) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjinlkmekfmkgnalpjgcjofplmgnlbfk [2015-09-15]
CHR Extension: (Google-Suche) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (iMacros for Chrome) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp [2015-09-15]
CHR Extension: (Daum Equation Editor) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dinfmiceliiomokeofbocegmacmagjhe [2015-09-15]
CHR Extension: (FB Pixel Helper) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2015-11-03]
CHR Extension: (Type Scout - Besser tippen! :)) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fedokkaolmkkoeedicihicdeppjjeamj [2015-09-15]
CHR Extension: (RegExp Tester) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fekbbmalpajhfifodaakkfeodkpigjbk [2015-09-26]
CHR Extension: (Google Tabellen) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-15]
CHR Extension: (News Feed Eradicator for Facebook) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fjcldmjmjhkklehbacihaiopjklihlgg [2015-11-08]
CHR Extension: (Page Analytics (by Google)) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fnbdnhhicmebfgdgglcdacdapkcihcoh [2015-11-17]
CHR Extension: (Google Docs Offline) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (Impactana Content Marketing Toolbar) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gidhppoakegddkkpmgoejeadomghnkie [2015-11-05]
CHR Extension: (AdBlock) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-11-24]
CHR Extension: (ScriptBlock) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hcdjknjpbnhdoabbngpmfekaecnpajba [2015-09-15]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-10-27]
CHR Extension: (Clearly) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iooicodkiihhpojmmeghjclgihfjdjhj [2015-09-15]
CHR Extension: (WhatFont) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2015-09-15]
CHR Extension: (Google Analytics Debugger) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jnkmfdileelhofjcijamephohjechhna [2015-09-15]
CHR Extension: (Silver Bird Plus (Twitter Client)) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kagejfgngcmkbaacpmcnbpkhmhoeccee [2015-09-15]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2015-11-27]
CHR Extension: (StayFocusd) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2015-09-15]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-09-15]
CHR Extension: (Scraper) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mbigbapnjcgaffohmbkdlecaccepngjd [2015-09-15]
CHR Extension: (Lightshot (Screenshot Tool)) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2015-09-15]
CHR Extension: (HTTP Headers) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mhbpoeinkhpajikalhfpjjafpfgjnmgk [2015-09-15]
CHR Extension: (Ghostery) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-09-19]
CHR Extension: (WASP.inspector: Analytics Solution Profiler) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\niaoghengfohplclhbjnjheodgkejpih [2015-09-26]
CHR Extension: (Drag & Drop Search) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\njdeknfopjeielabfoglnmbggkegcanm [2015-09-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-15]
CHR Extension: (Hover Zoom) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2015-11-27]
CHR Extension: (Buffer) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\noojglkidnpfjbincgijbaiedldjfbhh [2015-11-20]
CHR Extension: (Page Monitor) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pemhgklkefakciniebenbfclihhmmfcd [2015-10-16]
CHR Extension: (Google Mail) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-15]
CHR Profile: C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Präsentationen) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-04]
CHR Extension: (Google Docs) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-04]
CHR Extension: (Google Drive) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-11]
CHR Extension: (YouTube) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-04]
CHR Extension: (Google-Suche) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-11]
CHR Extension: (Google Tabellen) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-04]
CHR Extension: (Avira Browserschutz) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-11-11]
CHR Extension: (Google Docs Offline) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-06]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2015-11-11]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-10-04]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-04]
CHR Extension: (Google Mail) - C:\Users\ThomasL 0176******29\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-04]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-870434993-2128780150-3758257639-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\THOMAS~1\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-09-16]
CHR HKU\S-1-5-21-870434993-2128780150-3758257639-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\THOMAS~1\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-09-16]
CHR HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lpdfbkehegfmedglgemnhbnpmfmioggj] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-15] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [936544 2015-11-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-11-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-11-12] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1105952 2015-11-12] (Avira Operations GmbH & Co. KG)
R2 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [560584 2015-03-23] (Lenovo Corporation)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG)
S4 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [283296 2013-07-26] (Intel Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2797752 2015-10-13] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-10-29] (Digital Wave Ltd.)
R2 DymoPnpService; C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [33072 2014-03-20] (Sanford, L.P.)
R2 Evolis Print Center Service; C:\Program Files\Evolis Card Printer\Evolis Premium Suite\EvoPCSvc.exe [1952024 2014-12-02] (Evolis Card Printer)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-05-12] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-07-26] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [619776 2015-01-15] (Lenovo)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2023592 2015-09-25] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584632 2015-03-06] (LENOVO INCORPORATED.)
R3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [625608 2015-03-23] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [114632 2015-07-13] (Lenovo Group Limited)
R2 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [22576 2014-02-21] (Lenovo)
S3 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [480712 2015-03-23] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [469720 2015-05-12] ()
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272424 2015-08-17] (Lenovo)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S4 MSSQL$JTLWAWI; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29181272 2008-12-18] (Microsoft Corporation)
S4 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [190904 2012-06-12] (Microsoft Corporation)
S4 MSSQLFDLauncher$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe [49752 2012-02-11] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-08-13] ()
R2 omniserv; C:\Program Files\Lenovo\Fingerprint Manager Pro\OmniServ.exe [103936 2015-04-02] (Softex Inc.) [Datei ist nicht signiert]
S2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [61232 2014-12-05] (Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [328488 2014-12-05] (Lenovo Group Limited)
R2 ReportServer$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSRS11.SQLEXPRESS\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2348472 2012-06-12] (Microsoft Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [608696 2012-06-12] (Microsoft Corporation)
R3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [836176 2015-11-10] (Valve Corporation) [Datei ist nicht signiert]
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2015-09-29] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [49968 2015-01-29] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712 2015-08-13] (Intel® Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-09-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-07-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-09-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-09-23] (Avira Operations GmbH & Co. KG)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions, Inc.)
S3 C2XXCOM; C:\Windows\system32\DRIVERS\C2XXCOM76.sys [49920 2010-08-09] (Samsung Electronics)
S3 C2xxUSB; C:\Windows\system32\DRIVERS\C2xxUSB76.sys [46080 2010-11-04] (Samsung Electronics)
S3 C2xxUsbStorage; C:\Windows\system32\DRIVERS\C2xSTR76.sys [9216 2010-06-10] (Samsung Electronics)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [394520 2015-03-24] (Intel Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [199624 2014-06-06] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [77992 2013-10-04] (Intel Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R3 LnvHIDHW; C:\Windows\System32\drivers\LnvHIDHW.sys [29496 2014-04-07] (Lenovo)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [4103920 2015-08-23] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew02.sys [3507680 2014-06-18] (Intel Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R1 OMNISMI; C:\WINDOWS\SysWOW64\drivers\omnismi.sys [14776 2014-06-24] ()
S4 RsFx0200; C:\Windows\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [423128 2013-07-24] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [32936 2015-02-05] (Synaptics Incorporated)
R1 SMIDriver; C:\Windows\System32\drivers\smi.sys [19656 2015-01-29] (Windows (R) Win 7 DDK provider)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [682272 2014-09-04] (Sunplus)
S3 SWIX64; C:\Program Files (x86)\Lenovo\System Update\tvsuhd64.sys [34976 2015-06-29] (Lenovo Group Limited)
R1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102664 2014-05-19] ()
R1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25992 2014-05-19] ()
R1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [700296 2014-05-19] ()
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [206744 2013-06-20] (Windows (R) Win 7 DDK provider)
S3 vl810filter; C:\Windows\system32\DRIVERS\vl810filter.sys [17008 2011-11-17] (VIA Labs, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-11-23] ()

