|
Plagegeister aller Art und deren Bekämpfung: Habe von 1und1 eine Email bekommen wegen Befall von Zeus ! Was tun ?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
18.04.2016, 21:15 | #1 |
| Habe von 1und1 eine Email bekommen wegen Befall von Zeus ! Was tun ? Hallo zusammen, ich habe heute von 1und1 eine Email bekommen das ich den Zeus auf meinem PC hätte. Email ist auch "echt". Hatte schon Kontakt mit den Leuten von 1und1. Wie krieg ich raus ob es wirklich so ist und wie kriege ich den Rechner wieder Zeus-frei ? |
18.04.2016, 22:37 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Habe von 1und1 eine Email bekommen wegen Befall von Zeus ! Was tun ? moin
__________________Und wir sollen jetzt erraten was in der Mail steht sowie welche (wie viele) Rechner mit welchen Betriebssystemen du hast und ob da auch schonmal Virenfunde zu verzeichnen waren?
__________________ |
19.04.2016, 06:01 | #3 |
| Habe von 1und1 eine Email bekommen wegen Befall von Zeus ! Was tun ? Sorry. Folgend die Mail. Rechner Laptop Lenovo mit Win7....
__________________Ihre Kundennummer: Ihre Vertragsnummer: Hinweis: Ihre Kundennummer und Ihr Name zeigen Ihnen, dass diese Nachricht von der 1&1 Telecom GmbH verschickt wurde. Sehr geehrter Herr Klug, heute erhalten Sie eine dringende Nachricht zu Ihrem 1&1 DSL-Anschluss. Unser Expertenteam hat Hinweise erhalten, dass sich auf einem Computer an Ihrem Anschluss der gefährliche Virus "Zeus" befindet. Datum und Uhrzeit des Hinweises: 2016-04-15 16:33:20 MEST Tipp: Sind mehrere Computer an Ihrem 1&1 DSL-Anschluss angeschlossen, gibt Ihnen dieses Datum einen Hinweis darauf, welcher Computer betroffen ist. Von dem Virus "Zeus" geht eine erhebliche Gefahr aus. Er spioniert gezielt Bankdaten aus und leitet sie an die Angreifer weiter. Nach und nach plündern diese mithilfe der Bankdaten die Konten ihrer Opfer aus. So stellen Sie die Sicherheit Ihres 1&1 DSL-Anschlusses und Ihrer Daten wieder her: 1.* "Zeus" von Ihrem Computer entfernen: Der Virus nimmt tiefgreifende Veränderungen im Betriebssystem des Computers vor. Ihn restlos von einem einmal befallenen Computer zu entfernen ist sehr schwierig. Nach unserer Kenntnis gibt es aktuell keine Anti-Viren-Software, die ihn zuverlässig entfernt. Daher empfehlen wir Ihnen den Computer neu zu installieren. Wir sind uns bewusst darüber, dass dies Aufwand für Sie bedeutet. Der Rat unseres Expertenteams ist dennoch eindeutig - die Gefahr, die vom "Zeus" ausgeht, rechtfertigt diesen Aufwand. Er dient Ihrer Sicherheit. 2.* Passwörter ändern: Ändern Sie anschließend alle Ihre Passwörter. Denken Sie an die Passwörter zu: - Ihrem Online-Bankingzugang - Ihrem 1&1 Control-Center - Ihren 1&1 Mailboxen - Ihrem WEB.DE, GMX-Postfach oder anderen E-Mail-Konten - Ihrem eBay-Mitglieds-Konto - Ihrem PayPal-Konto 3.* Computer künftig optimal schützen: Um Ihren Computer zukünftig vor schädlichen Viren zu schützen, empfehlen wir Ihnen die Installation einer professionellen Anti-Viren-Software, wie dem Norton 360. Das 1&1 Sicherheitspaket Norton 360 schützt Sie umfassend vor allen Gefahren des Internets - auch vor einer Neuinfektion mit dem Zeus. Es enthält drei* Lizenzen, damit Sie auf bis zu drei Computern unbeschwert im Internet surfen können. Haben Sie noch Fragen? Dann antworten Sie einfach auf diese E-Mail und belassen Sie bitte unsere Referenz [Ticket AB96905133] in Ihrer Nachricht. Oder rufen Sie uns einfach an. Wir sind gerne für Sie da. Sie erreichen uns montags bis freitags von 08:30 bis 17:00 Uhr - kostenfrei aus dem Fest- und Mobilfunknetz der 1&1 Telecom GmbH - unter: 0721 96 00 Wir freuen uns, mit Ihnen gemeinsam für einen sicheren 1&1 DSL-Anschluss zu sorgen - vielen Dank für Ihre Mitarbeit. Mit freundlichen Grüßen Ihr 1&1 Kundenservice -- 1&1 Telecom GmbH Elgendorfer Str. 57, 56410 Montabaur Amtsgericht Montabaur HRB 22331 · WEEE-Reg.-Nr. DE13470330 · Geschäftsführer: Markus Huhn, Alessandro Nava, Moritz Roth, Ludger Sieverding, Martin Witt |
19.04.2016, 08:24 | #4 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Habe von 1und1 eine Email bekommen wegen Befall von Zeus ! Was tun ? war ja klar, dass die keine Gelegenheit auslassen, um ihren Norton SPAM loszuwerden Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
19.04.2016, 08:55 | #5 |
| Habe von 1und1 eine Email bekommen wegen Befall von Zeus ! Was tun ? Nur dieses..... |
19.04.2016, 09:52 | #6 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Habe von 1und1 eine Email bekommen wegen Befall von Zeus ! Was tun ? Ja schön, was ist mit meiner anderen Frage, gab es auf diesem Rechner schonmal Virenfunde oder nicht? Wenn ja, Logs dazu?
__________________ --> Habe von 1und1 eine Email bekommen wegen Befall von Zeus ! Was tun ? |
19.04.2016, 10:22 | #7 |
| Habe von 1und1 eine Email bekommen wegen Befall von Zeus ! Was tun ? Nichts..... |
19.04.2016, 10:59 | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Habe von 1und1 eine Email bekommen wegen Befall von Zeus ! Was tun ? Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
19.04.2016, 11:46 | #9 |
| Habe von 1und1 eine Email bekommen wegen Befall von Zeus ! Was tun ? Das Log-File der FRST: Geändert von tschack666 (19.04.2016 um 11:55 Uhr) |
19.04.2016, 11:48 | #10 |
| Habe von 1und1 eine Email bekommen wegen Befall von Zeus ! Was tun ? Und das Log-File der Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-04-2016 durchgeführt von M.Klug (2016-04-19 12:40:25) Gestartet von C:\Users\M.Klug.LEISS\Desktop Windows 7 Professional Service Pack 1 (X64) (2014-11-21 18:09:26) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-3134854043-1757775680-3440901618-500 - Administrator - Disabled) Gast (S-1-5-21-3134854043-1757775680-3440901618-501 - Limited - Disabled) M.Klug (S-1-5-21-3134854043-1757775680-3440901618-1001 - Limited - Enabled) => C:\Users\M.Klug UpdatusUser (S-1-5-21-3134854043-1757775680-3440901618-1000 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Kaspersky Endpoint Security 10 für Windows (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886} AS: Kaspersky Endpoint Security 10 für Windows (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} FW: Kaspersky Endpoint Security 10 für Windows (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 3Dconnexion 3DxWare 10 (64-bit) (HKLM-x32\...\{BAFCA6AC-8B37-405B-B57E-C1D45DE70ACC}) (Version: 10.2.0 - 3Dconnexion) 3Dconnexion 3DxWinCore (Version: 17.2.0.11011 - 3Dconnexion) Hidden 3Dconnexion Add-In for AutoCAD (Version: 5.0.0 - 3Dconnexion) Hidden 3Dconnexion Add-In for Inventor 11 - 2015 (Version: 2.1.0 - 3Dconnexion) Hidden 3Dconnexion Add-In for Solid Edge V18 - ST7 (Version: 3.2.0 - 3Dconnexion) Hidden 3Dconnexion Add-In for SolidWorks 2005 - 2015 (Version: 3.2.0 - 3Dconnexion) Hidden 3Dconnexion Add-On for XSI v5.0 - 2015 (Version: 3.0.3 - 3Dconnexion) Hidden 3Dconnexion Collage (x32 Version: 1.3.0 - 3Dconnexion) Hidden 3Dconnexion Extension for SketchUp (Version: 4.1.0 - 3Dconnexion) Hidden 3Dconnexion LCD Applets for SpacePilot Pro (Version: 1.3.3 - 3Dconnexion) Hidden 3Dconnexion Plug-In for 3ds Max 2008 - 2015 (Version: 6.1.0 - 3Dconnexion) Hidden 3Dconnexion Plug-in for Acrobat 3D (x32 Version: 1.3.0 - 3Dconnexion) Hidden 3Dconnexion Plug-In for Maya v8.5 - 2015 (Version: 5.1.0 - 3Dconnexion) Hidden 3Dconnexion Plug-In for NX v4.0 - v10.0 (Version: 3.2.0 - 3Dconnexion) Hidden 3Dconnexion Plug-In for Photoshop CS3 - CS6 and CC (Version: 2.4.0 - 3Dconnexion) Hidden 3Dconnexion Plug-In for Pro/ENGINEER Wildfire 3.0 - Creo 3.0 (Version: 2.2.0 - 3Dconnexion) Hidden 3Dconnexion Trainer (x32 Version: 3.2.2 - 3Dconnexion) Hidden 64 Bit HP CIO Components Installer (Version: 18.2.4 - Hewlett-Packard) Hidden 7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.241 - Adobe Systems Incorporated) Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated) Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated) Amazon Music (HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\Amazon Amazon Music) (Version: 4.0.0.1205 - Amazon Services LLC) Capture One 8.3 (HKLM\...\CaptureOne8_is1) (Version: 8.3.4.19 - Phase One A/S) CatalystEX 4.3 for 64 Bit (HKLM\...\{F4C1316F-F96F-4982-8286-BD8FB9652636}) (Version: 4.3 - Ihr Firmenname) Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) david® Client (HKLM-x32\...\david® Client) (Version: 12.00a - Tobit.Software) Delcam Exchange 2015 R2 (64-bit) (HKLM\...\Delcam Exchange 7.9.10) (Version: 7.9.10 - Delcam) Delcam PostProcessor 2014 (64-bit) (HKLM\...\{1BD1D20C-7970-4E68-8CEE-60861AB12E4F}) (Version: 6.6.3518 - Delcam) Delcam PowerMILL 2015 (64-bit) (HKLM\...\Delcam PowerMILL 18.0.09) (Version: 18.0.09 - Delcam) Delcam PowerMILL 2016 (64-bit) (HKLM\...\Delcam PowerMILL 20.0.10) (Version: 20.0.10 - Delcam) Delcam PowerSHAPE 2016 (64-bit) (HKLM\...\Delcam PowerSHAPE16126) (Version: 16.1.26 - Delcam) Delcam PS-Tutorials 2011 R3 (64-bit) (HKLM-x32\...\Delcam PS-Tutorials11300) (Version: 11.3.00 - Delcam) Delcam Shell Extensions for PostProcessor 2014 (64-bit) (HKLM\...\{3D9482F4-FF0A-48DF-85CD-8477F079943D}) (Version: 6.6.3518 - Delcam) Delcam TrodeExtension 2014 R2 (64-bit) (HKLM\...\Delcam TrodeExtension14200) (Version: 14.2.00 - Delcam) <==== ACHTUNG Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7/8 (HKLM\...\DisableAMTPopup) (Version: 1.00 - ) DisplayLink Core Software (HKLM\...\{73CF7443-C49F-4A11-BD78-F6D691CDDB72}) (Version: 7.6.55673.0 - DisplayLink Corp.) dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 6.1.2 - CEWE Stiftung u Co. KGaA) Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc) DongleDriver (HKLM-x32\...\{CB7C7334-3D32-4F79-BAFB-79B16C4E6BEB}) (Version: 6.64.0.0 - Messerli Informatik) Dropbox (HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\Dropbox) (Version: 3.18.1 - Dropbox, Inc.) EliteCAD13ME (HKLM-x32\...\{601238EF-32E5-11D4-AF89-0000E81E0E01}) (Version: 13.0 - Messerli Informatik) EliteViewer12 (HKLM-x32\...\{A1F759AE-551E-4F05-93E3-21CA07BE9A50}) (Version: - ) ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.1.16835 - Landesfinanzdirektion Thüringen) Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.67.5 - Lenovo Group Limited) Festo - Produktkatalog (HKLM-x32\...\{85DDDA5B-B85D-4033-B1F5-52F60D709F9C}) (Version: 3.2008.805 - Festo) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden IGEMS R2015 (HKLM-x32\...\IGEMS R2015_is1) (Version: - IGEMS Software AB) Inst5676 (Version: 8.01.42 - Softex Inc.) Hidden Integrated Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.7.36 - SunplusIT) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation) Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 19.5 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1412.3) (HKLM\...\{302600C1-6BDF-4FD1-1401-148929CC1385}) (Version: 17.0.1401.0428 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.1.28 - Intel Corporation) Intel(R) WiDi (HKLM\...\{F949AE30-83D1-41B2-92D2-F44478DD058A}) (Version: 4.2.24.0 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{a9888f41-68ae-43df-bd7d-d93405a44106}) (Version: 17.13.11 - Intel Corporation) Kaspersky Endpoint Security 10 für Windows (HKLM-x32\...\{7A4192A1-84C4-4E90-A31B-B4847CA8E23A}) (Version: 10.2.2.10535 - Kaspersky Lab) Kaspersky Security Center Administrationsagent (HKLM-x32\...\InstallWIX_{2F383CB3-6D7C-449D-9874-164E49E1E0F5}) (Version: 10.2.434 - Kaspersky Lab ZAO) Kaspersky Security Center Administrationsagent (x32 Version: 10.2.434 - Kaspersky Lab ZAO) Hidden Lenovo Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.72.10 - Lenovo) Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.13 - ) Lenovo Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.1.17.0 - Lenovo) Lenovo Fingerprint Manager Pro (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.42(x64) - Lenovo) Lenovo Fingerprint Manager Pro (Version: 8.01.42(x64) - Lenovo) Hidden Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden Lenovo Peer Connect SDK (HKLM\...\{75C87855-9CBB-4892-B1A9-74C73A19CACA}_is1) (Version: 1.0.0.7 - Lenovo) Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.02 - ) Lenovo QuickControl (HKLM-x32\...\{04128C8C-7812-4DCC-816E-9C8AB1D6EECE}) (Version: 2.40 - Lenovo Group Limited) Lenovo QuickDisplay (HKLM\...\{ADEEC90C-A033-4596-ACA1-97327055F9CB}) (Version: 1.2.6.0 - Lenovo Group Limited) Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.3 - Lenovo Inc.) Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.4.0 - Lenovo Group Limited) Lenovo Solution Center (HKLM\...\{49277B39-D2E8-4342-9CE8-FC080C3FA344}) (Version: 2.8.007.00 - Lenovo Group Limited) Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0019 - Lenovo) Lenovo USB Graphics (HKLM\...\{E6B1FE9A-CB1E-4096-A0AF-163419CB971C}) (Version: 7.5.54614.0 - Lenovo) Lenovo USB3.0 to DVI VGA Monitor Adapter (HKLM-x32\...\{454D32AD-C149-49BE-9F2E-8C089C3D6620}) (Version: 1.07.17 - Lenovo) Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - Lenovo Group Limited) Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo) Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech) Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Message Center Plus (HKLM\...\{C2C2DB64-1BCE-4FA7-962D-457795ECCEC0}) (Version: 3.3.0004.00 - Lenovo Group Limited) Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden Meusburger Katalog 5.8 (HKLM-x32\...\Meusburger Katalog) (Version: 5.8 - Meusburger Georg GmbH & Co KG) Microsoft .NET Framework 4.6 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation) Microsoft SQL Server Native Client (HKLM\...\{DD6FD594-53B0-467C-8C46-F6F99BCE7C97}) (Version: 9.00.5259.00 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation) Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version: - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MySQL Connector/ODBC 5.1 (HKLM\...\{583E320A-F7F7-4A23-A80E-26995A5371CC}) (Version: 5.1.10 - Oracle Corporation) MySQL Connector/ODBC 5.1 (HKLM-x32\...\{C36A15FB-9882-4CB7-B128-239AACBB9BCD}) (Version: 5.1.10 - Oracle Corporation) NetDA (HKLM\...\{5897AD96-FA2A-484E-9B91-433CCD65ED43}) (Version: 6.3.38442.0 - silex technology, Inc.) NetDA Manager (HKLM\...\NetDA Manager) (Version: 1.4.0 - silex technology, Inc.) Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google) Nitro Pro 9 (HKLM\...\{941C6E5F-363B-4121-A374-3B2E0DEF877C}) (Version: 9.5.1.5 - Nitro) NVIDIA 3D Vision Treiber 312.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 312.69 - NVIDIA Corporation) NVIDIA Grafiktreiber 312.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 312.69 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation) NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation) O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{C4D2B63B-A435-433A-AD02-7D26ACD23DF0}) (Version: 3.3.00.73 - O2Micro International LTD.) O2Micro Flash Memory Card Windows Driver (Version: 3.3.00.73 - O2Micro International LTD.) Hidden Oce WPD (HKLM-x32\...\{3597d6bd-0e73-11d5-ab8a-00d0b7a62d54}) (Version: 1.19 - Oce) OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation) paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC) PANTONE Color Calibrator 1.2.0 (HKLM-x32\...\PANTONE Color Calibrator_is1) (Version: - X-Rite) PDF Writer - bioPDF 10.11.0.2338 (HKLM\...\PDF Writer - bioPDF_is1) (Version: 10.11.0.2338 - bioPDF) RatioPlus 1941-3.0.11 (HKLM-x32\...\schubertRatio.RatioPlus_is1) (Version: - Schubert Software & Systeme, Top-In-Form GmbH) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7188 - Realtek Semiconductor Corp.) Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - ) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.) schubertRatio.BDETerminal 1.3.0.808 (HKLM-x32\...\schubertRatio.BDETerminal_is1) (Version: - Schubert Software & Systeme, Top-In-Form GmbH) Sentinel System Driver Installer 7.5.1 (HKLM-x32\...\{BF9E346B-5ECE-4A18-9510-55729FD08323}) (Version: 7.5.1 - SafeNet, Inc.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden SHARP Pen Software (HKLM-x32\...\{A7D5AAA9-7C58-45D6-BBA4-FF9002F5BBE1}) (Version: 2.08.213 - SHARP) SHARP Pen Software (x32 Version: 2.08.213 - SHARP) Hidden SHARP Touch-Panel-Treiber (HKLM\...\{7626BF3E-02BF-4896-8E71-4342BD67ED8E}) (Version: 2.03.0203 - SHARP) Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16014.12 - Samsung Electronics Co., Ltd.) Smart Switch (x32 Version: 4.1.16014.12 - Samsung Electronics Co., Ltd.) Hidden SnagIt 9 (HKLM-x32\...\{ADDD6985-3A28-44D0-A1BA-FDD19A820491}) (Version: 9.0.2 - TechSmith Corporation) SolidWorks 2013 Interface (HKLM-x32\...\SolidWorks 2013 Interface) (Version: - ) SolidWorks 2014 Interface (HKLM-x32\...\SolidWorks 2014 Interface) (Version: - ) SolidWorks 2014 x64 Edition SP0 (HKLM-x32\...\SolidWorks Installation Manager 20140-40000-1100-100) (Version: 22.0.0.5018 - SolidWorks Corporation) SolidWorks 2014 x64 Edition SP0 (Version: 22.100.5018 - SolidWorks) Hidden SolidWorks 2014 x64 German Resources (Version: 22.100.5018 - SolidWorks Corporation) Hidden SolidWorks Composer Player 2014 SP0 x64 Edition (Version: 22.00.5018 - Dassault Systemes SolidWorks) Hidden SolidWorks eDrawings 2014 x64 Edition SP0 (Version: 14.0.5006 - Dassault Systèmes SolidWorks Corp) Hidden SolidWorks Explorer 2014 SP0 x64 Edition (Version: 22.00.5018 - SolidWorks Corporation) Hidden SolidWorks Plastics 2014 SP0 x64 Edition (Version: 22.00.5018 - SolidWorks Corporation) Hidden Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.7.103 - Synaptics Incorporated) Synaptics WBF DDK 5011 (HKLM\...\{4D70781C-36A9-4335-9568-565C6F61B5EB}) (Version: 4.5.285.0 - ) Synaptics WBF DDK 5011 (HKLM\...\{D6FED322-4EA0-48AE-A5AC-BC381D7048CF}) (Version: 4.5.285.0 - Synaptics) ThinkDesign 2014.1 (64-bit) (HKLM-x32\...\{FEF8FF3A-137A-4A49-B803-448CA1E2B3BE}) (Version: 2014.1 - think3) ThinkDesign 2014.1 (x32 Version: 2014.1 - think3) Hidden ThinkDesign 2015.2 (64-bit) (HKLM-x32\...\{F05A4D2E-FEE7-4F4A-B75F-39651485E90F}) (Version: 2015.2 - think3) ThinkDesign 2015.2 (x32 Version: 2015.2 - think3) Hidden ThinkDesign2009 Interface (HKLM-x32\...\ThinkDesign2009 Interface) (Version: - ) Thinkpad USB 3.0 Ethernet Adapter Driver (HKLM-x32\...\{D8102684-7BA1-4948-88B9-535F84E6E588}) (Version: 7.4.911.2013 - Lenovo) ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.80.08.00 - Lenovo) ThinkVantage Fingerprint Software (HKLM\...\{F58DA859-016E-492D-A588-317D9BB28002}) (Version: 5.9.9.7282 - Authentec Inc.) ThinkVantage Password Manager (HKLM-x32\...\{70EE2BAA-F82A-4B8A-950E-649EFD64D5B9}) (Version: 4.70.2.0 - Lenovo Group Limited) Thunderbolt(TM) Software (HKLM\...\{BED2816F-D47A-41DA-AFCF-44E1B257C368}) (Version: 2.0.4.250 - Intel(R) Corporation) tiptoi® Manager 3.0.9 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.0.9 - Ravensburger AG) Tools 2014.1 (64-bit) (HKLM-x32\...\{2B7DC97F-FB9C-4CDC-9C46-785BB38AE579}) (Version: 2014.1 - think3) Tools 2015.2 (64-bit) (HKLM-x32\...\{16828765-4596-469F-856C-D2C7F15C3074}) (Version: 2015.2 - think3) USB Enhanced Performance Keyboard (HKLM\...\{989DC5D9-A776-430D-9E16-D36E5B81CD86}) (Version: 2.0.2.2 - Lenovo) Windows-Treiberpaket - Intel (e1dexpress) Net (03/13/2014 12.11.77.1) (HKLM\...