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-27 17:24 - 2015-11-27 17:24 - 00069002 _____ C:\Users\ThomasL 0176******29\Downloads\FRST.txt
2015-11-27 17:24 - 2015-11-27 17:24 - 00000000 ____D C:\FRST
2015-11-27 17:19 - 2015-11-27 17:19 - 00380416 _____ C:\Users\ThomasL 0176******29\Downloads\Gmer-19357.exe
2015-11-27 17:17 - 2015-11-27 17:17 - 00000000 _____ C:\Users\ThomasL 0176******29\defogger_reenable
2015-11-27 17:15 - 2015-11-27 17:15 - 02348544 _____ (Farbar) C:\Users\ThomasL 0176******29\Downloads\FRST64.exe
2015-11-27 17:15 - 2015-11-27 17:15 - 00050477 _____ C:\Users\ThomasL 0176******29\Downloads\Defogger.exe
2015-11-27 12:13 - 2015-11-27 12:13 - 00000000 ____D C:\Users\ThomasL 0176******29\Desktop\test
2015-11-27 12:12 - 2015-11-27 12:13 - 00000000 ____D C:\Users\ThomasL 0176******29\Desktop\Neuer Ordner
2015-11-25 11:54 - 2015-11-25 11:54 - 00132381 _____ C:\Users\ThomasL 0176******29\Downloads\UB5.pdf
2015-11-25 11:52 - 2015-11-25 11:52 - 00183962 _____ C:\Users\ThomasL 0176******29\Downloads\dglueb5.pdf
2015-11-25 11:52 - 2015-11-25 11:52 - 00183962 _____ C:\Users\ThomasL 0176******29\Downloads\dglueb5(1).pdf
2015-11-24 18:41 - 2015-11-24 21:44 - 11819327 _____ C:\Users\ThomasL 0176******29\Desktop\google-tag-manager.pptx
2015-11-24 17:35 - 2015-11-24 17:37 - 00000000 ____D C:\Users\ThomasL 0176******29\Desktop\sophia
2015-11-23 22:40 - 2015-11-23 22:40 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2015-11-23 21:11 - 2015-11-23 21:15 - 00000000 ____D C:\Users\ThomasL 0176******29\Desktop\download-tracking-mit-dem-google-tag-manager
2015-11-23 20:26 - 2015-11-23 20:32 - 00000000 ____D C:\Users\ThomasL 0176******29\Desktop\google-adwords-conversion-tracking
2015-11-23 18:22 - 2015-11-23 18:52 - 00010880 _____ C:\Users\ThomasL 0176******29\Downloads\Web-Analytics - Google Tag Manager (copy)-report.xlsx
2015-11-23 18:22 - 2015-11-23 18:22 - 00003878 _____ C:\Users\ThomasL 0176******29\Downloads\Web-Analytics - Google Tag Manager (copy)-report (1).xlsx
2015-11-23 16:35 - 2015-11-23 16:35 - 02115868 _____ C:\Users\ThomasL 0176******29\Desktop\google-tag-manager-praesentation.pdf
2015-11-23 16:33 - 2015-11-23 16:33 - 02115508 _____ C:\Users\ThomasL 0176******29\Desktop\präsentation-google-tag-manager.pdf
2015-11-23 14:55 - 2015-11-23 14:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2015-11-23 14:52 - 2015-11-23 15:05 - 00000000 ____D C:\xampp
2015-11-23 14:47 - 2015-11-23 14:48 - 112275208 _____ (Bitnami) C:\Users\ThomasL 0176******29\Downloads\xampp-win32-5.6.14-3-VC11-installer.exe
2015-11-23 00:10 - 2015-11-23 00:10 - 00138131 _____ C:\Users\ThomasL 0176******29\Downloads\DHL-Marke-KGKV6N5D4K.pdf
2015-11-22 21:14 - 2015-11-22 21:19 - 00000000 ____D C:\Users\ThomasL 0176******29\Desktop\Google-Analytics-Datenschutzkonform-mit-dem-Google-Tag-Manager-einbinden
2015-11-22 20:24 - 2015-11-22 20:33 - 00000000 ____D C:\Users\ThomasL 0176******29\Desktop\die_oberfläche
2015-11-22 13:46 - 2015-11-22 13:46 - 00050373 _____ C:\Users\ThomasL 0176******29\Downloads\widerruf.pdf
2015-11-20 08:42 - 2015-11-20 08:42 - 00142371 _____ C:\Users\ThomasL 0176******29\Downloads\Gründercamp15-Agenda(4).pdf
2015-11-18 16:43 - 2015-11-18 16:43 - 00142371 _____ C:\Users\ThomasL 0176******29\Downloads\Gründercamp15-Agenda(3).pdf
2015-11-18 00:23 - 2015-11-18 00:23 - 00200087 _____ C:\Users\ThomasL 0176******29\Desktop\Tag-Manager-Logo.psd
2015-11-17 22:42 - 2015-11-17 22:50 - 21469437 _____ C:\Users\ThomasL 0176******29\Desktop\download.zip
2015-11-17 22:20 - 2015-11-17 22:20 - 00099990 _____ C:\Users\ThomasL 0176******29\Desktop\Search-Replace-DB-master.zip
2015-11-17 22:20 - 2015-11-17 22:20 - 00009741 _____ C:\Users\ThomasL 0176******29\Desktop\searchreplacedb21.zip
2015-11-17 21:49 - 2015-11-17 22:03 - 00000000 ____D C:\Users\ThomasL 0176******29\Desktop\luxury-customers.com
2015-11-17 16:11 - 2015-11-17 16:11 - 01710080 _____ C:\Users\ThomasL 0176******29\Desktop\gauder_akustik.unbounce
2015-11-17 15:08 - 2015-11-17 15:15 - 00000000 ____D C:\Users\ThomasL 0176******29\Desktop\errors on dog id page
2015-11-17 15:02 - 2015-11-17 15:02 - 00003272 _____ C:\WINDOWS\System32\Tasks\DolbySelectorTask
2015-11-17 15:02 - 2015-11-17 15:02 - 00003170 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_LENOVO_MICPKEY
2015-11-17 15:02 - 2015-11-17 15:02 - 00000000 ____D C:\WINDOWS\system32\DAX2
2015-11-17 15:02 - 2015-11-17 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2015-11-17 15:02 - 2015-11-17 15:02 - 00000000 ____D C:\Program Files\Dolby Digital Plus
2015-11-17 15:02 - 2015-07-30 07:05 - 03271912 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2015-11-17 15:02 - 2015-07-30 07:05 - 03233472 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2015-11-17 15:02 - 2015-07-30 07:05 - 02984208 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2015-11-17 15:02 - 2015-07-30 07:05 - 02492152 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2015-11-17 15:02 - 2015-07-30 07:05 - 01965816 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2015-11-17 15:02 - 2015-07-30 07:05 - 01331336 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2015-11-17 15:02 - 2015-07-30 07:05 - 00447728 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2015-11-17 15:02 - 2015-07-30 07:05 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2015-11-17 15:02 - 2015-07-30 07:05 - 00327464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2015-11-17 15:02 - 2015-07-30 07:05 - 00272720 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2015-11-17 15:02 - 2015-07-30 07:05 - 00195192 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2015-11-17 15:02 - 2015-07-30 07:05 - 00151792 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2015-11-17 15:02 - 2015-07-30 07:05 - 00134208 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2015-11-17 15:02 - 2015-07-30 07:05 - 00084624 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2015-11-17 15:02 - 2015-07-30 07:02 - 07172920 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2015-11-17 15:02 - 2015-07-30 07:02 - 07096192 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2015-11-17 15:02 - 2015-07-30 07:02 - 04577024 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2015-11-17 15:02 - 2015-07-30 07:02 - 02946304 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2015-11-17 15:02 - 2015-07-30 07:02 - 02711296 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2015-11-17 15:02 - 2015-07-30 07:02 - 01759488 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2015-11-17 15:02 - 2015-07-30 07:02 - 00953728 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2015-11-17 15:02 - 2015-07-30 07:02 - 00358272 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2015-11-17 15:02 - 2015-07-30 07:02 - 00122328 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2015-11-17 15:02 - 2015-07-30 07:02 - 00023704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2015-11-17 15:02 - 2015-07-30 04:53 - 03653631 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2015-11-17 15:02 - 2015-06-24 22:41 - 00000098 _____ C:\WINDOWS\system32\Drivers\RTMICAR.DAT
2015-11-17 15:02 - 2014-02-21 13:48 - 00004904 _____ C:\WINDOWS\system32\Drivers\SAMSFPA.DAT
2015-11-17 15:02 - 2013-05-23 15:05 - 00000712 _____ C:\WINDOWS\system32\Drivers\RTMICEQ0.DAT
2015-11-17 15:01 - 2015-11-17 15:01 - 00000000 ____D C:\Program Files\Common Files\Intel
2015-11-17 15:01 - 2015-11-17 15:01 - 00000000 ____D C:\Program Files (x86)\Cisco
2015-11-17 15:01 - 2015-08-17 18:18 - 00148208 _____ (Lenovo.) C:\WINDOWS\system32\ibmpmsvc.exe
2015-11-17 15:01 - 2015-08-17 18:18 - 00072432 _____ (Lenovo.) C:\WINDOWS\system32\ibmpmctl.exe
2015-11-17 15:01 - 2015-08-17 18:18 - 00064208 _____ (Lenovo.) C:\WINDOWS\system32\Drivers\ibmpmdrv.sys
2015-11-17 15:01 - 2015-08-17 18:18 - 00042224 _____ (Lenovo.) C:\WINDOWS\system32\tpinspm.dll
2015-11-17 14:59 - 2015-11-17 15:02 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-11-17 13:52 - 2015-11-17 13:52 - 00134136 _____ C:\Users\ThomasL 0176******29\Desktop\Pruefungsplan_Datum-2.pdf
2015-11-17 12:40 - 2015-11-17 12:40 - 00000074 _____ C:\Users\ThomasL 0176******29\Desktop\Primacy – 223 - Druckbandfehler - Evolis.url
2015-11-16 16:10 - 2015-11-16 16:10 - 00027019 _____ C:\Users\ThomasL 0176******29\Downloads\d01cac41.csv
2015-11-16 16:06 - 2015-11-16 16:06 - 00032831 _____ C:\Users\ThomasL 0176******29\Downloads\d01cac41(1).sql
2015-11-16 09:48 - 2015-11-16 09:48 - 00142371 _____ C:\Users\ThomasL 0176******29\Downloads\Gründercamp15-Agenda(2).pdf
2015-11-16 09:19 - 2015-11-16 09:19 - 00691937 _____ C:\Users\ThomasL 0176******29\Downloads\05_JS_ScopeClosures.pdf
2015-11-15 10:03 - 2015-11-24 07:44 - 00000000 ____D C:\Users\ThomasL 0176******29\Desktop\dogs
2015-11-14 13:09 - 2015-11-14 13:09 - 02397788 _____ C:\Users\ThomasL 0176******29\Downloads\1516_07 - GenericsComparable(1).pdf
2015-11-14 11:12 - 2015-11-14 11:12 - 24779881 _____ C:\Users\ThomasL 0176******29\Desktop\Prog 2 bisher.pdf
2015-11-14 10:46 - 2015-11-14 10:46 - 02397788 _____ C:\Users\ThomasL 0176******29\Downloads\1516_07 - GenericsComparable.pdf
2015-11-14 10:45 - 2015-11-14 10:46 - 02763474 _____ C:\Users\ThomasL 0176******29\Downloads\1516_06 - Polymorphie2(3).pdf
2015-11-14 10:45 - 2015-11-14 10:45 - 10795204 _____ C:\Users\ThomasL 0176******29\Downloads\1516_03 - Packages.pdf
2015-11-14 10:45 - 2015-11-14 10:45 - 06270408 _____ C:\Users\ThomasL 0176******29\Downloads\1516_02 - Abstrakter Datentyp.pdf
2015-11-14 10:45 - 2015-11-14 10:45 - 02507249 _____ C:\Users\ThomasL 0176******29\Downloads\1516_04 - Exceptions.pdf
2015-11-14 10:45 - 2015-11-14 10:45 - 00938006 _____ C:\Users\ThomasL 0176******29\Downloads\1516_05 - Vererbung(1).pdf
2015-11-14 10:04 - 2015-11-14 10:04 - 00443532 _____ C:\Users\ThomasL 0176******29\Downloads\Uebung2(1).pdf
2015-11-14 09:50 - 2015-11-14 09:50 - 00443532 _____ C:\Users\ThomasL 0176******29\Downloads\Uebung2.pdf
2015-11-14 08:56 - 2015-11-14 08:56 - 02763474 _____ C:\Users\ThomasL 0176******29\Downloads\1516_06 - Polymorphie2(2).pdf
2015-11-14 08:56 - 2015-11-14 08:56 - 02763474 _____ C:\Users\ThomasL 0176******29\Downloads\1516_06 - Polymorphie2(1).pdf
2015-11-14 08:55 - 2015-11-14 08:55 - 00042396 _____ C:\Users\ThomasL 0176******29\Downloads\Uebung5.pdf
2015-11-14 08:27 - 2015-11-14 08:27 - 00000000 ____D C:\Users\ThomasL 0176******29\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-13 18:28 - 2015-11-15 17:29 - 00000000 ____D C:\Users\ThomasL 0176******29\Desktop\Million_Dollar_Bundle
2015-11-12 20:49 - 2015-11-13 23:04 - 08679359 _____ C:\Users\ThomasL 0176******29\Desktop\bearbeitetv3.psd
2015-11-12 18:44 - 2015-11-12 18:44 - 00303280 _____ C:\Users\ThomasL 0176******29\Desktop\2015-11-12_183920.psd
2015-11-12 09:04 - 2015-11-12 09:04 - 00313801 _____ C:\Users\ThomasL 0176******29\Downloads\2015-EC-01-Intro(1).pdf
2015-11-11 18:10 - 2015-11-11 18:10 - 00142371 _____ C:\Users\ThomasL 0176******29\Downloads\Gründercamp15-Agenda(1).pdf
2015-11-11 15:45 - 2015-11-11 15:45 - 00313801 _____ C:\Users\ThomasL 0176******29\Downloads\2015-EC-01-Intro.pdf
2015-11-11 15:45 - 2015-11-11 15:45 - 00142371 _____ C:\Users\ThomasL 0176******29\Downloads\Gründercamp15-Agenda.pdf
2015-11-11 15:32 - 2015-11-11 15:32 - 05286088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2015-11-11 15:20 - 2015-09-29 13:24 - 00155480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2015-11-11 15:20 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-11-11 15:20 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2015-11-11 15:20 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-11-11 15:20 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-11-11 09:06 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 09:06 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 09:06 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-11-11 09:06 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-11-11 09:06 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 09:06 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-11 09:06 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-11-11 09:06 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-11 09:06 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-11-11 09:06 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-11 09:06 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-11-11 09:06 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-11-11 09:06 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 09:06 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-11-11 09:06 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-11-11 09:06 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-11-11 09:06 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-11-11 09:06 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-11 09:06 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 09:06 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-11-11 09:06 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-11-11 09:06 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-11 09:06 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-11-11 09:06 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-11-11 09:06 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-11-11 09:06 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-11-11 09:06 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-11-11 09:06 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-11-11 09:06 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-11-11 09:06 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-11-11 09:06 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-11-11 09:06 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-11-11 09:06 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-11-11 09:06 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-11-11 09:06 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-11-11 09:06 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-11-11 09:06 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 09:06 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-11 09:06 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 09:06 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-11-11 09:06 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-11-11 09:06 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-11-11 09:06 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-11-11 09:06 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 09:06 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 09:06 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2015-11-11 09:06 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2015-11-11 09:06 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2015-11-11 09:06 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2015-11-11 09:06 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2015-11-11 09:06 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2015-11-11 09:06 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-11-11 09:06 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-11-11 09:06 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-11-11 09:06 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-11-11 09:06 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-11-11 09:06 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-11-11 09:06 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-11-11 09:06 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-11-11 09:06 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-11-11 09:06 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-11-11 09:06 - 2015-09-12 14:47 - 00414559 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-11-11 09:06 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-11-11 09:06 - 2015-09-07 17:21 - 00825856 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll
2015-11-11 09:06 - 2015-09-07 17:17 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ppcsnap.dll
2015-11-11 09:06 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-11-11 09:06 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-11-11 09:06 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-11-11 09:06 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-11-11 09:06 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-11-11 09:06 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-11-11 09:06 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-11-10 21:00 - 2015-11-10 21:01 - 00000000 ____D C:\Users\ThomasL 0176******29\AppData\Local\Citrix
2015-11-10 20:11 - 2015-11-10 20:11 - 30091776 _____ (Microsoft Corporation) C:\Users\ThomasL 0176******29\Downloads\IE10-Windows6.1-x86-de-de_b16521.exe
2015-11-10 20:02 - 2015-11-10 21:05 - 00000000 ____D C:\Users\ThomasL 0176******29\Desktop\hunde-perso.de-backup-10-11-2015
2015-11-10 15:18 - 2015-11-10 15:18 - 00000000 ____D C:\Users\ThomasL 0176******29\SAP Clients
2015-11-10 15:15 - 2015-11-10 15:15 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2015-11-10 14:46 - 2015-11-10 14:46 - 00000000 ____D C:\Program Files (x86)\SAP
2015-11-10 14:15 - 2015-11-10 14:59 - 00000000 ____D C:\Users\ThomasL 0176******29\Desktop\WIN
2015-11-10 10:36 - 2015-11-10 10:36 - 02763474 _____ C:\Users\ThomasL 0176******29\Downloads\1516_06 - Polymorphie2.pdf
2015-11-10 10:36 - 2015-11-10 10:36 - 00938006 _____ C:\Users\ThomasL 0176******29\Downloads\1516_05 - Vererbung.pdf
2015-11-10 10:33 - 2015-11-10 10:33 - 00070085 _____ C:\Users\ThomasL 0176******29\Downloads\Uebung4.pdf
2015-11-09 12:25 - 2015-11-09 12:25 - 00307500 _____ C:\Users\ThomasL 0176******29\Desktop\anleitung-kathi.pdf
2015-11-09 10:44 - 2015-11-09 10:59 - 461885536 _____ C:\Users\ThomasL 0176******29\Desktop\JavaScript Scope Chains and Closures.mp4
2015-11-07 17:29 - 2015-11-07 17:29 - 00000088 _____ C:\Users\ThomasL 0176******29\Desktop\Sour Cream (Rezept mit Bild) von katipinky - Chefkoch.de.url
2015-11-07 12:29 - 2015-11-10 09:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-05 22:36 - 2015-11-05 22:36 - 184359137 _____ C:\Users\ThomasL 0176******29\Documents\charlie-munger.zip
2015-11-05 15:17 - 2015-11-05 15:17 - 01376578 _____ C:\Users\ThomasL 0176******29\Desktop\holiday-email-marketing-landing-guide.pdf
2015-11-04 10:39 - 2015-11-04 10:39 - 00194536 ____H C:\Users\ThomasL 0176******29\Desktop\~WRL0005.tmp
2015-11-03 22:57 - 2015-11-03 22:57 - 00001354 _____ C:\Users\ThomasL 0176******29\Downloads\data(6).csv
2015-11-03 18:03 - 2015-11-03 18:03 - 00001354 _____ C:\Users\ThomasL 0176******29\Downloads\data(5).csv
2015-11-02 12:46 - 2015-11-03 00:08 - 00000000 ____D C:\thomas bilder
2015-11-01 19:56 - 2015-11-01 19:56 - 00275521 _____ C:\Users\ThomasL 0176******29\Downloads\Modulhandbuch_EC_2015-10-12.pdf
2015-11-01 12:05 - 2015-11-01 12:05 - 01318271 _____ C:\Users\ThomasL 0176******29\Downloads\Excellent-Analytics.zip
2015-11-01 12:05 - 2015-11-01 12:05 - 00000000 ____D C:\Users\ThomasL 0176******29\AppData\Roaming\Ampliofy
2015-11-01 11:28 - 2015-11-01 11:28 - 02544963 _____ C:\Users\ThomasL 0176******29\Desktop\Online Marketing » Dekonstruktion.pdf
2015-11-01 11:28 - 2015-11-01 11:28 - 00525146 _____ C:\Users\ThomasL 0176******29\Desktop\Was kostet ein Neukunde im Online Marketing_.pdf
2015-10-31 22:12 - 2015-10-31 22:12 - 00000134 _____ C:\Users\ThomasL 0176******29\Desktop\Dynamic Landing Page Content- How to Increase Conversions through Increased Relevancy - PPC Hero®.url
2015-10-28 18:10 - 2015-10-28 18:10 - 00301170 _____ C:\Users\ThomasL 0176******29\Downloads\AdWords_Bootcamp_Tag2.pdf
2015-10-28 13:02 - 2015-10-28 13:02 - 06539752 _____ (Tim Kosse) C:\Users\ThomasL 0176******29\Downloads\FileZilla_3.14.1_win64-setup.exe
2015-10-28 09:03 - 2015-10-28 09:03 - 00000000 ____D C:\ProgramData\Logitech

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-27 17:24 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2015-11-27 17:22 - 2014-10-02 17:53 - 00000000 ____D C:\Users\ThomasL 0176******29\AppData\Roaming\ClassicShell
2015-11-27 17:22 - 2014-09-16 22:00 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-870434993-2128780150-3758257639-1001
2015-11-27 17:17 - 2014-09-29 09:39 - 00000000 ____D C:\Users\ThomasL 0176******29
2015-11-27 17:03 - 2015-03-18 22:35 - 00000000 ____D C:\ProgramData\firebird
2015-11-27 17:03 - 2015-01-21 14:28 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-27 17:03 - 2014-09-30 20:03 - 00000000 ____D C:\Users\ThomasL 0176******29\AppData\Roaming\Skype
2015-11-27 17:02 - 2014-10-08 09:45 - 00000000 ____D C:\Users\ThomasL 0176******29\AppData\Roaming\Ditto
2015-11-27 17:01 - 2014-09-28 23:10 - 28736000 ___SH C:\Users\ThomasL 0176******29\Desktop\Thumbs.db
2015-11-27 17:00 - 2014-09-29 08:09 - 00000000 ____D C:\Users\ThomasL 0176******29\AppData\LocalLow\LastPass
2015-11-27 16:53 - 2015-06-09 09:27 - 00000684 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-870434993-2128780150-3758257639-1001.job
2015-11-27 16:49 - 2015-03-01 09:56 - 00000000 ____D C:\Users\ThomasL 0176******29\AppData\Local\Deployment
2015-11-27 16:45 - 2014-09-26 15:33 - 00001150 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-27 16:40 - 2015-03-25 17:05 - 00001212 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-870434993-2128780150-3758257639-1001UA.job
2015-11-27 16:32 - 2014-10-22 16:13 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-27 16:27 - 2015-06-28 09:17 - 00001316 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-870434993-2128780150-3758257639-1001UA.job
2015-11-27 15:39 - 2015-06-23 18:48 - 00000780 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-870434993-2128780150-3758257639-1001.job
2015-11-27 15:10 - 2014-09-29 10:35 - 00000000 ____D C:\Users\ThomasL 0176******29\AppData\Roaming\vlc
2015-11-27 15:08 - 2015-10-25 16:39 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-27 11:43 - 2014-09-29 15:10 - 00000000 ____D C:\Users\ThomasL 0176******29\AppData\Local\Adobe
2015-11-27 11:12 - 2014-10-10 15:18 - 02194944 ___SH C:\Users\ThomasL 0176******29\Downloads\Thumbs.db
2015-11-27 10:45 - 2014-09-26 15:33 - 00001146 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-27 09:52 - 2014-12-15 19:42 - 00000000 ____D C:\Users\ThomasL 0176******29\AppData\Local\Skitch
2015-11-27 08:54 - 2015-08-03 18:27 - 00000000 ___RD C:\Users\ThomasL 0176******29\Creative Cloud Files
2015-11-27 08:53 - 2014-10-16 18:01 - 00000000 ___RD C:\Users\ThomasL 0176******29\Google Drive
2015-11-27 08:53 - 2014-09-29 10:10 - 00000000 __RDO C:\Users\ThomasL 0176******29\OneDrive
2015-11-27 08:53 - 2014-09-16 21:55 - 00000000 __SHD C:\Users\ThomasL 0176******29\IntelGraphicsProfiles
2015-11-26 20:40 - 2015-03-25 17:05 - 00001160 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-870434993-2128780150-3758257639-1001Core.job
2015-11-26 20:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-25 21:02 - 2015-01-08 20:43 - 00189440 ___SH C:\Users\ThomasL 0176******29\Documents\Thumbs.db
2015-11-25 14:53 - 2014-10-05 23:00 - 00000000 ____D C:\Users\ThomasL 0176******29\AppData\Roaming\FileZilla
2015-11-25 14:34 - 2014-09-29 15:18 - 00000000 ___RD C:\Users\ThomasL 0176******29\Desktop\Dropbox
2015-11-25 08:45 - 2014-10-31 10:37 - 00001456 _____ C:\Users\ThomasL 0176******29\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2015-11-25 07:48 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-11-25 07:47 - 2014-11-11 10:46 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-11-25 07:09 - 2015-08-03 17:37 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-11-24 18:52 - 2014-03-18 11:04 - 02222002 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-24 18:52 - 2014-03-18 10:25 - 00940568 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-24 18:52 - 2014-03-18 10:25 - 00221500 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-24 18:52 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2015-11-24 17:27 - 2014-09-16 22:18 - 00000000 ____D C:\Users\ThomasL 0176******29\AppData\Local\CrashDumps
2015-11-24 12:45 - 2014-10-16 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-11-24 00:43 - 2015-10-04 17:41 - 00000000 ____D C:\Users\ThomasL 0176******29\Desktop\google tag manager
2015-11-23 22:53 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-11-23 22:40 - 2013-10-19 19:13 - 00034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2015-11-23 22:39 - 2013-09-29 03:04 - 00000000 ____D C:\ProgramData\Validity
2015-11-23 22:39 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-23 22:39 - 2013-08-22 15:44 - 05202064 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-11-23 21:00 - 2014-10-31 14:55 - 00018432 _____ C:\Users\ThomasL 0176******29\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-23 18:22 - 2014-09-16 21:54 - 00000000 ____D C:\Users\ThomasL 0176******29\AppData\Local\Packages
2015-11-23 16:29 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-11-22 20:37 - 2014-10-12 11:51 - 00000000 ____D C:\Users\ThomasL 0176******29\Documents\Camtasia Studio
2015-11-22 19:12 - 2014-10-05 23:10 - 00000000 ____D C:\Users\ThomasL 0176******29\AppData\Roaming\DVDVideoSoft
2015-11-21 17:20 - 2015-06-23 18:48 - 00003824 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-870434993-2128780150-3758257639-1001
2015-11-21 17:20 - 2015-06-09 09:27 - 00003728 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-870434993-2128780150-3758257639-1001
2015-11-20 14:34 - 2014-09-29 10:18 - 00000000 ____D C:\Users\ThomasL 0176******29\AppData\Roaming\Dropbox
2015-11-20 07:27 - 2015-06-28 09:17 - 00001264 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-870434993-2128780150-3758257639-1001Core.job
2015-11-19 19:11 - 2014-11-20 06:34 - 00000000 ____D C:\Users\ReportServer$SQLEXPRESS
2015-11-18 14:22 - 2015-06-10 14:52 - 00000000 ____D C:\Users\ThomasL 0176******29\Documents\eclipse
2015-11-17 20:24 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-17 20:07 - 2015-06-01 18:34 - 00000000 ____D C:\Users\ThomasL 0176******29\AppData\Local\ElevatedDiagnostics
2015-11-17 15:12 - 2015-10-04 17:42 - 00000000 ____D C:\Users\ThomasL 0176******29\Desktop\Bewerbung Canada Widerfunnel Praktikum
2015-11-17 15:02 - 2014-09-29 09:36 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-11-17 15:02 - 2013-09-29 02:55 - 00003158 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_Dolby
2015-11-17 15:02 - 2013-09-29 02:55 - 00003146 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2015-11-17 15:02 - 2013-09-29 02:54 - 00000000 ___HD C:\Program Files (x86)\Temp
2015-11-17 15:01 - 2015-07-02 22:29 - 00000000 ____D C:\Users\Packages
2015-11-17 15:01 - 2013-09-29 02:56 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-17 15:01 - 2013-09-29 02:54 - 00000000 ____D C:\ProgramData\Intel
2015-11-17 15:01 - 2013-09-29 02:52 - 00000000 ____D C:\Program Files (x86)\Intel
2015-11-17 15:00 - 2015-01-21 14:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-11-17 15:00 - 2015-01-21 14:28 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-11-17 14:59 - 2014-09-29 09:36 - 00000000 ____D C:\Program Files\Intel
2015-11-17 14:57 - 2013-08-22 16:36 - 00000000 __RSD C:\WINDOWS\Media
2015-11-17 13:57 - 2014-10-07 09:57 - 00000000 ____D C:\Users\ThomasL 0176******29\AppData\Local\Eclipse
2015-11-17 07:51 - 2015-07-08 08:46 - 00001839 _____ C:\Users\ThomasL 0176******29\AppData\Roaming\Microsoft\Windows\Start Menu\REACHit Drive.lnk
2015-11-17 07:51 - 2014-11-24 21:23 - 00000000 ____D C:\Users\ThomasL 0176******29\AppData\Local\Downloaded Installations
2015-11-17 07:51 - 2013-09-29 03:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2015-11-14 14:58 - 2015-10-17 21:21 - 00000000 ____D C:\Users\ThomasL 0176******29\Desktop\google analytics fragen
2015-11-13 18:00 - 2014-10-12 11:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RescueTime
2015-11-13 18:00 - 2014-10-12 11:08 - 00000000 ____D C:\Program Files (x86)\RescueTime
2015-11-12 18:36 - 2014-10-02 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-12 10:33 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2015-11-11 22:27 - 2015-10-27 20:17 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2015-11-11 18:04 - 2014-09-21 10:15 - 00000000 ____D C:\Users\ThomasL 0176******29\AppData\Roaming\TeamViewer
2015-11-11 15:51 - 2014-09-21 10:19 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-11 15:51 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-11 15:43 - 2014-09-21 10:19 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-11 15:32 - 2014-10-22 16:13 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-11-11 11:27 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-11-10 14:57 - 2014-09-29 18:48 - 00000000 ____D C:\WINDOWS\Minidump
2015-11-10 09:14 - 2014-09-29 15:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-09 23:20 - 2014-10-30 22:35 - 00000000 ____D C:\Users\ThomasL 0176******29\Documents\Calibre-Bibliothek
2015-11-09 23:19 - 2015-01-05 21:11 - 00000000 ____D C:\Users\ThomasL 0176******29\calibre
2015-11-07 11:15 - 2013-09-28 20:21 - 00000000 ____D C:\ProgramData\Lenovo
2015-11-07 11:14 - 2013-09-29 03:04 - 00000000 ____D C:\WINDOWS\System32\Tasks\TVT
2015-11-07 11:14 - 2013-09-29 03:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2015-11-07 11:14 - 2013-09-29 03:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-11-07 11:14 - 2013-09-29 02:51 - 00000000 ____D C:\Program Files (x86)\Lenovo
2015-11-06 12:26 - 2015-05-21 13:50 - 00000000 ____D C:\Users\ThomasL 0176******29\Desktop\dog ids
2015-11-06 11:10 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-11-05 16:50 - 2015-10-16 22:39 - 18081229 _____ C:\Users\ThomasL 0176******29\Desktop\lars-landing-page-arrow-down-dog-landing-page-mit-pfeil-nach-unten.psd
2015-11-05 12:23 - 2014-09-30 20:03 - 00000000 ____D C:\ProgramData\Skype
2015-11-03 10:28 - 2015-06-11 11:02 - 00000000 ____D C:\Users\ThomasL 0176******29\workspace1
2015-11-03 01:23 - 2013-08-22 16:38 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 01:23 - 2013-08-22 16:38 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-01 12:06 - 2014-11-20 06:37 - 00000000 ____D C:\Users\ThomasL 0176******29\AppData\Local\Microsoft_Corporation
2015-10-31 20:45 - 2015-05-15 08:26 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-10-31 12:27 - 2015-03-23 21:53 - 00192427 _____ C:\Users\ThomasL 0176******29\Desktop\Campaign Tagging Tool für Google Analytics - v140627.xlsm