\0E9686B99C91E380CCB49060633DCDE5ED79DE7E) (Version: 03/13/2014 12.11.77.1 - Intel) Windows-Treiberpaket - Intel Corporation (iaStorA) HDC (11/15/2013 12.8.10.1005) (HKLM\...\D25E6F494D3225DFE05884186452E2C79AF2E506) (Version: 11/15/2013 12.8.10.1005 - Intel Corporation) Windows-Treiberpaket - Leaf Imaging Ltd. Image (12/03/2014 1.2.0.0) (HKLM\...\B758007C752D28F7C3542875CEEBDADCAE5941AE) (Version: 12/03/2014 1.2.0.0 - Leaf Imaging Ltd.) Windows-Treiberpaket - Lenovo 1.67.04.04 (11/07/2013 1.67.04.04) (HKLM\...\70FB73D983446AEE2932B0ED51A770D1BD1348DA) (Version: 11/07/2013 1.67.04.04 - Lenovo) Windows-Treiberpaket - Phase One / Mamiya V-Grip USB Driver (12/03/2014 1.2.0.0) (HKLM\...\3F504CC0B024052107934E093CC26DA720256A7A) (Version: 12/03/2014 1.2.0.0 - Phase One / Mamiya) Windows-Treiberpaket - Phase One A/S (WinUSB) USBDevice (12/03/2014 1.13.0.0) (HKLM\...\7C6570ABBEB2F08EFBC23ED7925AE72DA6167BD8) (Version: 12/03/2014 1.13.0.0 - Phase One A/S) Windows-Treiberpaket - Synaptics (SmbDrv) System (04/07/2014 18.0.7.40) (HKLM\...\FB2627FE59EA6DAD058B4A4C82647DC162F8723D) (Version: 04/07/2014 18.0.7.40 - Synaptics) Windows-Treiberpaket - Synaptics (SynTP) Mouse (04/07/2014 18.0.7.40) (HKLM\...\5879A8A324E612CD4CB110632BF1186381FA46F0) (Version: 04/07/2014 18.0.7.40 - Synaptics) WinZip 12.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}) (Version: 12.0.8252 - WinZip Computing, S.L. ) X-Rite Device Services Manager (HKLM-x32\...\{28D1ED2A-6E9C-4C72-917B-E9F01688E7EF}) (Version: 2.1.14 - X-Rite) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {00CADF60-DB01-484B-88D2-AF616D23C7EC} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2015-11-11] () Task: {065F34AB-A2D5-49D7-8BF2-BD509853A8B1} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-02-25] (Realtek Semiconductor) Task: {135363C9-0A78-4CB4-93DF-4A706AABA5FE} - System32\Tasks\{457C0309-6FA1-4DA9-BF92-99D91339B3A0} => pcalua.exe -a "D:\Markus\Externe Festplatte\Alter Rechner\Markus\Sonstiges\Alter Rechner\catia\downloads\O2CSetupOCX.exe" -d "D:\Markus\Externe Festplatte\Alter Rechner\Markus\Sonstiges\Alter Rechner\catia\downloads" Task: {16EEDC93-F526-44B3-8346-C3989324C548} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-02-24] (Realtek Semiconductor) Task: {173FFE2D-A0E4-493B-9279-6310B4184DEA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated) Task: {20D395F9-6648-4906-A467-1C1532D8F3B9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation) Task: {261D4130-23A2-4DF5-97C7-EC0083FBB485} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2015-04-17] (Lenovo Group Limited) Task: {2BFA2080-1880-4AB8-BF49-4D89A5364290} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => Thunderbolt.exe Task: {409860ED-05BC-4E66-8ED8-E7C942E67B36} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2016-01-08] (Lenovo) Task: {45BA1E89-8065-4E7F-873E-7394B20356D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {495EC11C-B0D4-427D-98CF-756BD364C83C} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => start ThunderboltService Task: {589B5D2C-B06E-42A7-889E-C95BA437168C} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-01-08] (Lenovo) Task: {5FD71564-F597-4C82-ADB0-7B8DFF959784} - System32\Tasks\Lenovo\Message Center Plus Launcher => C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe [2014-09-13] (Lenovo) Task: {689FEF3E-4E8B-4431-94BE-8CBC040A00F6} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-01-08] () Task: {698F05FE-4B50-45FD-BACC-CF143E728237} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.) Task: {6D969690-9966-42E6-B723-157F5AEB6B52} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.) Task: {750CFD6C-09CE-4438-9D1E-C2E506092A9B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation) Task: {859B8D1F-C401-4D98-887D-8AA3B7E3FD9F} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-04-26] (Lenovo) Task: {9E2B6BD0-5358-44D6-AFC6-1C2B6D2457B5} - System32\Tasks\Amazon Music Helper => C:\Users\M.Klug.LEISS\AppData\Local\Amazon Music\Amazon Music Helper.exe [2015-12-15] () Task: {9E3F6264-6B9A-400E-B866-B3602F6B073C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08] (Adobe Systems Incorporated) Task: {AAB699EC-92E2-47C4-846E-8C3C23E7B337} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe Task: {ABDE2B86-969B-41EB-A176-1C21445BFE8A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-08-17] (Lenovo) Task: {B144E4E9-A6FE-4C4B-8210-5725F376C06B} - System32\Tasks\TVT\Lenovo QuickDisplay Agent => C:\Program Files\Lenovo\QuickDisplay\QuickDisplayAgent.exe [2014-03-26] (Lenovo Corporation) Task: {B2E2C5B4-B3F0-44F8-AA4A-6103E221F663} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.) Task: {B3192A8B-1DAF-42D5-B330-CECEB3736EDF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {CD0DB0C5-997F-4BB5-928E-CCB6823AA819} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-02-25] (Realtek Semiconductor) Task: {D30D6A55-286A-463E-BE04-BA947E5AEEC9} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1060284298-1326574676-1801674531-1129Core => C:\Users\M.Klug.LEISS\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.) Task: {D4F0FC58-A947-48CC-A98A-CF4A2F744EBC} - System32\Tasks\{9A366608-BB0F-4986-9E10-51B563C613B1} => pcalua.exe -a D:\Markus\Software\CP2020\Setup.exe -d D:\Markus\Software\CP2020 Task: {E56A8765-B17E-4EAE-8F9B-A10892C85D4E} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => Thunderbolt.exe Task: {E98245DD-1140-4147-BF6C-7A035F01AAC2} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-01-08] () Task: {EE15F6EF-5003-49B9-B980-3F151F278145} - System32\Tasks\3DconnexionCreateProcess_3DxService.exe => C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\3DxService.exe [2014-11-13] (3Dconnexion, INC) Task: {EE49A721-7C02-4F3E-90F9-9BC60F55A2A3} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1060284298-1326574676-1801674531-1129UA => C:\Users\M.Klug.LEISS\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1060284298-1326574676-1801674531-1129Core.job => C:\Users\M.Klug.LEISS\AppData\Local\Dropbox\Update\DropboxUpdate.exe/cM.Klu Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1060284298-1326574676-1801674531-1129UA.job => C:\Users\M.Klug.LEISS\AppData\Local\Dropbox\Update\DropboxUpdate.exe/ua /installsource schedulerM.Klu Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\Users\Public\Desktop\EliteCAD 13 ME-2D.lnk -> C:\Program Files\EliteCAD13ME\u\1300\me\glob\scr\me2ddll_x64.bat () ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2014-10-13 19:00 - 2013-10-29 02:53 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-11-21 14:20 - 2006-07-19 11:01 - 00099840 _____ () C:\Windows\IMGMSGMO.dll 2015-04-29 14:38 - 2006-07-31 09:46 - 04444160 ____N () C:\Program Files (x86)\MySQL\1300\Program\bin\mysqld-nt.exe 2014-05-15 18:39 - 2014-05-15 18:39 - 00417800 _____ () C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe 2014-10-13 19:01 - 2015-04-17 06:07 - 00118272 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL 2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2014-11-13 20:50 - 2014-11-13 20:50 - 00038912 _____ () C:\Windows\system32\SPWINI.dll 2015-05-19 15:43 - 2014-10-21 10:29 - 00601376 _____ () C:\Program Files\Lenovo\Password Manager\pwm_website_config.dll 2015-12-23 12:55 - 2015-12-15 02:43 - 05890368 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Amazon Music\Amazon Music Helper.exe 2014-12-01 15:50 - 2010-10-29 11:42 - 00090488 ____N () C:\Program Files\silex technology\NetDA Manager\Jcpcfgsrv.dll 2014-10-13 19:00 - 2013-10-29 02:17 - 00004096 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2015-09-03 11:33 - 2015-06-22 17:20 - 00068096 ____R () C:\Program Files\think3\2015.2\thinkdesign\bin\zlib.dll 2015-09-03 11:33 - 2015-05-28 09:56 - 01306624 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\uifiles\tt.dll 2014-11-21 14:47 - 2011-04-03 12:26 - 02874880 _____ () C:\Program Files (x86)\schubertRatio\RatioPlus\bin\RatioPlus.exe 2014-10-13 19:02 - 2011-08-02 20:58 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll 2014-10-13 19:02 - 2011-08-02 20:58 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll 2016-04-18 22:19 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2016-04-18 22:19 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2016-04-18 22:19 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2016-04-18 22:19 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2016-04-18 22:19 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2011-10-11 15:46 - 2011-10-11 15:46 - 01588560 _____ () C:\Program Files (x86)\X-Rite\Devices\rm200\GoldenEye.dll 2011-10-11 15:45 - 2011-10-11 15:45 - 00902992 _____ () C:\Program Files (x86)\X-Rite\Devices\i1pro\i1Fun.dll 2011-10-11 15:46 - 2011-10-11 15:46 - 02639696 _____ () C:\Program Files (x86)\X-Rite\Devices\colormunki\colormunki.dll 2015-01-08 18:03 - 2015-01-08 18:03 - 01309880 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\kpcengine.2.2.dll 2014-10-21 10:26 - 2014-10-21 10:26 - 00546592 _____ () C:\Program Files (x86)\Lenovo\Password Manager\pwm_website_config.dll 2015-12-13 10:26 - 2016-03-21 23:50 - 00034768 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd 2016-04-15 06:44 - 2016-03-21 23:51 - 00019408 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\faulthandler.pyd 2016-04-15 06:44 - 2016-03-21 23:50 - 00116688 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\pywintypes27.dll 2015-12-13 10:26 - 2016-03-21 23:50 - 00093640 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\_ctypes.pyd 2015-12-13 10:26 - 2016-03-21 23:50 - 00018376 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\select.pyd 2015-12-13 10:26 - 2016-04-08 20:20 - 00019760 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd 2015-12-13 10:26 - 2016-03-21 23:52 - 00105928 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32api.pyd 2016-04-15 06:44 - 2016-03-21 23:50 - 00392144 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\pythoncom27.dll 2015-12-13 10:26 - 2016-04-08 20:20 - 00381752 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd 2015-12-13 10:26 - 2016-03-21 23:50 - 00692688 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\unicodedata.pyd 2016-04-15 06:44 - 2016-04-08 20:19 - 00020816 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd 2015-12-13 10:26 - 2016-03-21 23:51 - 00112592 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd 2016-04-15 06:44 - 2016-04-08 20:19 - 01682760 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd 2016-04-15 06:44 - 2016-04-08 20:19 - 00020808 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd 2015-12-13 10:26 - 2016-04-08 20:20 - 00021840 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd 2016-04-15 06:44 - 2016-04-08 20:19 - 00038696 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\fastpath.pyd 2016-04-15 06:44 - 2016-03-21 23:52 - 00020936 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\mmapfile.pyd 2015-12-13 10:26 - 2016-03-21 23:52 - 00024528 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32event.pyd 2015-12-13 10:26 - 2016-03-21 23:52 - 00114640 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32security.pyd 2015-12-13 10:26 - 2016-03-21 23:52 - 00124880 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32file.pyd 2016-02-18 12:11 - 2016-04-08 20:20 - 00021832 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd 2015-12-13 10:26 - 2016-03-21 23:52 - 00024016 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32clipboard.pyd 2015-12-13 10:26 - 2016-03-21 23:52 - 00175560 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32gui.pyd 2015-12-13 10:26 - 2016-03-21 23:52 - 00030160 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32pipe.pyd 2015-12-13 10:26 - 2016-03-21 23:52 - 00043472 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32process.pyd 2015-12-13 10:26 - 2016-03-21 23:52 - 00028616 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32ts.pyd 2015-12-13 10:26 - 2016-03-21 23:52 - 00048592 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32service.pyd 2016-04-15 06:44 - 2016-04-08 20:19 - 00026456 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd 2015-12-13 10:26 - 2016-03-21 23:52 - 00057808 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32evtlog.pyd 2015-12-13 10:26 - 2016-03-21 23:52 - 00024016 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32profile.pyd 2016-04-15 06:44 - 2016-04-08 20:19 - 00117056 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd 2015-12-13 10:26 - 2016-04-08 20:20 - 00023376 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd 2015-12-13 10:26 - 2016-03-21 23:50 - 00134608 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\_elementtree.pyd 2016-04-15 06:44 - 2016-03-21 23:50 - 00134088 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\pyexpat.pyd 2016-04-15 06:44 - 2016-03-21 23:51 - 00240584 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\jpegtran.pyd 2016-04-15 06:44 - 2016-04-08 20:19 - 00024392 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd 2016-04-15 06:44 - 2016-03-21 23:52 - 00036296 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\librsync.dll 2016-04-15 06:44 - 2016-04-08 20:19 - 00052024 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd 2016-02-18 12:11 - 2016-04-08 20:20 - 00020800 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd 2016-02-18 12:11 - 2016-04-08 20:20 - 00021824 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd 2016-02-18 12:11 - 2016-04-08 20:20 - 00019776 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd 2016-02-18 12:11 - 2016-04-08 20:20 - 00020800 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd 2016-04-15 06:44 - 2016-04-08 20:19 - 00020280 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd 2015-12-13 10:26 - 2016-03-21 23:52 - 00350152 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\winxpgui.pyd 2016-02-18 12:11 - 2016-04-08 20:20 - 00022352 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd 2016-04-15 06:44 - 2016-04-08 20:19 - 00084280 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL 2016-04-15 06:44 - 2016-04-08 20:20 - 01826096 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd 2015-12-13 10:26 - 2016-03-21 23:51 - 00083912 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\sip.pyd 2016-04-15 06:44 - 2016-04-08 20:20 - 03928880 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd 2016-04-15 06:44 - 2016-04-08 20:20 - 01971504 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd 2016-04-15 06:44 - 2016-04-08 20:20 - 00531248 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd 2016-04-15 06:44 - 2016-04-08 20:20 - 00132912 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd 2016-04-15 06:44 - 2016-04-08 20:20 - 00223544 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd 2016-04-15 06:44 - 2016-04-08 20:20 - 00207672 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd 2016-04-15 06:44 - 2016-04-08 20:20 - 00158008 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd 2016-04-15 06:44 - 2016-04-08 20:20 - 00042808 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd 2016-04-15 06:44 - 2016-03-21 23:54 - 00017864 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\libEGL.dll 2016-04-15 06:44 - 2016-03-21 23:54 - 01631184 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\libGLESv2.dll 2015-12-13 10:26 - 2016-04-08 20:20 - 00024904 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd 2016-04-15 06:44 - 2016-04-08 20:20 - 00546096 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd 2016-04-15 06:44 - 2016-04-08 20:20 - 00357680 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd 2015-03-04 23:45 - 2016-03-21 23:56 - 00697304 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll 2014-10-13 19:00 - 2013-10-29 02:17 - 00004096 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 2015-09-23 14:02 - 2015-08-24 17:18 - 10396160 _____ () C:\Windows\TOBITCLT.dll 2015-09-23 14:02 - 2005-12-01 18:24 - 00548864 _____ () C:\Program Files (x86)\Tobit InfoCenter\ASPELL.DLL 2014-10-13 18:49 - 2013-12-03 07:36 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2015-09-03 11:33 - 2015-06-22 15:39 - 00749317 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\TTPyBridge.dll 2015-09-03 11:33 - 2004-02-20 17:02 - 00061497 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\win32api.pyd 2015-09-03 11:33 - 2004-02-20 17:01 - 00065536 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\PyWinTypes22.dll 2015-09-03 11:33 - 2004-02-20 17:02 - 00061484 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\zlib.pyd 2015-09-03 11:33 - 2004-02-20 17:01 - 00299073 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\pythoncom22.dll 2015-09-03 11:33 - 2004-02-20 17:01 - 00053292 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\_sre.pyd 2015-09-03 11:33 - 2004-02-20 17:02 - 00036916 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\win32com.shell.shell.pyd 2015-09-03 11:33 - 2015-06-22 15:30 - 00073728 ____R () C:\Program Files\think3\2015.2\PLM\common\zlib.dll 2015-09-03 11:33 - 2004-02-20 17:02 - 00135168 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\xml.parsers.pyexpat.pyd 2015-09-03 11:33 - 2004-02-20 17:01 - 00045103 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\_socket.pyd 2015-09-03 11:33 - 2004-02-20 17:02 - 00028731 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\win32event.pyd 2015-09-03 11:33 - 2004-02-20 17:02 - 00032829 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\win32process.pyd 2014-11-21 14:47 - 2010-12-30 15:31 - 00366016 _____ () C:\Program Files (x86)\schubertRatio\RatioPlus\lib\libjcc.dll 2014-11-21 14:48 - 2010-12-30 15:31 - 00062912 _____ () C:\Program Files (x86)\schubertRatio\RatioPlus\lib\libjutils.dll 2014-11-21 14:47 - 2007-07-02 22:40 - 00204800 _____ () C:\Program Files (x86)\schubertRatio\RatioPlus\lib\coolmenu25.dll 2014-11-21 14:47 - 2008-06-13 11:39 - 00795136 _____ () C:\Program Files (x86)\schubertRatio\RatioPlus\lib\StringUtils.dll 2016-04-11 07:01 - 2016-04-06 12:04 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll 2016-04-11 07:01 - 2016-04-06 12:04 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll 2014-12-05 08:48 - 2015-10-15 06:54 - 09499136 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.deu 2014-12-05 08:48 - 2015-10-15 06:54 - 01319424 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_AcroForm.DEU 2014-12-05 08:48 - 2015-10-15 06:54 - 00316416 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_DigSig.DEU 2014-12-05 08:48 - 2015-10-15 06:54 - 01180160 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_PPKLite.DEU 2014-12-05 08:48 - 2015-10-15 06:54 - 00100352 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_EScript.DEU 2014-12-05 08:48 - 2015-10-15 06:54 - 03066880 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Annots.DEU 2015-09-24 17:40 - 2015-09-24 17:40 - 00305544 _____ () C:\Program Files (x86)\Adobe\Reader 10.0\Reader\sqlite.dll 2014-12-05 08:48 - 2015-10-15 06:57 - 00014336 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Updater.DEU ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Windows:nlsPreferences [386] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com Da befinden sich 7887 mehr Seiten. IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\123simsen.com -> www.123simsen.com Da befinden sich 7887 mehr Seiten. IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\123simsen.com -> www.123simsen.com Da befinden sich 7887 mehr Seiten. ==================== Hosts Inhalt: ========================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 04:34 - 2016-04-18 23:02 - 00451800 ____R C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123moviedownload.com 127.0.0.1 www.123moviedownload.com Da befinden sich 15500 zusätzliche Einträge. ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\Control Panel\Desktop\\Wallpaper -> C:\Users\M.Klug.LEISS\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.1.1.41 - 192.1.1.42 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{CBA49235-FCF4-4A36-9DFE-F94BDB790403}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{818EE814-B4AD-4F0C-8FE6-EB52F3D2F49D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{43944A31-ADCC-459B-A423-869A6FE40142}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{CE2532C4-03A9-4F25-AA44-F9FD25D8F0D2}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{EB373F14-6C0C-42EB-A81A-424069557AF1}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe FirewallRules: [{38EAA061-8187-4AD8-9C36-89DE5AED1BBF}] => (Allow) LPort=15000 FirewallRules: [{EC1B6F1A-FA7A-41E8-99BB-A4AAC9E8484D}] => (Allow) LPort=15000 FirewallRules: [{8265501D-EA60-4D91-8A3F-D35C2F6AD2A8}] => (Allow) LPort=15000 FirewallRules: [{B0196F04-DC6E-42A7-A056-F48F3B86802B}] => (Allow) C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{1ADD0F48-735E-48AF-8446-58B926C16A89}] => (Allow) C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{58DE1A7E-F959-4FC0-8379-4335F2BEBC77}] => (Allow) C:\Program Files\Dimension\CatalystEX 4.3\nt\CatalystEX.exe FirewallRules: [{ED822D31-E216-41DF-9A4D-BA8347944ADA}] => (Allow) C:\Program Files\Dimension\CatalystEX 4.3\nt\CatalystEX.exe FirewallRules: [{814D8CAB-B716-487D-A229-8EBD95FC2E3A}] => (Allow) C:\Program Files\silex technology\NetDA Manager\Connect.exe FirewallRules: [{A47FBF91-3E04-48EC-B356-99B6C1A4390F}] => (Allow) LPort=19540 FirewallRules: [{2F2E1B69-F49D-42E1-AF73-3BAF57BD14D9}] => (Allow) LPort=5454 FirewallRules: [{A44DDBF9-D320-44A9-BE17-035DA74192C1}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe FirewallRules: [{882C8420-998F-4F9D-9ABE-B20C3BE32CD3}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe FirewallRules: [{15DBE098-FC93-4B0B-A55E-1A41E19A9348}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe FirewallRules: [{60348C89-440E-444F-9F35-F0F6912660D3}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe FirewallRules: [{AF513F76-609D-420C-9D61-24C5085EDD20}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe FirewallRules: [{1A74B4FF-ED0C-4E62-BA4C-F769FDA45885}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe FirewallRules: [{972E0A6F-B7EB-4AAC-8AD4-5565E615FB9A}] => (Allow) C:\Program Files (x86)\MySQL\1300\Program\bin\mysqld-nt.exe FirewallRules: [{8837E981-13F1-4AEF-993A-6F3F7B68FD41}] => (Allow) C:\Program Files (x86)\MySQL\1300\Program\bin\mysqld-nt.exe FirewallRules: [{BFFD77FC-E8E1-49B2-A280-34A08E034C39}] => (Allow) C:\Program Files (x86)\MySQL\1300\Program\bin\mysqld-nt.exe FirewallRules: [{2FCCB561-6D50-4F2D-9CAA-598D82DE8004}] => (Allow) C:\Program Files (x86)\MySQL\1300\Program\bin\mysqld-nt.exe FirewallRules: [{3CD933D5-A171-48B7-B64F-92C67B411D7B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{CD96ADD2-AD26-406F-ACEF-79D1AE686ABB}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe FirewallRules: [{12A4FE65-2ACB-4B97-AEAE-FE5D01249913}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe FirewallRules: [{95809377-70EC-43AE-B16D-DABA126FF17D}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe FirewallRules: [{D207F641-DBAF-490F-9B5C-1857C95EC9C6}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe FirewallRules: [{AEDC3625-F1D7-4739-8F10-FE207F325C53}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe FirewallRules: [{A8612968-67F0-43D3-AFD7-62538D036F98}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe FirewallRules: [{33B5013C-2E59-4829-B731-B3E91FF0533E}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe FirewallRules: [{83743DE6-23A6-4C01-9687-9240E9168D6E}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe FirewallRules: [TCP Query User{D84CE3A1-B372-462D-9AB1-DAD32079C1C9}C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{1DDB2AF5-98FA-42E8-8C47-A53E8F8AA670}C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{4387E6D6-F54A-44A1-9C09-35BB13D39CCF}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe FirewallRules: [{016E46E6-AA1C-41E0-A759-08BF6D17A45F}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe FirewallRules: [{EECD114B-7675-4543-B629-8BA5E4C57DCE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{E18DE270-37F7-400E-9B93-22C862A1419B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{72321C50-B62F-4230-B0A8-1FBF9E6FC123}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{9CCC6B38-2C71-4AB3-B714-8B8E133F2871}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [TCP Query User{80BC78E1-CEE4-4D67-8BA5-C29A5C36B79A}C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{6BA8982E-AB0C-4478-9764-CFC8EA0DEFCA}C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{F9B0A80F-47EC-4E28-AA38-5735DB4BB5C9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{DBF1FD2E-0870-4164-8AA7-04DEBA366218}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe FirewallRules: [{75916072-A518-4435-96F6-27C4BCFE70A6}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe FirewallRules: [{B1DFB7EE-15D8-49C8-813C-97C44DFFC420}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe FirewallRules: [{0AD31EAB-08C6-4646-88BB-482CB19DD434}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Wiederherstellungspunkte ========================= 15-04-2016 17:35:10 DirectX wurde installiert 18-04-2016 06:44:05 Windows Update 18-04-2016 12:54:20 Prüfpunkt von HitmanPro 18-04-2016 13:36:56 Prüfpunkt von HitmanPro 18-04-2016 17:44:24 Prüfpunkt von HitmanPro 18-04-2016 17:59:51 Prüfpunkt von HitmanPro 18-04-2016 20:01:11 Removed Google Earth Plug-in 19-04-2016 07:39:51 JRT Pre-Junkware Removal ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Teredo Tunneling Pseudo-Interface Description: Microsoft-Teredo-Tunneling-Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Lenovo Connect Device 1.0 Description: Lenovo Connect Device 1.0 Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (04/19/2016 07:59:03 AM) (Source: PerfNet) (EventID: 2005) (User: ) Description: Error: (04/19/2016 07:59:03 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/19/2016 07:14:06 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: DVWIN32.EXE, Version: 12.0.0.5740, Zeitstempel: 0x55eed84c Name des fehlerhaften Moduls: mshtml.dll, Version: 11.0.9600.18283, Zeitstempel: 0x56fc68fd Ausnahmecode: 0xc0000005 Fehleroffset: 0x0043c977 ID des fehlerhaften Prozesses: 0x29c8 Startzeit der fehlerhaften Anwendung: 0xDVWIN32.EXE0 Pfad der fehlerhaften Anwendung: DVWIN32.EXE1 Pfad des fehlerhaften Moduls: DVWIN32.EXE2 Berichtskennung: DVWIN32.EXE3 Error: (04/19/2016 06:40:31 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/19/2016 06:40:30 AM) (Source: PerfNet) (EventID: 2005) (User: ) Description: Error: (04/18/2016 10:16:19 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Systemfehler: ============= Error: (04/19/2016 11:19:31 AM) (Source: LEqdUsb) (EventID: 12289) (User: ) Description: WDF call failed. Error: (04/19/2016 11:19:28 AM) (Source: LEqdUsb) (EventID: 12289) (User: ) Description: WDF call failed. Error: (04/19/2016 11:12:44 AM) (Source: LEqdUsb) (EventID: 12289) (User: ) Description: WDF call failed. Error: (04/19/2016 11:12:08 AM) (Source: LEqdUsb) (EventID: 12289) (User: ) Description: WDF call failed. Error: (04/19/2016 11:11:20 AM) (Source: LEqdUsb) (EventID: 12289) (User: ) Description: WDF call failed. Error: (04/19/2016 11:11:17 AM) (Source: LEqdUsb) (EventID: 12289) (User: ) Description: WDF call failed. Error: (04/19/2016 11:10:15 AM) (Source: LEqdUsb) (EventID: 12289) (User: ) Description: WDF call failed. Error: (04/19/2016 11:06:07 AM) (Source: LEqdUsb) (EventID: 12289) (User: ) Description: WDF call failed. Error: (04/19/2016 10:59:48 AM) (Source: LEqdUsb) (EventID: 12289) (User: ) Description: WDF call failed. Error: (04/19/2016 10:46:59 AM) (Source: LEqdUsb) (EventID: 12289) (User: ) Description: WDF call failed. CodeIntegrity: =================================== Date: 2015-01-22 12:41:30.394 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Slotman\gwiopm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-01-22 12:41:30.343 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Slotman\gwiopm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-12-12 06:39:38.333 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-12-12 06:39:37.366 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-12-12 06:36:57.890 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-12-12 06:36:51.922 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-12-03 13:03:28.429 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-12-03 13:03:28.414 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-12-03 13:03:28.320 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-12-03 13:03:28.320 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-4810MQ CPU @ 2.80GHz Prozentuale Nutzung des RAM: 41% Installierter physikalischer RAM: 16009.21 MB Verfügbarer physikalischer RAM: 9332.47 MB Summe virtueller Speicher: 32016.61 MB Verfügbarer virtueller Speicher: 24473.5 MB ==================== Laufwerke ================================ Drive c: (Windows7_OS) (Fixed) (Total:213.74 GB) (Free:62.86 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive d: (Data2) (Fixed) (Total:931.51 GB) (Free:441.53 GB) NTFS Drive e: (SolidWorks1) (CDROM) (Total:7.76 GB) (Free:0 GB) CDFS Drive f: (Daten) (Network) (Total:2048 GB) (Free:1004.32 GB) NTFS Drive h: (Daten) (Network) (Total:2048 GB) (Free:1004.32 GB) NTFS Drive o: (Daten) (Network) (Total:600 GB) (Free:438.55 GB) NTFS Drive q: (Lenovo_Recovery) (Fixed) (Total:16.27 GB) (Free:4.64 GB) NTFS Drive r: (Daten) (Network) (Total:195.28 GB) (Free:166.86 GB) NTFS Drive u: (Daten) (Network) (Total:600 GB) (Free:438.55 GB) NTFS Drive z: (Daten) (Network) (Total:2048 GB) (Free:1004.32 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: B3D09BFF) Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=213.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=16.3 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=7 GB) - (Type=84) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B3D0A64B) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ |
19.04.2016, 11:54 | #11 |
| Habe von 1und1 eine Email bekommen wegen Befall von Zeus ! Was tun ? Sorry, nochmal der FRST..... Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-04-2016 durchgeführt von M.Klug (2016-04-19 12:40:25) Gestartet von C:\Users\M.Klug.LEISS\Desktop Windows 7 Professional Service Pack 1 (X64) (2014-11-21 18:09:26) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-3134854043-1757775680-3440901618-500 - Administrator - Disabled) Gast (S-1-5-21-3134854043-1757775680-3440901618-501 - Limited - Disabled) M.Klug (S-1-5-21-3134854043-1757775680-3440901618-1001 - Limited - Enabled) => C:\Users\M.Klug UpdatusUser (S-1-5-21-3134854043-1757775680-3440901618-1000 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Kaspersky Endpoint Security 10 für Windows (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886} AS: Kaspersky Endpoint Security 10 für Windows (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} FW: Kaspersky Endpoint Security 10 für Windows (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 3Dconnexion 3DxWare 10 (64-bit) (HKLM-x32\...\{BAFCA6AC-8B37-405B-B57E-C1D45DE70ACC}) (Version: 10.2.0 - 3Dconnexion) 3Dconnexion 3DxWinCore (Version: 17.2.0.11011 - 3Dconnexion) Hidden 3Dconnexion Add-In for AutoCAD (Version: 5.0.0 - 3Dconnexion) Hidden 3Dconnexion Add-In for Inventor 11 - 2015 (Version: 2.1.0 - 3Dconnexion) Hidden 3Dconnexion Add-In for Solid Edge V18 - ST7 (Version: 3.2.0 - 3Dconnexion) Hidden 3Dconnexion Add-In for SolidWorks 2005 - 2015 (Version: 3.2.0 - 3Dconnexion) Hidden 3Dconnexion Add-On for XSI v5.0 - 2015 (Version: 3.0.3 - 3Dconnexion) Hidden 3Dconnexion Collage (x32 Version: 1.3.0 - 3Dconnexion) Hidden 3Dconnexion Extension for SketchUp (Version: 4.1.0 - 3Dconnexion) Hidden 3Dconnexion LCD Applets for SpacePilot Pro (Version: 1.3.3 - 3Dconnexion) Hidden 3Dconnexion Plug-In for 3ds Max 2008 - 2015 (Version: 6.1.0 - 3Dconnexion) Hidden 3Dconnexion Plug-in for Acrobat 3D (x32 Version: 1.3.0 - 3Dconnexion) Hidden 3Dconnexion Plug-In for Maya v8.5 - 2015 (Version: 5.1.0 - 3Dconnexion) Hidden 3Dconnexion Plug-In for NX v4.0 - v10.0 (Version: 3.2.0 - 3Dconnexion) Hidden 3Dconnexion Plug-In for Photoshop CS3 - CS6 and CC (Version: 2.4.0 - 3Dconnexion) Hidden 3Dconnexion Plug-In for Pro/ENGINEER Wildfire 3.0 - Creo 3.0 (Version: 2.2.0 - 3Dconnexion) Hidden 3Dconnexion Trainer (x32 Version: 3.2.2 - 3Dconnexion) Hidden 64 Bit HP CIO Components Installer (Version: 18.2.4 - Hewlett-Packard) Hidden 7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.241 - Adobe Systems Incorporated) Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated) Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated) Amazon Music (HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\Amazon Amazon Music) (Version: 4.0.0.1205 - Amazon Services LLC) Capture One 8.3 (HKLM\...\CaptureOne8_is1) (Version: 8.3.4.19 - Phase One A/S) CatalystEX 4.3 for 64 Bit (HKLM\...\{F4C1316F-F96F-4982-8286-BD8FB9652636}) (Version: 4.3 - Ihr Firmenname) Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) david® Client (HKLM-x32\...\david® Client) (Version: 12.00a - Tobit.Software) Delcam Exchange 2015 R2 (64-bit) (HKLM\...\Delcam Exchange 7.9.10) (Version: 7.9.10 - Delcam) Delcam PostProcessor 2014 (64-bit) (HKLM\...\{1BD1D20C-7970-4E68-8CEE-60861AB12E4F}) (Version: 6.6.3518 - Delcam) Delcam PowerMILL 2015 (64-bit) (HKLM\...\Delcam PowerMILL 18.0.09) (Version: 18.0.09 - Delcam) Delcam PowerMILL 2016 (64-bit) (HKLM\...\Delcam PowerMILL 20.0.10) (Version: 20.0.10 - Delcam) Delcam PowerSHAPE 2016 (64-bit) (HKLM\...\Delcam PowerSHAPE16126) (Version: 16.1.26 - Delcam) Delcam PS-Tutorials 2011 R3 (64-bit) (HKLM-x32\...\Delcam PS-Tutorials11300) (Version: 11.3.00 - Delcam) Delcam Shell Extensions for PostProcessor 2014 (64-bit) (HKLM\...\{3D9482F4-FF0A-48DF-85CD-8477F079943D}) (Version: 6.6.3518 - Delcam) Delcam TrodeExtension 2014 R2 (64-bit) (HKLM\...\Delcam TrodeExtension14200) (Version: 14.2.00 - Delcam) <==== ACHTUNG Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7/8 (HKLM\...\DisableAMTPopup) (Version: 1.00 - ) DisplayLink Core Software (HKLM\...\{73CF7443-C49F-4A11-BD78-F6D691CDDB72}) (Version: 7.6.55673.0 - DisplayLink Corp.) dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 6.1.2 - CEWE Stiftung u Co. KGaA) Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc) DongleDriver (HKLM-x32\...\{CB7C7334-3D32-4F79-BAFB-79B16C4E6BEB}) (Version: 6.64.0.0 - Messerli Informatik) Dropbox (HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\Dropbox) (Version: 3.18.1 - Dropbox, Inc.) EliteCAD13ME (HKLM-x32\...\{601238EF-32E5-11D4-AF89-0000E81E0E01}) (Version: 13.0 - Messerli Informatik) EliteViewer12 (HKLM-x32\...\{A1F759AE-551E-4F05-93E3-21CA07BE9A50}) (Version: - ) ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.1.16835 - Landesfinanzdirektion Thüringen) Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.67.5 - Lenovo Group Limited) Festo - Produktkatalog (HKLM-x32\...\{85DDDA5B-B85D-4033-B1F5-52F60D709F9C}) (Version: 3.2008.805 - Festo) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden IGEMS R2015 (HKLM-x32\...\IGEMS R2015_is1) (Version: - IGEMS Software AB) Inst5676 (Version: 8.01.42 - Softex Inc.) Hidden Integrated Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.7.36 - SunplusIT) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation) Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 19.5 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1412.3) (HKLM\...\{302600C1-6BDF-4FD1-1401-148929CC1385}) (Version: 17.0.1401.0428 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.1.28 - Intel Corporation) Intel(R) WiDi (HKLM\...\{F949AE30-83D1-41B2-92D2-F44478DD058A}) (Version: 4.2.24.0 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{a9888f41-68ae-43df-bd7d-d93405a44106}) (Version: 17.13.11 - Intel Corporation) Kaspersky Endpoint Security 10 für Windows (HKLM-x32\...\{7A4192A1-84C4-4E90-A31B-B4847CA8E23A}) (Version: 10.2.2.10535 - Kaspersky Lab) Kaspersky Security Center Administrationsagent (HKLM-x32\...\InstallWIX_{2F383CB3-6D7C-449D-9874-164E49E1E0F5}) (Version: 10.2.434 - Kaspersky Lab ZAO) Kaspersky Security Center Administrationsagent (x32 Version: 10.2.434 - Kaspersky Lab ZAO) Hidden Lenovo Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.72.10 - Lenovo) Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.13 - ) Lenovo Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.1.17.0 - Lenovo) Lenovo Fingerprint Manager Pro (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.42(x64) - Lenovo) Lenovo Fingerprint Manager Pro (Version: 8.01.42(x64) - Lenovo) Hidden Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden Lenovo Peer Connect SDK (HKLM\...\{75C87855-9CBB-4892-B1A9-74C73A19CACA}_is1) (Version: 1.0.0.7 - Lenovo) Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.02 - ) Lenovo QuickControl (HKLM-x32\...\{04128C8C-7812-4DCC-816E-9C8AB1D6EECE}) (Version: 2.40 - Lenovo Group Limited) Lenovo QuickDisplay (HKLM\...\{ADEEC90C-A033-4596-ACA1-97327055F9CB}) (Version: 1.2.6.0 - Lenovo Group Limited) Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.3 - Lenovo Inc.) Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.4.0 - Lenovo Group Limited) Lenovo Solution Center (HKLM\...\{49277B39-D2E8-4342-9CE8-FC080C3FA344}) (Version: 2.8.007.00 - Lenovo Group Limited) Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0019 - Lenovo) Lenovo USB Graphics (HKLM\...\{E6B1FE9A-CB1E-4096-A0AF-163419CB971C}) (Version: 7.5.54614.0 - Lenovo) Lenovo USB3.0 to DVI VGA Monitor Adapter (HKLM-x32\...\{454D32AD-C149-49BE-9F2E-8C089C3D6620}) (Version: 1.07.17 - Lenovo) Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - Lenovo Group Limited) Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo) Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech) Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Message Center Plus (HKLM\...\{C2C2DB64-1BCE-4FA7-962D-457795ECCEC0}) (Version: 3.3.0004.00 - Lenovo Group Limited) Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden Meusburger Katalog 5.8 (HKLM-x32\...\Meusburger Katalog) (Version: 5.8 - Meusburger Georg GmbH & Co KG) Microsoft .NET Framework 4.6 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation) Microsoft SQL Server Native Client (HKLM\...