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-11-21 15:15 - 2014-11-21 15:16 - 0044120 __RSH () C:\Program Files (x86)\DLS8Uninstall.log
2014-09-29 08:09 - 2014-09-29 08:09 - 15000576 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-09-16 21:55 - 2014-09-26 15:35 - 0002936 _____ () C:\Users\ThomasL 0176******29\AppData\Roaming\AbsoluteReminder.xml
2015-04-27 15:59 - 2015-05-24 18:38 - 0000132 _____ () C:\Users\ThomasL 0176******29\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-09-26 15:35 - 2014-09-26 15:35 - 0076976 _____ () C:\Users\ThomasL 0176******29\AppData\Roaming\LoJackSetup.exe
2015-04-30 13:53 - 2015-04-30 13:53 - 0001158 _____ () C:\Users\ThomasL 0176******29\AppData\Roaming\ShiftN.ini
2014-10-31 10:37 - 2015-11-25 08:45 - 0001456 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2014-10-31 14:55 - 2015-11-23 21:00 - 0018432 _____ () C:\Users\ThomasL 0176******29\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-16 21:54 - 2014-09-16 22:42 - 0000377 _____ () C:\Users\ThomasL 0176******29\AppData\Local\RegisteredPackageInformation.xml
2014-09-26 15:37 - 2014-09-26 15:37 - 6339968 _____ (Absolute Software Corp.) C:\Users\ThomasL 0176******29\AppData\Local\Setup.exe
2014-07-01 23:25 - 2014-07-01 23:25 - 0000003 _____ () C:\ProgramData\AbsoluteNotifier.txt
2014-11-20 13:48 - 2014-11-20 13:48 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-09-29 09:36 - 2014-09-29 09:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\ThomasL 0176******29\AppData\Local\Temp\avgnt.exe
C:\Users\ThomasL 0176******29\AppData\Local\Temp\deleteFile.exe
C:\Users\ThomasL 0176******29\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplpiqld.dll
C:\Users\ThomasL 0176******29\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmnvd0h.dll
C:\Users\ThomasL 0176******29\AppData\Local\Temp\RescueTimeInstaller.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-23 22:56

==================== Ende von FRST.txt ============================

ThomasL · 27.11.2015, 20:12

Dies ist der Code der Addition.txt

Code:

ATTFilter

 Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:26-11-2015
durchgeführt von ThomasL 0176******29 (2015-11-27 17:24:57)
Gestartet von C:\Users\ThomasL 0176******29\Downloads
Windows 8.1 Pro (X64) (2014-09-29 09:09:32)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-870434993-2128780150-3758257639-500 - Administrator - Disabled)
Gast (S-1-5-21-870434993-2128780150-3758257639-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-870434993-2128780150-3758257639-1005 - Limited - Enabled)
ThomasL 0176******29 (S-1-5-21-870434993-2128780150-3758257639-1001 - Administrator - Enabled) => C:\Users\ThomasL 0176******29

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
888poker (HKLM-x32\...\888poker) (Version:  - )
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.16 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.3.0.151 - Adobe Systems Incorporated)
Adobe Creative Suite 5.5 Design Premium (HKLM-x32\...\{60E59A6C-7399-495A-B85C-C829F4E59602}) (Version: 5.5 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
AdWords Editor (HKLM-x32\...\{2F474A0B-9FA1-47C4-907E-70B383865F0C}) (Version: 11.1.3 - Google)
Airfoil (HKLM-x32\...\Airfoil) (Version: 3.6.4 - Rogue Amoeba)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.37.0 - Alcor Micro Corp.)
Alcor Micro Smart Card Reader Driver (x32 Version: 1.7.37.0 - Alcor Micro Corp.) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.14.259 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bonjour-Druckdienste (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
calibre 64bit (HKLM\...\{DD84AFA7-867C-428A-8FA4-59A98AB60A1F}) (Version: 2.7.0 - Kovid Goyal)
Camtasia Studio 7 (HKLM-x32\...\{49471DB8-7F3C-42DB-89C2-AC50FA0C5290}) (Version: 7.1.0 - TechSmith Corporation)
cardPresso (HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\cardPresso) (Version: 1.4.49 - Copyright 2011-14, cardPresso, Lda)
cardPresso (HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\cardPresso) (Version: 1.4.49 - Copyright 2011-14, cardPresso, Lda)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5067 - CDBurnerXP)
Citrix Online Launcher (HKLM-x32\...\{E5F6D26D-E180-4547-A865-565EAB61000C}) (Version: 1.0.362 - Citrix)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deezer (HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\DeezerDrive) (Version: 1.0.769.677 - Deezer)
Deezer (HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\DeezerDrive) (Version: 1.0.769.677 - Deezer)
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.36.00 - Lenovo Inc.) Hidden
Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7/8 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Ditto (HKLM\...\Ditto_is1) (Version:  - Scott Brogden)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
DYMO Label v.8 (HKLM-x32\...\DYMO Label v.8) (Version: 8.5.1.1816 - Sanford, L.P.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.1.16835 - Landesfinanzdirektion Thüringen)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{70D065C3-77E5-45E9-A75C-EEB2E84EA869}) (Version: 11.0.2100.60 - Microsoft Corporation)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Evernote v. 5.9.1 (HKLM-x32\...\{5EA1DED0-5285-11E5-8AA1-0050569584E9}) (Version: 5.9.1.8742 - Evernote Corp.)
Evolis Premium Suite version 6.16.1.567 (HKLM\...\Evolis Premium Suite_is1) (Version: 6.16.1.567 - Evolis Card Printer)
Excellent Analytics (HKLM-x32\...\{F40B76C2-9996-4137-9DA1-D6E67F88C7B1}) (Version: 1.1.12 - Ampliofy)
f.lux (HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\Flux) (Version:  - )
f.lux (HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Flux) (Version:  - )
FastStone Capture 5.3 (HKLM-x32\...\FastStone Capture) (Version: 5.3 - FastStone Soft)
Fiddler (HKLM-x32\...\Fiddler2) (Version: 4.6.0.2 - Telerik)
FileZilla Client 3.14.0 (HKLM-x32\...\FileZilla Client) (Version: 3.14.0 - Tim Kosse)
FolderIco 2.0 (HKLM\...\{22C37D82-6137-40BF-8625-7A846ED65F3A}_is1) (Version:  - teorex)
Folderico 4.0 RC12 (HKLM-x32\...\Folderico) (Version: 4.0 RC12 - Shedko ( www.softq.org ))
FolderIco Cats Pack 1.0 (HKLM\...\{21F0BA4E-17C4-49A7-999D-5275100CF678}_is1) (Version: 1.0 - teorex)
FolderIco Leopard Pack 1.0 (HKLM\...\{458EFE20-042B-4EC3-B8E7-45FB7AA6720F}_is1) (Version: 1.0 - teorex)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GDR 2218 für SQL Server 2012 (KB2716442) (64-bit) (HKLM\...\KB2716442) (Version: 11.0.2218.0 - Microsoft Corporation)
GDR 3077 for SQL Server Database Services 2005 ENU (KB960089) (HKLM-x32\...\KB960089_SQL9) (Version: 9.2.3077 - Microsoft Corporation)
GDR 3077 for SQL Server Tools and Workstation Components 2005 ENU (KB960089) (HKLM-x32\...\KB960089_SQLTools9) (Version: 9.2.3077 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Drive (HKLM-x32\...\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}) (Version: 1.26.0707.2863 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GoToMeeting 7.6.0.4007 (HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\GoToMeeting) (Version: 7.6.0.4007 - CitrixOnline)
GoToMeeting 7.6.0.4007 (HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GoToMeeting) (Version: 7.6.0.4007 - CitrixOnline)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8100 - Grundlegende Software für das Gerät (HKLM\...\{4D139017-971D-45CF-B94E-26C4DC93A814}) (Version: 28.0.1321.0 - Hewlett-Packard Co.)
HP Officejet Pro 8100 Hilfe (HKLM-x32\...\{73DB9F06-C125-4A1C-A982-5801338EBE84}) (Version: 28.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
Inst5676 (Version: 8.01.42 - Softex Inc.) Hidden
Integrated Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.7.36 - SunplusIT)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1015 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.12.1688 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 19.5 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4206 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{6555226B-7295-4CFD-9D5B-9C8F394BE03A}) (Version: 4.1.41.2234 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{201B03D6-FDDA-4C70-8A15-887F5B3CE365}) (Version: 4.2.19.0 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{4c8b7360-62a2-4339-b745-41323055d0bb}) (Version: 18.20.0 - Intel Corporation)
IntelliJ IDEA 14.1.5 (HKLM-x32\...\IntelliJ IDEA 14.1.5) (Version: 141.2735.5 - JetBrains s.r.o.)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java SE Development Kit 8 Update 20 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180200}) (Version: 8.0.200.26 - Oracle Corporation)
JetBrains PhpStorm 9.0.2 (HKLM-x32\...\PhpStorm 9.0.2) (Version: 141.2462 - JetBrains s.r.o.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LastPass (Nur deinstallieren) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Launchy 2.5 (HKLM-x32\...\Launchy_21344213_is1) (Version:  - Code Jelly)
Lenovo Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.78.00 - Lenovo)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.20 - Lenovo)
Lenovo Battery Utility 2015 2.2 (HKLM-x32\...\{62D5A67D-E5CC-4D79-8998-DCFDB7750346}_is1) (Version: 2.2 - Lenovo Corp)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.36.00 - Lenovo Group Limited)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.4.0 - Lenovo)
Lenovo Fingerprint Manager Pro (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.42(x64) - Lenovo)
Lenovo Fingerprint Manager Pro (Version: 8.01.42(x64) - Lenovo) Hidden
Lenovo HID HW Radio Driver 1.0.0.58 (HKLM\...\{E5325F32-D15A-4131-B029-4A5B7609E532}_is1) (Version: 1.0.0.58 - Lenovo)
Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Peer Connect SDK (HKLM\...\{75C87855-9CBB-4892-B1A9-74C73A19CACA}_is1) (Version: 1.0.0.7 - Lenovo)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.20 - Lenovo)
Lenovo QuickControl (HKLM-x32\...\{ABA0A3F7-649E-4338-BDC9-18437D9699D6}) (Version: 2.40 - Lenovo Group Limited)
Lenovo Settings - Camera Audio (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 4.3.24.256 - Lenovo Corporation)
Lenovo Settings - Location Awareness (HKLM-x32\...\{C79D4402-E622-4922-9C02-89F9080BF081}_is1) (Version: 1.5.0.3 - Lenovo Group Limited)
Lenovo Settings Dependency Package (HKLM\...\{3694BA2E-BE31-4B7E-886B-A0B559E69D4D}_is1) (Version: 2.4.0.19 - Lenovo Group Limited)
Lenovo Settings Mobile Hotspot (HKLM\...\{42603F7D-B08D-436B-B0D8-3E2DEF1AFD41}_is1) (Version: 2.3.0.90 - Lenovo)
Lenovo Settings Service (HKLM\...\{8C6F1EBA-17F1-4481-B688-9777E63E985F}_is1) (Version: 2.4.0.9 - Lenovo Group Limited)
Lenovo Settings UMDF driver (HKLM\...\{2BDC7413-65EA-4B99-8C4B-02F11075BE6D}_is1) (Version: 1.2.0.7 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{E92E1FF1-B188-43FE-BECA-2248E227E67D}) (Version: 2.8.005.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0013 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0012.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mein Büro (HKLM-x32\...\{11CF3ABC-DFB0-47DE-B31F-71CB995A12D7}_is1) (Version: 15.0 - Buhl Data Service GmbH)
Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4771.1004 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Report Viewer 2012-Laufzeit (HKLM-x32\...\{F2C6E9F1-8F35-42A0-A9CA-E6C94D92A86C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{5973B12E-5FC1-4EF6-B63B-49C1C4AF2AAA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{D71B0094-AF8D-4842-92A9-D30AD9D113B5}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{8CB0713F-CFE0-445D-BCB2-538465860E1A}) (Version: 11.1.3128.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM\...\{90E8C2E5-198C-4923-BC06-AF13E5FA964D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Data Tools – Database Projects – Web installer entry point (HKLM-x32\...\{18558FE7-A87A-4063-9732-95E9E1420828}) (Version: 10.3.20116.0 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{519918B9-24E9-4227-B927-9DD4F0FDBD0E}) (Version: 9.00.3042.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A282A232-780C-45E2-A5E5-9B61D74DCC6E}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Integrated) - DEU (HKLM-x32\...\{B28DC16A-5394-3761-B143-450AE92516BB}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - DEU (HKLM-x32\...\{987AE03F-234A-3623-BD28-6B31FD1D3AB3}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications Design-Time 3.0 - DEU Language Pack (HKLM-x32\...\{38F74A0E-357B-336C-B614-FE59F4BC62A0}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications Design-Time 3.0 (HKLM-x32\...\{5A03C202-08B4-3F1D-9A60-A4F53EF1B636}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 - DEU Language Pack (HKLM-x32\...\{96D7B7B6-424F-3A52-8E8D-32CF2615DBD2}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 (HKLM-x32\...\{191A6F65-6878-398D-A272-EF011B80F371}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft VSS Writer für SQL Server 2012 (HKLM\...\{7647B46D-D4E6-43A5-AC9D-0BAA28C63271}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Mindjet MindManager 8 (HKLM-x32\...\{BF4DF3F7-5350-4F71-A656-F73E95D82E5F}) (Version: 8.2.328 - Mindjet)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.6.0 (x86 de)) (Version: 31.6.0 - Mozilla)
MySQL Installer (HKLM-x32\...\{75F6E420-D66F-4AE3-BBA9-9D4F610B2B86}) (Version: 1.3.6.0 - Oracle Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Panda USB Vaccine 1.0.1.4 (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version:  - Panda Security)
Paragon Backup and Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF-XChange 3 (HKLM\...\PDF-XChange 3_is1) (Version:  - Tracker Software)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.000.12 - Lenovo)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7572 - Realtek Semiconductor Corp.)
RegexBuddy 4 v.4.3.0 (HKLM\...\RegexBuddy 4) (Version: v.4.3.0 - Just Great Software)
RescueTime 2.11.2.1410 (HKLM-x32\...\{2505571C-03B3-4F9F-AC35-33F1CB4B5E9E}_is1) (Version:  - RescueTime.com)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Riot - Radical Image Optimization Tool (HKLM-x32\...\Riot) (Version:  - )
Samsung Connection Manager (HKLM-x32\...\{F3F95061-0427-4386-AB03-1556CBE52927}) (Version: 112.6 - Samsung Electronics)
Screaming Frog SEO Spider (HKLM-x32\...\Screaming Frog SEO Spider) (Version: 3.3 - Screaming Frog Ltd)
Scrivener (HKLM-x32\...\Scrivener 1730) (Version: 1730 - Literature and Latte)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.15.0 - Lenovo Group Limited)
ShiftN 4.0 (HKLM-x32\...\ShiftN_is1) (Version: 4.0 - Marcus Hebel)
Skitch (HKLM-x32\...\Skitch 2.3.2.176) (Version: 2.3.2.176 - Evernote Corp.)
Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.)
SourceTree (HKLM-x32\...\SourceTree 1.6.22) (Version: 1.6.22 - Atlassian)
SourceTree (x32 Version: 1.6.22 - Atlassian) Hidden
SQL Server 2012 BI Development Studio (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Common Files (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Documentation Components (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Full text search (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Management Studio (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Reporting Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 SQL Data Quality Common (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server-Browser für SQL Server 2012 (HKLM-x32\...\{1A4C9497-7D4B-466D-8D3A-FE0D925386DC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StepMania v5.0 beta 4 (Nur entfernen) (HKLM-x32\...\StepMania 5) (Version:  - StepMania Team)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.80.99066 - SugarSync, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.7.103 - Synaptics Incorporated)
Synaptics WBF DDK 5011 (HKLM\...\{4D70781C-36A9-4335-9568-565C6F61B5EB}) (Version: 4.5.285.0 - )
Synaptics WBF DDK 5011 (HKLM\...\{D6FED322-4EA0-48AE-A5AC-BC381D7048CF}) (Version: 4.5.285.0 - Synaptics)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
ThinkPad Pro/Ultra Dock Synaptics Firmware version 2.22.000 (HKLM-x32\...\TeslaUpdater_is1) (Version: 2.22.000 - )
ThinkPad Pro/Ultra Dock VIA Firmware version 5041 (HKLM-x32\...\VL812_is1) (Version: 5041 - )
ThinkVantage Password Manager (HKLM-x32\...\{70EE2BAA-F82A-4B8A-950E-649EFD64D5B9}) (Version: 4.70.2.0 - Lenovo Group Limited)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.77.0.26 - Lenovo)
TreeSize Free V3.3.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.3.2 - JAM Software)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM-x32\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.3042.00 - Microsoft Corporation)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
Visual Studio 2010 Prerequisites - English (HKLM\...\{53952792-BF16-300E-ADF2-E7E4367E00CF}) (Version: 10.0.40219 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
W-Fragen Tool (HKLM-x32\...\W-Fragen Tool) (Version: 2.2.0 - SEARCH ONE)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - Intel (e1dexpress) Net  (05/06/2013 12.6.51.9427) (HKLM\...\EE65D5FC2879A33F6215CCBA14A4E08712271C7E) (Version: 05/06/2013 12.6.51.9427 - Intel)
Windows-Treiberpaket - Intel Corporation (iaStorA) HDC  (07/10/2013 12.7.1.1000) (HKLM\...\46401F4452DAF88AC0AE17DCC13122D50FA7A51A) (Version: 07/10/2013 12.7.1.1000 - Intel Corporation)
Windows-Treiberpaket - Lenovo 1.67.00.02 (04/17/2013 1.67.00.02) (HKLM\...\907DA143458FE258EFEB416B946DE8DF2B87A0BA) (Version: 04/17/2013 1.67.00.02 - Lenovo)
Windows-Treiberpaket - Synaptics (SmbDrv) System  (08/08/2013 16.6.4.38) (HKLM\...\B8B0FB49BE368EB005D7A392C3F3F6EAE44D4895) (Version: 08/08/2013 16.6.4.38 - Synaptics)
Windows-Treiberpaket - Synaptics (SynTP) Mouse  (08/08/2013 16.6.4.38) (HKLM\...\18D3C88E5856BD23EE44DECE8557176A5BD3FBED) (Version: 08/08/2013 16.6.4.38 - Synaptics)
WinMerge 2.14.0 (HKLM-x32\...\WinMerge_is1) (Version: 2.14.0 - Thingamahoochie Software)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
Wireshark 1.12.4 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.4 - The Wireshark developer community, hxxp://www.wireshark.org)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.14-3 - Bitnami)
Xenu's Link Sleuth (HKLM-x32\...\Xenu's Link Sleuth) (Version: 1.3.8 - Tilman Hausherr)
Youtube Playlist Downloader (HKLM-x32\...\{8F14A454-5BD6-4CB1-9E09-7C0213ACD544}) (Version: 3.5.0.5 - YoutubeSoft)
Zoiper (HKLM-x32\...\Zoiper) (Version: 3.7 - Securax LTD)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-870434993-2128780150-3758257639-1001_Classes\CLSID\{00000001-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\ThomasL 0176******29\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-870434993-2128780150-3758257639-1001_Classes\CLSID\{00000004-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\ThomasL 0176******29\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-870434993-2128780150-3758257639-1001_Classes\CLSID\{00000005-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\ThomasL 0176******29\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-870434993-2128780150-3758257639-1001_Classes\CLSID\{00000006-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\ThomasL 0176******29\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-870434993-2128780150-3758257639-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\ThomasL 0176******29\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-870434993-2128780150-3758257639-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\ThomasL 0176******29\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-870434993-2128780150-3758257639-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\ThomasL 0176******29\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-870434993-2128780150-3758257639-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\ThomasL 0176******29\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-870434993-2128780150-3758257639-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-870434993-2128780150-3758257639-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\ThomasL 0176******29\AppData\Local\Citrix\GoToMeeting\3880\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-870434993-2128780150-3758257639-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\ThomasL 0176******29\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-870434993-2128780150-3758257639-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\ThomasL 0176******29\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-870434993-2128780150-3758257639-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-870434993-2128780150-3758257639-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\ThomasL 0176******29\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-870434993-2128780150-3758257639-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\ThomasL 0176******29\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-870434993-2128780150-3758257639-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ThomasL 0176******29\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-870434993-2128780150-3758257639-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ThomasL 0176******29\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-870434993-2128780150-3758257639-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ThomasL 0176******29\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-870434993-2128780150-3758257639-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ThomasL 0176******29\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-870434993-2128780150-3758257639-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ThomasL 0176******29\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-870434993-2128780150-3758257639-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ThomasL 0176******29\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-870434993-2128780150-3758257639-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ThomasL 0176******29\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-870434993-2128780150-3758257639-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ThomasL 0176******29\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-870434993-2128780150-3758257639-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\ThomasL 0176******29\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00152F4D-48AB-41B1-85D8-E48C22736657} - System32\Tasks\Lenovo\Lenovo Settings Power => Rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