\{DD6FD594-53B0-467C-8C46-F6F99BCE7C97}) (Version: 9.00.5259.00 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation) Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version: - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MySQL Connector/ODBC 5.1 (HKLM\...\{583E320A-F7F7-4A23-A80E-26995A5371CC}) (Version: 5.1.10 - Oracle Corporation) MySQL Connector/ODBC 5.1 (HKLM-x32\...\{C36A15FB-9882-4CB7-B128-239AACBB9BCD}) (Version: 5.1.10 - Oracle Corporation) NetDA (HKLM\...\{5897AD96-FA2A-484E-9B91-433CCD65ED43}) (Version: 6.3.38442.0 - silex technology, Inc.) NetDA Manager (HKLM\...\NetDA Manager) (Version: 1.4.0 - silex technology, Inc.) Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google) Nitro Pro 9 (HKLM\...\{941C6E5F-363B-4121-A374-3B2E0DEF877C}) (Version: 9.5.1.5 - Nitro) NVIDIA 3D Vision Treiber 312.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 312.69 - NVIDIA Corporation) NVIDIA Grafiktreiber 312.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 312.69 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation) NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation) O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{C4D2B63B-A435-433A-AD02-7D26ACD23DF0}) (Version: 3.3.00.73 - O2Micro International LTD.) O2Micro Flash Memory Card Windows Driver (Version: 3.3.00.73 - O2Micro International LTD.) Hidden Oce WPD (HKLM-x32\...\{3597d6bd-0e73-11d5-ab8a-00d0b7a62d54}) (Version: 1.19 - Oce) OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation) paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC) PANTONE Color Calibrator 1.2.0 (HKLM-x32\...\PANTONE Color Calibrator_is1) (Version: - X-Rite) PDF Writer - bioPDF 10.11.0.2338 (HKLM\...\PDF Writer - bioPDF_is1) (Version: 10.11.0.2338 - bioPDF) RatioPlus 1941-3.0.11 (HKLM-x32\...\schubertRatio.RatioPlus_is1) (Version: - Schubert Software & Systeme, Top-In-Form GmbH) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7188 - Realtek Semiconductor Corp.) Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - ) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.) schubertRatio.BDETerminal 1.3.0.808 (HKLM-x32\...\schubertRatio.BDETerminal_is1) (Version: - Schubert Software & Systeme, Top-In-Form GmbH) Sentinel System Driver Installer 7.5.1 (HKLM-x32\...\{BF9E346B-5ECE-4A18-9510-55729FD08323}) (Version: 7.5.1 - SafeNet, Inc.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden SHARP Pen Software (HKLM-x32\...\{A7D5AAA9-7C58-45D6-BBA4-FF9002F5BBE1}) (Version: 2.08.213 - SHARP) SHARP Pen Software (x32 Version: 2.08.213 - SHARP) Hidden SHARP Touch-Panel-Treiber (HKLM\...\{7626BF3E-02BF-4896-8E71-4342BD67ED8E}) (Version: 2.03.0203 - SHARP) Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16014.12 - Samsung Electronics Co., Ltd.) Smart Switch (x32 Version: 4.1.16014.12 - Samsung Electronics Co., Ltd.) Hidden SnagIt 9 (HKLM-x32\...\{ADDD6985-3A28-44D0-A1BA-FDD19A820491}) (Version: 9.0.2 - TechSmith Corporation) SolidWorks 2013 Interface (HKLM-x32\...\SolidWorks 2013 Interface) (Version: - ) SolidWorks 2014 Interface (HKLM-x32\...\SolidWorks 2014 Interface) (Version: - ) SolidWorks 2014 x64 Edition SP0 (HKLM-x32\...\SolidWorks Installation Manager 20140-40000-1100-100) (Version: 22.0.0.5018 - SolidWorks Corporation) SolidWorks 2014 x64 Edition SP0 (Version: 22.100.5018 - SolidWorks) Hidden SolidWorks 2014 x64 German Resources (Version: 22.100.5018 - SolidWorks Corporation) Hidden SolidWorks Composer Player 2014 SP0 x64 Edition (Version: 22.00.5018 - Dassault Systemes SolidWorks) Hidden SolidWorks eDrawings 2014 x64 Edition SP0 (Version: 14.0.5006 - Dassault Systèmes SolidWorks Corp) Hidden SolidWorks Explorer 2014 SP0 x64 Edition (Version: 22.00.5018 - SolidWorks Corporation) Hidden SolidWorks Plastics 2014 SP0 x64 Edition (Version: 22.00.5018 - SolidWorks Corporation) Hidden Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.7.103 - Synaptics Incorporated) Synaptics WBF DDK 5011 (HKLM\...\{4D70781C-36A9-4335-9568-565C6F61B5EB}) (Version: 4.5.285.0 - ) Synaptics WBF DDK 5011 (HKLM\...\{D6FED322-4EA0-48AE-A5AC-BC381D7048CF}) (Version: 4.5.285.0 - Synaptics) ThinkDesign 2014.1 (64-bit) (HKLM-x32\...\{FEF8FF3A-137A-4A49-B803-448CA1E2B3BE}) (Version: 2014.1 - think3) ThinkDesign 2014.1 (x32 Version: 2014.1 - think3) Hidden ThinkDesign 2015.2 (64-bit) (HKLM-x32\...\{F05A4D2E-FEE7-4F4A-B75F-39651485E90F}) (Version: 2015.2 - think3) ThinkDesign 2015.2 (x32 Version: 2015.2 - think3) Hidden ThinkDesign2009 Interface (HKLM-x32\...\ThinkDesign2009 Interface) (Version: - ) Thinkpad USB 3.0 Ethernet Adapter Driver (HKLM-x32\...\{D8102684-7BA1-4948-88B9-535F84E6E588}) (Version: 7.4.911.2013 - Lenovo) ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.80.08.00 - Lenovo) ThinkVantage Fingerprint Software (HKLM\...\{F58DA859-016E-492D-A588-317D9BB28002}) (Version: 5.9.9.7282 - Authentec Inc.) ThinkVantage Password Manager (HKLM-x32\...\{70EE2BAA-F82A-4B8A-950E-649EFD64D5B9}) (Version: 4.70.2.0 - Lenovo Group Limited) Thunderbolt(TM) Software (HKLM\...\{BED2816F-D47A-41DA-AFCF-44E1B257C368}) (Version: 2.0.4.250 - Intel(R) Corporation) tiptoi® Manager 3.0.9 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.0.9 - Ravensburger AG) Tools 2014.1 (64-bit) (HKLM-x32\...\{2B7DC97F-FB9C-4CDC-9C46-785BB38AE579}) (Version: 2014.1 - think3) Tools 2015.2 (64-bit) (HKLM-x32\...\{16828765-4596-469F-856C-D2C7F15C3074}) (Version: 2015.2 - think3) USB Enhanced Performance Keyboard (HKLM\...\{989DC5D9-A776-430D-9E16-D36E5B81CD86}) (Version: 2.0.2.2 - Lenovo) Windows-Treiberpaket - Intel (e1dexpress) Net (03/13/2014 12.11.77.1) (HKLM\...\0E9686B99C91E380CCB49060633DCDE5ED79DE7E) (Version: 03/13/2014 12.11.77.1 - Intel) Windows-Treiberpaket - Intel Corporation (iaStorA) HDC (11/15/2013 12.8.10.1005) (HKLM\...\D25E6F494D3225DFE05884186452E2C79AF2E506) (Version: 11/15/2013 12.8.10.1005 - Intel Corporation) Windows-Treiberpaket - Leaf Imaging Ltd. Image (12/03/2014 1.2.0.0) (HKLM\...\B758007C752D28F7C3542875CEEBDADCAE5941AE) (Version: 12/03/2014 1.2.0.0 - Leaf Imaging Ltd.) Windows-Treiberpaket - Lenovo 1.67.04.04 (11/07/2013 1.67.04.04) (HKLM\...\70FB73D983446AEE2932B0ED51A770D1BD1348DA) (Version: 11/07/2013 1.67.04.04 - Lenovo) Windows-Treiberpaket - Phase One / Mamiya V-Grip USB Driver (12/03/2014 1.2.0.0) (HKLM\...\3F504CC0B024052107934E093CC26DA720256A7A) (Version: 12/03/2014 1.2.0.0 - Phase One / Mamiya) Windows-Treiberpaket - Phase One A/S (WinUSB) USBDevice (12/03/2014 1.13.0.0) (HKLM\...\7C6570ABBEB2F08EFBC23ED7925AE72DA6167BD8) (Version: 12/03/2014 1.13.0.0 - Phase One A/S) Windows-Treiberpaket - Synaptics (SmbDrv) System (04/07/2014 18.0.7.40) (HKLM\...\FB2627FE59EA6DAD058B4A4C82647DC162F8723D) (Version: 04/07/2014 18.0.7.40 - Synaptics) Windows-Treiberpaket - Synaptics (SynTP) Mouse (04/07/2014 18.0.7.40) (HKLM\...\5879A8A324E612CD4CB110632BF1186381FA46F0) (Version: 04/07/2014 18.0.7.40 - Synaptics) WinZip 12.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}) (Version: 12.0.8252 - WinZip Computing, S.L. ) X-Rite Device Services Manager (HKLM-x32\...\{28D1ED2A-6E9C-4C72-917B-E9F01688E7EF}) (Version: 2.1.14 - X-Rite) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {00CADF60-DB01-484B-88D2-AF616D23C7EC} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2015-11-11] () Task: {065F34AB-A2D5-49D7-8BF2-BD509853A8B1} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-02-25] (Realtek Semiconductor) Task: {135363C9-0A78-4CB4-93DF-4A706AABA5FE} - System32\Tasks\{457C0309-6FA1-4DA9-BF92-99D91339B3A0} => pcalua.exe -a "D:\Markus\Externe Festplatte\Alter Rechner\Markus\Sonstiges\Alter Rechner\catia\downloads\O2CSetupOCX.exe" -d "D:\Markus\Externe Festplatte\Alter Rechner\Markus\Sonstiges\Alter Rechner\catia\downloads" Task: {16EEDC93-F526-44B3-8346-C3989324C548} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-02-24] (Realtek Semiconductor) Task: {173FFE2D-A0E4-493B-9279-6310B4184DEA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated) Task: {20D395F9-6648-4906-A467-1C1532D8F3B9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation) Task: {261D4130-23A2-4DF5-97C7-EC0083FBB485} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2015-04-17] (Lenovo Group Limited) Task: {2BFA2080-1880-4AB8-BF49-4D89A5364290} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => Thunderbolt.exe Task: {409860ED-05BC-4E66-8ED8-E7C942E67B36} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2016-01-08] (Lenovo) Task: {45BA1E89-8065-4E7F-873E-7394B20356D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {495EC11C-B0D4-427D-98CF-756BD364C83C} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => start ThunderboltService Task: {589B5D2C-B06E-42A7-889E-C95BA437168C} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-01-08] (Lenovo) Task: {5FD71564-F597-4C82-ADB0-7B8DFF959784} - System32\Tasks\Lenovo\Message Center Plus Launcher => C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe [2014-09-13] (Lenovo) Task: {689FEF3E-4E8B-4431-94BE-8CBC040A00F6} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-01-08] () Task: {698F05FE-4B50-45FD-BACC-CF143E728237} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.) Task: {6D969690-9966-42E6-B723-157F5AEB6B52} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.) Task: {750CFD6C-09CE-4438-9D1E-C2E506092A9B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation) Task: {859B8D1F-C401-4D98-887D-8AA3B7E3FD9F} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-04-26] (Lenovo) Task: {9E2B6BD0-5358-44D6-AFC6-1C2B6D2457B5} - System32\Tasks\Amazon Music Helper => C:\Users\M.Klug.LEISS\AppData\Local\Amazon Music\Amazon Music Helper.exe [2015-12-15] () Task: {9E3F6264-6B9A-400E-B866-B3602F6B073C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08] (Adobe Systems Incorporated) Task: {AAB699EC-92E2-47C4-846E-8C3C23E7B337} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe Task: {ABDE2B86-969B-41EB-A176-1C21445BFE8A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-08-17] (Lenovo) Task: {B144E4E9-A6FE-4C4B-8210-5725F376C06B} - System32\Tasks\TVT\Lenovo QuickDisplay Agent => C:\Program Files\Lenovo\QuickDisplay\QuickDisplayAgent.exe [2014-03-26] (Lenovo Corporation) Task: {B2E2C5B4-B3F0-44F8-AA4A-6103E221F663} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.) Task: {B3192A8B-1DAF-42D5-B330-CECEB3736EDF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {CD0DB0C5-997F-4BB5-928E-CCB6823AA819} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-02-25] (Realtek Semiconductor) Task: {D30D6A55-286A-463E-BE04-BA947E5AEEC9} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1060284298-1326574676-1801674531-1129Core => C:\Users\M.Klug.LEISS\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.) Task: {D4F0FC58-A947-48CC-A98A-CF4A2F744EBC} - System32\Tasks\{9A366608-BB0F-4986-9E10-51B563C613B1} => pcalua.exe -a D:\Markus\Software\CP2020\Setup.exe -d D:\Markus\Software\CP2020 Task: {E56A8765-B17E-4EAE-8F9B-A10892C85D4E} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => Thunderbolt.exe Task: {E98245DD-1140-4147-BF6C-7A035F01AAC2} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-01-08] () Task: {EE15F6EF-5003-49B9-B980-3F151F278145} - System32\Tasks\3DconnexionCreateProcess_3DxService.exe => C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\3DxService.exe [2014-11-13] (3Dconnexion, INC) Task: {EE49A721-7C02-4F3E-90F9-9BC60F55A2A3} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1060284298-1326574676-1801674531-1129UA => C:\Users\M.Klug.LEISS\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1060284298-1326574676-1801674531-1129Core.job => C:\Users\M.Klug.LEISS\AppData\Local\Dropbox\Update\DropboxUpdate.exe/cM.Klu Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1060284298-1326574676-1801674531-1129UA.job => C:\Users\M.Klug.LEISS\AppData\Local\Dropbox\Update\DropboxUpdate.exe/ua /installsource schedulerM.Klu Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\Users\Public\Desktop\EliteCAD 13 ME-2D.lnk -> C:\Program Files\EliteCAD13ME\u\1300\me\glob\scr\me2ddll_x64.bat () ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2014-10-13 19:00 - 2013-10-29 02:53 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-11-21 14:20 - 2006-07-19 11:01 - 00099840 _____ () C:\Windows\IMGMSGMO.dll 2015-04-29 14:38 - 2006-07-31 09:46 - 04444160 ____N () C:\Program Files (x86)\MySQL\1300\Program\bin\mysqld-nt.exe 2014-05-15 18:39 - 2014-05-15 18:39 - 00417800 _____ () C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe 2014-10-13 19:01 - 2015-04-17 06:07 - 00118272 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL 2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2014-11-13 20:50 - 2014-11-13 20:50 - 00038912 _____ () C:\Windows\system32\SPWINI.dll 2015-05-19 15:43 - 2014-10-21 10:29 - 00601376 _____ () C:\Program Files\Lenovo\Password Manager\pwm_website_config.dll 2015-12-23 12:55 - 2015-12-15 02:43 - 05890368 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Amazon Music\Amazon Music Helper.exe 2014-12-01 15:50 - 2010-10-29 11:42 - 00090488 ____N () C:\Program Files\silex technology\NetDA Manager\Jcpcfgsrv.dll 2014-10-13 19:00 - 2013-10-29 02:17 - 00004096 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2015-09-03 11:33 - 2015-06-22 17:20 - 00068096 ____R () C:\Program Files\think3\2015.2\thinkdesign\bin\zlib.dll 2015-09-03 11:33 - 2015-05-28 09:56 - 01306624 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\uifiles\tt.dll 2014-11-21 14:47 - 2011-04-03 12:26 - 02874880 _____ () C:\Program Files (x86)\schubertRatio\RatioPlus\bin\RatioPlus.exe 2014-10-13 19:02 - 2011-08-02 20:58 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll 2014-10-13 19:02 - 2011-08-02 20:58 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll 2016-04-18 22:19 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2016-04-18 22:19 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2016-04-18 22:19 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2016-04-18 22:19 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2016-04-18 22:19 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2011-10-11 15:46 - 2011-10-11 15:46 - 01588560 _____ () C:\Program Files (x86)\X-Rite\Devices\rm200\GoldenEye.dll 2011-10-11 15:45 - 2011-10-11 15:45 - 00902992 _____ () C:\Program Files (x86)\X-Rite\Devices\i1pro\i1Fun.dll 2011-10-11 15:46 - 2011-10-11 15:46 - 02639696 _____ () C:\Program Files (x86)\X-Rite\Devices\colormunki\colormunki.dll 2015-01-08 18:03 - 2015-01-08 18:03 - 01309880 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\kpcengine.2.2.dll 2014-10-21 10:26 - 2014-10-21 10:26 - 00546592 _____ () C:\Program Files (x86)\Lenovo\Password Manager\pwm_website_config.dll 2015-12-13 10:26 - 2016-03-21 23:50 - 00034768 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd 2016-04-15 06:44 - 2016-03-21 23:51 - 00019408 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\faulthandler.pyd 2016-04-15 06:44 - 2016-03-21 23:50 - 00116688 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\pywintypes27.dll 2015-12-13 10:26 - 2016-03-21 23:50 - 00093640 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\_ctypes.pyd 2015-12-13 10:26 - 2016-03-21 23:50 - 00018376 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\select.pyd 2015-12-13 10:26 - 2016-04-08 20:20 - 00019760 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd 2015-12-13 10:26 - 2016-03-21 23:52 - 00105928 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32api.pyd 2016-04-15 06:44 - 2016-03-21 23:50 - 00392144 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\pythoncom27.dll 2015-12-13 10:26 - 2016-04-08 20:20 - 00381752 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd 2015-12-13 10:26 - 2016-03-21 23:50 - 00692688 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\unicodedata.pyd 2016-04-15 06:44 - 2016-04-08 20:19 - 00020816 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd 2015-12-13 10:26 - 2016-03-21 23:51 - 00112592 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd 2016-04-15 06:44 - 2016-04-08 20:19 - 01682760 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd 2016-04-15 06:44 - 2016-04-08 20:19 - 00020808 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd 2015-12-13 10:26 - 2016-04-08 20:20 - 00021840 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd 2016-04-15 06:44 - 2016-04-08 20:19 - 00038696 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\fastpath.pyd 2016-04-15 06:44 - 2016-03-21 23:52 - 00020936 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\mmapfile.pyd 2015-12-13 10:26 - 2016-03-21 23:52 - 00024528 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32event.pyd 2015-12-13 10:26 - 2016-03-21 23:52 - 00114640 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32security.pyd 2015-12-13 10:26 - 2016-03-21 23:52 - 00124880 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32file.pyd 2016-02-18 12:11 - 2016-04-08 20:20 - 00021832 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd 2015-12-13 10:26 - 2016-03-21 23:52 - 00024016 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32clipboard.pyd 2015-12-13 10:26 - 2016-03-21 23:52 - 00175560 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32gui.pyd 2015-12-13 10:26 - 2016-03-21 23:52 - 00030160 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32pipe.pyd 2015-12-13 10:26 - 2016-03-21 23:52 - 00043472 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32process.pyd 2015-12-13 10:26 - 2016-03-21 23:52 - 00028616 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32ts.pyd 2015-12-13 10:26 - 2016-03-21 23:52 - 00048592 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32service.pyd 2016-04-15 06:44 - 2016-04-08 20:19 - 00026456 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd 2015-12-13 10:26 - 2016-03-21 23:52 - 00057808 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32evtlog.pyd 2015-12-13 10:26 - 2016-03-21 23:52 - 00024016 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32profile.pyd 2016-04-15 06:44 - 2016-04-08 20:19 - 00117056 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd 2015-12-13 10:26 - 2016-04-08 20:20 - 00023376 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd 2015-12-13 10:26 - 2016-03-21 23:50 - 00134608 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\_elementtree.pyd 2016-04-15 06:44 - 2016-03-21 23:50 - 00134088 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\pyexpat.pyd 2016-04-15 06:44 - 2016-03-21 23:51 - 00240584 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\jpegtran.pyd 2016-04-15 06:44 - 2016-04-08 20:19 - 00024392 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd 2016-04-15 06:44 - 2016-03-21 23:52 - 00036296 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\librsync.dll 2016-04-15 06:44 - 2016-04-08 20:19 - 00052024 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd 2016-02-18 12:11 - 2016-04-08 20:20 - 00020800 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd 2016-02-18 12:11 - 2016-04-08 20:20 - 00021824 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd 2016-02-18 12:11 - 2016-04-08 20:20 - 00019776 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd 2016-02-18 12:11 - 2016-04-08 20:20 - 00020800 