Task: {001FF8EC-9E6B-4832-B3B6-6F0E7E0FDF7B} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {05881850-843B-42E1-8140-D6B578FA4FB9} - System32\Tasks\PMTask => C:\PROGRA~2\ThinkPad\UTILIT~1\PwmIdTsv.exe
Task: {0DFEBE3A-3AAC-4D3C-9735-991B60C24208} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {109EAF94-1D9C-4729-9912-2C74C38BB99E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated)
Task: {24BE9A37-0B57-4740-96B0-9B2EC73BB299} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {291ED0A3-8492-4373-96DE-B71074416CA9} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {299AD344-1549-4AF4-B2F2-B0B2BACBA602} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {31D353FF-33F2-4D3A-AFDF-ABE34D713BCA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {3ACCE056-BD8E-4C2E-8690-B265B6774890} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {3C26C5B7-B26A-4B56-B989-EA72D413CBB0} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
Task: {41C5CE58-858E-4159-8A50-686A85E5710E} - System32\Tasks\G2MUpdateTask-S-1-5-21-870434993-2128780150-3758257639-1001 => C:\Users\ThomasL 0176******29\AppData\Local\Citrix\GoToMeeting\4007\g2mupdate.exe [2015-11-21] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {44C77EBE-AF84-47A7-BBF9-D985C50A92FC} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-07-30] (Realtek Semiconductor)
Task: {48881947-E690-441C-B381-D6A4A90532A1} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-870434993-2128780150-3758257639-1001Core => C:\Users\ThomasL 0176******29\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-28] (Dropbox, Inc.)
Task: {4CC7E7A9-C9E4-47C7-B450-F6C260BA24E1} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-17] ()
Task: {51765030-3BAD-455B-8D51-A880D4095002} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-03-06] ()
Task: {56CCEDD6-D1DB-492A-9470-7D4FBECA605D} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-07-30] (Realtek Semiconductor)
Task: {5A2F2B23-7FB3-46BF-8B19-A5ECCEA76BE2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {7752DB49-5CB9-40FC-9F96-11BBFCB5A5BD} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-info@thomaslerch.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-09-04] (Adobe Systems Incorporated)
Task: {785E6330-4137-4F99-8326-5C78BEB15142} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {7B80219C-BBF2-445F-8119-175E62FA806C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-10-13] (Microsoft Corporation)
Task: {90EE223E-1B6A-4A09-B338-04031F5B45CD} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {98ADEE7C-1007-40A4-B8D8-79B5FB0CF466} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] ()
Task: {99B00010-5346-46CC-891B-6DF2C459C3C5} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {9FF6D65E-7B96-4F29-8326-6A8B2F3C6C50} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-11] (Microsoft Corporation)
Task: {A5ACDA2B-1861-445E-9A9F-0A20E806A725} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-870434993-2128780150-3758257639-1001 => C:\Users\ThomasL 0176******29\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [2015-08-25] (Microsoft Corporation)
Task: {A63C5C3D-CCB3-433C-AA9F-2D113FE9170A} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-08-17] (Lenovo)
Task: {AC7EB28A-95A7-4AD2-9D27-198A2969D81D} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {AC8BD3B8-132C-4697-81E2-49C4A8110F20} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {AE4A8430-40DD-47B5-A55F-22B3B2CA257B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-870434993-2128780150-3758257639-1001UA => C:\Users\ThomasL 0176******29\AppData\Local\Google\Update\GoogleUpdate.exe [2015-03-25] (Google Inc.)
Task: {AEE49064-A3A3-45C0-9A89-1BEA75542A24} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-870434993-2128780150-3758257639-1001Core => C:\Users\ThomasL 0176******29\AppData\Local\Google\Update\GoogleUpdate.exe [2015-03-25] (Google Inc.)
Task: {C17B88B9-72F5-47E7-AED8-919C791BCD99} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-07-30] (Realtek Semiconductor)
Task: {C37D9D56-80A5-4865-B07C-135A4E4AED1F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {CCE4F34D-ADFD-4F27-B5E7-44CC0B43625B} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2015-09-29] ()
Task: {CFEFCF9C-974B-4382-B1D5-4AAF0E0E84FA} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-11-11] (Lenovo)
Task: {D481F32A-AFD1-4EB5-A86E-08BA56AD3C6A} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-17] ()
Task: {D64630CB-7988-4D84-AA51-E42402F68131} - System32\Tasks\G2MUploadTask-S-1-5-21-870434993-2128780150-3758257639-1001 => C:\Users\ThomasL 0176******29\AppData\Local\Citrix\GoToMeeting\4007\g2mupload.exe [2015-11-21] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {E2D59DBD-C3EC-4A61-A7D7-9BDE219BB056} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-11-11] (Lenovo)
Task: {EC1F41C6-BE23-43AA-B9A2-17432FC02930} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-08-17] (Lenovo)
Task: {ED15B133-3DB0-4BC4-BBB7-F4F3FF3BA0FD} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-870434993-2128780150-3758257639-1001UA => C:\Users\ThomasL 0176******29\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-28] (Dropbox, Inc.)
Task: {EDB85303-0664-4E6C-8F33-93C9F1B20375} - System32\Tasks\Lenovo\Experience Improvement Logon => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2013-06-03] (Lenovo)
Task: {F4F1B658-8E90-4386-8432-9660AD9A03C5} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {FA4C9F77-BEAB-428A-A3B9-7F9E4A7CA801} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-870434993-2128780150-3758257639-1001Core.job => C:\Users\ThomasL 0176******29\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-870434993-2128780150-3758257639-1001UA.job => C:\Users\ThomasL 0176******29\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-870434993-2128780150-3758257639-1001.job => C:\Users\ThomasL 0176******29\AppData\Local\Citrix\GoToMeeting\4007\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-870434993-2128780150-3758257639-1001.job => C:\Users\ThomasL 0176******29\AppData\Local\Citrix\GoToMeeting\4007\g2mupload.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-870434993-2128780150-3758257639-1001Core.job => C:\Users\ThomasL 0176******29\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-870434993-2128780150-3758257639-1001UA.job => C:\Users\ThomasL 0176******29\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-11-11 22:02 - 2015-04-24 07:50 - 00118272 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.dll
2013-04-15 14:45 - 2013-04-15 14:45 - 00182760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-04-15 14:45 - 2013-04-15 14:45 - 00060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-06-21 14:42 - 2015-05-12 15:14 - 00469720 _____ () C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
2014-11-11 10:46 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-09-11 18:02 - 2015-09-11 18:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-09-16 13:12 - 2015-09-16 13:12 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-06-21 14:42 - 2015-05-12 15:14 - 00013016 _____ () C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
2014-11-11 22:02 - 2015-04-24 07:50 - 00118272 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2014-11-20 05:41 - 2014-11-20 05:41 - 00393376 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\AppVIsvStream64.dll
2014-10-08 09:44 - 2012-11-08 19:17 - 01717872 _____ () C:\Program Files\Ditto\Ditto.exe
2014-10-07 13:27 - 2010-04-03 13:05 - 00380928 _____ () C:\Program Files (x86)\Launchy\Launchy.exe
2015-09-11 18:01 - 2015-09-11 18:01 - 31958688 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2015-11-27 17:15 - 2015-11-27 17:15 - 00050477 _____ () C:\Users\ThomasL 0176******29\Downloads\Defogger.exe
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-11-10 15:15 - 2015-10-29 21:23 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-11-10 15:15 - 2015-10-29 21:23 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-11-10 15:15 - 2015-10-29 21:23 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-11-10 15:15 - 2015-10-29 21:23 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-11-10 15:15 - 2015-10-29 21:23 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-11-10 15:15 - 2015-10-29 21:23 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2013-09-29 02:53 - 2013-07-26 03:24 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-02-01 11:18 - 2015-02-01 11:18 - 00799232 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Networking\86865ced79f3180ebdfa736d895e5edb\Windows.Networking.ni.dll
2015-01-28 18:50 - 2015-01-28 18:50 - 00228864 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\16c3eb7650767d95d002c998d0c73eb5\Windows.Foundation.ni.dll
2015-01-28 18:50 - 2015-01-28 18:50 - 01282048 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Devices\4764145200fcd33a90ced1505892fce6\Windows.Devices.ni.dll
2015-11-27 08:53 - 2015-11-27 08:53 - 00098816 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\win32api.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00110080 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\pywintypes27.dll
2015-11-27 08:53 - 2015-11-27 08:53 - 00364544 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\pythoncom27.dll
2015-11-27 08:53 - 2015-11-27 08:53 - 00046080 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\_socket.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 01208320 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\_ssl.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00320512 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\win32com.shell.shell.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00776704 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\_hashlib.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 01176576 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\wx._core_.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00806400 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\wx._gdi_.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00816128 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\wx._windows_.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 01067008 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\wx._controls_.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00733184 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\wx._misc_.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00682496 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\pysqlite2._sqlite.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00088064 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\_ctypes.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00119808 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\win32file.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00108544 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\win32security.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00007168 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\hashobjs_ext.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00017920 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\thumbnails_ext.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00079360 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\usb_ext.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00167936 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\win32gui.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00018432 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\win32event.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00128512 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\_elementtree.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00127488 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\pyexpat.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00013824 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\common.time34.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00036864 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\_psutil_windows.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00038912 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\win32inet.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00525640 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\windows._lib_cacheinvalidation.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00011264 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\win32crypt.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00077312 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\wx._html2.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00027136 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\_multiprocessing.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00020480 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\_yappi.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00035840 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\win32process.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00686080 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\unicodedata.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00123392 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\wx._wizard.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00024064 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\win32pipe.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00010240 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\select.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00025600 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\win32pdh.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00017408 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\win32profile.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00022528 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\win32ts.pyd
2015-11-27 08:53 - 2015-11-27 08:53 - 00078848 _____ () C:\Users\ThomasL 0176******29\AppData\Local\Temp\_MEI10322\wx._animate.pyd
2015-09-16 13:12 - 2015-09-16 13:12 - 00039384 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2015-11-11 00:45 - 2015-11-07 05:36 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libglesv2.dll
2015-11-11 00:45 - 2015-11-07 05:36 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libegl.dll
2015-09-03 14:45 - 2015-09-03 14:45 - 00439304 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2015-09-03 14:45 - 2015-09-03 14:45 - 00321032 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2015-09-24 16:41 - 2015-09-24 16:41 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\locale\de_de\acrotray.deu
2014-10-07 13:27 - 2009-12-16 22:13 - 08314880 _____ () C:\Program Files (x86)\Launchy\QtGui4.dll
2014-10-07 13:27 - 2009-12-16 21:56 - 00712704 _____ () C:\Program Files (x86)\Launchy\QtNetwork4.dll
2014-10-07 13:27 - 2009-12-16 21:54 - 02236416 _____ () C:\Program Files (x86)\Launchy\QtCore4.dll
2014-10-07 13:27 - 2009-12-17 00:18 - 00233472 _____ () C:\Program Files (x86)\Launchy\imageformats\qmng4.dll
2014-10-07 13:27 - 2010-04-03 21:40 - 00081920 _____ () C:\Program Files (x86)\Launchy\plugins\calcy.dll
2014-10-07 13:27 - 2010-04-03 13:05 - 00090112 _____ () C:\Program Files (x86)\Launchy\plugins\controly.dll
2014-10-07 13:27 - 2010-04-03 13:06 - 00024064 _____ () C:\Program Files (x86)\Launchy\plugins\gcalc.dll
2014-10-07 13:27 - 2010-04-03 13:06 - 00094208 _____ () C:\Program Files (x86)\Launchy\plugins\runner.dll
2014-10-07 13:27 - 2010-04-03 13:05 - 00057344 _____ () C:\Program Files (x86)\Launchy\plugins\verby.dll
2014-10-07 13:27 - 2010-04-03 13:05 - 00122880 _____ () C:\Program Files (x86)\Launchy\plugins\weby.dll
2015-09-15 07:08 - 2015-09-15 07:08 - 40523440 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-09-15 07:08 - 2015-09-15 07:08 - 01365680 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libglesv2.dll
2015-09-15 07:08 - 2015-09-15 07:08 - 00219312 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libegl.dll
2015-09-11 15:39 - 2015-09-11 15:39 - 00124416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2015-09-11 15:39 - 2015-09-11 15:39 - 00121856 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-imslib\node_modules\ref\build\Release\binding.node
2015-09-11 15:39 - 2015-09-11 15:39 - 00122880 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-imslib\node_modules\ffi\build\Release\ffi_bindings.node
2015-09-11 15:39 - 2015-09-11 15:39 - 00188416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2015-09-11 15:39 - 2015-09-11 15:39 - 00085504 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ws\build\Release\bufferutil.node
2015-09-11 15:39 - 2015-09-11 15:39 - 00086016 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ws\build\Release\validation.node
2015-09-11 15:39 - 2015-09-11 15:39 - 00081408 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node
2015-09-03 14:45 - 2015-09-03 14:45 - 21120008 _____ () C:\Program Files (x86)\Evernote\Evernote\libcef.dll
2015-09-03 14:45 - 2015-09-03 14:45 - 00212488 _____ () C:\Program Files (x86)\Evernote\Evernote\websockets.dll
2015-09-03 14:45 - 2015-09-03 14:45 - 00988696 _____ () C:\Program Files (x86)\Evernote\Evernote\avcodec-54.dll
2015-09-03 14:45 - 2015-09-03 14:45 - 00138776 _____ () C:\Program Files (x86)\Evernote\Evernote\avutil-51.dll
2015-09-03 14:45 - 2015-09-03 14:45 - 00195096 _____ () C:\Program Files (x86)\Evernote\Evernote\avformat-54.dll
2014-12-17 23:05 - 2015-04-30 21:21 - 00011362 _____ () C:\Program Files (x86)\Evernote\Skitch\mingwm10.dll
2014-12-17 23:05 - 2015-04-30 21:21 - 00043008 _____ () C:\Program Files (x86)\Evernote\Skitch\libgcc_s_dw2-1.dll
2013-09-29 03:06 - 2015-01-22 19:18 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2013-09-29 03:06 - 2015-01-22 19:18 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2015-10-25 16:40 - 2015-10-05 17:18 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-10-25 16:40 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-10-25 16:40 - 2015-11-10 03:44 - 02541648 _____ () C:\Program Files (x86)\Steam\video.dll
2015-10-25 16:40 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-10-25 16:40 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-10-25 16:40 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-10-25 16:40 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-10-25 16:40 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-10-25 16:40 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-10-25 16:40 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-10-25 16:40 - 2015-11-10 03:44 - 00806992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-10-25 16:40 - 2015-11-03 23:00 - 00201728 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-10-25 16:40 - 2015-10-08 23:20 - 45010208 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-10-25 16:40 - 2015-09-25 00:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2015-09-25 09:26 - 2015-09-25 09:26 - 01020928 _____ () C:\Users\ThomasL 0176******29\AppData\Roaming\Mozilla\Firefox\Profiles\caouhisc.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Users\ThomasL 0176******29\Documents\Corporate Flyer Template:com.dropbox.attributes