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd 2016-04-15 06:44 - 2016-04-08 20:19 - 00020280 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd 2015-12-13 10:26 - 2016-03-21 23:52 - 00350152 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\winxpgui.pyd 2016-02-18 12:11 - 2016-04-08 20:20 - 00022352 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd 2016-04-15 06:44 - 2016-04-08 20:19 - 00084280 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL 2016-04-15 06:44 - 2016-04-08 20:20 - 01826096 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd 2015-12-13 10:26 - 2016-03-21 23:51 - 00083912 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\sip.pyd 2016-04-15 06:44 - 2016-04-08 20:20 - 03928880 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd 2016-04-15 06:44 - 2016-04-08 20:20 - 01971504 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd 2016-04-15 06:44 - 2016-04-08 20:20 - 00531248 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd 2016-04-15 06:44 - 2016-04-08 20:20 - 00132912 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd 2016-04-15 06:44 - 2016-04-08 20:20 - 00223544 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd 2016-04-15 06:44 - 2016-04-08 20:20 - 00207672 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd 2016-04-15 06:44 - 2016-04-08 20:20 - 00158008 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd 2016-04-15 06:44 - 2016-04-08 20:20 - 00042808 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd 2016-04-15 06:44 - 2016-03-21 23:54 - 00017864 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\libEGL.dll 2016-04-15 06:44 - 2016-03-21 23:54 - 01631184 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\libGLESv2.dll 2015-12-13 10:26 - 2016-04-08 20:20 - 00024904 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd 2016-04-15 06:44 - 2016-04-08 20:20 - 00546096 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd 2016-04-15 06:44 - 2016-04-08 20:20 - 00357680 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd 2015-03-04 23:45 - 2016-03-21 23:56 - 00697304 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll 2014-10-13 19:00 - 2013-10-29 02:17 - 00004096 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 2015-09-23 14:02 - 2015-08-24 17:18 - 10396160 _____ () C:\Windows\TOBITCLT.dll 2015-09-23 14:02 - 2005-12-01 18:24 - 00548864 _____ () C:\Program Files (x86)\Tobit InfoCenter\ASPELL.DLL 2014-10-13 18:49 - 2013-12-03 07:36 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2015-09-03 11:33 - 2015-06-22 15:39 - 00749317 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\TTPyBridge.dll 2015-09-03 11:33 - 2004-02-20 17:02 - 00061497 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\win32api.pyd 2015-09-03 11:33 - 2004-02-20 17:01 - 00065536 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\PyWinTypes22.dll 2015-09-03 11:33 - 2004-02-20 17:02 - 00061484 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\zlib.pyd 2015-09-03 11:33 - 2004-02-20 17:01 - 00299073 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\pythoncom22.dll 2015-09-03 11:33 - 2004-02-20 17:01 - 00053292 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\_sre.pyd 2015-09-03 11:33 - 2004-02-20 17:02 - 00036916 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\win32com.shell.shell.pyd 2015-09-03 11:33 - 2015-06-22 15:30 - 00073728 ____R () C:\Program Files\think3\2015.2\PLM\common\zlib.dll 2015-09-03 11:33 - 2004-02-20 17:02 - 00135168 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\xml.parsers.pyexpat.pyd 2015-09-03 11:33 - 2004-02-20 17:01 - 00045103 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\_socket.pyd 2015-09-03 11:33 - 2004-02-20 17:02 - 00028731 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\win32event.pyd 2015-09-03 11:33 - 2004-02-20 17:02 - 00032829 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\win32process.pyd 2014-11-21 14:47 - 2010-12-30 15:31 - 00366016 _____ () C:\Program Files (x86)\schubertRatio\RatioPlus\lib\libjcc.dll 2014-11-21 14:48 - 2010-12-30 15:31 - 00062912 _____ () C:\Program Files (x86)\schubertRatio\RatioPlus\lib\libjutils.dll 2014-11-21 14:47 - 2007-07-02 22:40 - 00204800 _____ () C:\Program Files (x86)\schubertRatio\RatioPlus\lib\coolmenu25.dll 2014-11-21 14:47 - 2008-06-13 11:39 - 00795136 _____ () C:\Program Files (x86)\schubertRatio\RatioPlus\lib\StringUtils.dll 2016-04-11 07:01 - 2016-04-06 12:04 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll 2016-04-11 07:01 - 2016-04-06 12:04 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll 2014-12-05 08:48 - 2015-10-15 06:54 - 09499136 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.deu 2014-12-05 08:48 - 2015-10-15 06:54 - 01319424 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_AcroForm.DEU 2014-12-05 08:48 - 2015-10-15 06:54 - 00316416 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_DigSig.DEU 2014-12-05 08:48 - 2015-10-15 06:54 - 01180160 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_PPKLite.DEU 2014-12-05 08:48 - 2015-10-15 06:54 - 00100352 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_EScript.DEU 2014-12-05 08:48 - 2015-10-15 06:54 - 03066880 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Annots.DEU 2015-09-24 17:40 - 2015-09-24 17:40 - 00305544 _____ () C:\Program Files (x86)\Adobe\Reader 10.0\Reader\sqlite.dll 2014-12-05 08:48 - 2015-10-15 06:57 - 00014336 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Updater.DEU ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Windows:nlsPreferences [386] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com Da befinden sich 7887 mehr Seiten. IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\123simsen.com -> www.123simsen.com Da befinden sich 7887 mehr Seiten. IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\123simsen.com -> www.123simsen.com Da befinden sich 7887 mehr Seiten. ==================== Hosts Inhalt: ========================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 04:34 - 2016-04-18 23:02 - 00451800 ____R C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123moviedownload.com 127.0.0.1 www.123moviedownload.com Da befinden sich 15500 zusätzliche Einträge. ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\Control Panel\Desktop\\Wallpaper -> C:\Users\M.Klug.LEISS\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.1.1.41 - 192.1.1.42 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{CBA49235-FCF4-4A36-9DFE-F94BDB790403}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{818EE814-B4AD-4F0C-8FE6-EB52F3D2F49D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{43944A31-ADCC-459B-A423-869A6FE40142}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{CE2532C4-03A9-4F25-AA44-F9FD25D8F0D2}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{EB373F14-6C0C-42EB-A81A-424069557AF1}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe FirewallRules: [{38EAA061-8187-4AD8-9C36-89DE5AED1BBF}] => (Allow) LPort=15000 FirewallRules: [{EC1B6F1A-FA7A-41E8-99BB-A4AAC9E8484D}] => (Allow) LPort=15000 FirewallRules: [{8265501D-EA60-4D91-8A3F-D35C2F6AD2A8}] => (Allow) LPort=15000 FirewallRules: [{B0196F04-DC6E-42A7-A056-F48F3B86802B}] => (Allow) C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{1ADD0F48-735E-48AF-8446-58B926C16A89}] => (Allow) C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{58DE1A7E-F959-4FC0-8379-4335F2BEBC77}] => (Allow) C:\Program Files\Dimension\CatalystEX 4.3\nt\CatalystEX.exe FirewallRules: [{ED822D31-E216-41DF-9A4D-BA8347944ADA}] => (Allow) C:\Program Files\Dimension\CatalystEX 4.3\nt\CatalystEX.exe FirewallRules: [{814D8CAB-B716-487D-A229-8EBD95FC2E3A}] => (Allow) C:\Program Files\silex technology\NetDA Manager\Connect.exe FirewallRules: [{A47FBF91-3E04-48EC-B356-99B6C1A4390F}] => (Allow) LPort=19540 FirewallRules: [{2F2E1B69-F49D-42E1-AF73-3BAF57BD14D9}] => (Allow) LPort=5454 FirewallRules: [{A44DDBF9-D320-44A9-BE17-035DA74192C1}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe FirewallRules: [{882C8420-998F-4F9D-9ABE-B20C3BE32CD3}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe FirewallRules: [{15DBE098-FC93-4B0B-A55E-1A41E19A9348}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe FirewallRules: [{60348C89-440E-444F-9F35-F0F6912660D3}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe FirewallRules: [{AF513F76-609D-420C-9D61-24C5085EDD20}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe FirewallRules: [{1A74B4FF-ED0C-4E62-BA4C-F769FDA45885}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe FirewallRules: [{972E0A6F-B7EB-4AAC-8AD4-5565E615FB9A}] => (Allow) C:\Program Files (x86)\MySQL\1300\Program\bin\mysqld-nt.exe FirewallRules: [{8837E981-13F1-4AEF-993A-6F3F7B68FD41}] => (Allow) C:\Program Files (x86)\MySQL\1300\Program\bin\mysqld-nt.exe FirewallRules: [{BFFD77FC-E8E1-49B2-A280-34A08E034C39}] => (Allow) C:\Program Files (x86)\MySQL\1300\Program\bin\mysqld-nt.exe FirewallRules: [{2FCCB561-6D50-4F2D-9CAA-598D82DE8004}] => (Allow) C:\Program Files (x86)\MySQL\1300\Program\bin\mysqld-nt.exe FirewallRules: [{3CD933D5-A171-48B7-B64F-92C67B411D7B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{CD96ADD2-AD26-406F-ACEF-79D1AE686ABB}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe FirewallRules: [{12A4FE65-2ACB-4B97-AEAE-FE5D01249913}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe FirewallRules: [{95809377-70EC-43AE-B16D-DABA126FF17D}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe FirewallRules: [{D207F641-DBAF-490F-9B5C-1857C95EC9C6}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe FirewallRules: [{AEDC3625-F1D7-4739-8F10-FE207F325C53}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe FirewallRules: [{A8612968-67F0-43D3-AFD7-62538D036F98}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe FirewallRules: [{33B5013C-2E59-4829-B731-B3E91FF0533E}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe FirewallRules: [{83743DE6-23A6-4C01-9687-9240E9168D6E}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe FirewallRules: [TCP Query User{D84CE3A1-B372-462D-9AB1-DAD32079C1C9}C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{1DDB2AF5-98FA-42E8-8C47-A53E8F8AA670}C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{4387E6D6-F54A-44A1-9C09-35BB13D39CCF}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe FirewallRules: [{016E46E6-AA1C-41E0-A759-08BF6D17A45F}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe FirewallRules: [{EECD114B-7675-4543-B629-8BA5E4C57DCE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{E18DE270-37F7-400E-9B93-22C862A1419B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{72321C50-B62F-4230-B0A8-1FBF9E6FC123}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{9CCC6B38-2C71-4AB3-B714-8B8E133F2871}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [TCP Query User{80BC78E1-CEE4-4D67-8BA5-C29A5C36B79A}C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{6BA8982E-AB0C-4478-9764-CFC8EA0DEFCA}C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{F9B0A80F-47EC-4E28-AA38-5735DB4BB5C9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{DBF1FD2E-0870-4164-8AA7-04DEBA366218}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe FirewallRules: [{75916072-A518-4435-96F6-27C4BCFE70A6}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe FirewallRules: [{B1DFB7EE-15D8-49C8-813C-97C44DFFC420}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe FirewallRules: [{0AD31EAB-08C6-4646-88BB-482CB19DD434}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Wiederherstellungspunkte ========================= 15-04-2016 17:35:10 DirectX wurde installiert 18-04-2016 06:44:05 Windows Update 18-04-2016 12:54:20 Prüfpunkt von HitmanPro 18-04-2016 13:36:56 Prüfpunkt von HitmanPro 18-04-2016 17:44:24 Prüfpunkt von HitmanPro 18-04-2016 17:59:51 Prüfpunkt von HitmanPro 18-04-2016 20:01:11 Removed Google Earth Plug-in 19-04-2016 07:39:51 JRT Pre-Junkware Removal ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Teredo Tunneling Pseudo-Interface Description: Microsoft-Teredo-Tunneling-Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Lenovo Connect Device 1.0 Description: Lenovo Connect Device 1.0 Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (04/19/2016 07:59:03 AM) (Source: PerfNet) (EventID: 2005) (User: ) Description: Error: (04/19/2016 07:59:03 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/19/2016 07:14:06 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: DVWIN32.EXE, Version: 12.0.0.5740, Zeitstempel: 0x55eed84c Name des fehlerhaften Moduls: mshtml.dll, Version: 11.0.9600.18283, Zeitstempel: 0x56fc68fd Ausnahmecode: 0xc0000005 Fehleroffset: 0x0043c977 ID des fehlerhaften Prozesses: 0x29c8 Startzeit der fehlerhaften Anwendung: 0xDVWIN32.EXE0 Pfad der fehlerhaften Anwendung: DVWIN32.EXE1 Pfad des fehlerhaften Moduls: DVWIN32.EXE2 Berichtskennung: DVWIN32.EXE3 Error: (04/19/2016 06:40:31 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/19/2016 06:40:30 AM) (Source: PerfNet) (EventID: 2005) (User: ) Description: Error: (04/18/2016 10:16:19 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Systemfehler: ============= Error: (04/19/2016 11:19:31 AM) (Source: LEqdUsb) (EventID: 12289) (User: ) Description: WDF call failed. Error: (04/19/2016 11:19:28 AM) (Source: LEqdUsb) (EventID: 12289) (User: ) Description: WDF call failed. Error: (04/19/2016 11:12:44 AM) (Source: LEqdUsb) (EventID: 12289) (User: ) Description: WDF call failed. Error: (04/19/2016 11:12:08 AM) (Source: LEqdUsb) (EventID: 12289) (User: ) Description: WDF call failed. Error: (04/19/2016 11:11:20 AM) (Source: LEqdUsb) (EventID: 12289) (User: ) Description: WDF call failed. Error: (04/19/2016 11:11:17 AM) (Source: LEqdUsb) (EventID: 12289) (User: ) Description: WDF call failed. Error: (04/19/2016 11:10:15 AM) (Source: LEqdUsb) (EventID: 12289) (User: ) Description: WDF call failed. Error: (04/19/2016 11:06:07 AM) (Source: LEqdUsb) (EventID: 12289) (User: ) Description: WDF call failed. Error: (04/19/2016 10:59:48 AM) (Source: LEqdUsb) (EventID: 12289) (User: ) Description: WDF call failed. Error: (04/19/2016 10:46:59 AM) (Source: LEqdUsb) (EventID: 12289) (User: ) Description: WDF call failed. CodeIntegrity: =================================== Date: 2015-01-22 12:41:30.394 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Slotman\gwiopm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-01-22 12:41:30.343 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Slotman\gwiopm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-12-12 06:39:38.333 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-12-12 06:39:37.366 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-12-12 06:36:57.890 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-12-12 06:36:51.922 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-12-03 13:03:28.429 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-12-03 13:03:28.414 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-12-03 13:03:28.320 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-12-03 13:03:28.320 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-4810MQ CPU @ 2.80GHz Prozentuale Nutzung des RAM: 41% Installierter physikalischer RAM: 16009.21 MB Verfügbarer physikalischer RAM: 9332.47 MB Summe virtueller Speicher: 32016.61 MB Verfügbarer virtueller Speicher: 24473.5 MB ==================== Laufwerke ================================ Drive c: (Windows7_OS) (Fixed) (Total:213.74 GB) (Free:62.86 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive d: (Data2) (Fixed) (Total:931.51 GB) (Free:441.53 GB) NTFS Drive e: (SolidWorks1) (CDROM) (Total:7.76 GB) (Free:0 GB) CDFS Drive f: (Daten) (Network) (Total:2048 GB) (Free:1004.32 GB) NTFS Drive h: (Daten) (Network) (Total:2048 GB) (Free:1004.32 GB) NTFS Drive o: (Daten) (Network) (Total:600 GB) (Free:438.55 GB) NTFS Drive q: (Lenovo_Recovery) (Fixed) (Total:16.27 GB) (Free:4.64 GB) NTFS Drive r: (Daten) (Network) (Total:195.28 GB) (Free:166.86 GB) NTFS Drive u: (Daten) (Network) (Total:600 GB) (Free:438.55 GB) NTFS Drive z: (Daten) (Network) (Total:2048 GB) (Free:1004.32 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: B3D09BFF) Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=213.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=16.3 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=7 GB) - (Type=84) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B3D0A64B) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ |
19.04.2016, 12:11 | #12 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Habe von 1und1 eine Email bekommen wegen Befall von Zeus ! Was tun ? du hast 2x die addition.txt gepostet
__________________ Logfiles bitte immer in CODE-Tags posten |
19.04.2016, 12:28 | #13 |