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\fhws.de -> hxxps://ipp.fhws.de
IE trusted site: HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\fhws.de -> hxxps://ipp.fhws.de

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-870434993-2128780150-3758257639-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Lenovo\thinkdesktop.png
HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Lenovo\thinkdesktop.png
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MSSQL$JTLWAWI => 2
MSCONFIG\Services: MSSQL$SQLEXPRESS => 2
MSCONFIG\Services: MSSQLFDLauncher$SQLEXPRESS => 3
MSCONFIG\Services: MySQL57 => 3
HKLM\...\StartupApproved\StartupFolder: => "Install LastPass IE RunOnce.lnk"
HKLM\...\StartupApproved\Run: => "PasswordManager"
HKLM\...\StartupApproved\Run32: => "AdobeCS5.5ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "MMReminderService"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\StartupApproved\Run: => "DymoQuickPrint"
HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\StartupApproved\Run: => "Skitch"
HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\StartupApproved\Run: => "AirDroid 3"
HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\StartupApproved\Run: => "MySQL Notifier"
HKU\S-1-5-21-870434993-2128780150-3758257639-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "DymoQuickPrint"
HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Skitch"
HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "AirDroid 3"
HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "MySQL Notifier"
HKU\S-1-5-21-870434993-2128780150-3758257639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Steam"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{3C415506-F157-4852-AC2B-BD8FD243A8C3}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{72E6E5C1-0C40-48D5-A829-87AE559CA1DD}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{97A0AD6E-30B7-4A20-A42A-D49B18FA2D32}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{D0BDED76-64B3-4424-9957-7CBC2BFC988F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{D57B59AA-94F2-4D56-83BC-4107937C031A}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{968FDB7B-AB2E-46C0-B861-77C99803439A}] => (Allow) C:\Users\ThomasL 0176******29\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{659A4146-98A2-4089-9413-B47B6E94A089}] => (Allow) C:\Users\ThomasL 0176******29\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{496548B6-E9C3-48BA-AD43-AB05F0F93558}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A0EEF41C-B9DD-4E73-8E6D-F12A3B9D70E3}] => (Allow) LPort=2869
FirewallRules: [{2044FBC5-DDDE-4691-97EA-1A6C367E073F}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{8B6D1A9B-1F59-41DE-9450-BC59CBABA93B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{5D2F0D81-2B73-4F51-A9E5-E333804D5E35}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{9AABC533-D130-4DBA-8A2A-41B7AA8A1D41}C:\program files\ditto\ditto.exe] => (Allow) C:\program files\ditto\ditto.exe
FirewallRules: [UDP Query User{E47AD11D-4FAA-4FC9-83A0-3979C79F4E2B}C:\program files\ditto\ditto.exe] => (Allow) C:\program files\ditto\ditto.exe
FirewallRules: [{4E9FDF27-2859-40B1-A3D6-860CDEA58785}] => (Block) C:\program files\ditto\ditto.exe
FirewallRules: [{6F759BDD-26B6-4229-B222-DD42FC865250}] => (Block) C:\program files\ditto\ditto.exe
FirewallRules: [{89F1B221-4522-4FE4-9BC7-04022BACE599}] => (Allow) C:\Users\ThomasL 0176******29\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{0BAB237D-E761-4CE2-BA7E-F75293BEA310}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BF43AECF-AA74-4BE8-8830-746A622B13D8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{87E7E384-FDC6-4E3C-AFDD-267D1D1AB461}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A0CCD8B1-08BB-4FD6-A75C-3EF6CCE3529F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A24005AB-CF85-467B-B069-86292D8605C6}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{E2AA469A-BF2A-46D7-B77F-FDF7F2130BA2}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{809C34A3-42A9-4DB8-9139-5E6D06D68CF2}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{AE8EA00A-6832-4AA7-85FE-C0767044F4C5}C:\program files (x86)\airfoil\airfoil.exe] => (Allow) C:\program files (x86)\airfoil\airfoil.exe
FirewallRules: [UDP Query User{E2DB3952-84ED-4D00-B39D-AC3508A0937F}C:\program files (x86)\airfoil\airfoil.exe] => (Allow) C:\program files (x86)\airfoil\airfoil.exe
FirewallRules: [TCP Query User{BE6B319B-6856-42A9-8E56-D951CD4A6556}C:\users\thomasl 0176******29\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\thomasl 0176******29\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5CC1EC36-79E6-41DB-A575-C1FAB439085C}C:\users\thomasl 0176******29\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\thomasl 0176******29\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{4916D933-A230-4306-9735-79B680F2510D}C:\users\thomasl 0176******29\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\thomasl 0176******29\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{205E2022-0D80-4BF3-AC19-8772AB2C56BF}C:\users\thomasl 0176******29\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\thomasl 0176******29\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{EBFBC536-91CE-49AA-BCD9-1AE91447A8A3}C:\games\stepmania 5\program\stepmania.exe] => (Allow) C:\games\stepmania 5\program\stepmania.exe
FirewallRules: [UDP Query User{D78058A6-0F62-4604-866E-AA5C8E5C3274}C:\games\stepmania 5\program\stepmania.exe] => (Allow) C:\games\stepmania 5\program\stepmania.exe
FirewallRules: [TCP Query User{26F8A187-E14F-47DB-BBE0-53C5AE0B47C0}C:\games\stepmania 5\program\stepmania-sse2.exe] => (Allow) C:\games\stepmania 5\program\stepmania-sse2.exe
FirewallRules: [UDP Query User{05AE5AA2-7795-4624-9505-30B749138D35}C:\games\stepmania 5\program\stepmania-sse2.exe] => (Allow) C:\games\stepmania 5\program\stepmania-sse2.exe
FirewallRules: [TCP Query User{89A24DAA-0135-4B26-ACBA-E544098BA81F}C:\users\thomasl 0176******29\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\thomasl 0176******29\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{93783B4A-A2EE-4CD7-BE34-68D2FD45E2FE}C:\users\thomasl 0176******29\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\thomasl 0176******29\appdata\roaming\spotify\spotify.exe
FirewallRules: [{51672E63-291C-4AD8-9232-D1237F1F7A54}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [TCP Query User{755599F8-B70C-4EDF-9048-9083A9142ABB}C:\program files\eclipse\eclipse.exe] => (Allow) C:\program files\eclipse\eclipse.exe
FirewallRules: [UDP Query User{1723CDA5-B044-4BC2-B084-D05782F6EA16}C:\program files\eclipse\eclipse.exe] => (Allow) C:\program files\eclipse\eclipse.exe
FirewallRules: [{D19509DE-BE0D-48CA-9865-4F207E2DCC09}] => (Block) C:\program files\eclipse\eclipse.exe
FirewallRules: [{586726A3-710E-4872-A07F-7B83491B21B5}] => (Block) C:\program files\eclipse\eclipse.exe
FirewallRules: [{DEEEAA5B-2F62-4137-8AF6-1435D811C073}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8100\Bin\DeviceSetup.exe
FirewallRules: [{C5B00B05-02E1-4840-84E8-2A9AEF1C0DD2}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPNetworkCommunicator.exe
FirewallRules: [{922E0A60-24CA-4CF4-ABE5-F647F6E8CF33}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{6B3E32F7-A079-4AFB-BD4B-F0F649FEA36B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9A6030DB-A5ED-4244-90F1-125B08614014}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FE312450-3450-4059-B2C8-E7B25F351291}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D364B9C8-0015-47FC-A870-1AC4E4B15C53}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8184052A-025E-41E9-892F-E34FC8FF52AF}] => (Allow) D:\steamLib\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{F0082C25-26D1-4FC5-80F8-BC376E7F9E62}] => (Allow) D:\steamLib\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{A1DFCEE8-12AC-40F7-B4B3-BA994BFC004F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AC03236A-30D7-4890-8811-238F714149D3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{AF07E562-0A2F-42AC-AF06-56A6B27126E0}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [UDP Query User{06D07E05-004B-4FAB-AAF1-C44CA7522430}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [TCP Query User{EA19B028-0912-4492-B531-3DBA4E856F18}C:\program files (x86)\airfoil\airfoil.exe] => (Allow) C:\program files (x86)\airfoil\airfoil.exe
FirewallRules: [UDP Query User{03AD6354-F50D-4AC0-AA41-BFC6A035937A}C:\program files (x86)\airfoil\airfoil.exe] => (Allow) C:\program files (x86)\airfoil\airfoil.exe
FirewallRules: [TCP Query User{2060D849-DC1E-422D-A38E-A0097B48AEC2}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{155B6BB2-BE2A-4BF7-B5F2-45635B693463}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{AEA533FF-5F34-4226-BE03-F4FBDF7A7049}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{0B1B6AB2-20DF-406E-BDF1-D620DB531DF1}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{F186BA5F-2ADF-45C8-8E71-C126504637D2}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [{FE615A67-E6A1-48F0-AD8D-39358B299D0C}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [{54292D74-0AAA-47B0-A74F-BB4059313D41}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A64E1CC3-7398-4034-A996-9A77F21A3D2D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{353DDDD4-A5EB-4477-AE86-2DCF1C9DEAA2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{14B00086-DBF4-4E38-939C-A365FC905CB7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5E0A82B4-B0E1-41C7-AF88-7A8876A57230}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{507527B9-679B-4E42-9EFB-31AB795F0591}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [TCP Query User{5C09FD31-C5EC-4258-B21C-41E42AA0D713}C:\users\thomasl 0176******29\desktop\eclipse\eclipse.exe] => (Allow) C:\users\thomasl 0176******29\desktop\eclipse\eclipse.exe
FirewallRules: [UDP Query User{E14C50E9-1F19-4969-8209-8735FA292910}C:\users\thomasl 0176******29\desktop\eclipse\eclipse.exe] => (Allow) C:\users\thomasl 0176******29\desktop\eclipse\eclipse.exe
FirewallRules: [TCP Query User{675FF0AE-8C6D-48A4-B17D-8721AFAD303F}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{2851E7FF-0B84-41AD-955E-FEA90A078ACC}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{253BEEF1-8F61-4A77-8904-A7719C18A8CA}] => (Allow) C:\Program Files (x86)\Zoiper\Zoiper.exe
FirewallRules: [{A22D3E42-71BF-48B2-8803-59F9A3D5DC0E}] => (Allow) C:\Program Files (x86)\Zoiper\Zoiper.exe
FirewallRules: [TCP Query User{DBAB826F-C184-4BFD-97B8-8683776C988F}C:\program files\java\jdk1.8.0_20\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_20\bin\java.exe
FirewallRules: [UDP Query User{17F48251-84B4-4911-ABB5-EDD1D9A2BC5F}C:\program files\java\jdk1.8.0_20\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_20\bin\java.exe
FirewallRules: [TCP Query User{21CFF137-53B8-4E75-89F2-3987F710A248}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{6B30920D-A4CB-44DA-BC47-B0479B8C6E94}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{403DF144-8340-4B35-B7E8-D2FEE278587F}C:\users\thomasl 0176******29\music\eclipse\eclipse.exe] => (Allow) C:\users\thomasl 0176******29\music\eclipse\eclipse.exe
FirewallRules: [UDP Query User{1DF9D7D6-3069-4172-8904-0DA882F2ECB1}C:\users\thomasl 0176******29\music\eclipse\eclipse.exe] => (Allow) C:\users\thomasl 0176******29\music\eclipse\eclipse.exe
FirewallRules: [TCP Query User{798203C8-D1D7-4F5D-A447-577AFD24F1ED}C:\users\thomasl 0176******29\documents\eclipse\eclipse.exe] => (Allow) C:\users\thomasl 0176******29\documents\eclipse\eclipse.exe
FirewallRules: [UDP Query User{E800FC42-F2CA-47AB-80A4-E81D1E274AA9}C:\users\thomasl 0176******29\documents\eclipse\eclipse.exe] => (Allow) C:\users\thomasl 0176******29\documents\eclipse\eclipse.exe
FirewallRules: [TCP Query User{82E13FF9-A75A-4787-9D49-E82D38BDAFFA}C:\users\thomasl 0176******29\documents\eclipse\eclipse.exe] => (Allow) C:\users\thomasl 0176******29\documents\eclipse\eclipse.exe
FirewallRules: [UDP Query User{6303BB13-72F2-4BA3-91EF-BB27DBCF64A3}C:\users\thomasl 0176******29\documents\eclipse\eclipse.exe] => (Allow) C:\users\thomasl 0176******29\documents\eclipse\eclipse.exe
FirewallRules: [{7C221D1E-AA18-4386-BBAC-8A46BC45254A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D20DE9F2-D466-49B1-A864-DF59EAB96D54}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1BB7346F-B064-4C13-91CB-E3C9892490F8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{22ECF2B9-2DAC-4D44-9C20-27A6DD596532}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{D5A37A48-FBE8-4627-A2EC-2F8BA917B30B}E:\php-storm\phpstorm 9.0.2\bin\phpstorm.exe] => (Allow) E:\php-storm\phpstorm 9.0.2\bin\phpstorm.exe
FirewallRules: [UDP Query User{0623E97F-CDAD-4988-97F0-793859DE6B98}E:\php-storm\phpstorm 9.0.2\bin\phpstorm.exe] => (Allow) E:\php-storm\phpstorm 9.0.2\bin\phpstorm.exe
FirewallRules: [{5E27E5E5-0DD5-4AA7-B7AD-71FDAF77B1B5}] => (Allow) C:\Program Files (x86)\Fiddler2\Fiddler.exe
FirewallRules: [TCP Query User{E71E415B-E966-4903-AEAC-5A27A2D821DE}C:\program files (x86)\jetbrains\intellij idea 14.1.5\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea 14.1.5\bin\idea.exe
FirewallRules: [UDP Query User{1729AA32-1068-44C2-9850-DEC50E94DD61}C:\program files (x86)\jetbrains\intellij idea 14.1.5\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea 14.1.5\bin\idea.exe
FirewallRules: [{82C7034D-3A19-4C2D-936F-B9CF76407B50}] => (Allow) H:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{756EB373-2B9F-4549-9F43-D565B78FC0B3}] => (Allow) H:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7A075638-C40A-4278-909C-7421BDE8DFBA}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{C7BBD3F0-0A51-4D24-9B68-8633374ACCB5}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{8DB9CD40-17C3-43AF-A50F-373ED9CD6048}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DE23DC54-AF2D-42FC-B09F-43A6B4BB8793}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9EFE1D1A-6817-49E7-94C4-B80EF6A780C5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{54E86CCE-1749-48C0-AAE8-2876BE9049A5}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{87334A1B-B0E9-44B0-81B2-2EE386E84A19}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [UDP Query User{EF3C7277-C8A7-4B23-BED6-B45C67D42654}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{5F2ECF2B-D7CA-4151-A031-0093693F227C}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{4036B596-4D8A-44A5-A6CA-B2AA41812F08}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{DB88C88A-DC8B-40A2-9E31-E3BFD1F46C1B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{7468E1F0-F758-4538-82B5-AD2C9C99EDB4}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{DD582BEA-6124-4A1B-B2F8-B338D1400010}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{AC12C44C-F403-428E-8BED-5932833877F6}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Synaptics Pointing Device
Description: Synaptics Pointing Device
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Lenovo
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/27/2015 09:27:17 AM) (Source: Report Server Windows Service (SQLEXPRESS)) (EventID: 107) (User: )
Description: Report Server Windows Service (SQLEXPRESS) kann nicht mit der Berichtsserver-Datenbank verbunden werden.

Error: (11/26/2015 09:26:58 PM) (Source: Report Server Windows Service (SQLEXPRESS)) (EventID: 107) (User: )
Description: Report Server Windows Service (SQLEXPRESS) kann nicht mit der Berichtsserver-Datenbank verbunden werden.