| Habe von 1und1 eine Email bekommen wegen Befall von Zeus ! Was tun ? Jetzt aber...... Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-04-2016 durchgeführt von M.Klug (Administrator) auf NB-MKLUG (19-04-2016 12:40:07) Gestartet von C:\Users\M.Klug.LEISS\Desktop Geladene Profile: M.Klug & UpdatusUser (Verfügbare Profile: M.Klug & Administrator & UpdatusUser & M.Klug) Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Lenovo.) C:\Windows\System32\ibmpmsvc.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Softex Inc.) C:\Program Files\Lenovo\Fingerprint Manager Pro\OmniServ.exe (DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (%CFullName%) C:\Program Files\Lenovo\Fingerprint Manager Pro\opvapp.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avpsus.exe (Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (SafeNet Inc.) C:\Windows\System32\hasplms.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagent.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe (Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (3Dconnexion) C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\Mgl3DCtlrRPCService.exe () C:\Program Files (x86)\MySQL\1300\Program\bin\mysqld-nt.exe (Nitro PDF Software) C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe () C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe (Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (SHARP CORPORATION) C:\Program Files\SHARP\SHARP Touch Panel Driver\SHTSV.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe (Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe (X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avp.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Tobit Software) C:\Program Files (x86)\Tobit InfoCenter\David\Apps\Replica\CODE\replica.exe (Tobit Software) C:\Program Files (x86)\Tobit InfoCenter\David\Code\SL.EXE (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\vapm.exe (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe (Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Lenovo.) C:\Windows\System32\TpShocks.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (3Dconnexion, INC) C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\3DxService.exe (LITE-ON TECHNOLOGY CORP.) C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\Skdaemon.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Password Manager\password_manager.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (3Dconnexion) C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\3dxpiemenus.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Dropbox, Inc.) C:\Users\M.Klug.LEISS\AppData\Local\Dropbox\Update\DropboxUpdate.exe () C:\Users\M.Klug.LEISS\AppData\Local\Amazon Music\Amazon Music Helper.exe (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe (Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe (SHARP CORPORATION) C:\Program Files (x86)\SHARP\SHARP Pen Software\PrsnSptTool.exe (SHARP CORPORATION) C:\Program Files\SHARP\SHARP Touch Panel Driver\TPUtility.exe (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe (Dropbox, Inc.) C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe (silex technology, Inc.) C:\Program Files\silex technology\NetDA Manager\Connect.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe (SunplusIT, Inc.) C:\Program Files (x86)\Integrated Camera\Monitor.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avp.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE (Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe (Tobit.Software) C:\Program Files (x86)\Tobit InfoCenter\DVWIN32.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Lenovo Corporation) C:\Program Files\Lenovo\QuickDisplay\QuickDisplayAgent.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Lenovo) C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (BayHubTech/O2Micro International) C:\Windows\System32\drivers\o2flash.exe (Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe (DPT SARL) C:\Program Files\think3\2015.2\thinkdesign\bin\tdesign.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe (DPT SARL) C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\TTComApi.exe (DPT SARL) C:\Program Files\think3\2015.2\PLM\common\utilities\T3Tracer\T3TraceSrv.exe (DPT SARL) C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\TTConnection.exe (DPT SARL) C:\Program Files\think3\2015.2\PLM\common\tteam.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Top-In-Form GmbH) C:\Program Files (x86)\schubertRatio\BDETerminal\BDE_Terminal.exe (Microsoft Corporation) C:\Windows\splwow64.exe () C:\Program Files (x86)\schubertRatio\RatioPlus\bin\RatioPlus.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (TechSmith Corporation) C:\Program Files (x86)\TechSmith\SnagIt 9\SnagIt32.exe (TechSmith Corporation) C:\Program Files (x86)\TechSmith\SnagIt 9\TscHelp.exe (TechSmith Corporation) C:\Program Files (x86)\TechSmith\SnagIt 9\SnagPriv.exe (TechSmith Corporation) C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItEditor.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184632 2013-11-13] (Motorola Solutions, Inc.) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [555760 2015-03-23] (Lenovo.) HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [295664 2014-12-08] (Lenovo Group Limited) HKLM\...\Run: [3DxWare Service] => C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\3DxService.exe [1990016 2014-11-13] (3Dconnexion, INC) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation) HKLM\...\Run: [PSQLLauncher] => C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe [86312 2013-03-05] (Authentec Inc.) HKLM\...\Run: [Enhanced Performance Keyboard] => C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\SKDaemon.exe [4013056 2014-08-17] (LITE-ON TECHNOLOGY CORP.) HKLM\...\Run: [PasswordManager] => C:\Program Files\Lenovo\Password Manager\password_manager.exe [1792800 2014-10-21] (Lenovo Group Limited) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2823848 2015-02-05] (Synaptics Incorporated) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-12-03] (Intel Corporation) HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1723040 2014-09-01] (SunplusIT, Inc.) HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avp.exe [1193536 2015-04-10] (Kaspersky Lab ZAO) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\Run: [Dropbox Update] => C:\Users\M.Klug.LEISS\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.) HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\Run: [Amazon Music] => C:\Users\M.Klug.LEISS\AppData\Local\Amazon Music\Amazon Music Helper.exe [5890368 2015-12-15] () HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\MountPoints2: {8abc1af5-52f8-11e4-a48c-806e6f6e6963} - Q:\LenovoQDrive.exe HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\DAVIDC~1.SCR AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-10-29] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-10-29] (NVIDIA Corporation) Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\david®.LNK [2016-04-18] ShortcutTarget: david®.LNK -> C:\Program Files (x86)\Tobit InfoCenter\DVWIN32.EXE (Tobit.Software) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Presentation Support Tool.lnk [2016-04-18] ShortcutTarget: Presentation Support Tool.lnk -> C:\Program Files (x86)\SHARP\SHARP Pen Software\PrsnSptTool.exe (SHARP CORPORATION) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SHARP Touch-Panel-Hilfsprogramm.lnk [2016-04-18] ShortcutTarget: SHARP Touch-Panel-Hilfsprogramm.lnk -> C:\Program Files\SHARP\SHARP Touch Panel Driver\TPUtility.exe (SHARP CORPORATION) Startup: C:\Users\M.Klug.LEISS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-04-18] ShortcutTarget: Dropbox.lnk -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\M.Klug.LEISS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NetDA Manager.lnk [2016-04-18] ShortcutTarget: NetDA Manager.lnk -> C:\Program Files\silex technology\NetDA Manager\Connect.exe (silex technology, Inc.) Startup: C:\Users\M.Klug.LEISS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-04-18] ShortcutTarget: Dropbox.lnk -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\M.Klug.LEISS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NetDA Manager.lnk [2016-04-18] ShortcutTarget: NetDA Manager.lnk -> C:\Program Files\silex technology\NetDA Manager\Connect.exe (silex technology, Inc.) BootExecute: autocheck autochk * sdnclean64.exe GroupPolicyScripts: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) ProxyEnable: [S-1-5-21-1060284298-1326574676-1801674531-1129] => Proxy ist aktiviert. ProxyServer: [S-1-5-21-1060284298-1326574676-1801674531-1129] => localhost:21320 Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.1.1.41 192.1.1.42 Tcpip\..\Interfaces\{E06193FA-3D29-4AA8-B5D6-D4F9972D7695}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{F630331D-4E74-42EE-B76E-29F569380EBD}: [DhcpNameServer] 192.1.1.41 192.1.1.42 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM-x32 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129 -> DefaultScope {91F160EF-6AC2-4B98-8E10-E2403C52E2C3} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129 -> {91F160EF-6AC2-4B98-8E10-E2403C52E2C3} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\SnagIt 9\DLLx64\SnagItBHO64.dll [2008-09-22] (TechSmith Corporation) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-22] (Google Inc.) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItBHO.dll [2008-09-22] (TechSmith Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) Toolbar: HKLM - SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\SnagIt 9\DLLx64\SnagItIEAddin64.dll [2008-09-22] (TechSmith Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-22] (Google Inc.) Toolbar: HKLM-x32 - SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItIEAddin.dll [2008-09-22] (TechSmith Corporation) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.) Toolbar: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-22] (Google Inc.) FireFox: ======== FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-03] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-03] (Intel Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2014-05-15] (Nitro PDF) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-28] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-28] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.) FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-01-21] [ist nicht signiert] FF HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\Firefox\Extensions: [{FCF36B88-1BBA-487f-B64B-D2E8980A9293}] - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension FF Extension: Kein Name - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension [2015-05-19] [ist nicht signiert] Chrome: ======= CHR Profile: C:\Users\M.Klug.LEISS\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\M.Klug.LEISS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-29] CHR Extension: (Google Präsentationen) - C:\Users\M.Klug.LEISS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-29] CHR Extension: (Google Drive) - C:\Users\M.Klug.LEISS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\M.Klug.LEISS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29] CHR Extension: (Google-Suche) - C:\Users\M.Klug.LEISS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29] CHR Extension: (Google Präsentationen) - C:\Users\M.Klug.LEISS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-29] CHR Extension: (Google Präsentationen) - C:\Users\M.Klug.LEISS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17] CHR Extension: (Google Präsentationen) - C:\Users\M.Klug.LEISS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpdfbkehegfmedglgemnhbnpmfmioggj [2015-09-29] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\M.Klug.LEISS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04] CHR Extension: (Google Mail) - C:\Users\M.Klug.LEISS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-29] CHR HKLM-x32\...\Chrome\Extension: [lpdfbkehegfmedglgemnhbnpmfmioggj] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avp; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avp.exe [1193536 2015-04-10] (Kaspersky Lab ZAO) R2 avpsus; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avpsus.exe [2065568 2015-04-10] (Kaspersky Lab ZAO) R2 DavidReplica; C:\Program Files (x86)\Tobit InfoCenter\David\Apps\Replica\CODE\replica.exe [1666048 2012-10-05] (Tobit Software) [Datei ist nicht signiert] R2 DavidServiceLayer; C:\Program Files (x86)\Tobit InfoCenter\David\Code\SL.EXE [2785080 2015-09-14] (Tobit Software) R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [10571056 2014-06-02] (DisplayLink Corp.) S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [319536 2015-04-17] (Lenovo.) R2 hasplms; C:\Windows\system32\hasplms.exe [4630352 2015-05-21] (SafeNet Inc.) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-03] (Intel Corporation) R2 klnagent; C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagent.exe [105960 2014-11-19] (Kaspersky Lab ZAO) S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [Datei ist nicht signiert] S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo) R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [197360 2014-12-08] (Lenovo Group Limited) R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [115184 2014-07-08] (Lenovo Group Limited) R2 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [21552 2014-02-21] (Lenovo) S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272864 2016-01-08] (Lenovo) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 Mgl3DCtlrRPCService; C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\Mgl3DCtlrRPCService.exe [57856 2014-11-13] (3Dconnexion) [Datei ist nicht signiert] R2 mysql_3306; C:\Program Files (x86)\MySQL\1300\Program\bin\mysqld-nt.exe [4444160 2006-07-31] () [Datei ist nicht signiert] S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-12-04] () R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2014-11-17] (Hewlett-Packard) [Datei ist nicht signiert] R2 NitroDriverReadSpool9; C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe [230920 2014-05-15] (Nitro PDF Software) R2 NitroUpdateService; C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe [417800 2014-05-15] () R2 O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [65536 2014-03-07] (BayHubTech/O2Micro International) R2 omniserv; C:\Program Files\Lenovo\Fingerprint Manager Pro\OmniServ.exe [103936 2015-04-02] (Softex Inc.) [Datei ist nicht signiert] R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2014-11-17] (Hewlett-Packard) [Datei ist nicht signiert] S2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [61232 2014-12-05] (Lenovo Group Limited) R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [317224 2014-12-05] (Lenovo Group Limited) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) R2 SHTSV; C:\Program Files\SHARP\SHARP Touch Panel Driver\SHTSV.exe [115200 2012-12-19] (SHARP CORPORATION) [Datei ist nicht signiert] S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2014-12-18] (SolidWorks) [Datei ist nicht signiert] R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.) S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2015-11-11] () S3 ThunderboltService; C:\Program Files\Intel\Thunderbolt Software\tbtsvc.exe [1179944 2014-03-06] (Intel Corporation) R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [49968 2015-01-29] (Synaptics Incorporated) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 xrdd.exe; C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [203088 2011-10-11] (X-Rite Inc.) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-12-04] (Intel® Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 3dxhid; C:\Windows\System32\DRIVERS\3dxhid.sys [38672 2014-11-07] (3Dconnexion SAM) R3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [69208 2015-05-21] (SafeNet Inc.) R3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [72664 2015-05-21] (SafeNet Inc.) R3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [312344 2015-05-21] (SafeNet Inc.) S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.) S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1419576 2013-12-11] (Motorola Solutions, Inc.) S3 DisplayLinkUsbIo_x64; C:\Windows\System32\DRIVERS\DisplayLinkUsbIo_x64_7.6.55673.0.sys [46384 2014-06-03] () R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-12-18] (Disc Soft Ltd) R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [378136 2015-03-24] (Intel Corporation) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-04-18] () S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2015-04-10] (Sony Mobile Communications) R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [340336 2015-05-21] (SafeNet Inc.) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-15] (Intel Corporation) S3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [169680 2014-04-02] (Intel Corporation) R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO) U5 klflt; C:\Windows\System32\Drivers\klflt.sys [103112 2014-11-11] (Kaspersky Lab ZAO) R1 KLFLTDEV; C:\Windows\System32\DRIVERS\klfltdev.sys [29792 2013-12-03] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [681672 2014-12-29] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30920 2014-11-20] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [57032 2014-10-09] (Kaspersky Lab ZAO) R3 KMJHidMini; C:\Windows\System32\DRIVERS\3dxkmj.sys [18944 2013-10-08] (3Dconnextion Inc.) R3 KMJShim; C:\Windows\System32\DRIVERS\3dxshim.sys [7168 2013-10-08] (3Dconnextion Inc.) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [176840 2014-09-10] (Kaspersky Lab ZAO) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-19] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100824 2013-12-03] (Intel Corporation) R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3437848 2014-12-08] (Intel Corporation) R3 O2FJ2RDR; C:\Windows\System32\DRIVERS\O2FJ2w7x64.sys [209720 2014-03-25] (BayHubTech/O2Micro ) R1 OMNISMI; C:\Windows\SysWOW64\drivers\omnismi.sys [14776 2014-03-31] () R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.) S3 shtmd702; C:\Windows\System32\DRIVERS\shtmd702.sys [34656 2011-08-22] (SHARP CORPORATION) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [32936 2015-02-05] (Synaptics Incorporated) R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.) R3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [58792 2009-09-17] (SafeNet, Inc.) R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [682272 2014-09-04] (Sunplus) R2 sxhidflt; C:\Windows\System32\DRIVERS\sxhidflt.sys [34744 2011-11-02] (silex technology, Inc.) R2 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [303928 2011-11-02] (silex technology, Inc.) R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [206744 2013-06-20] (Windows (R) Win 7 DDK provider) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [Datei ist nicht signiert] R3 WinDriver6; C:\Windows\System32\drivers\NE_UsbDriver_Win64.sys [254976 2011-12-01] (Jungo) S3 gwiopm; \??\C:\Program Files (x86)\Slotman\gwiopm.sys [X] S3 TDKLIB; \??\C:\Users\MKLUG~1.LEI\AppData\Local\Temp\TdkLib64.sys [X] S3 tpflhlp; \??\C:\PROGRA~3\Lenovo\SYSTEM~1\session\REPOSI~1\gnuj18us\securedfolder\tpflhlp.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-04-19 12:40 - 2016-04-19 12:40 - 00040600 _____ C:\Users\M.Klug.LEISS\Desktop\FRST.txt 2016-04-19 12:40 - 2016-04-19 12:40 - 00000000 ____D C:\FRST 2016-04-19 12:39 - 2016-04-19 12:39 - 02375680 _____ (Farbar) C:\Users\M.Klug.LEISS\Desktop\FRST64.exe 2016-04-19 08:54 - 2016-04-19 08:54 - 00008379 _____ C:\Users\M.Klug.LEISS\Downloads\Mitgliederdaten1461048872036.csv 2016-04-19 08:52 - 2016-04-19 08:52 - 84893696 _____ C:\Users\M.Klug\Documents\060280216_Z.e3.3.bak 2016-04-19 08:45 - 2016-04-19 08:45 - 00319488 _____ C:\Users\M.Klug\Documents\060280216_B.e2.2.bak 2016-04-19 08:45 - 2016-04-19 08:45 - 00315392 _____ C:\Users\M.Klug\Documents\060280216_B.e2.1.bak 2016-04-19 08:44 - 2016-04-19 08:44 - 02641920 _____ C:\Users\M.Klug\Documents\060280216_A.e2.2.bak 2016-04-19 08:43 - 2016-04-19 08:43 - 85053440 _____ C:\Users\M.Klug\Documents\060280216_Z.e3.2.bak 2016-04-19 08:41 - 2016-04-19 08:41 - 02646016 _____ C:\Users\M.Klug\Documents\060280216_A.e2.1.bak 2016-04-19 08:39 - 2016-04-19 08:39 - 84901888 _____ C:\Users\M.Klug\Documents\060280216_Z.e3.1.bak 2016-04-19 07:45 - 2016-04-19 07:45 - 00008009 _____ C:\Users\M.Klug.LEISS\Downloads\JRT.txt 2016-04-19 07:39 - 2016-04-19 07:39 - 01610352 _____ (Malwarebytes) C:\Users\M.Klug.LEISS\Desktop\JRT_8.0.4.exe 2016-04-18 23:02 - 2016-04-18 19:45 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20160418-230210.backup 2016-04-18 22:23 - 2016-04-18 22:23 - 00000000 ____D C:\Program Files\Common Files\AV 2016-04-18 22:23 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe 2016-04-18 22:19 - 2016-04-18 23:03 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2016-04-18 22:19 - 2016-04-18 22:27 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2016-04-18 22:19 - 2016-04-18 22:19 - 00001406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2016-04-18 22:19 - 2016-04-18 22:19 - 00001394 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2016-04-18 22:19 - 2016-04-18 22:19 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking 2016-04-18 22:19 - 2016-04-18 22:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2016-04-18 22:19 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe 2016-04-18 22:09 - 2016-04-18 22:11 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\M.Klug.LEISS\Downloads\spybot-2.4.40.exe 2016-04-18 21:46 - 2016-04-18 21:47 - 11430296 _____ (SurfRight B.V.) C:\Users\M.Klug\Downloads\hitmanpro_x64.exe 2016-04-18 21:45 - 2016-04-18 21:58 - 00000000 ____D C:\Users\M.Klug\AppData\Roaming\Panda Security 2016-04-18 21:45 - 2016-04-18 21:46 - 00002262 _____ C:\Users\M.Klug\Desktop\Google Chrome.lnk 2016-04-18 21:45 - 2016-04-18 21:45 - 00000000 ____D C:\Users\M.Klug\AppData\Roaming\Tobit 2016-04-18 21:45 - 2016-04-18 21:45 - 00000000 ____D C:\Users\M.Klug\AppData\Roaming\Logitech 2016-04-18 21:45 - 2016-04-18 21:45 - 00000000 ____D C:\Users\M.Klug\AppData\Roaming\3Dconnexion 2016-04-18 21:45 - 2016-04-18 21:45 - 00000000 ____D C:\Users\M.Klug\AppData\LocalLow\pandasecuritytb 2016-04-18 21:45 - 2016-04-18 21:45 - 00000000 ____D C:\Users\M.Klug\AppData\Local\Google 2016-04-18 21:45 - 2016-04-18 21:45 - 00000000 ____D C:\Users\M.Klug\AppData\Local\3Dconnexion 2016-04-18 20:24 - 2016-04-18 20:24 - 11430296 _____ (SurfRight B.V.) C:\Users\M.Klug.LEISS\Downloads\hitmanpro_x64 (3).exe 2016-04-18 20:13 - 2016-04-18 20:13 - 00000000 ____D C:\ProgramData\panda_url_filtering 2016-04-18 20:12 - 2016-04-18 21:58 - 00000000 ____D C:\Users\M.Klug.LEISS\AppData\Roaming\Panda Security 2016-04-18 20:11 - 2016-04-18 20:11 - 00245648 _____ (Kaspersky Lab ZAO) C:\Users\M.Klug.LEISS\Downloads\zbotkiller.exe 2016-04-18 20:08 - 2016-04-18 21:57 - 00000000 ____D C:\ProgramData\Panda Security 2016-04-18 20:07 - 2016-04-18 20:07 - 02252720 _____ (Panda Security, S.L.) C:\Users\M.Klug.LEISS\Downloads\PANDAFREEAV.exe 2016-04-18 19:45 - 2016-04-18 19:45 - 1092548714 _____ C:\Windows\MEMORY.DMP 2016-04-18 19:45 - 2016-04-18 19:45 - 00309808 _____ C:\Windows\Minidump\041816-17440-01.dmp 2016-04-18 19:40 - 2016-04-18 19:59 - 00001569 _____ C:\bdlog.txt 2016-04-18 18:56 - 2016-04-18 18:56 - 00000385 _____ C:\Windows\system32\user_gensett.xml 2016-04-18 18:56 - 2016-04-18 18:56 - 00000385 _____ C:\Users\M.Klug.LEISS\AppData\Roaminguser_gensett.xml 2016-04-18 18:55 - 2016-04-18 18:55 - 00000000 ____D C:\ProgramData\BDLogging 2016-04-18 18:55 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll 2016-04-18 18:36 - 2016-04-18 18:37 - 04069672 _____ (Bytelayer AB ) C:\Users\M.Klug.LEISS\Downloads\TrojanHunterSetup_6.0.1038.exe 2016-04-18 18:36 - 2016-04-18 18:36 - 06324336 _____ C:\Users\M.Klug.LEISS\Downloads\bitdefender_isecurity_qs.exe 2016-04-18 18:36 - 2016-04-18 18:36 - 00000000 ____D C:\ProgramData\Bitdefender Agent 2016-04-18 18:35 - 2016-04-18 18:35 - 00039480 _____ C:\Users\M.Klug.LEISS\Downloads\qsinstaller.exe 2016-04-18 18:35 - 2016-04-18 18:35 - 00000000 ____D C:\Users\M.Klug.LEISS\AppData\Roaming\QuickScan 2016-04-18 18:10 - 2016-04-18 18:10 - 02870984 _____ (ESET) C:\Users\M.Klug.LEISS\Downloads\esetsmartinstaller_deu.exe 2016-04-18 18:07 - 2016-04-18 18:07 - 00000000 _____ C:\autoexec.bat 2016-04-18 18:05 - 2016-04-18 18:05 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys 2016-04-18 18:04 - 2016-04-18 18:04 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\M.Klug.LEISS\Downloads\SpyHunter-Installer.exe 2016-04-18 17:46 - 2016-04-18 17:47 - 11441744 _____ (SurfRight B.V.) C:\Users\M.Klug.LEISS\Downloads\HitmanPro_x64 (2).exe 2016-04-18 17:46 - 2016-04-18 17:46 - 11441744 _____ (SurfRight B.V.) C:\Users\M.Klug.LEISS\Downloads\HitmanPro_x64 (1).exe 2016-04-18 13:57 - 2016-04-19 09:58 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-04-18 13:57 - 2016-04-18 17:28 - 00001111 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-04-18 13:57 - 2016-04-18 13:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-04-18 13:57 - 2016-04-18 13:57 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-04-18 13:57 - 2016-04-18 13:57 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-04-18 13:57 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-04-18 13:57 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-04-18 13:57 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-04-18 13:55 - 2016-04-18 13:56 - 22851472 _____ (Malwarebytes ) C:\Users\M.Klug.LEISS\Downloads\mbam-setup-2.2.1.1043.exe 2016-04-18 13:21 - 2016-04-18 13:22 - 03683904 _____ C:\Users\M.Klug.LEISS\Downloads\adwcleaner_5.112 (1).exe 2016-04-18 13:03 - 2016-04-18 13:04 - 00000000 ____D C:\Users\M.Klug.LEISS\AppData\Roaming\Tobit 2016-04-18 12:59 - 2016-04-18 12:59 - 03683904 _____ C:\Users\M.Klug.LEISS\Downloads\adwcleaner_5.112.exe 2016-04-18 12:56 - 2016-04-18 12:56 - 00237056 _____ (SC BitDefender , Romania) C:\Users\M.Klug.LEISS\Downloads\ZbotRemovalTool (1).exe 2016-04-18 12:53 - 2016-04-18 12:53 - 00237056 _____ (SC BitDefender , Romania) C:\Users\M.Klug.LEISS\Downloads\ZbotRemovalTool.exe 2016-04-18 12:44 - 2016-04-18 12:55 - 00000000 ____D C:\ProgramData\HitmanPro 2016-04-18 12:43 - 2016-04-18 12:44 - 11441744 _____ (SurfRight B.V.) C:\Users\M.Klug.LEISS\Downloads\hitmanpro_x64.exe 2016-04-18 11:45 - 2016-04-18 11:45 - 47267840 _____ C:\Users\M.Klug\Documents\060300216_PZ.e3.2.bak 2016-04-18 10:59 - 2016-04-18 10:59 - 47267840 _____ C:\Users\M.Klug\Documents\060300216_PZ.e3.1.bak 2016-04-18 10:48 - 2016-04-18 10:48 - 66899968 _____ C:\Users\M.Klug\Documents\060370216_PZ.e3.11.bak 2016-04-18 10:04 - 2016-04-18 10:05 - 26483057 _____ C:\Users\M.Klug.LEISS\Downloads\20160413_084559.mp4 2016-04-18 08:33 - 2016-04-18 08:33 - 02179072 _____ C:\Users\M.Klug\Documents\Blasdornblock komplett.e3.2.bak 2016-04-18 08:21 - 2016-04-18 08:21 - 02203648 _____ C:\Users\M.Klug\Documents\Blasdornblock komplett.e3.1.bak 2016-04-18 08:01 - 2016-04-18 08:01 - 03215360 _____ C:\Users\M.Klug\Documents\Blasdornblock komplett_60.e3.1.bak 2016-04-15 17:35 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll 2016-04-15 17:34 - 2016-04-15 17:34 - 00000000 ____D C:\Users\M.Klug.LEISS\AppData\Local\posterXXL Designer 2016-04-15 17:24 - 2016-04-15 17:31 - 175300924 _____ C:\Users\M.Klug.LEISS\Downloads\posterXXL.zip 2016-04-15 12:36 - 2016-04-15 12:36 - 00286720 _____ C:\Users\M.Klug\Documents\060370216_Q.e2.3.bak 2016-04-15 12:34 - 2016-04-15 12:34 - 10039296 _____ C:\Users\M.Klug\Documents\060370216_P.e2.4.bak 2016-04-15 12:32 - 2016-04-15 12:32 - 08593408 _____ C:\Users\M.Klug\Documents\060370216_P.e2.3.bak 2016-04-15 11:36 - 2016-04-15 11:36 - 185196544 _____ C:\Users\M.Klug\Documents\060370216_Z.e3.74.bak 2016-04-15 11:35 - 2016-04-15 11:35 - 08589312 _____ C:\Users\M.Klug\Documents\060370216_P.e2.2.bak 2016-04-15 11:32 - 2016-04-15 11:32 - 08585216 _____ C:\Users\M.Klug\Documents\060370216_P.e2.1.bak 2016-04-15 11:20 - 2016-04-15 11:20 - 00282624 _____ C:\Users\M.Klug\Documents\060370216_Q.e2.2.bak 2016-04-15 11:11 - 2016-04-15 11:11 - 00262144 _____ C:\Users\M.Klug\Documents\060370216_Q.e2.1.bak 2016-04-15 10:44 - 2016-04-15 10:44 - 01728512 _____ C:\Users\M.Klug\Documents\020210212_P.e2.1.bak 2016-04-15 10:13 - 2016-04-15 10:13 - 66777088 _____ C:\Users\M.Klug\Documents\060370216_PZ.e3.10.bak 2016-04-15 09:50 - 2016-04-15 09:50 - 73674752 _____ C:\Users\M.Klug\Documents\060370216_PZ.e3.9.bak 2016-04-15 08:34 - 2016-04-15 08:34 - 73674752 _____ C:\Users\M.Klug\Documents\060370216_PZ.e3.8.bak 2016-04-15 08:19 - 2016-04-15 08:20 - 66637824 _____ C:\Users\M.Klug\Documents\060370216_PZ.e3.7.bak 2016-04-15 07:14 - 2016-04-15 07:14 - 66646016 _____ C:\Users\M.Klug\Documents\060370216_PZ.e3.6.bak 2016-04-15 06:44 - 2016-04-15 06:44 - 00000000 ____D C:\Users\M.Klug.LEISS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-04-14 16:01 - 2016-04-14 16:01 - 66641920 _____ C:\Users\M.Klug\Documents\060370216_PZ.e3.5.bak 2016-04-14 16:00 - 2016-04-14 16:00 - 66215936 _____ C:\Users\M.Klug\Documents\060370216_PZ_2.e3.1.bak 2016-04-14 15:56 - 2016-04-14 15:56 - 67530752 _____ C:\Users\M.Klug\Documents\060370216_PZ.e3.4.bak 2016-04-14 15:28 - 2016-04-14 15:28 - 67510272 _____ C:\Users\M.Klug\Documents\060370216_PZ.e3.3.bak 2016-04-14 15:07 - 2016-04-14 15:07 - 67510272 _____ C:\Users\M.Klug\Documents\060370216_PZ.e3.2.bak 2016-04-14 15:00 - 2016-04-14 15:00 - 00307200 _____ C:\Users\M.Klug\Documents\060370216_F.e2.1.bak 2016-04-14 14:58 - 2016-04-14 14:58 - 185204736 _____ C:\Users\M.Klug\Documents\060370216_Z.e3.73.bak 2016-04-14 14:56 - 2016-04-14 14:56 - 66801664 _____ C:\Users\M.Klug\Documents\060290216_Z.e3.36.bak 2016-04-14 14:56 - 2016-04-14 14:56 - 00262144 _____ C:\Users\M.Klug\Documents\060290216_F.e2.3.bak 2016-04-14 14:54 - 2016-04-14 14:54 - 00274432 _____ C:\Users\M.Klug\Documents\060300216_F.e2.1.bak 2016-04-14 14:53 - 2016-04-14 14:53 - 81788928 _____ C:\Users\M.Klug\Documents\060300216_Z.e3.50.bak 2016-04-14 14:31 - 2016-04-14 14:31 - 87896064 _____ C:\Users\M.Klug\Documents\051081015_PZ.e3.1.bak 2016-04-14 10:08 - 2016-04-14 10:08 - 00704512 _____ C:\Users\M.Klug\Documents\ballon.e3.1.bak 2016-04-13 12:03 - 2016-03-18 01:04 - 05551336 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-04-13 12:03 - 2016-03-18 01:04 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2016-04-13 12:03 - 2016-03-18 01:04 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-04-13 12:03 - 2016-03-18 01:04 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-04-13 12:03 - 2016-03-18 01:01 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-04-13 12:03 - 2016-03-18 01:01 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2016-04-13 12:03 - 2016-03-18 00:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-04-13 12:03 - 2016-03-18 00:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2016-04-13 12:03 - 2016-03-18 00:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2016-04-13 12:03 - 2016-03-18 00:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2016-04-13 12:03 - 2016-03-18 00:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-04-13 12:03 - 2016-03-18 00:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-04-13 12:03 - 2016-03-18 00:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-04-13 12:03 - 2016-03-18 00:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-04-13 12:03 - 2016-03-18 00:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-04-13 12:03 - 2016-03-18 00:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2016-04-13 12:03 - 2016-03-18 00:57 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-04-13 12:03 - 2016-03-18 00:57 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-04-13 12:03 - 2016-03-18 00:57 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2016-04-13 12:03 - 2016-03-18 00:57 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2016-04-13 12:03 - 2016-03-18 00:57 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-04-13 12:03 - 2016-03-18 00:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2016-04-13 12:03 - 2016-03-18 00:56 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2016-04-13 12:03 - 2016-03-18 00:54 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-04-13 12:03 - 2016-03-18 00:54 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-04-13 12:03 - 2016-03-18 00:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-04-13 12:03 - 2016-03-18 00:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-04-13 12:03 - 2016-03-18 00:53 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-04-13 12:03 - 2016-03-18 00:53 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2016-04-13 12:03 - 2016-03-18 00:53 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-04-13 12:03 - 2016-03-18 00:53 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:36 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2016-04-13 12:03 - 2016-03-18 00:36 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2016-04-13 12:03 - 2016-03-18 00:33 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-04-13 12:03 - 2016-03-18 00:31 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2016-04-13 12:03 - 2016-03-18 00:31 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-04-13 12:03 - 2016-03-18 00:31 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-04-13 12:03 - 2016-03-18 00:31 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2016-04-13 12:03 - 2016-03-18 00:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2016-04-13 12:03 - 2016-03-18 00:30 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2016-04-13 12:03 - 2016-03-18 00:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2016-04-13 12:03 - 2016-03-18 00:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2016-04-13 12:03 - 2016-03-18 00:29 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-04-13 12:03 - 2016-03-18 00:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2016-04-13 12:03 - 2016-03-18 00:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2016-04-13 12:03 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2016-04-13 12:03 - 2016-03-18 00:27 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-04-13 12:03 - 2016-03-18 00:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-04-13 12:03 - 2016-03-18 00:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2016-04-13 12:03 - 2016-03-18 00:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2016-04-13 12:03 - 2016-03-18 00:26 - 00553984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2016-04-13 12:03 - 2016-03-18 00:25 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2016-04-13 12:03 - 2016-03-18 00:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2016-04-13 12:03 - 2016-03-18 00:24 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2016-04-13 12:03 - 2016-03-18 00:24 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2016-04-13 12:03 - 2016-03-18 00:24 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2016-04-13 12:03 - 2016-03-18 00:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2016-04-13 12:03 - 2016-03-18 00:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2016-04-13 12:03 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2016-04-13 12:03 - 2016-03-17 23:53 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2016-04-13 12:03 - 2016-03-17 23:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2016-04-13 12:03 - 2016-03-17 23:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2016-04-13 12:03 - 2016-03-17 23:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-04-13 12:03 - 2016-03-17 23:44 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2016-04-13 12:03 - 2016-03-17 23:43 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-04-13 12:03 - 2016-03-17 23:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2016-04-13 12:03 - 2016-03-17 23:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-04-13 12:03 - 2016-03-17 23:37 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-04-13 12:03 - 2016-03-17 23:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-04-13 12:03 - 2016-03-17 23:35 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-04-13 12:03 - 2016-03-17 23:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-04-13 12:03 - 2016-03-17 23:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2016-04-13 12:03 - 2016-03-17 23:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2016-04-13 12:03 - 2016-03-17 23:30 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2016-04-13 12:03 - 2016-03-17 23:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2016-04-13 12:03 - 2016-03-17 23:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2016-04-13 12:03 - 2016-03-17 23:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2016-04-13 12:03 - 2016-03-17 23:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2016-04-13 12:03 - 2016-03-17 23:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2016-04-13 12:03 - 2016-03-17 23:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2016-04-13 12:03 - 2016-03-16 20:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll 2016-04-13 12:03 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll 2016-04-13 12:03 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll 2016-04-13 12:03 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2016-04-13 12:03 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2016-04-13 12:03 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2016-04-13 12:03 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2016-04-13 12:02 - 2016-03-29 19:53 - 03216896 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-04-13 12:02 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll 2016-04-13 12:02 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll 2016-04-13 12:02 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll 2016-04-13 12:00 - 2016-03-31 21:25 - 00394952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-04-13 12:00 - 2016-03-31 20:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-04-13 12:00 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-04-13 12:00 - 2016-03-31 02:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-04-13 12:00 - 2016-03-31 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-04-13 12:00 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-04-13 12:00 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-04-13 12:00 - 2016-03-31 02:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-04-13 12:00 - 2016-03-31 02:27 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-04-13 12:00 - 2016-03-31 02:27 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-04-13 12:00 - 2016-03-31 02:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-04-13 12:00 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-04-13 12:00 - 2016-03-31 02:22 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-04-13 12:00 - 2016-03-31 02:21 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-04-13 12:00 - 2016-03-31 02:19 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-04-13 12:00 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-04-13 12:00 - 2016-03-31 02:17 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-04-13 12:00 - 2016-03-31 02:17 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-04-13 12:00 - 2016-03-31 02:17 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-04-13 12:00 - 2016-03-31 02:11 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-04-13 12:00 - 2016-03-31 02:08 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-04-13 12:00 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-04-13 12:00 - 2016-03-31 02:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-04-13 12:00 - 2016-03-31 02:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-04-13 12:00 - 2016-03-31 01:59 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-04-13 12:00 - 2016-03-31 01:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-04-13 12:00 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-04-13 12:00 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-04-13 12:00 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-04-13 12:00 - 2016-03-31 01:53 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-04-13 12:00 - 2016-03-31 01:52 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2016-04-13 12:00 - 2016-03-31 01:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2016-04-13 12:00 - 2016-03-31 01:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2016-04-13 12:00 - 2016-03-31 01:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2016-04-13 12:00 