Error: (11/26/2015 07:17:10 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: MSSQL$JTLWAWI8

Error: (11/26/2015 03:34:06 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{97bf99f8-ecb3-4ddf-9bd9-bacab5d10944}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (11/26/2015 03:34:06 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "WINRE_DRV" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (11/26/2015 02:34:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1109

Error: (11/26/2015 02:34:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1109

Error: (11/26/2015 02:34:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/26/2015 09:26:28 AM) (Source: Report Server Windows Service (SQLEXPRESS)) (EventID: 107) (User: )
Description: Report Server Windows Service (SQLEXPRESS) kann nicht mit der Berichtsserver-Datenbank verbunden werden.

Error: (11/25/2015 07:06:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7625


Systemfehler:
=============
Error: (11/26/2015 09:06:23 PM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR9 gefunden.

Error: (11/26/2015 04:03:42 PM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR9 gefunden.

Error: (11/26/2015 03:47:28 PM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR9 gefunden.

Error: (11/26/2015 09:26:09 AM) (Source: volsnap) (EventID: 16) (User: )
Description: Die Schattenkopien von Volume "H:" wurden verworfen, weil die Bereitsstellungaufhebung von Volume "", das einen Schattenkopiespeicher für diese Schattenkopie enthält, erzwungen wurde.

Error: (11/25/2015 07:47:48 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (11/24/2015 09:34:10 PM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR5 gefunden.

Error: (11/24/2015 09:12:06 PM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR5 gefunden.

Error: (11/24/2015 09:01:24 PM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR5 gefunden.

Error: (11/24/2015 08:57:06 PM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR5 gefunden.

Error: (11/24/2015 08:48:07 PM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR5 gefunden.


CodeIntegrity:
===================================
  Date: 2015-10-27 20:04:23.595
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-10-20 22:30:23.357
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-22 21:30:48.457
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-22 19:59:34.782
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-26 12:54:32.193
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-26 12:54:30.652
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-26 12:53:16.523
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-22 23:26:38.647
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-22 23:25:57.718
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-05 09:00:21.911
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4300U CPU @ 1.90GHz
Prozentuale Nutzung des RAM: 64%
Installierter physikalischer RAM: 8076.07 MB
Verfügbarer physikalischer RAM: 2896.5 MB
Summe virtueller Speicher: 11276.07 MB
Verfügbarer virtueller Speicher: 4410.05 MB

==================== Laufwerke ================================

Drive c: (Windows8_OS) (Fixed) (Total:98.27 GB) (Free:7.82 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (Files) (Fixed) (Total:935.1 GB) (Free:435.84 GB) NTFS
Drive f: (USB DISK) (Removable) (Total:3.73 GB) (Free:2.94 GB) FAT32
Drive g: (Back-UPs) (Fixed) (Total:438.98 GB) (Free:0.01 GB) NTFS
Drive h: (Old Files) (Fixed) (Total:488.94 GB) (Free:166.69 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 44B4F651)

Partition: GPT.

========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 6F20736B)
No partition Table on disk 1.
Disk 1 is a removable device.

========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: F477AADE)
Partition 1: (Not Active) - (Size=935.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=927.9 GB) - (Type=OF Extended)

==================== Ende von Addition.txt ============================

Dies ist der Code der

Code:

ATTFilter

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-11-27 17:50:10
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\0000003b SAMSUNG_MZ7TD128HAFV-000L1 rev.DXT05L0Q 119,24GB
Running: Gmer-19357.exe; Driver: C:\Users\THOMAS~1\AppData\Local\Temp\kwpyafod.sys


---- Kernel code sections - GMER 2.1 ----

.text    C:\WINDOWS\System32\win32k.sys!W32pServiceTable                                                                                                                                                                     fffff960000d3100 15 bytes [40, A1, F1, 01, C0, E7, 6B, ...]
.text    C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 16                                                                                                                                                                fffff960000d3110 11 bytes [00, 22, FC, FF, C0, DC, CA, ...]

---- User code sections - GMER 2.1 ----

.text    C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE[8116] C:\WINDOWS\system32\KERNEL32.DLL!CreateProcessAsUserW                                         00007ff9b8c53ca0 7 bytes JMP 00007ff9bae71338
.text    C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE[8116] C:\WINDOWS\system32\KERNEL32.DLL!CreateProcessA                                               00007ff9b8c54ab0 7 bytes JMP 00007ff9bae71230
.text    C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE[8116] C:\WINDOWS\system32\KERNEL32.DLL!CreateProcessW                                               00007ff9b8c57b30 7 bytes JMP 00007ff9bae711d8
.text    C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE[8116] C:\WINDOWS\system32\KERNEL32.DLL!WinExec                                                      00007ff9b8d2f840 5 bytes JMP 00007ff9bae71288
.text    C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE[8116] C:\WINDOWS\system32\ADVAPI32.dll!CreateProcessAsUserW                                         00007ff9ba442eb0 7 bytes JMP 00007ff9bae712e0
.text    C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE[8116] C:\WINDOWS\system32\ADVAPI32.dll!CreateProcessAsUserA                                         00007ff9ba44a240 7 bytes JMP 00007ff9bae71390
.text    C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE[8116] C:\WINDOWS\system32\OLEAUT32.dll!SysFreeString                                                00007ff9b8611720 5 bytes JMP 00007ffa7a2c03b8
.text    C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE[8116] C:\WINDOWS\system32\OLEAUT32.dll!VariantClear                                                 00007ff9b8611810 5 bytes JMP 00007ffa7a2c0478
.text    C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE[8116] C:\WINDOWS\system32\OLEAUT32.dll!SysAllocStringByteLen                                        00007ff9b8612300 5 bytes JMP 00007ffa7a2c0358
.text    C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE[8116] C:\WINDOWS\system32\OLEAUT32.dll!GetActiveObject                                              00007ff9b861c970 5 bytes JMP 00007ff9bae71180
.text    C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE[8116] C:\WINDOWS\system32\OLEAUT32.dll!VariantChangeType                                            00007ff9b8624260 10 bytes JMP 00007ffa7a2c0418
.text    C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE[8116] C:\WINDOWS\system32\OLEAUT32.dll!RegisterActiveObject                                         00007ff9b867dda0 5 bytes JMP 00007ff9bae710d0
.text    C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE[8116] C:\WINDOWS\system32\OLEAUT32.dll!RevokeActiveObject                                           00007ff9b867de00 5 bytes JMP 00007ff9bae71128
.text    C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE[8116] C:\WINDOWS\system32\SHELL32.dll!SHParseDisplayName                                            00007ff9b8dc3310 5 bytes JMP 00007ffa7a2c04d8
.text    C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE[8116] C:\WINDOWS\system32\USER32.dll!BeginPaint                                                     00007ff9ba2c1070 8 bytes JMP 00007ffa7a2c0238
.text    C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE[8116] C:\WINDOWS\system32\USER32.dll!ValidateRect                                                   00007ff9ba2c1360 8 bytes JMP 00007ffa7a2c0298
.text    C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE[8116] C:\WINDOWS\system32\USER32.dll!RegisterClipboardFormatW                                       00007ff9ba2c4b20 9 bytes JMP 00007ffa7a2c01d8
.text    C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE[8116] C:\WINDOWS\system32\USER32.dll!RegisterClipboardFormatA                                       00007ff9ba2ca950 6 bytes JMP 00007ffa7a2c0178
.text    C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE[8116] C:\WINDOWS\SYSTEM32\combase.dll!CoUninitialize                                                00007ff9ba6737d0 7 bytes JMP 00007ff9bae70c58
.text    C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE[8116] C:\WINDOWS\SYSTEM32\combase.dll!CoInitializeEx                                                00007ff9ba673d80 5 bytes JMP 00007ff9bae70c00
.text    C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE[8116] C:\WINDOWS\SYSTEM32\combase.dll!CoCreateInstance                                              00007ff9ba67d050 7 bytes JMP 00007ff9bae70d08
.text    C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE[8116] C:\WINDOWS\SYSTEM32\combase.dll!CoCreateInstanceEx                                            00007ff9ba6a1340 7 bytes JMP 00007ff9bae70cb0
.text    C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE[8116] C:\WINDOWS\SYSTEM32\combase.dll!CoGetClassObject                                              00007ff9ba6a2f00 7 bytes JMP 00007ff9bae70e10
.text    C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE[8116] C:\WINDOWS\SYSTEM32\combase.dll!CoResumeClassObjects                                          00007ff9ba6cc490 7 bytes JMP 00007ff9bae70ec0
.text    C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE[8116] C:\WINDOWS\SYSTEM32\combase.dll!CoRevokeClassObject                                           00007ff9ba6e8210 5 bytes JMP 00007ff9bae70db8
.text    C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE[8116] C:\WINDOWS\SYSTEM32\combase.dll!CoRegisterClassObject                                         00007ff9ba6ee2f0 5 bytes JMP 00007ff9bae70d60
.text    C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE[8116] C:\WINDOWS\SYSTEM32\combase.dll!CoSuspendClassObjects                                         00007ff9ba747050 6 bytes JMP 00007ff9bae70f18
.text    C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE[8116] C:\WINDOWS\SYSTEM32\combase.dll!CoGetInstanceFromFile                                         00007ff9ba7aa5d0 7 bytes JMP 00007ff9bae70e68

---- Threads - GMER 2.1 ----

Thread   C:\WINDOWS\system32\csrss.exe [7328:3892]                                                                                                                                                                           fffff9600085d2d0
---- Processes - GMER 2.1 ----

Library  C:\Program Files\Common Files\Microsoft Shared\Office15\mso.dll (*** suspicious ***) @ C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE [8116]       00007ff9903f0000
Library  C:\Program Files\Common Files\Microsoft Shared\Office15\csi.dll (*** suspicious ***) @ C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE [8116]       00007ff996540000
Library  C:\Program Files\Common Files\Microsoft Shared\OFFICE15\ACEOLEDB.DLL (*** suspicious ***) @ C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE [8116]  00007ff999210000

---- Disk sectors - GMER 2.1 ----

Disk     \Device\Harddisk0\DR0                                                                                                                                                                                               unknown MBR code

---- EOF - GMER 2.1 ----

Probleme die bei GMER auftraten:

es gab drei Fehlermeldungen: (siehe Screenshots)

Diese kam ganz am Anfang und kurz vor dem Ende

Diese kam während des Scans:

Ich habe GMER auch nochmal im abgesicherten Modus laufen lassen. Jedoch kamen hier auch wieder die gleichen Fehlermeldungen und der Code ist deutlich kürzer

Code:

ATTFilter

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-11-27 19:10:53
Windows 6.3.9600  x64 \Device\Harddisk0\DR0 -> \Device\0000003b SAMSUNG_MZ7TD128HAFV-000L1 rev.DXT05L0Q 119,24GB
Running: Gmer-19357.exe; Driver: C:\Users\THOMAS~1\AppData\Local\Temp\kwpyafod.sys


---- Threads - GMER 2.1 ----

Thread  C:\WINDOWS\system32\csrss.exe [516:540]  fffff960008eb2d0

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                    unknown MBR code

---- EOF - GMER 2.1 ----

vielen Dank für deine Hilfe und viele Grüße

Thomas L.

schrauber · 29.11.2015, 07:24

Hi,

ich muss jetzt doch kurz erstmal was zu dem Text sagen:

Warum denkt jeder zweite Normaluser hier am Board, er sei gehackt oder Teil eines Botnetzes?
Lauft Ihr auch auf der Straße rum und denkt ihr habt die seltenste, tödlichste Krankheit, die bis dato nur 2 Menschen auf dem Planeten hatten?

Hat das mit localhost schon jemals funktioniert?

Tipp:
Bei mir geht es nicht, bin ich jetzt auch Teil eines Botnetzes??

Das mit dem Setup ist völlig normal, also normal wenn man so nen Mist wie die Software von DVDVideoSoft (YoutubeToMP§Converter und Co) installiert. Dieser zerschiesst nämlich den Windows Installer, und dann kommt genau das bei rum.

Zitat:

Skype und andere Programme waren deaktiviert.

geht das genauer?

Zitat:

Der zweite Spur: Das ich aus meinem Heimnetzwerk schon öfters von Google eine Fehlermeldung erhalten habe, leider können wir ihre Suchanfrage nicht verarbeiten, da zu viele Anfragen von ihrem Anschluss kommen. Meine Mitbewohner waren zu dieser Zeit nicht online.

Hast Du ein Handy das Online geht?

Gab es schon jemals echte Funde, die mit Malware zu tun hatten?

Windows 8: Teil eines Botnets & Trojanerbefall? - Logfiles

Log-Analyse und Auswertung: Windows 8: Teil eines Botnets & Trojanerbefall? - Logfiles

Windows 8: Teil eines Botnets & Trojanerbefall? - Logfiles

hier der Zweite Teil meines Beitrages, da der Code zu lange war:

Windows 8: Teil eines Botnets & Trojanerbefall? - Logfiles

Ähnliche Themen: Windows 8: Teil eines Botnets & Trojanerbefall? - Logfiles