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-04-13 12:00 - 2016-03-31 01:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-04-13 12:00 - 2016-03-31 01:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2016-04-13 12:00 - 2016-03-31 01:46 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-04-13 12:00 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-04-13 12:00 - 2016-03-31 01:45 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2016-04-13 12:00 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-04-13 12:00 - 2016-03-31 01:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2016-04-13 12:00 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-04-13 12:00 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-04-13 12:00 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-04-13 12:00 - 2016-03-31 01:42 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-04-13 12:00 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-04-13 12:00 - 2016-03-31 01:38 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2016-04-13 12:00 - 2016-03-31 01:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-04-13 12:00 - 2016-03-31 01:33 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2016-04-13 12:00 - 2016-03-31 01:31 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2016-04-13 12:00 - 2016-03-31 01:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-04-13 12:00 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-04-13 12:00 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-04-13 12:00 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-04-13 12:00 - 2016-03-31 01:29 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2016-04-13 12:00 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-04-13 12:00 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-04-13 12:00 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-04-13 12:00 - 2016-03-31 01:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2016-04-13 12:00 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-04-13 12:00 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-04-13 12:00 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-04-13 12:00 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-04-13 12:00 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-04-13 12:00 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-04-13 08:45 - 2016-04-13 08:45 - 00262144 _____ C:\Users\M.Klug\Documents\060290216_F.e2.2.bak 2016-04-13 08:40 - 2016-04-13 08:40 - 01318912 _____ C:\Users\M.Klug\Documents\060290216_G.e2.4.bak 2016-04-13 08:38 - 2016-04-13 08:38 - 00229376 _____ C:\Users\M.Klug\Documents\060290216_A.e2.5.bak 2016-04-13 08:36 - 2016-04-13 08:36 - 01241088 _____ C:\Users\M.Klug\Documents\060290216_B.e2.4.bak 2016-04-13 08:34 - 2016-04-13 08:34 - 01851392 _____ C:\Users\M.Klug\Documents\060290216_H.e2.4.bak 2016-04-13 08:11 - 2016-04-13 08:11 - 01847296 _____ C:\Users\M.Klug\Documents\060290216_H.e2.3.bak 2016-04-12 14:28 - 2016-04-12 14:28 - 66781184 _____ C:\Users\M.Klug\Documents\060290216_Z.e3.35.bak 2016-04-12 10:12 - 2016-04-12 10:12 - 00000000 ____D C:\Program Files (x86)\VideoLAN 2016-04-12 10:10 - 2016-04-12 10:11 - 28849904 _____ C:\Users\M.Klug.LEISS\Downloads\vlc-2.2.1-win32.exe 2016-04-12 10:07 - 2016-04-12 10:07 - 00000036 ____H C:\Users\M.Klug.LEISS\AppData\Roaming\swk.ini 2016-04-11 13:13 - 2016-04-11 13:13 - 00037304 _____ C:\Users\M.Klug.LEISS\Downloads\HEB_Z160103634040206M11602000000.zip 2016-04-08 12:00 - 2016-04-04 20:14 - 00038120 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-04-08 12:00 - 2016-04-04 20:02 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-04-08 12:00 - 2016-04-02 15:08 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-04-08 07:41 - 2016-04-08 07:41 - 01126324 _____ C:\Users\M.Klug.LEISS\Downloads\HEB_Z160103634080206M11601000000 (1).zip 2016-04-08 07:33 - 2016-04-08 07:33 - 00037372 _____ C:\Users\M.Klug.LEISS\Downloads\HEB_Z160103634080206M11601000000.zip 2016-04-01 12:00 - 2016-03-23 16:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2016-04-01 12:00 - 2016-03-17 20:04 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-04-01 12:00 - 2016-03-17 20:04 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-04-01 12:00 - 2016-03-17 20:04 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-04-01 12:00 - 2016-03-17 20:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-04-01 11:44 - 2016-04-01 11:44 - 00115336 _____ C:\Users\M.Klug.LEISS\Downloads\Sommerreifenpreise 2016 klug.pdf 2016-03-24 17:09 - 2016-03-24 17:09 - 00109156 _____ C:\Users\M.Klug.LEISS\Downloads\Organigramm TC Ludwigsstadt (1).pdf 2016-03-24 14:47 - 2016-03-24 14:47 - 00002166 _____ C:\Users\M.Klug.LEISS\Downloads\contacts (1).csv 2016-03-24 12:47 - 2016-03-24 12:47 - 00007038 _____ C:\Users\M.Klug.LEISS\Downloads\contacts.csv 2016-03-24 08:16 - 2016-03-24 08:16 - 01742364 _____ C:\Users\M.Klug.LEISS\Downloads\BND_DeLonghi_Brueheinheit.pdf 2016-03-24 08:15 - 2016-03-24 08:15 - 02544339 _____ C:\Users\M.Klug.LEISS\Downloads\BND_DELONGHI_ESAM_THERMOBLOCK.pdf 2016-03-24 08:15 - 2016-03-24 08:15 - 02126626 _____ C:\Users\M.Klug.LEISS\Downloads\BND_DELONGHI_TECHNIK.pdf 2016-03-23 16:11 - 2016-03-23 16:11 - 00000000 ____D C:\trn 2016-03-23 16:11 - 1998-01-23 13:20 - 00305664 _____ (InstallShield Software Corporation ) C:\Windows\IsUn0407.exe ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-04-19 12:35 - 2015-06-19 06:34 - 00001240 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1060284298-1326574676-1801674531-1129UA.job 2016-04-19 12:35 - 2014-12-05 10:08 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-04-19 12:00 - 2014-12-01 16:13 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-04-19 12:00 - 2014-12-01 16:13 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-04-19 11:46 - 2014-11-21 14:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2016-04-19 11:28 - 2014-11-21 20:18 - 00000120 _____ C:\Windows\system32\config\netlogon.ftl 2016-04-19 10:35 - 2015-06-19 06:34 - 00001188 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1060284298-1326574676-1801674531-1129Core.job 2016-04-19 08:07 - 2014-10-14 04:35 - 00702890 _____ C:\Windows\system32\perfh007.dat 2016-04-19 08:07 - 2014-10-14 04:35 - 00150498 _____ C:\Windows\system32\perfc007.dat 2016-04-19 08:07 - 2009-07-14 07:13 - 01628108 _____ C:\Windows\system32\PerfStringBackup.INI 2016-04-19 08:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2016-04-19 08:06 - 2009-07-14 06:45 - 00031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-04-19 08:06 - 2009-07-14 06:45 - 00031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-04-19 07:59 - 2015-09-23 14:01 - 00000685 _____ C:\Windows\Tobit.ini 2016-04-19 07:59 - 2014-11-27 14:21 - 00000000 ___RD C:\Users\M.Klug.LEISS\Dropbox 2016-04-19 07:59 - 2014-10-13 19:03 - 00000000 ____D C:\ProgramData\Validity 2016-04-19 07:59 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-04-19 07:58 - 2014-10-13 19:00 - 00000000 ____D C:\ProgramData\NVIDIA 2016-04-19 07:14 - 2014-11-21 15:03 - 00000000 ____D C:\Users\M.Klug.LEISS\AppData\Local\CrashDumps 2016-04-18 22:01 - 2009-07-14 06:45 - 00514288 _____ C:\Windows\system32\FNTCACHE.DAT 2016-04-18 21:45 - 2014-11-21 20:09 - 00134672 _____ C:\Users\M.Klug\AppData\Local\GDIPFONTCACHEV1.DAT 2016-04-18 20:12 - 2014-11-21 13:23 - 00134672 _____ C:\Users\M.Klug.LEISS\AppData\Local\GDIPFONTCACHEV1.DAT 2016-04-18 20:01 - 2015-04-14 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO Company 2016-04-18 20:01 - 2015-04-14 20:43 - 00000000 ____D C:\Program Files (x86)\LEGO Company 2016-04-18 20:01 - 2015-01-22 13:40 - 00000000 ____D C:\Program Files (x86)\Slotman 2016-04-18 19:58 - 2015-06-19 06:34 - 00000000 ____D C:\Users\M.Klug.LEISS\AppData\Local\Dropbox 2016-04-18 19:45 - 2015-05-19 16:09 - 00000000 ____D C:\Windows\Minidump 2016-04-18 18:07 - 2014-11-21 13:23 - 00000000 ____D C:\Users\M.Klug.LEISS 2016-04-18 17:29 - 2015-10-13 09:09 - 00002155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk 2016-04-18 17:29 - 2015-09-29 14:18 - 00002186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-04-18 17:29 - 2015-05-19 15:51 - 00001729 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mouse Properties (Touchpad Clickpad Trackpad TrackPoint Mouse Pointer Pointing Pad).lnk 2016-04-18 17:29 - 2015-02-12 11:30 - 00001299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk 2016-04-18 17:29 - 2014-10-14 04:33 - 00001729 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Ultranav (Touchpad Clickpad Trackpad TrackPoint Mouse).lnk 2016-04-18 17:29 - 2014-10-13 19:05 - 00002021 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) WiDi.lnk 2016-04-18 17:29 - 2014-10-13 19:05 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk 2016-04-18 17:29 - 2014-10-13 19:04 - 00002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo PC Experience.lnk 2016-04-18 17:29 - 2014-10-13 19:03 - 00001931 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro 9.lnk 2016-04-18 17:29 - 2014-10-13 19:02 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2016-04-18 17:29 - 2014-10-13 18:48 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2016-04-18 17:29 - 2014-10-13 18:48 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2016-04-18 17:29 - 2009-07-14 06:57 - 00001535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-04-18 17:29 - 2009-07-14 06:57 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk 2016-04-18 17:29 - 2009-07-14 06:57 - 00001318 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk 2016-04-18 17:29 - 2009-07-14 06:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk 2016-04-18 17:29 - 2009-07-14 06:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk 2016-04-18 17:28 - 2016-02-18 09:22 - 00001996 _____ C:\Users\Public\Desktop\Lenovo Solution Center.lnk 2016-04-18 17:28 - 2016-01-29 19:05 - 00002132 _____ C:\Users\Public\Desktop\Smart Switch.lnk 2016-04-18 17:28 - 2015-12-10 21:32 - 00000995 _____ C:\Users\Public\Desktop\CEWE FOTOSCHAU.lnk 2016-04-18 17:28 - 2015-12-10 21:32 - 00000980 _____ C:\Users\Public\Desktop\dm-Fotowelt.lnk 2016-04-18 17:28 - 2015-11-02 09:33 - 00001030 _____ C:\Users\Public\Desktop\IGEMS R2015.lnk 2016-04-18 17:28 - 2015-10-21 11:10 - 00002335 _____ C:\Users\Public\Desktop\Toolmaker 2016 (64-bit).lnk 2016-04-18 17:28 - 2015-10-21 11:10 - 00002279 _____ C:\Users\Public\Desktop\PowerSHAPE 2016 (64-bit).lnk 2016-04-18 17:28 - 2015-09-03 11:33 - 00001857 _____ C:\Users\Public\Desktop\ThinkDesign 2015.2 (64-bit).lnk 2016-04-18 17:28 - 2015-08-25 07:46 - 00002139 _____ C:\Users\Public\Desktop\PowerMILL 2016 (64-bit).lnk 2016-04-18 17:28 - 2015-07-31 06:56 - 00001064 _____ C:\Users\Public\Desktop\ScanStudio.lnk 2016-04-18 17:28 - 2015-04-29 14:54 - 00002257 _____ C:\Users\Public\Desktop\EliteCAD 13 ME-2D.lnk 2016-04-18 17:28 - 2015-03-31 08:36 - 00001485 _____ C:\Users\Public\Desktop\ElsterFormular.lnk 2016-04-18 17:28 - 2015-03-05 11:18 - 00002097 _____ C:\Users\Public\Desktop\Exchange 2015 R2 (64-bit).lnk 2016-04-18 17:28 - 2015-02-12 11:30 - 00001293 _____ C:\Users\Public\Desktop\paint.net.lnk 2016-04-18 17:28 - 2014-12-18 17:00 - 00001816 _____ C:\Users\Public\Desktop\EliteViewer 12.lnk 2016-04-18 17:28 - 2014-12-18 15:31 - 00002024 _____ C:\Users\Public\Desktop\SnagIt 9.lnk 2016-04-18 17:28 - 2014-12-18 15:31 - 00001100 _____ C:\Users\Public\Desktop\SnagIt 9 Editor.lnk 2016-04-18 17:28 - 2014-12-18 08:13 - 00003031 _____ C:\Users\Public\Desktop\SolidWorks Explorer 2014.lnk 2016-04-18 17:28 - 2014-12-18 08:13 - 00002443 _____ C:\Users\Public\Desktop\SolidWorks Composer Player 2014 - x64 Edition.lnk 2016-04-18 17:28 - 2014-12-18 08:10 - 00002167 _____ C:\Users\Public\Desktop\eDrawings 2014 x64 Edition.lnk 2016-04-18 17:28 - 2014-12-18 08:07 - 00002779 _____ C:\Users\Public\Desktop\SolidWorks 2014 x64 Edition.lnk 2016-04-18 17:28 - 2014-12-03 14:16 - 00001223 _____ C:\Users\Public\Desktop\BDE-Terminal.lnk 2016-04-18 17:28 - 2014-12-01 16:03 - 00002144 _____ C:\Users\Public\Desktop\Overlay mode Pen Software.lnk 2016-04-18 17:28 - 2014-12-01 16:03 - 00001192 _____ C:\Users\Public\Desktop\Pen Software.lnk 2016-04-18 17:28 - 2014-11-21 14:47 - 00002232 _____ C:\Users\Public\Desktop\RatioPlus.lnk 2016-04-18 17:27 - 2016-01-13 21:55 - 00003077 _____ C:\Users\M.Klug.LEISS\Desktop\Nik Collection.lnk 2016-04-18 17:27 - 2015-12-14 07:47 - 00001349 _____ C:\Users\M.Klug.LEISS\Desktop\Urlaubsplan 2016.lnk 2016-04-18 17:27 - 2015-12-14 07:44 - 00001065 _____ C:\Users\M.Klug.LEISS\Desktop\Stichwörter.lnk 2016-04-18 17:27 - 2014-12-25 19:41 - 00001087 _____ C:\Users\M.Klug.LEISS\Desktop\tiptoi.lnk 2016-04-18 17:27 - 2014-12-08 07:47 - 00002002 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk 2016-04-18 17:27 - 2014-12-03 14:10 - 00000839 _____ C:\Users\M.Klug.LEISS\Desktop\Stunden.lnk 2016-04-18 17:27 - 2014-12-03 14:03 - 00001328 _____ C:\Users\M.Klug.LEISS\Desktop\Volumen Artikeldaten.lnk 2016-04-18 17:27 - 2014-12-01 17:49 - 00001192 _____ C:\Users\M.Klug.LEISS\Desktop\OpenOffice 4.1.1.lnk 2016-04-18 17:27 - 2014-12-01 15:51 - 00001225 _____ C:\Users\M.Klug.LEISS\Desktop\NetDA Manager.lnk 2016-04-18 17:27 - 2014-11-21 13:23 - 00002192 _____ C:\Users\M.Klug.LEISS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2016-04-18 17:27 - 2014-11-21 13:23 - 00001436 _____ C:\Users\M.Klug.LEISS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-04-18 17:27 - 2014-10-13 19:03 - 00001471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Free Skype voice and video calls.lnk 2016-04-18 17:27 - 2014-10-13 19:02 - 00002330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Evernote Installer.lnk 2016-04-18 17:27 - 2009-07-14 07:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk 2016-04-18 17:27 - 2009-07-14 06:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk 2016-04-18 17:26 - 2016-01-13 17:05 - 00002207 _____ C:\Users\M.Klug.LEISS\Desktop\chrome.lnk 2016-04-18 17:26 - 2015-12-23 12:55 - 00001098 _____ C:\Users\M.Klug.LEISS\Desktop\Amazon Music.lnk 2016-04-18 17:26 - 2015-12-14 07:48 - 00001124 _____ C:\Users\M.Klug.LEISS\Desktop\Kundenwünsche.lnk 2016-04-18 17:26 - 2015-12-14 07:48 - 00000981 _____ C:\Users\M.Klug.LEISS\Desktop\Modell_Erstellung.lnk 2016-04-18 17:26 - 2015-12-14 07:48 - 00000946 _____ C:\Users\M.Klug.LEISS\Desktop\Einbautiefen.lnk 2016-04-18 17:26 - 2015-12-14 07:46 - 00001067 _____ C:\Users\M.Klug.LEISS\Desktop\Bodenstandfläche.lnk 2016-04-18 17:26 - 2015-12-14 07:45 - 00001114 _____ C:\Users\M.Klug.LEISS\Desktop\Com-Buch.lnk 2016-04-18 17:26 - 2015-12-14 07:45 - 00000917 _____ C:\Users\M.Klug.LEISS\Desktop\3er Liste.lnk 2016-04-18 17:26 - 2015-12-14 07:44 - 00000747 _____ C:\Users\M.Klug.LEISS\Desktop\Datenblätter PDF.lnk 2016-04-18 17:26 - 2015-12-14 07:44 - 00000706 _____ C:\Users\M.Klug.LEISS\Desktop\Endkontrolle.lnk 2016-04-18 17:26 - 2015-10-12 08:40 - 00001833 _____ C:\Users\M.Klug.LEISS\Desktop\Anfragen.lnk 2016-04-18 17:26 - 2015-09-24 06:35 - 00002196 _____ C:\Users\M.Klug.LEISS\Desktop\david® Client.LNK 2016-04-18 17:26 - 2015-07-09 06:46 - 00002253 _____ C:\Users\M.Klug.LEISS\Desktop\Kalkulation.lnk 2016-04-18 17:26 - 2015-04-27 13:10 - 00004519 _____ C:\Users\M.Klug.LEISS\Desktop\filezilla.exe - Verknüpfung.lnk 2016-04-18 17:26 - 2015-04-09 07:54 - 00001050 _____ C:\Users\M.Klug.LEISS\Desktop\Capture One 8.lnk 2016-04-18 17:26 - 2014-12-04 09:34 - 00001097 _____ C:\Users\M.Klug.LEISS\Desktop\Meusburger Katalog.lnk 2016-04-18 17:26 - 2014-12-04 09:12 - 00002613 _____ C:\Users\M.Klug.LEISS\Desktop\Festo Produktkatalog.lnk 2016-04-18 17:26 - 2014-12-03 14:05 - 00001011 _____ C:\Users\M.Klug.LEISS\Desktop\Anforderungsschein.lnk 2016-04-18 17:26 - 2014-12-01 15:42 - 00002391 _____ C:\Users\M.Klug.LEISS\Desktop\CatalystEX 4.3.lnk 2016-04-18 17:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\L2Schemas 2016-04-18 13:05 - 2014-10-13 19:00 - 00000000 ____D C:\Users\UpdatusUser 2016-04-18 10:46 - 2014-11-21 20:09 - 00000000 ____D C:\Users\M.Klug 2016-04-18 10:46 - 2014-11-21 13:25 - 00000000 ____D C:\Users\Administrator 2016-04-17 19:46 - 2015-04-09 07:55 - 00000000 ____D C:\Users\M.Klug.LEISS\AppData\Local\CaptureOne 2016-04-15 18:48 - 2015-09-20 17:37 - 00000000 ____D C:\ProgramData\tmp 2016-04-15 06:45 - 2014-11-27 14:17 - 00000000 ____D C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox 2016-04-14 16:08 - 2015-09-23 14:12 - 16034296 ____H C:\Users\M.Klug.LEISS\AppData\Local\IconCache.db.backup 2016-04-14 11:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2016-04-14 10:32 - 2014-12-18 08:14 - 00000000 ____D C:\ProgramData\Simpoe 2016-04-14 09:59 - 2015-10-21 11:11 - 00000000 ____D C:\Users\M.Klug.LEISS\AppData\Roaming\PowerSHAPE 2016-04-14 08:50 - 2014-12-04 16:47 - 00000000 ____D C:\Users\M.Klug.LEISS\AppData\Roaming\Nitro PDF 2016-04-13 06:37 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD 2016-04-12 10:32 - 2014-12-18 08:26 - 00000000 ____D C:\Users\M.Klug.LEISS\AppData\Local\TempSWSicherungsverzeichnis 2016-04-08 12:00 - 2014-12-11 07:35 - 00000000 ____D C:\Windows\system32\appraiser 2016-04-08 10:35 - 2014-12-05 10:08 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-04-08 10:35 - 2014-12-05 10:08 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-04-08 10:35 - 2014-12-05 10:08 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-04-06 10:18 - 2010-11-21 05:27 - 00453280 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2016-04-06 06:49 - 2014-12-18 08:03 - 00000000 ____D C:\Users\M.Klug.LEISS\Documents\SolidWorks Downloads 2016-03-29 08:39 - 2014-12-04 09:34 - 00000000 ____D C:\Program Files (x86)\Meusburger Katalog ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2016-04-12 10:07 - 2016-04-12 10:07 - 0000036 ____H () C:\Users\M.Klug.LEISS\AppData\Roaming\swk.ini 2014-12-17 08:57 - 2015-10-29 15:11 - 0007619 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Resmon.ResmonCfg 2014-12-04 15:51 - 2015-12-07 08:38 - 0000102 _____ () C:\ProgramData\authlic.dat 2014-11-21 15:04 - 2014-11-21 15:04 - 0000011 _____ () C:\ProgramData\cladm.ini 2014-10-13 18:58 - 2014-10-13 18:58 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2015-09-17 11:46 - 2015-09-17 11:50 - 0000974 _____ () C:\ProgramData\hpzinstall.log 2014-12-04 15:51 - 2014-12-04 15:51 - 0000027 _____ () C:\ProgramData\ms32win_.log Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\ProgramData\authlic.dat ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-04-18 16:00 ==================== Ende von FRST.txt ============================ |
19.04.2016, 12:42 | #14 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Habe von 1und1 eine Email bekommen wegen Befall von Zeus ! Was tun ? Solidworks? 3DConnection für Spacemouse? Ist das ein gewerblich genutztes System??
__________________ Logfiles bitte immer in CODE-Tags posten |
19.04.2016, 12:51 | #15 |
| Habe von 1und1 eine Email bekommen wegen Befall von Zeus ! Was tun ? teilweise... |
Themen zu Habe von 1und1 eine Email bekommen wegen Befall von Zeus ! Was tun ? |
1und1, befall, email, hallo zusammen, heute, kontakt, krieg, kriege, leute, leuten, meinem, rechner, was tun, wirklich, zusammen |